last executing test programs:

4m18.965608531s ago: executing program 0 (id=66):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a80)={0x70, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SYNPROXY={0x4}, @CTA_PROTOINFO={0x8, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x4}}]}, 0x70}}, 0x0)

4m18.885294469s ago: executing program 0 (id=67):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x43, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, &(0x7f0000000440)=0x2)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0xc17a)

4m18.704010418s ago: executing program 0 (id=68):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={r1, 0x23f}, &(0x7f00000000c0)=0x8)

4m18.476813218s ago: executing program 0 (id=70):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==")
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

4m18.252945725s ago: executing program 0 (id=71):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c)
pipe2$9p(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56551, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x6, 0x1002, 0x0, 0x2, 0xffffffff}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}]}}}]}, 0x58}}, 0x20000000)
sendmsg$inet(r4, &(0x7f00000015c0)={0x0, 0x0, 0x0}, 0x0)
write$P9_RSETATTR(r3, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a)
splice(r2, 0x0, r0, 0x0, 0x20000000000002, 0x2)

4m17.885807344s ago: executing program 0 (id=72):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000000c0)=0x6, 0x4)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)

4m17.690035628s ago: executing program 32 (id=72):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000000c0)=0x6, 0x4)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)

3m6.270697216s ago: executing program 3 (id=798):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a300000000040000000030a09020000000000000000020000000900010073797a30000000000900030073797a3200000000140004800800014000000000080002400000000014000000110001"], 0x88}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELCHAIN={0x30, 0x5, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x4}]}], {0x14}}, 0x58}, 0x1, 0x0, 0x0, 0x8001}, 0x0)

3m6.159968593s ago: executing program 3 (id=799):
syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0xba7b, 0x0, 0x4, 0x2c}, &(0x7f0000000340), 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r3=>0x0, <r4=>0x0, <r5=>0x0], &(0x7f0000000040), 0x3, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000580)={0x200, 0x1, &(0x7f0000000180)=[r2], &(0x7f0000000400)=[0x3], &(0x7f0000000640)=[r5, r3, r4], &(0x7f0000000340), 0x0, 0xffffffffffffffff})

3m6.059998388s ago: executing program 3 (id=800):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x4, 0x20}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x9, &(0x7f0000000180)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

3m5.898069059s ago: executing program 3 (id=802):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000001180)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x18, 0x2, 0x1, 0x2})

3m5.764156987s ago: executing program 3 (id=803):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x82)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="273eebfecb7c0e923301b61c42cb1d11f41d00bdab2a3d983b065a56", 0x1c}, {&(0x7f00000002c0)="10eba9fdb4cbab48929e1af15100"/28, 0x1c}], 0x2)

3m5.478173872s ago: executing program 3 (id=806):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='oom_score_adj\x00')
write$khugepaged_scan(r0, &(0x7f0000000000), 0x8)

3m4.958944842s ago: executing program 33 (id=806):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='oom_score_adj\x00')
write$khugepaged_scan(r0, &(0x7f0000000000), 0x8)

2m43.40786316s ago: executing program 1 (id=1045):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='macvlan0\x00', 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x2, @remote}, 0x10)

2m42.358076822s ago: executing program 1 (id=1051):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r0, &(0x7f0000000ec0)='\n', 0x1, 0x40000, &(0x7f0000000300)={0xa, 0x100, 0x2, @dev={0xfe, 0x80, '\x00', 0x19}, 0x4}, 0x1c)
shutdown(r0, 0x1)
getsockopt$bt_hci(r0, 0x84, 0x6c, &(0x7f0000003140)=""/4095, &(0x7f0000000000)=0xfff)

2m42.287313138s ago: executing program 1 (id=1052):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x80, &(0x7f0000000400)={[{@nr_inodes={'nr_inodes', 0x3d, [0x47]}}]})
r0 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r0, &(0x7f00000002c0)='./file1\x00', 0x4, 0x0)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x400)

2m42.269641011s ago: executing program 1 (id=1053):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000400007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
modify_ldt$write(0x1, &(0x7f0000000080)={0x1000, 0x1000, 0xfffffffffffffffe}, 0x10)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x930, &(0x7f0000000800))
ptrace$poke(0x21, r0, 0x0, 0x0)

2m41.990034483s ago: executing program 1 (id=1056):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newtaction={0x70, 0x30, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [{0x5c, 0x1, [@m_bpf={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x1}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x3, 0xed, 0x1, 0x8000, 0x2}}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0x74, 0x4, 0x3, 0x1000}]}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x2400c080}, 0x4000814)

2m41.56732362s ago: executing program 1 (id=1063):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r1], 0x20}}, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

2m41.423715689s ago: executing program 34 (id=1063):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r1], 0x20}}, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

6.093800455s ago: executing program 4 (id=2872):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000b80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0xa, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{0x0, 0x3}]}, @func={0x8}, @restrict={0x0, 0x0, 0x0, 0x9, 0x2}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x52}, 0x20)

6.02306334s ago: executing program 4 (id=2873):
syz_mount_image$xfs(&(0x7f00000000c0), &(0x7f0000009740)='./file0\x00', 0x4000400, &(0x7f0000000100)={[{@grpquota}, {@grpquota}]}, 0x7f, 0x9882, &(0x7f000001c800)="$eJzs3QW8pGXBuP+zyy4sKaAIFiAlJilhIB2KKClKCNKSAiKgdCihgiKggAIKIop0d4d0d3d3x/+zsCCsF4j/3/sKL9d1fdwzZ2aeM+ee+zv345nzHGaWnHfROQcGxh14pVdP/9kZu9687GJjL7jukTsPuWqvHRa6b8TFo75yMt7sI07nGHE658DAwKARtzPolcuGzHbEkYMHhgwM/98/G2v0MQaPNTAwxoizI25nYOZXTsbc/9XtXhopHuikw7/d9q/8e7mxh9/I8E+WXu6FtQYGBoa97uuHj2vaf7mj0pacY755/2n1mtvgEVcP+ud1L58OeeXfmPsODIy598CbPz6Gbzv0dV/732z49xx38oHFb34Hvvf/uZacY74FRvIfvhZHGXHZzMPX+Mhr0NjIj/MdFl39nhFTOGjExA153Xp5Jx73/79aco55Fxx483U8sNA8m9z90sv7zSFzDwwMmWdgYMi8AwND5nunPep/pnf0wVdVVVXvSHPMOcPw5+yDR/p5YNirP9fSz4XnPD/d7QMDQxZ65XnikOVefS5YVVVVVVVVVe/O5phzhrng+f+4b/X8f9Ljtx6v5/9VVVVVVVVV/3daYI45Zxj+XH+k5/8TvdXz/4fvPWi/V/72f/aZX/mqF9/ZO1FVVVVVVVVVb9m8C+Dz/0nf6vn/eUdMemHP/6uqqqqqqqr+77TISy+9tNnrXmdvxMVTv3o9Pf8/8a4bl3nHBlxVVVVVVVVV/3EvPnDcSf98zfeJB0Z6vfeXG/F7gUGHnHLxxe/YQN8dDfrX34ds/k6P6f+14c7DDpx0YGCtxd/podQ70P+Z16qv/5Xyd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn9xb3L8/7XX/z/xsBVefS/4T0w5w9XH/fMrX37v/yELLfDAFu/Q0N+J3qvH/wdWGzQwMMJ33NUGBgYWmmORxaYeGBg47uoZppxi4LXrZhl+3RfHH+XlN4h/9T8TmWc8vuHNJ3vldPgDZeADr93GIS/f/gIv7TPKoJEG8brGO2q//VZd8qkZRz6d6s3vx+DXPhv7yHtf/W9ZBo+00bA3+eJXb//V+zKy84ixTz187NOsv+Y606y30cafXW3N5VdZaZWV1pp1+pmmm3HWWWeaaZqVV1tjpWlf+fhmczbpyx/nejtzNtbIc/bAHK+fs5Hv25vN2aRvPWcv3+Iu5w77yqtzNuQ/nLO53nrOJl1txDcab/ahA8u9PDeDBgbGm3vowIbDz0w32sDAePOM2Hai4dt+afzBAwM7/fOODv9stNceg4M2H77NkvMuOucru6mBgX+e/rM3eT/7UUeMfPYRp3OMOJ3zlW8z7sA/H4pDZjviyMHD5+IN0zHW6GMMHmtgYIwRZ0fczsCsr5yMcfyr273J+6yPNNCXX2Zl+1f+vdzYAwMDYw7/ZOLlT9xm+NT/F96n/f/X////i9csg157PA4a8W/ENq94zTHfAv/8Xi9Pw/C5G2XEZTMPN/kffmv7N/Qv45102MCkbzHet3hdnJejx9cax02w5f/U6+LQeCd6i/G+xev4vul4l7h993teuan/sfGOtK9b8OWPs7+dfd3AW+/rRqEbWOmCj428r/vamw/xDbvLV+dotJE2erN93UR7TrL58Nuf/a33dQsOH/vQN+zrBg8MjDfXq/u64Tu+eYcO7DT8zPTDz8w3dOCA4WdmePnM6AOnDD/zuRXWXmPF4RfM/6+Pg6kHveEPNGGdzTvSOhv0uvs+aKS/7xzyyumY+776Hk5vst8cNOJu/dt9BT1ux32L8b7F+0/hPA+/bMVDh03wP/X+UzTeYW893jd7v+w3He+OT5548//weF9bZ0NfN13zv511Nukb19nwuzjK61bG2/05bEXY/pXPJ3rt1jbY9N7XfqYYOtLt/rufKeZ/63U27mojfd12ew8Mequ5me/tzM1H/2UftMXr5+bt/rw19eSvXD/KW8zNaLMuO9WrczPqfzg38/2nczP7wChvnJshA/MMDAxMMWL/MO/bmZuJ3npu3u7jZgzY/pXPV3rtorl3OPCsV+dm5Ln4d3Mz7386N5O+9riZ4uXrJhs8MOqoAxsuv/766073ysdXz07/yse3XoNzv525HPd/Zi4/POTN5vKfD9Wxbr9w33+zBv9ln/7q7c/9n87lwGtzObDayIul3q31+z93+bvL313+7vJ3l7+7/MW9yfH/117/f7dxv7jziF9uDL1wkgm3fafH+w73nj7+P8L3Dcf/t51wkgsHD7x23Vsen31lm3fl8dmZXzkZc/9Xtxv5+CAP9M2Pz+4968xb/5eOz/7/6tW1+jZ+D9f+313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5S/uTY7/T/vq3wHcNd3Cj444EDr0vq2WWvidHu873Hv6+P8I3zcc/194qa3uGzzw2nVvefz/lW0cx/9vfW7eHd/Nx/9fXasd/69/U/7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+5Njv/P/urfARx00O4bv/r3AJePt/1x7/R43+Heq8f/e/9/b+3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uJGHP8fGOntLb/Z4wKD4///t3sT/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf9b+WMW/yXzxyz+384fs/h/J3/M4r9U/pjFf+n8MYv/MvljFv9l88cs/t/NH7P4L5c/ZvFfPn/M4v+9/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjF//v5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjF/wf5Yxb/dfPHLP7r5Y9Z/NfPH7P4/zB/zOK/Qf6Yxf9H+WMW/w3zxyz+G+WPWfw3zh+z+P84f8zi/5P8MYv/JvljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8ziv1X+mMV/6/wxi/82+WMW/23zxyz+P80fs/j/LH/M4r9d/pjFf/v8MYv/DvljFv8d88cs/j/PH7P4/yJ/zOL/y/wxi/9O+WMW/53zxyz+v8ofs/j/On/M4r9L/pjF/zf5Yxb/XfPHLP675Y9Z/HfPH7P4/zZ/zOL/u/wxi/8e+WMW/z3zxyz+e+WPWfx/nz9m8f9D/pjFf+/8MYv/PvljFv9988cs/n/MH7P4/yl/7DX/QYPe0/775Y9Z1v/++WMW/z/nj1n8D8gfs/j/JX/M4n9g/pjF/6/5Yxb/v+WPWfwPyh+z+P89f8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+/8gfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxif+ggfwxi/+g/DGL/+D8MYv/KPljFv8h+WMW/6H5Yxb/UfPHLP6j5Y9Z/Iflj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/7Pwxi/84+WMW//flj1n8x80fs/iPlz9m8R8/f8zi//78MYv/B/LHLP4T5I9Z/D+YP2bxnzB/zOI/Uf6Yxf9D+WMW/w/nj1n8P5I/ZvH/aP6Yxf9j+WMW/4nzxyz+k+SPWfwnzR+z+H88f8ziP9mr/sPeoXG9S7P4T976xyz+U+SPWfynzB+z+E+VP2bx/0T+mMV/6vwxi/8n88cs/p/KH7P4fzp/zOL/mfwxi/9n88cs/p/LH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/p/PH7P4z5Q/ZvGfOX/M4j9L/pjFf9b8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/bPljFv+v5I9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8f9q/pjF/2v5Yxb/BfPHLP5fzx+z+C+UP2bx/0b+mMX/m/ljFv+F88cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/W/ljFv8l88cs/t/OH7P4fyd/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP7fzR+z+C+XP2bxXz5/zOL/vfwxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf/7+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf8H+WMW/3Xzxyz+6+WPWfzXzx+z+P8wf8ziv0H+mMX/R/ljFv8N88cs/hvlj1n8N84fs/j/OH/M4v+T/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/j/NH7P4/yx/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP4/zx+z+P8if8zi/8v8MYv/TvljFv+d88cs/r/KH7P4/zp/zOK/S/6Yxf83+WMW/13zxyz+u+WPWfx3zx+z+P82f8zi/7v8MYv/HvljFv8988cs/nvlj73Rf5R3ejj/772J/+/zxyzr/w/5Yxb/vfPHLP775I9Z/PfNH7P4/zF/zOL/p/wxi/9++WMW//3zxyz+f36j/53/9XG9S7P4H9D6xyz+f8kfs/gfmD9m8f9r/pjF/2/5Yxb/g/7pv94178jA3p1Z/P/e+scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/mfljFv+z8scs/mfnj1n8z8kfs/ifmz9m8T8vf0zi/3L5/2sS/0Hn549Z/C/IH7P4X5g/ZvG/KH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj713/Qe9wf+K/LH3rv8b1/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/Jf1S60OL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH5P4v/xp/v+axX9Q/pjFf3D+mMV/lPwxi/+Q/DGL/9D8MYv/qPljFv/R8scs/sPyxyz+o+ePWfzHyB+z+I+ZP2bxHyt/zOI/dv6YxX+c/DGL//vyxyz+4+aPWfzHyx+z+I+fP2bxf3/+mMX/A/ljFv8J8scs/h/MH7P4T5g/ZvGfKH/M4v+h/DGL/4fzxyz+H8kfs/h/NH/M4v+x/DGL/8Rv7T/0f31c79Is/pO0/jGL/6T5Yxb/j+ePWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/yfyxyz+U+ePWfw/mT9m8f9U/pjF/9P5Yxb/z+SPWfw/mz9m8f9c/pjFf5r8MYv/tPljg87YdejAwMB73n+6/DHL+p8+f8ziP0P+mMV/xvwxi//n88cs/jPlj1n8Z84fs/jPkj9m8Z81f8zi/4X8MYv/F/PHLP5fyh+z+H85f8ziP1v+mMX/K/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/mj9m8f9a/pjFf8H8MYv/1/PHLP4L5Y9Z/L+RP2bx/2b+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bx/1b+mMV/yfwxi/+388cs/t/JH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/d/PHLP7L5Y9Z/JfPH7P4fy9/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvH/fv6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvH/Qf6YxX/d/DGL/3r5Yxb/9fPHLP4/zB+z+G+QP2bx/1H+mMV/w/wxi/9G+WMW/43zxyz+P84fs/j/JH/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/9P88cs/j/LH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/z/PHLP6/yB+z+P8yf8ziv1P+mMV/5/wxi/+v8scs/r/OH7P475I/ZvH/Tf6YxX/X/DGL/275Yxb/3fPHLP6/zR+z+P8uf8ziv0f+mMV/z/wxi/9e+WMW/9/nj1n8/5A/ZvHfO3/M4r9P/pjFf9/8MYv/H/PHLP5/yh+z+O+XP2bx3z9/zOL/5/wxi/8B+WMW/7/kj1n8D8wfs/j/NX/M4v+3/DGL/0H5Yxb/v+ePWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf8f+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UPybxH2Ugf8ziPyh/zOI/OH/M4j9K/pjFf0j+mMV/aP6YxX/U/DGL/2j5Yxb/YfljFv/R88cs/mPkj1n8x8wfs/iPlT9m8R87f8ziP07+mMX/ffljFv9x88cs/uPlj1n8x88fs/i/P3/M4v+B/DGL/wT5Yxb/D+aPWfwnzB+z+E+UP2bx/1D+mMX/w/ljFv+P5I9Z/D+aP2bx/1j+mMV/4vwxi/8k+WMW/0nzxyz+H88fs/hPlj9m8Z88f8ziP0X+mMV/yvwxi/9U+WMW/0/kj1n8p84fs/h/Mn/M4v+p/DGL/6fzxyz+n8kfs/h/Nn/M4v+5/DGL/zT5Yxb/afPHLP7T5Y9Z/KfPH7P4z5A/ZvGfMX/M4v/5/DGL/0z5Yxb/mfPHLP6z5I9Z/GfNH7P4fyF/zOL/xfwxi/+X8scs/l/OH7P4z5Y/ZvH/Sv6YxX/2/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv+v5o9Z/L+WP2bxXzB/zOL/9fwxi/9C+WMW/2/kj1n8v5k/ZvFfOH/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8v5U/ZvFfMn/M4v/t/DGL/3fyxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOL/3fwxi/9y+WMW/+Xzxyz+38sfs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfy/nz9m8V89f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfx/kD9m8V83f8ziv17+mMV//fwxi/8P88cs/hvkj1n8f5Q/ZvHfMH/M4r9R/pjFf+P8MYv/j/PHLP4/yR+z+G+SP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4v/T/DGL/8/yxyz+2+WPWfy3zx+z+O+QP2bx3zF/zOL/8/wxi/8v8scs/r/MH7P475Q/ZvHfOX/M4v+r/DGL/6/zxyz+u+SPWfx/kz9m8d81f8ziv1v+mMV/9/wxi/9v88cs/r/LH7P475E/ZvHfM3/M4r9X/pjF//f5Yxb/P+SPWfz3zh+z+O+TP2bx3zd/zOL/x/wxi/+f8scs/vvlj1n8988fs/j/OX/M4n9A/pjF/y/5Yxb/A/PHLP5/zR+z+P8tf8zif1D+mMX/7/ljFv+DPf6j/ycbW/wP8fj/R1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bxPz5/zOJ/Qv6Yxf/E/DGL/0n5Yxb/k/PHLP6n5I9Z/E/NH7P4n5Y/ZvE/PX/M4n9G/pjF/8z8MYv/WfljFv+z88cs/ufkj1n8z80fs/iflz9m8f9H/pjF//z8MYv/BfljFv8L88cs/hflj1n8L84fs/hfkj9m8b80f8zif1n+mMX/8vwxi/8V+WMW/yvzxyz+V+WPWfyvzh+z+F+TP2bxvzZ/zOJ/Xf6Yxf/6/DGL/w35Yxb/G/PHLP435Y9Z/G/OH7P435I/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8788cs/nflj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj0n8hwzkj1n8B709/1H/18b1Ls3iP7j1j1n8R8kfs/gPyR+z+A/NH7P4j5o/ZvEfLX/M4j8sf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+L8vf8ziP27+mMV/vPwxi//4+WMW//fnj1n8P5A/ZvGfIH/M4v/B/DGL/4T5Yxb/ifLHLP4fyh+z+H84f8zi/5H8MYv/R/PHLP4fyx+z+E+cP2bxnyR/zOI/af6Yxf/j+WMW/8nyxyz+k+ePWfynyB+z+E+ZP2bxnyp/zOL/ifwxi//U+WMW/0/mj1n8P5U/ZvH/dP6Yxf8z+WMW/8/mj1n8P5c/ZvGfJn/M4j9t/pjFf7r8MYv/9PljFv8Z8scs/jPmj1n8P58/ZvGfKX/M4j9z/pjFf5b8MYv/rPljFv8v5I9Z/L+YP2bx/1L+mMX/y/ljFv/Z8scs/l/JH7P4z54/ZvGfI3/M4j9n/pjFf678MYv/3PljFv958scs/vPmj1n858sfs/jPnz9m8V8gf8zi/9X8MYv/1/LHLP4L5o9Z/L+eP2bxXyh/zOL/jfwxi/8388cs/gvnj1n8F8kfs/gvmj9m8V8sf8ziv3j+mMV/ifwxi/+38scs/kvmj1n8v50/ZvH/Tv6YxX+p/DGL/9L5Yxb/ZfLHLP7L5o9Z/L+bP2bxXy5/zOK/fP6Yxf97+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxXyV/zOK/av6YxX+1/DGL//fzxyz+q+ePWfzXyB+z+K+ZP2bxXyt/zOK/dv6YxX+d/DGL/w+M/sP+/SYW/3WN/m8ji/96+WMW//Xzxyz+P8wfs/hvkD9m8f9R/pjFf8P8MYv/RvljFv+N88cs/j/OH7P4/yR/zOK/Sf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/T/PHLP4/yx+z+G+XP2bx3z5/zOK/Q/6YxX/H/DGL/8/zxyz+v8gfs/j/Mn/M4r9T/pjFf+f8MYv/r/LHLP6/zh+z+O+SP2bx/03+mMV/1/wxi/9u+WMW/93zxyz+v80fs/j/Ln/M4r9H/pjFf8/8MYv/XvljFv/f549Z/P+QP2bx3zt/zOK/T/6YxX/f/DGL/x/zxyz+f8ofs/jvlz9m8d8/f8zi/+f8MYv/AfljFv+/5I9Z/A/MH7P4/zV/zOL/t/wxi/9B+WMW/7/nj1n8D84fs/gfkj9m8T80f8zif1j+mMX/8Pwxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+B+TP2bxPzZ/zOJ/XP6Yxf/4/DGL/wn5Yxb/E/PHLP4n5Y9Z/E/OH7P4n5I/ZvE/NX/M4n9a/pjF//T8MYv/GfljFv8z88cs/mflj1n8z84fs/ifkz9m8T83f8zif17+mMX/H/ljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+Vyj9B//bLSz+Vyr9/30W/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8sck/kMH8scs/oPyxyz+g/PHLP6j5I9Z/Ifkj1n8h+aPWfxHzR+z+I+WP2bxH5Y/ZvEfPX/M4j9G/pjFf8z8MYv/WPljFv+x88cs/uPkj1n835c/ZvEfN3/M4j9e/pjFf/z8MYv/+/PHLP4fyB+z+E+QP2bx/2D+mMV/wvwxi/9E+WMW/w/lj1n8P5w/ZvH/SP6Yxf+j+WMW/4/lj1n8J84fs/hPkj9m8Z80f8zi//H8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f9E/pjFf+r8MYv/J/PHLP6fyh+z+H86f8zi/5n8MYv/Z/PHLP6fyx+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP6fzx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/xfyxyz+X8wfs/h/KX/M4v/l/DGL/2z5Yxb/r+SPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4L5A/ZvH/av6Yxf9r+WMW/wXzxyz+X88fs/gvlD9m8f9G/pjF/5su/yFvd0OL/8Iu/7edxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4fyt/zOK/ZP6Yxf/b+WMW/+/kj1n8l8ofs/gvnT9m8V8mf8ziv2z+mMX/u/ljFv/l8scs/svnj1n8v5c/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/h/P3/M4r96/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/j/IH/M4r9u/pjFf738MYv/+vljFv8f5o9Z/DfIH7P4/yh/zOK/Yf6YxX+j/DGL/8b5Yxb/H+ePWfx/kj9m8d8kf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6Yxf+n+WMW/5/lj1n8t8sfs/hvnz9m8d8hf8ziv2P+mMX/5/ljFv9f5I9Z/H+ZP2bx3yl/zOK/c/6Yxf9X+WMW/1/nj1n8d8kfs/j/Jn/M4r9r/pjFf7f8MYv/7vljFv/f5o9Z/H+XP2bx3yN/zOK/Z/6YxX+v/DGL/+/zxyz+f8gfs/jvnT9m8d8nf8ziv2/+mMX/j/ljFv8/5Y9Z/PfLH7P4758/ZvH/c/6Yxf+A/DGL/1/yxyz+B+aPWfz/mj9m8f9b/pjF/6D8MYv/3/PHLP4H549Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+J+aP2bxPy1/zOJ/ev6Yxf+M/DGL/5n5Yxb/s/LHLP5n549Z/M/JH7P4n5s/ZvE/L3/M4v+P/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH5P4jzqQP2bxH5Q/ZvEfnD9m8R8lf8ziPyR/zOI/NH/M4j9q/pjFf7T8MYv/sPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOL/vvwxi/+4+WMW//Hyxyz+4+ePWfzfnz9m8f9A/pjFf4L8MYv/B/PHLP4T5o9Z/CfKH7P4fyh/zOL/4fwxi/9H8scs/h/NH7P4fyx/zOI/cf6YxX+S/DGL/6T5Yxb/j+ePWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/yfyxyz+U+ePWfw/mT9m8f9U/pjF/9P5Yxb/z+SPWfw/mz9m8f9c/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f98/pjFf6b8MYv/zPljFv9Z8sdG9h/6Tg/o/7U38Z81f8yy/r+QP2bx/2L+mMX/S/ljFv8v549Z/GfLH7P4fyV/zOI/+7/3H+1/dVzv0iz+c7T+MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/9X88cs/l/LH7P4L5g/ZvH/ev6YxX+h/DGL/zfyxyz+38wfs/gvnD9m8V8kf8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+38ofs/gvmT9m8f92/pjF/zv5Yxb/pfLH3qP+g0ayHnXp/LH3qP/LvX79L5M/ZvFfNn/M4v/d/DGL/3L5Yxb/5fPHLP7fyx+z+K+QPzbojEEjZua97b9i/phl/a+UP2bxXzl/zOK/Sv6YxX/V/DGL/2r5Yxb/7+ePWfxXzx+z+K+RP2bxXzN/zOK/Vv6YxX/t/DGL/zr5Yxb/H+SPWfzXzR+z+K+XP2bxXz9/zOL/w/wxi/8G+WMW/x/lj1n8N8wfs/hvlD9m8d84f8zi/+P8MYv/T/LHLP6b5I9Z/DfNH7P4b5Y/ZvHfPH/M4r9F/pjFf8v8MYv/VvljFv+t88cs/tvkj1n8t80fs/j/NH/M4v+z/DGL/3b5Yxb/7fPHLP475I9Z/HfMH7P4/zx/zOL/i/wxi/8v88cs/jvlj1n8d84fs/j/Kn/M4v/r/DGL/y75Yxb/3+SPWfx3zR+z+O+WP2bx3z1/zOL/2/wxi//v8scs/nvkj1n898wfs/jvlT9m8f99/pjF/w/5Yxb/vfPHLP775I9Z/PfNH7P4/zF/zOL/p/wxi/9++WMW//3zxyz+f84fs/gfkD9m8f9L/pjF/8D8MYv/X/PHLP5/yx+z+B+UP2bx/3v+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfz/kT9m8T8/f8zif0H+mMX/wvwxi/9F+WMW/4vzxyz+l+SPWfwvzR+z+F/2Nv2H/G+N612axf/y1j9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+e/8DocJnF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyT+ow3kj1n8B+WPWfwH549Z/EfJH7P4D8kfs/gPzR+z+I+aP2bxHy1/zOI/LH/M4j96/pjFf4z8MYv/mPljFv+x8scs/mPnj1n8x8kfs/i/L3/M4j9u/pjFf7z8RzTsDecs/uPnj1n8358/ZvH/QP6YxX+C/DGL/wfzxyz+E+aPWfwnyh+z+H8of8zi/+H8sfem/yuvdPZ6/4/kj703/V/p9f4fzR+z+H8sf8ziP3H+mMV/kvwxi/+k+WMW/4/nj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/8n8scs/lPnj1n8P5k/ZvH/VP6Yxf/T+WMW/8/kj1n8P5s/ZvH/XP6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/fP6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+QP2bx/2L+mMX/S/ljFv8v549Z/GfLH7P4fyV/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/V/PHLP5fyx+z+C+YP2bx/3r+mMV/ofwxi/838scs/t/MH7P4L5w/ZvFfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/t/KH7P4L5k/ZvH/dv6Yxf87+WMW/6Xyxyz+S+ePWfyXyR+z+C+bP2bx/27+mMV/ufwxi//y+WMW/+/lj1n8V8gfs/ivmD9m8V8pf8ziv3L+mMV/lfwxi/+q+WMW/9Xyxyz+388fs/ivnj9m8V8jf8ziv6bKf4y3vaXFfy2V/9vP4r92/pjFf538MYv/D/LHLP7r5o9Z/NfLH7P4r58/ZvH/Yf6YxX+D/DGL/4/yxyz+G+aPWfw3yh+z+G+cP2bx/3H+mMX/J/ljFv9N8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23Qv0eExX/btDGL/0/zxyz+P8sfs/hvlz9m8d8+f8ziv8Mr/i+89E6N612axX/H1j9m8f95/pjF/xf5Yxb/X+aPWfx3yh+z+O+cP2bx/1X+mMX/1/ljFv9d8scs/r/JH7P475o/ZvHfLX/M4r97/pjF/7f5Yxb/3+WPWfz3yB+z+O+ZP2bx3yt/zOL/+7flP/R/b1zv0iz+f2j9Yxb/vfPHLP775I9Z/PfNH7P4/zF/zOL/p/wxi/9++WMW//3zxyz+f84fs/gfkD9m8f9L/pjF/8D8MYv/X/PHLP5/yx+z+B+UP2bx/3v+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfz/kT9m8T8/f8zif0H+mMX/wvwxi/9F+WMW/4vzxyz+l+SPWfwvzR+z+F+WP2bxvzx/zOJ/Rf6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMS/2ED+WMW/0H5Yxb/wfljFv9R8scs/kPyxyz+Q/PHLP6j5o9Z/EfLH7P4D8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+78sfs/iPmz9m8R8vf8ziP37+mMX//fljFv8P5I9Z/CfIH7P4fzB/zOI/Yf6YxX+i/DGL/4fyxyz+H84fs/h/JH/M4v/R/DGL/8fyxyz+E+ePWfwnyR+z+E+aP2bx/3j+mMV/svwxi//k+WMW/ynyxyz+U+aPWfynyh+z+H8if8ziP3X+mMX/k/ljFv9P5Y9Z/D+dP2bx/0z+mMX/s/ljFv/P5Y9Z/KfJH7P4T5s/ZvGfLn/M4j99/pjFf4b8MYv/jPljFv/P549Z/GfKH7P4z5w/9rL/q2few/6z5I9Z1v+s+WMW/y/kj1n8v/iW/rv/74/rXZrF/0utf8zi/+X8MYv/bPljFv+v5I9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8f9q/pjF/2v5Yxb/BfPHLP5fzx+z+C+UP2bx/0b+mMX/m/ljFv+F88cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/W/ljFv8l88cs/t/OH7P4fyd/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP7fzR+z+C+XP2bxXz5/zOL/vfwxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf/7+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf8H+WMW/3Xzxyz+6+WPWfzXfwv/of+Ncb1Ls/j/sPWPWfw3yB+z+P8of8ziv2H+mMV/o/wxi//G+WMW/x/nj1n8f5I/ZvHfJH/M4r9p/pjFf7P8MYv/5vljFv8t8scs/lvmj1n8t8ofs/hvnT9m8d8mf8ziv23+mMX/p/ljFv+f5Y9Z/LfLH7P4b58/ZvHfIX/M4r9j/pjF/+f5Yxb/X+SPWfx/mT9m8d8pf8ziv3P+mMX/V/ljFv9f549Z/HfJH7P4/yZ/zOK/a/6YxX+3/DGL/+75Yxb/3+aPWfx/lz9m8d8jf8ziv2f+mMV/r/wxi//v88cs/n/IH7P4750/ZvHfJ3/M4r9v/pjF/4/5Yxb/P+WPWfz3yx+z+O+fP2bx/3P+mMX/gPwxi/9f8scs/gfmj1n8/5o/ZvH/W/6Yxf+g/DGL/9/zxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOL/j/wxi//5+WMW/wvyxyz+F+aPWfwvyh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxv+et/Mf5L4zrXZrF/97WP2bxvy9/zOJ/f/6Yxf+B/DGD/6AhA8MezB8z+A9f/w/lj1n8H84fs/g/kj9m8X80f8zi/1j+mMX/8fwxi/8T+WMW/yfzxyz+T+WPWfyfzh+z+D+TP2bxfzZ/zOL/XP6Yxf/5/DGL/wv5Yxb/F/PHLP4v5Y9J/EcfyB+z+A/KH7P4D84fs/iPkj9m8R+SP2bxH5o/ZvEfNX/M4j9a/pjFf1j+mMV/9Pwxi/8Y+WMW/zHzxyz+Y+WPWfzHzh+z+I+TP2bxf1/+mMV/3Pwxi/94+WMW//Hzxyz+788fs/h/IH/M4j9B/pjF/4P5Yxb/CfPHLP4T5Y9Z/D+UP2bx/3D+mMX/I/ljFv+P5o9Z/D+WP2bxnzh/zOI/Sf6YxX/S/DGL/8fzxyz+k+WPWfwnzx+z+E+RP2bxnzJ/zOI/Vf6Yxf8T+WMW/6nzxyz+n8wfs/h/Kn/M4v/p/DGL/2dk/tO9ze0s/p+V+b/dLP6fyx+z+E+TP2bxn3ZgYLN3akjv5iz+07X+MYv/9PljFv8Z8scs/jPmj1n8P58/ZvGfKX/M4j9z/pjFf5b8MYv/rPljFv8v5I9Z/L+YP2bx/1L+mMX/y/ljFv/Z8scs/l/JH7P4z54/ZvGfI3/M4j9n/pjFf678MYv/3PljFv958scs/vPmj1n858sfs/jPnz9m8V8gf8zi/9X8MYv/1/LHLP4L5o9Z/L+eP2bxXyh/zOL/jfwxi/8388cs/gvnj1n8F8kfs/gvmj9m8V8sf8ziv3j+mMV/ifwxi/+38scs/kvmj1n8v50/ZvH/Tv6YxX+p/DGL/9L5Yxb/ZfLHLP7L5o9Z/L+bP2bxXy5/zOK/fP6Yxf97+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxXyV/zOK/av6YxX+1/DGL//fzxyz+q+ePWfzXyB+z+K+ZP2bxXyt/zOK/dv6YxX+d/DGL/w/yxyz+6+aPWfzXyx+z+K+fP2bx/2H+mMV/g/wxi/+P8scs/hvmj1n8N8ofs/hvnD9m8f9x/pjF/yf5Yxb/TfLHLP6b5o9Z/DfLH7P4b54/ZvHfIn/M4r9l/pjFf6v8MYv/1vljFv9t8scs/tvmj1n8f5o/ZvH/Wf6YxX+7/DGL//b5Yxb/HfLHLP475o9Z/H+eP2bx/0X+mMX/l/ljFv+d8scs/jvnj1n8f5U/ZvH/df6YxX+X/DGL/2/yxyz+u+aPWfx3yx+z+O+eP2bx/23+mMX/d/ljFv898scs/nvmj1n898ofs/j/Pn/M4v+H/DGL/975Yxb/ffLHLP775o9Z/P+YP2bx/1P+mMV/v/wxi//++WMW/z/nj1n8D8gfs/j/JX/M4n9g/pjF/6/5Yxb/v+WPWfwPyh+z+P89f8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H54+9d/33OPd1l45+Qv7Ye9f/jev/xPwxi/9J+WMW/5Pzxyz+p+SPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvH/R/6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/lflj1n8r84fs/hfkz9m8b82f8zif13+mMX/+vwxi/8N+WMW/xvzxyz+N+WPWfxvzh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/x35Yxb/O/PHLP535Y9Z/O/OH7P435M/ZvG/N3/M4n9f/pjF//78MYv/A/ljFv8H88cs/g/lj1n8H84fs/g/kj9m8X80f8zi/1j+mMX/8fyxN/gPe+/6P5E/Zln/T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH5P4jzGQP2bxH5Q/ZvEfnD9m8R8lf8ziPyR/zOI/NH/M4j9q/pjFfzSV/+hve0uL/zCV/9vP4j96/pjFf4z8MYv/mPljFv+x8scs/mPnj1n8x8kfs/i/L3/M4j9u/pjFf7z8MYv/+PljFv/3549Z/D+QP2bxnyB/zOL/wfwxi/+E+WMW/4nyxyz+H8ofs/h/OH/M4v+R/DGL/0fzxyz+H8sfs/hPnD9m8Z8kf8ziP2n+mMX/4/ljFv/J8scs/pPnj1n8p8gfey/7v64xpswfey/7v379T5U/ZvH/RP6YxX/q/DGL/yfzxyz+n8ofs/h/On/M4v+Z/DGL/2fzxyz+n8sfs/hPkz9m8Z82f8ziP13+mMV/+vwxi/8M+WMW/xnzxyz+n88fs/jPlD9m8Z85f8ziP0v+mMV/1vwxi/8X8scs/l/MH7P4fyl/zOL/5fwxi/9s+WMW/6/kj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+8+WPWfznzx+z+C+QP2bx/2r+mMX/a/ljFv8F88cs/l/PH7P4L5Q/ZvH/Rv6Yxf+b+WMW/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf9b+WMW/yXzxyz+384fs/h/J3/M4r9U/pjFf+n8MYv/MvljFv9l88cs/t/NH7P4L5c/ZvFfPn/M4v+9/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjF//v5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjF/wf5Yxb/dfPHLP7r5Y9Z/NfPH7P4/zB/zOK/Qf6Yxf9H+WMW/w3zxyz+G+WPWfw3zh+z+P84f8zi/5P8MYv/JvljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8ziv1X+mMV/6/wxi/82+WMW/23zxyz+P80fs/j/LH/M4r9d/pjFf/v8MYv/DvljFv8d88cs/j/PH7P4/yJ/zOL/y/wxi/9O+WMW/53zxyz+v8ofs/j/On/M4r9L/pjF/zf5Yxb/XfPHLP675Y9Z/HfPH7P4/zZ/zOL/u/wxi/8e+WMW/z3zxyz+e+WPWfx/nz9m8f9D/pjFf+/8MYv/PvljFv9988cs/n/MH7P4/yl/zOK/X/6YxX///DGL/5/zxyz+B+SPWfz/kj9m8T8wf8zi/9f8MYv/3/LHLP4H5Y9Z/P+eP2bxPzh/zOJ/SP6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4n9M/pjF/9j8MYv/cfljFv/jX+c/+J0Y17s0i/8JrX/M4n9i/pjF/6T8MYv/yfljFv9T8scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+P8jf8zif37+mMX/gvwxi/+F+WMW/4vyxyz+F+ePWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/K/Qf/W1sY/F/Tuj/drL4P58/ZvF/IX/M4v9i/pjF/6X8MYn/mAP5Yxb/QfljFv/B+WMW/1Hyxyz+Q/LHLP5D88cs/qPmj1n8R8sfs/gPyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7vyx+z+I+bP2bxHy9/zOI/fv6Yxf/9+WMW/w/kj1n8J8gfs/h/MH/M4j9h/pjFf6L8MYv/h/LHLP4fzh+z+H8kf8zi/9H8MYv/x/LHLP4T549Z/CfJH7P4T5o/ZvH/eP6YxX+y/DGL/+T5Yxb/KfLHLP5T5o9Z/KfKH7P4fyJ/zOI/df6Yxf+T+WMW/0/lj1n8P50/ZvH/TP6Yxf+z+WMW/8/lj1n8p8kfs/hPmz9m8Z8uf8ziP33+mMV/hvwxi/+M+WMW/8/nj1n8Z8ofs/jPnD9m8Z8lf8ziP2v+mMX/C/ljFv+5h+VPWfy/1PrHLP5fzh+z+M+WP2bx/0r+mMV/9vwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOI/X/6YxX/+/DGL/wL5Yxb/r+aPWfy/lj9m8V8wf8zi//X8MYv/QvljFv9v5I9Z/L+ZP2bxXzh/zOK/SP6YxX/R/DGL/2L5Yxb/xfPHLP5L5I9Z/L+VP2bxXzJ/zOL/7fwxi/938scs/kvlj1n8l84fs/gvkz9m8V82f8zi/938MYv/cvljFv/l88cs/t/LH7P4r5A/ZvFfMX/M4r9S/pjFf+X8MYv/KvljFv9V88cs/qvlj1n8v58/ZvFfPX/M4r9G/pjFf838MYv/WvljFv+188cs/uvkj1n8f5A/ZvFfN3/M4r9e/pjFf/38MYv/D/PHLP4b5I9Z/H+UP2bx3zB/zOK/Uf6YxX/j/DGL/4/zxyz+P8kfs/hvkj9m8d80f8ziv1n+mMV/8/wxi/8W+WMW/y3zxyz+W+WPWfy3zh+z+G+TP2bx3zZ/zOL/0/wxi//P8scs/tvlj1n8t88fs/jvkD9m8d8xf8zi//P8MYv/L/LHLP6/zB97z/m/Dvn1/jvlj73n/N9k/e+cP2bx/1X+mMX/1/ljFv9d8scs/r/JH7P475o/ZvHfLX/M4r97/pjF/7f5Yxb/3+WPWfz3yB+z+O+ZP2bx3yt/zOL/+/wxi/8f8scs/nvnj1n898kfs/jvmz9m8f9j/pjF/0/5Yxb//fLHLP77549Z/P+cP2bxPyB/zOL/l/wxi/+B+WMW/7/mj1n8/5Y/ZvE/KH/M4v/3/DGL/8H5Yxb/Q/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/gfnz/2qv/AsIGB97L/CfljlvV/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/j/I3/M4n9+/pjF/4L8MYv/hfljFv+L8scs/hfnj1n8L8kfs/hfmj9m8b8sf8zif3n+mMX/ivwxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfc/gn/2Y5/AfGvK9HAWbxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMS/7EG8scs/oPyxyz+g63+K7z11Rb/Uaz+/yaL/5D8MYv/0Pwxi/+o+WMW/9Hyxyz+w/LHLP6j549Z/MfIH7P4j5k/ZvEfK3/M4j92/pjFf5z8MYv/+/LHLP7j5o9Z/MfLH7P4j58/ZvF/f/6Yxf8D+WMW/wnyxyz+H8wfs/hPmD9m8Z8of8zi/6H8MYv/h/PHLP4fyR+z+H80f8zi/7H8MYv/xPljFv9J8scs/pPmj1n8P54/ZvGfLH/M4j95/tgI/9EHv8f9p8gfs6z/KfPHLP5T5Y9Z/D+RP2bxnzp/zOL/yfwxi/+n8scs/p/OH7P4fyZ/zOL/2fwxi//n8scs/tPkj1n8p80fs/hPlz9m8Z8+f8ziP0P+mMV/xvwxi//n88cs/jPlj1n8Z84fs/jPkj9m8Z81f8zi/4X8MYv/F/PHLP5fyh+z+H85f8ziP1v+mMX/K/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/mj9m8f9a/pjFf8H8MYv/1/PHLP4L5Y9Z/L+RP2bx/2b+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bx/1b+mMV/yfwxi/+388cs/t/JH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/d/PHLP7L5Y9Z/JfPH7P4fy9/zOK/Qv6YxX9Fo//buMMW/5WM/m8ji//K+WMW/1Xyxyz+q+aPWfxXyx+z+H8/f8ziv3r+mMV/jfwxi/+a+WMW/7Xyxyz+a+ePWfzXyR+z+P8gf8ziv27+mMV/vfwxi//6+WMW/x/mj1n8N8gfs/j/KH/M4r9h/pjFf6P8MYv/xvljFv8f549Z/H+SP2bx3yR/zOK/af6YxX+z/DGL/+b5Yxb/LfLHLP5b5o9Z/LfKH7P4b50/ZvHfJn/M4r9t/pjF/6f5Yxb/n+WPWfy3yx+z+G+fP2bx3yF/zOK/Y/6Yxf/n+WMW/1/kj1n8f5k/ZvHfKX/M4r9z/pjF/1f5Yxb/X+ePWfx3yR+z+P8mf8ziv2v+mMV/t/wxi//u+WMW/9/mj1n8f5c/ZvHfI3/M4r9n/pjFf6/8MYv/7/PHLP5/yB+z+O+dP2bx3yd/zOK/b/6Yxf+P+WMW/z/lj1n898sfs/jvnz9m8f9z/pjF/4D8MYv/X/LHLP4H5o9Z/P+aP2bx/1v+mMX/oPwxi//f88cs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/mfljFv+z8scs/mfnj1n8z8kfs/ifmz9m8T8vf8zi/4/8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+F+dP2bxvyZ/zOJ/bf6Yxf+6/DGL//X5Yxb/G8B/3P/muN6lvbf9b3710rFubP1j723/1xrrpvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/7Ye9R/ypEuHeuu/LH3qP/LvX79350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH5P4jz2QP2bxH5Q/ZvEfnD9m8R8lf8ziPyR/zOI/NH/M4j9q/pjFf7T8MYv/sPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOL/vvwxi/+4+WMW//Hyxyz+4+ePWfzfnz9m8f9A/pjFf4L8MYv/B/PHLP4T5o9Z/CfKH7P4fyh/zOL/4fwxi/9H8scs/h/NH7P4fyx/zOI/cf6YxX+S/DGL/6T5Yxb/j+ePWfwnyx+z+E+eP2bxnyL/gTvgMov/lPljFv+p8scs/p/IH7P4T50/ZvH/ZP6Yxf9T+WMW/0/nj1n8P5M/ZvH/bP6Yxf9z+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf/z+WMW/5nyxyz+M+ePWfxnyR97g/+Iy8Z9h8f0/9Sb+M+aP2ZZ/1/IH7P4fzF/zOL/pfwxi/+X88cs/rPlj1n8v5I/ZvGfPX/M4j9H/pjFf878MYv/XPljFv+588cs/vPkj1n8580fs/jPlz9m8Z8/f8ziv0D+mMX/q/ljFv+v5Y9Z/BfMH7P4fz1/zOK/UP6Yxf8b+WMW/2/mj1n8F84fs/gvkj9m8V80f8ziv1j+mMV/8fwxi/8S+WMW/2/lj1n8l8wfs/h/O3/M4v+d/DGL/1L5Yxb/pfPHLP7L5I9Z/JfNH7P4fzd/zOK/XP6YxX/5/DGL//fyxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOK/Sv6YxX/V/DGL/2r5Yxb/7+ePWfxXzx+z+K+RP2bxXzN/zOK/Vv6YxX/t/DGL/zr5Yxb/H+SPWfzXzR+z+K+XP2bxXz9/zOL/w/wxi/8G+WMW/x/lj1n8N8wfs/hvlD9m8d84f8zi/+P8MYv/T/LHLP6b5I9Z/DfNH7P4b5Y/ZvHfPH/M4r9F/pjFf8v8MYv/VvljFv+t88cs/tvkj1n8t80fs/j/NH/M4v+z/DGL/3b5Yxb/7fPHLP475I9Z/HfMH7P4/zx/zOL/i/wxi/8v88cs/jvlj1n8d84fe6/6DxvJ/1f5Y+9V/4GR/H+dP2bx3yV/zOL/m/wxi/+u+WMW/93yxyz+u+ePWfx/mz9m8f9d/pjFf4/8MYv/nvljFv+98scs/r/PH7P4/yF/zOK/d/6YxX+f/DGL/775Yxb/P+aPWfz/lD9m8d8vf8ziv3/+mMX/z/ljFv8D8scs/n/JH7P4H5g/ZvH/a/6Yxf9v+WMW/4Pyxyz+f88fs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi/8/8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b9rZP/N/8vjepdm8b+79Y9Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHJP7jDOSPWfwH5Y9Z/Afnj1n8R8kfs/gPyR+z+A/NH7P4j5o/ZvEfLX/M4j8sf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+L8vf8ziP27+mMV/vPwxi//4+WMW//fnj1n8P5A/ZvGfIH/M4v/B/DGL/4T5Yxb/ifLHLP4fyh+z+H84f8zi/5H8MYv/R/PHLP4fyx+z+E+cP2bxnyR/zOI/af6Yxf/j+WMW/8nyxyz+k+ePWfynyB+z+E+ZP2bxnyp/zOL/ifwxi//U+WMW/0/mj1n8P5U/ZvH/dP6Yxf8z+WMW/8/mj1n8P5c/ZvGfJn/M4j9t/pjFf7r8MYv/9PljFv8Z8scs/jPmj1n8P58/ZvGfKX/M4j9z/pjFf5b8MYv/rPljFv8v5I9Z/L+YP2bx/1L+mMX/y/ljFv/Z8scs/l9R+y835ptdY/GfXe3/5ln858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfwXyB+z+H81f8zi/7X8MYv/gvljFv+v549Z/BfKH7P4fyN/zOL/zfwxi//C+WMW/0Xyxyz+i+aPWfwXyx+z+C+eP2bxXyJ/zOL/rfwxi/+S+WMW/2/nj1n8v5M/ZvFfKn/M4r90/pjFf5n8MYv/svljFv/v5o9Z/JfLH7P4L58/ZvH/Xv6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvFfLX/M4v/9/DGL/+r5Yxb/NfLHLP5r5o9Z/NfKH7P4r50/ZvFfJ3/M4v+D/DGL/7r5Yxb/9fLHLP7r549Z/H+YP2bx3yB/zOL/o/wxi/+G+WMW/43yxyz+G+ePWfx/nP/AwMDo/3KJxf8n+WMW/03yxyz+m+aPWfw3yx+z+G+eP2bx3yJ/zOK/Zf6YxX+r/DGL/9b5Yxb/bfLHLP7b5o9Z/H+aP2bx/1n+mMV/u/wxi//2+WMW/x3yxyz+O+aPWfx/nj9m8f9F/pjF/5f5Yxb/nfLHLP47549Z/H+VP2bx/3X+mMV/l/wxi/9v8scs/rvmj1n8d8sfs/jvnj9m8f9t/pjF/3f5Yxb/PfLHLP575o9Z/PfKH7P4/z5/zOL/h/wxi//e+WMW/33yxyz+++aPWfz/mD9m8f9T/pjFf7/8MYv//vljFv8/549Z/A/IH7P4/yV/zOJ/YP6Yxf+v+WMW/7/lj1n8D8ofs/j/PX/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/v/IH7P4n58/ZvG/IH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYn/+wbyxyz+g/LHLP6D88cs/qPkj1n8h+SPWfyH5o9Z/EfNH7P4j5Y/ZvEflj9m8R89f8ziP0b+mMV/zPyx/4+d+w/Xuq7vOH7z4wCZpB/b1KUNh8Zcm5HIaNRCVBSPP06ZaOZv1COQIPJDEkzFjVbq2HSpmyWbWjjmbNUSh5vr14qGZc3WiK1VTnEtjDEHi8wZuw6cg3D29lw7X/b9uvl+PP7gnPs+vu+U5/Xyvr24rrL031v/UJb+w/UPZen/Kv1DWfrvo38oS/999Q9l6V/0D2Xpv5/+oSz9X61/KEv/n9I/lKX/T+sfytJ/f/1DWfofoH8oS/8D9Q9l6f8z+oey9H+N/qEs/Q/SP5Sl/8H6h7L0f63+oSz9f1b/UJb+I/QPZel/iP6hLP1/Tv9Qlv4j9Q9l6X+o/qEs/Q/TP5Sl/+v0D2XpP0r/UJb+P69/KEv/w/UPZen/C/qHsvR/vf6hLP1/Uf9Qlv6/pH8oS/8j9A9l6f8G/UNZ+o/WP5Sl/xv1D2Xpf6T+oSz9x+gfytL/KP1DWfqP1T+Upf8v6x/K0n+c/qEs/d+kfyhL/1/RP5Sl/3j9Q1n6v1n/UJb+b9E/lKX/r+ofytL/rfqHsvSfoH8oS/+j9Q9l6T9R/1CW/sfoH8rS/1j9Q1n6H6d/KEv/SfqHsvQ/Xv9Qlv4n6B/K0n+y/qEs/U/UP5Slf7v+oSz9T9I/lKX/yfqHsvQ/Rf9Qlv6n6h/K0r9D/1CW/m/TP5Sl/9v1D2Xpf5r+oSz936F/KEv/0/UPZek/Rf9Qlv5n6B/K0v9M/UNZ+r9T/1CW/mfpH8rS/136h7L0P1v/UJb+5+gfytL/XP1DWfqfp38oS//z9Q9l6X+B/qEs/S/UP5Sl/1T9Q1n6X6R/KEv/i/UPZel/if6hLP079Q9l6X+p/qEs/afpH8rSf7r+oSz9Z+gfytL/3fqHsvS/TP9Qlv4z9Q9l6T9L/1CW/pfrH8rSf7b+oSz9r9A/lKX/HP1DWfrP1T+Upf88/UNZ+s/XP5Sl/5X6h7L0X6B/KEv/9+gfytL/Kv1DWfov1D+Upf8i/UNZ+l+tfyhL//fqH8rS/xr9Q1n6X6t/KEv/6/QPZem/WP9Qlv7X6x/K0v/X9A9l6f/r+oey9F+ifyhL//fpH8rS/zf0D7R1f33593+//qEs+/+A/qEs/W/QP5Sl/436h7L0v0n/UJb+v6l/KEv/pfqHsvT/Lf1DWfr/tv6hLP1v1j+Upf8t+oey9P8d/UNZ+n9Q/1CW/rfqH8rS/zb9Q1n6365/KEv/39U/lKX/7+kfytL/Dv1DWfp/SP9Qlv4f1j+Upf+d+oey9F+mfyhL/9/XP5Sl/x/oH8rS/y79Q1n6361/KEv/e/QPZen/Ef1DWfp/VP9Qlv7L9Q9l6X+v/qEs/f9Q/1CW/iv0D2Xp/0f6h7L0v0//UJb+f6x/KEv/+/UPZen/Mf1DWfr/if6hLP0/rn8oS/9P6B/K0v+T+oey9P9T/UNZ+n9K/1CW/g/oH8rSf6X+oSz9H9Q/lKX/n+kfytJ/lf6hLP0f0j+Upf+f6x/K0v8v9A9l6f+w/qEs/f9S/1CW/p/WP5Sl/2f0D2Xp/1n9Q1n6f07/UJb+n9c/lKX/X+kfytL/C/qHsvT/ov6hLP1X6x/K0v9L+oey9P9r/UNZ+q/RP5Sl/yP6h7L0/7L+oSz9v6J/KEv/R/UPZen/Vf1DWfp/Tf9Qlv5/o38oS//H9A9l6f91/UNZ+v+t/qEs/b+hfyhL/7/TP5Sl/1r9Q1n6f1P/UJb+6/QPZen/9/qHsvT/B/1DWfp/S/9Qlv7/qH8oS/9v6x/K0v87+oey9P+u/qEs/R/XP5Sl/z/pH8rS/wn9Q1n6P6l/KEv/9fqHsvR/Sv9Qlv7/rH8oS//v6R/K0v9f9A9l6f99/UNZ+m/QP5Sl/9P6h7L0/4H+oSz9N+ofytL/X/UPZem/Sf9Qlv7/pn8oS/9n9A9l6f/v+oey9N+sfyhL/y36h7L0/w/9Q1n6/1D/UJb+W/UPZen/I/1DWfo/q38oS/8f6x/K0v85/UNZ+v+n/qEs/Z/XP5Sl/0/0D2Xpv03/UJL++7b0D2XpP0D/UJb+A/UPZek/SP9Qlv6D9Q9l6d+mfyhL/yH6h7L0H6p/KEv/YfqHsvR/hf6hLP330j+Upf8r9Q9l6b+3/qEs/YfrH8rS/1X6h7L030f/0MuuPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP818xYuumzqzJmdc33jG9/4Zuc3L/W/mQAAgP9tL3zof6n/TgAAAAAAAAAAAAAAAAAAACCvJv7vxF7qf0YAAAAAAAAAAAAAAPj/rr3jmI2DBuz21KBdH7z20c7tX8duPWv68uUPlp6v3T8+OXjJgbs+2LZt27Zlz0yY1P1waKvV6vpf27f78bDex12vv3jEnQfueFQmfuH2x8+fMvyUuStvGfzNZTd1PN22/dm21oWXzpjZ+caBrVY5rq11VdeDIwe0WuWEttbNXQ/GdD2Y3NZa0fXgqO0PXtH6bNeDN1w8e+YlXU+cWPn3DF4u2jsWtwbtttjWbv822HX/i0c8Mb3nax8v2fNqg1vd+x+58ssH9PpZjxfZf8/rl2N677/f/4DAi+rf/p9d1/O1j5f8b+//H1mzdVH0sxfff8/rl2PtH+oTfP7fbaO9P/f3+vx/SPCSO++PHrbm1q79t59x38HdTw3+n3z+f+H1y3G99z9wt8//XZ/jJ/V8/h/aapXj9/C3A1Jp77h+Y1/v/33vf/Bret0M2HX/93x1/d5d+7/3udaS7qfa+rn/SX29/9/Q6+8V6J/2jru39Xr/78f+W6OCl9y5/w0rh2///L/+/ov33+Vn/dn/8b33P3r+rCtGz1u46IgZs6ZO65zWefn4MeOOHDt+/Lhxo7d/Itjx6x7+pkASe/b+39qr182AVqtz5/3q+26a1LX/TQ8t+Wj3U8P6uf8T+nz/P8T7P4RGDmwNGdK6aur8+XOP3PFrz8MxO37d8ZcF++/Hf/8fenj3X9bzZ4YDWq0Dd96POn/80K79Xz2nrOp+akg/9z+5z/1P3P3PKoH+2cP3/0t63ey2/6M3XLuga/+H/XC/9d1P9fe//0/sc/93ef+HPdHe0ar1TbRr/0cNvf6katel3Z//QX2a2P+IzTdvqXZdTrJ/qE8T+5+y9C0XVbsuJ9s/1KeJ/T8464Kl1a7LKfYP9Wli/8+/estB1a7LqfYP9Wli/49976nl1a5Lh/1DfZrY/4fu6Diq2nV5m/1DfZrY/xFX/mhCtevydvuH+jSx/0tfefqKatflNPuH+jSx/5O2Hbt/tevyDvuH+jSx/wHXf39xtetyuv1DfZrY/5NTl86udl2m2D/Up4n9rxgx6tlq1+UM+4f6NLH/JU+/aXK163Km/UN9mtj/126787Fq1+Wd9g/1aWL/nzx3vzurXZez7B/q08T+fzzyob2qXZd32T/Up4n9r1274oFq1+Vs+4f6NLH/ZSsGjax2Xc6xf6hPE/u/7sRpj1a7LufaP9Snif2PHfeVc6pdl/PsH+rTxP4P/Py3n6p2Xc63f6hPE/s//eEF86pdlwvsH+rTxP4XHPSJn1S7LhfaP9Snif2/tfOg6dWuy1T7h/o0sf9yy15rq12Xi+wf6tPE/s/edPfEatflYvuH+jSx/1X7fPHj1a7LJfYP9Wli/5vnXD6+2nXptH+oTxP7/+77rnt/tetyqf1DfZrY/63PfaNUuy7T7B/q08T+N4w5+9xq12W6/UN9mtj/3ac880i16zLD/qE+Tex/6arH51e7Lu+2f6hPE/tfvfrkJ6pdl8vsH+rTxP4PGzV6eLXrMtP+oT5N7H/2WUs+XO26zLJ/qE8T+z/u/tteV+26XG7/UJ8m9j/s6xM+Ve26zLZ/qE8T+//MhA98utp1ucL+oT5N7H/LxEMPr3Zd5tg/1KeJ/a97YMzt1a7LXPuH+jSx/w8+ckfF6zLP/qE+Tex/zuuf31Ttusy3f6hPE/t/85QzF1a7LlfaP9Snif3vf9fkL1W7LgvsH+rTxP7P+84PTqt2Xd5j/1CfJvZ/6AEXHVztulxl/1CfJvY/fcaaG6tdl4X2D/VpYv+Tlq0bW+26LLJ/qE8T+9/nyXn3VLsuV9s/1KeJ/W8cdMCp1a7Le+0f6tPE/u+95uFvVbsu19g/1KeJ/d94w8c6q12Xa+0f6tPE/j+3dcjmatflOvsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRC9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBRAAAA//8xA+DQ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc038586a, &(0x7f0000000100)={0x4, 0x3, 0x8000000})

5.616465307s ago: executing program 4 (id=2876):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000680)=ANY=[@ANYBLOB="12010000cf8bed20d90f21004029000000010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000380)=ANY=[@ANYBLOB="201101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(0x0, 0x1, 0x402)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000180)={0x1, 0x9, 0x4, 0x0})

4.278921213s ago: executing program 5 (id=2896):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000000206050000000000000000000000000627000400000000000900020073797a3200000000050005000a00000005000100067b8ba963"], 0x4c}}, 0x0)
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)

4.112663105s ago: executing program 5 (id=2897):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
lseek(r1, 0x3, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)})
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f00000002c0)={<r2=>0xffffffffffffffff})
getsockopt$inet6_buf(r1, 0x29, 0x14, &(0x7f0000000440)=""/156, &(0x7f0000000180)=0x9c)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0)
syz_pidfd_open(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
signalfd(0xffffffffffffffff, 0x0, 0x0)
setpgid(r3, 0x0)
setpgid(0x0, r3)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={0x0, 0x0, 0x8}, 0x18)
r4 = socket(0x10, 0x3, 0x0)
recvmmsg$unix(r4, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000003700)=[{0x0}, {&(0x7f00000024c0)=""/225, 0xe1}, {&(0x7f00000025c0)=""/4096, 0x1000}, {&(0x7f00000035c0)=""/139, 0x8b}], 0x4}}], 0x1, 0x2, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=@bridge_getvlan={0x20, 0x72, 0x7e3bfe4fa73db39f, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x20}}, 0x0)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r5, 0x9360, 0x800000000000001)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000000)=0x1)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})

3.755655976s ago: executing program 4 (id=2898):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x6, 0x0, 0x3, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c4746580820dacbf7966d61fdcf3350b3e1a311ef54ec22f51e0000000000000000000009000000000000000000000000ff070000e100", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x1]})
write$char_usb(r0, &(0x7f0000000080)="2206", 0x2)

3.582714058s ago: executing program 4 (id=2901):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x2, 0x4, 0x8, 0xc}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000006b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.232915754s ago: executing program 5 (id=2902):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300042e010203010902120001000000000904"], 0x0)
ioctl$EVIOCRMFF(r0, 0x550c, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000b40)={0x34, &(0x7f0000000940)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)

2.932792672s ago: executing program 4 (id=2903):
ioctl$INCFS_IOC_CREATE_FILE(0xffffffffffffffff, 0xc058671e, &(0x7f00000003c0)={{'\x00', 0x2}, {0x3}, 0x136, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10f5})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x29c, 0x65, 0x200, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2}, {0x0, 0xfff3}, {0x4, 0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x268, 0x2, [@TCA_BPF_ACT={0x130, 0x1, [@m_mirred={0xa0, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x71, 0x6, "dae0489b799d15556c6c7d44ae8f295fea1c62d64b963cf0dd1fcb6569ccece7639c45fe850fdd998bfb2bf1864e314a1573d71d7ce0c846e05d02bea46bb8684f4400bcd9e6ffd44db802ec87e70b916f5c754381982d8e0d94021e6c0a03419d371065f3943d3dd69064d7a6"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_skbedit={0x8c, 0x3, 0x0, 0x0, {{0xc}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x7}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x2, 0x8, 0x2, 0x4}}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x3, 0xfff9}}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x5}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xf, 0x1}}]}, {0x25, 0x6, "6312ba1453c5d091a0881fca14b9956480f3cad707c642f8a483d1b6f6604359e5"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}]}, @TCA_BPF_POLICE={0x4}, @TCA_BPF_ACT={0x130, 0x1, [@m_bpf={0x12c, 0x13, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x7, 0x4, 0x20000000, 0x8, 0x7}}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_OPS={0x4c, 0x4, [{0xc, 0x9, 0x3, 0xfffffe00}, {0xa, 0x5, 0x3, 0x200}, {0x1, 0x40, 0xf, 0x7}, {0x0, 0x0, 0x4, 0x5b}, {0x14, 0xc, 0x80}, {0xfff6, 0xc, 0x4, 0x401}, {0x2, 0x49, 0x10, 0xc7f}, {0x0, 0xf8, 0x3, 0x4}, {0x2, 0x1, 0x7, 0x101}]}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0x5, 0x80, 0x80, 0x3}]}]}, {0x89, 0x6, "f3ef5037a6528e33d770d04ac21b212ade2038dcc7272de194cea4dc3a7d2d828f018c45a15167f02711ac66b0a2d17ed3ebeba3e0e6a1e81a6f5c8318a249a88d8b7a626d4541a9311eb98e9a813da52ae50ddcd281f053030bf762654a37a0c8784d62d6bdd66fc62d83d3a55240eb2009bd6b3153e334472ea3f22708a6b7c7306f19e4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x22bf533d53fd5981, 0x3}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x1d8}]}, 0x29c}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

2.78288248s ago: executing program 35 (id=2903):
ioctl$INCFS_IOC_CREATE_FILE(0xffffffffffffffff, 0xc058671e, &(0x7f00000003c0)={{'\x00', 0x2}, {0x3}, 0x136, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10f5})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x29c, 0x65, 0x200, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2}, {0x0, 0xfff3}, {0x4, 0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x268, 0x2, [@TCA_BPF_ACT={0x130, 0x1, [@m_mirred={0xa0, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x71, 0x6, "dae0489b799d15556c6c7d44ae8f295fea1c62d64b963cf0dd1fcb6569ccece7639c45fe850fdd998bfb2bf1864e314a1573d71d7ce0c846e05d02bea46bb8684f4400bcd9e6ffd44db802ec87e70b916f5c754381982d8e0d94021e6c0a03419d371065f3943d3dd69064d7a6"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_skbedit={0x8c, 0x3, 0x0, 0x0, {{0xc}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x7}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x2, 0x8, 0x2, 0x4}}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x3, 0xfff9}}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x5}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xf, 0x1}}]}, {0x25, 0x6, "6312ba1453c5d091a0881fca14b9956480f3cad707c642f8a483d1b6f6604359e5"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}]}, @TCA_BPF_POLICE={0x4}, @TCA_BPF_ACT={0x130, 0x1, [@m_bpf={0x12c, 0x13, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x7, 0x4, 0x20000000, 0x8, 0x7}}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_OPS={0x4c, 0x4, [{0xc, 0x9, 0x3, 0xfffffe00}, {0xa, 0x5, 0x3, 0x200}, {0x1, 0x40, 0xf, 0x7}, {0x0, 0x0, 0x4, 0x5b}, {0x14, 0xc, 0x80}, {0xfff6, 0xc, 0x4, 0x401}, {0x2, 0x49, 0x10, 0xc7f}, {0x0, 0xf8, 0x3, 0x4}, {0x2, 0x1, 0x7, 0x101}]}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0x5, 0x80, 0x80, 0x3}]}]}, {0x89, 0x6, "f3ef5037a6528e33d770d04ac21b212ade2038dcc7272de194cea4dc3a7d2d828f018c45a15167f02711ac66b0a2d17ed3ebeba3e0e6a1e81a6f5c8318a249a88d8b7a626d4541a9311eb98e9a813da52ae50ddcd281f053030bf762654a37a0c8784d62d6bdd66fc62d83d3a55240eb2009bd6b3153e334472ea3f22708a6b7c7306f19e4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x22bf533d53fd5981, 0x3}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x1d8}]}, 0x29c}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

928.131254ms ago: executing program 2 (id=2916):
socket$kcm(0xa, 0x3, 0x87)
syz_emit_ethernet(0x4e, &(0x7f0000000300)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x18, 0x87, 0xff, @rand_addr=' \x01\x00', @mcast2, {[@routing={0x16, 0x2, 0x3, 0x0, 0x0, [@local]}]}}}}}, 0x0)

810.002039ms ago: executing program 2 (id=2917):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x24, 0x0)

789.727505ms ago: executing program 2 (id=2918):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x54, 0xa, 0x1, "3258ae1e008faa00000000000000000000000000000100000000271e00000020", 0x48524742})

770.153412ms ago: executing program 5 (id=2919):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x7})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
r1 = timerfd_create(0x8, 0x800)
timerfd_settime(r1, 0x1, &(0x7f0000000080)={{0x77359400}}, &(0x7f0000000200))

687.78953ms ago: executing program 5 (id=2920):
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x3ff, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, {0x2, 0x0, 0x3013, 0x1, 0x4, 0x7, 0x2}})

687.548283ms ago: executing program 2 (id=2921):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@ldst={0x3, 0x0, 0x3, 0xa, 0xa, 0xfffffffffffffff4}]}, &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)

582.227085ms ago: executing program 5 (id=2922):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@increfs], 0x0, 0x0, 0x0})
ppoll(&(0x7f0000000040)=[{r1, 0x200}, {r1, 0x4a0}], 0x2, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0xfc, 0x1000000, 0x0})

581.998948ms ago: executing program 2 (id=2923):
syz_usb_control_io$uac1(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x0, &(0x7f0000000280)={0x0, 0x3, 0x7, @string={0x7, 0x3, "47f92af144"}}}, 0x0)
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0406441, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

0s ago: executing program 2 (id=2924):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0)={0xfffc, 0xc, 0x3}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffffb}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, 0x0, &(0x7f00000003c0))

kernel console output (not intermixed with test programs):

trings: Mfr=1, Product=2, SerialNumber=3
[  224.450051][ T6027] usb 6-1: Product: syz
[  224.451784][ T6027] usb 6-1: Manufacturer: syz
[  224.455626][ T6027] usb 6-1: SerialNumber: syz
[  224.469337][ T6027] rndis_host 6-1:7.0: skipping garbage
[  224.471573][ T6027] usb 6-1: bad CDC descriptors
[  224.475990][ T6027] option 6-1:7.0: GSM modem (1-port) converter detected
[  224.682976][ T5917] usb 6-1: USB disconnect, device number 7
[  224.696448][ T5917] option 6-1:7.0: device disconnected
[  224.696617][T10170] loop2: detected capacity change from 0 to 32768
[  224.748840][ T5850] udevd[5850]: symlink '../../loop2' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:2' failed: Read-only file system
[  224.962725][T10173] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1606'.
[  224.972960][T10173] netlink: 'syz.4.1606': attribute type 11 has an invalid length.
[  224.992194][T10173] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1606'.
[  224.995814][T10173] netlink: 'syz.4.1606': attribute type 11 has an invalid length.
[  225.281548][T10185] binder: 10184:10185 ioctl c0306201 200000000080 returned -14
[  225.459135][   T33] kauditd_printk_skb: 3 callbacks suppressed
[  225.459152][   T33] audit: type=1326 audit(225.341:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.5.1617" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3221b8ebe9 code=0x0
[  225.530148][T10199] loop2: detected capacity change from 0 to 128
[  225.545064][ T5850] udevd[5850]: symlink '../../loop2' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:2' failed: Read-only file system
[  225.559337][T10199] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  225.595416][T10199] syz.2.1619 (pid 10199) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  225.667089][ T5849] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  225.901017][T10227] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1631'.
[  226.052045][T10230] program syz.5.1632 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  226.197999][T10232] macvlan2: entered promiscuous mode
[  226.200025][T10232] macvlan2: entered allmulticast mode
[  226.250059][T10234] loop5: detected capacity change from 0 to 1024
[  226.270054][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/untitled.tmp-b7:5' failed: Read-only file system
[  226.275865][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/3de3d207-fc4e-3c3b-aa08-7cb07cd064ab.tmp-b7:5' failed: Read-only file system
[  226.329181][   T52] hfsplus: b-tree write err: -5, ino 4
[  227.564273][T10240] loop4: detected capacity change from 0 to 32768
[  227.581211][T10240] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1636 (10240)
[  227.661286][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:4' failed: Read-only file system
[  227.708371][T10240] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  227.725312][T10240] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  227.995644][T10240] BTRFS info (device loop4): rebuilding free space tree
[  228.015799][T10240] BTRFS info (device loop4): allowing degraded mounts
[  228.018810][T10240] BTRFS info (device loop4): enabling ssd optimizations
[  228.021661][T10240] BTRFS info (device loop4): enabling free space tree
[  228.024387][T10240] BTRFS info (device loop4): force clearing of disk cache
[  228.032177][T10240] BTRFS info (device loop4): use zstd compression, level 3
[  228.035189][T10240] BTRFS info (device loop4): max_inline set to 0
[  228.119968][T10240] BTRFS info (device loop4 state M): max_inline set to 0
[  228.187054][ T8112] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  228.202347][T10270] loop5: detected capacity change from 0 to 1024
[  228.226182][ T5862] udevd[5862]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  228.247603][T10270] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.328270][T10277] loop2: detected capacity change from 0 to 8
[  228.542304][T10282] loop4: detected capacity change from 0 to 1024
[  228.556131][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/untitled.tmp-b7:4' failed: Read-only file system
[  228.558329][T10270] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.1643: lblock 3 mapped to illegal pblock 3 (length 13)
[  228.610723][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/89204a28-3dc1-3311-9d08-7ea374525680.tmp-b7:4' failed: Read-only file system
[  228.913329][T10270] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  228.920423][T10270] EXT4-fs (loop5): This should not happen!! Data will be lost
[  228.920423][T10270] 
[  228.934443][T10283] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.1643: lblock 3 mapped to illegal pblock 3 (length 1)
[  228.936794][T10269] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 8: comm syz.5.1643: lblock 8 mapped to illegal pblock 8 (length 8)
[  228.964627][T10269] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 8: comm syz.5.1643: lblock 8 mapped to illegal pblock 8 (length 8)
[  228.971800][T10269] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 8: comm syz.5.1643: lblock 8 mapped to illegal pblock 8 (length 8)
[  229.005669][T10283] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.1643: lblock 3 mapped to illegal pblock 3 (length 1)
[  229.030558][T10270] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 8: comm syz.5.1643: lblock 8 mapped to illegal pblock 8 (length 8)
[  229.034298][T10283] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.1643: lblock 3 mapped to illegal pblock 3 (length 1)
[  229.047109][T10270] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 8: comm syz.5.1643: lblock 8 mapped to illegal pblock 8 (length 8)
[  229.081624][T10270] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 8: comm syz.5.1643: lblock 8 mapped to illegal pblock 8 (length 8)
[  229.263071][ T8782] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.304791][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  229.694062][T10302] loop5: detected capacity change from 0 to 40427
[  229.697969][T10302] F2FS-fs: heap/no_heap options were deprecated
[  229.701155][T10302] F2FS-fs (loop5): Invalid segment count (1)
[  229.703847][T10302] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  229.716340][T10302] F2FS-fs (loop5): invalid crc value
[  229.812965][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:5' failed: Read-only file system
[  229.825313][T10302] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  229.829621][T10302] F2FS-fs (loop5): Try to recover 1th superblock, ret: -30
[  229.831967][T10302] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  231.159007][T10329] trusted_key: encrypted_key: keyword 'neW' not recognized
[  231.235638][T10324] loop2: detected capacity change from 0 to 32768
[  231.239338][T10324] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section clean: entry type clock overruns end of section
[  231.239338][T10324] clean (size 2912):
[  231.239338][T10324] flags:          0
[  231.239338][T10324] journal_seq:    10
[  231.239338][T10324] dev_usage: 
[  231.239338][T10324] usage: type=key_version v=0
[  231.239338][T10324] (unknown jset_entry_type 255)
[  231.239338][T10324] usage: type=reserved v=0
[  231.239338][T10324] usage: type=reserved v=0
[  231.239338][T10324] usage: type=reserved v=0
[  231.239338][T10324] data_usage: btree: 1/1 [0]=2816
[  231.239338][T10324] data_usage: journal: 1/1 [0]=0
[  231.239338][T10324] data_usage: user: 1/1 [0]=16
[  231.239338][T10324] dev_usage: dev=0  
[  231.239338][T10324]   free: buckets=83 sectors=0 fragmented=0
[  231.239338][T10324]   sb: buckets=25 sectors=6152 fragmented=248
[  231.239338][T10324]   journal: buckets=8 sectors=2048 fragmented=0
[  231.239338][T10324]   btree: buckets=11 sectors=2816 fragmented=0
[  231.239338][T10324]   user: buckets=1 sectors=16 fragmented=240
[  231.239338][T10324]   cached: buckets=0 sectors=0 fragmented=0
[  231.239338][T10324]   parity: buckets=0 sectors=0 fragmented=0
[  231.239338][T10324]   stripe: buckets=0 sectors=0 fragmented=0
[  231.239338][T10324]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  231.239338][T10324]   need_discard: buckets=0 sectors=0 fragmented=0
[  231.239338][T10324] 
[  231.286557][T10324] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  231.689491][T10342] could not allocate digest TFM handle cryptd(blake2b-160)
[  232.104713][T10375] loop2: detected capacity change from 0 to 8
[  232.132880][T10375] SQUASHFS error: xz decompression failed, data probably corrupt
[  232.140553][T10375] SQUASHFS error: Failed to read block 0x108: -5
[  232.144205][T10375] SQUASHFS error: Unable to read metadata cache entry [106]
[  232.147135][T10375] SQUASHFS error: Unable to read inode 0x11f
[  232.341538][T10386] bond0: entered promiscuous mode
[  232.343688][T10386] bond_slave_0: entered promiscuous mode
[  232.353978][T10386] bond_slave_1: entered promiscuous mode
[  232.362882][T10386] bond0: left promiscuous mode
[  232.363328][T10388] loop2: detected capacity change from 0 to 2048
[  232.364876][T10386] bond_slave_0: left promiscuous mode
[  232.365053][T10386] bond_slave_1: left promiscuous mode
[  232.391826][ T5850] udevd[5850]: symlink '../../loop2' '/dev/disk/by-uuid/1a95d291-cd32-4c4d-814a-8221d1aa3beb.tmp-b7:2' failed: Read-only file system
[  232.405726][T10389] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  232.425057][T10388] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=16, inode=2, rec_len=16, name_len=255
[  232.443321][T10388] Remounting filesystem read-only
[  232.736355][T10406] kAFS: unable to lookup cell ''
[  232.743586][T10408] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1691'.
[  232.865598][T10418] loop4: detected capacity change from 0 to 8
[  232.879851][T10418] SQUASHFS error: xz decompression failed, data probably corrupt
[  232.883326][T10418] SQUASHFS error: Failed to read block 0x108: -5
[  232.896355][T10418] SQUASHFS error: Unable to read metadata cache entry [106]
[  232.899245][T10418] SQUASHFS error: Unable to read inode 0x101f
[  232.995080][T10422] loop4: detected capacity change from 0 to 1024
[  233.003601][T10422] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  233.013178][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  233.054958][T10422] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.069631][T10422] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.1698: missing EA_INODE flag
[  233.074151][   T33] audit: type=1804 audit(232.951:48): pid=10422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1698" name="/newroot/293/file1/file1" dev="loop4" ino=15 res=1 errno=0
[  233.082435][T10422] EXT4-fs (loop4): Remounting filesystem read-only
[  233.130215][ T8112] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.174627][T10430] loop2: detected capacity change from 0 to 256
[  233.179634][T10432] loop5: detected capacity change from 0 to 8
[  233.222825][T10432] SQUASHFS error: zlib decompression failed, data probably corrupt
[  233.225971][T10432] SQUASHFS error: Failed to read block 0x9b: -5
[  233.229958][ T6013] udevd[6013]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  233.246325][T10432] SQUASHFS error: Unable to read metadata cache entry [99]
[  233.249174][T10432] SQUASHFS error: Unable to read inode 0x127
[  233.552516][T10447] loop5: detected capacity change from 0 to 2048
[  233.560684][T10447] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  233.569232][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/LinuxUDF.tmp-b7:5' failed: Read-only file system
[  233.574958][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/1234567812345678.tmp-b7:5' failed: Read-only file system
[  233.676424][ T6027] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  233.819667][T10449] loop5: detected capacity change from 0 to 40427
[  233.827087][T10449] F2FS-fs: heap/no_heap options were deprecated
[  233.833564][T10449] F2FS-fs (loop5): build fault injection rate: 19
[  233.836145][T10449] F2FS-fs (loop5): build fault injection type: 0x7
[  233.839698][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:5' failed: Read-only file system
[  233.849694][T10449] F2FS-fs (loop5): invalid crc value
[  233.849841][ T6027] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  233.854908][ T6027] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  233.859957][ T6027] usb 5-1: config 0 has no interface number 0
[  233.863530][T10449] F2FS-fs (loop5): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x4429/0x6ff0
[  233.868521][T10449] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-12)
[  233.879928][ T6027] usb 5-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28
[  233.883389][ T6027] usb 5-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  233.886588][ T6027] usb 5-1: Product: syz
[  233.888218][ T6027] usb 5-1: Manufacturer: syz
[  233.890050][ T6027] usb 5-1: SerialNumber: syz
[  233.894134][ T6027] usb 5-1: config 0 descriptor??
[  233.902262][ T6027] usb 5-1: Found UVC 0.00 device syz (046c:14e8)
[  233.904853][ T6027] uvcvideo 5-1:0.105: Entity type for entity Output 1 was not initialized!
[  233.909065][ T6027] usb 5-1: Failed to create links for entity 1
[  233.911646][ T6027] usb 5-1: Failed to register entities (-22).
[  234.104460][ T5917] usb 5-1: USB disconnect, device number 10
[  234.182826][   T33] audit: type=1800 audit(234.061:49): pid=10437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1704" name="file0" dev="fuse" ino=2 res=0 errno=0
[  234.188615][T10456] loop5: detected capacity change from 0 to 4096
[  234.199689][T10456] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  234.215747][T10456] ntfs3(loop5): ino=19, mi_enum_attr
[  234.223554][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/68CE0ED73BAA5F78.tmp-b7:5' failed: Read-only file system
[  234.559380][T10468] vivid-000: disconnect
[  234.863402][T10472] loop5: detected capacity change from 0 to 256
[  234.868266][T10472] exfat: Deprecated parameter 'namecase'
[  234.869995][T10472] exfat: Deprecated parameter 'utf8'
[  234.881899][T10472] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  235.103236][T10482] loop4: detected capacity change from 0 to 8192
[  235.113083][T10482] NILFS (loop4): unsupported revision (superblock rev.=0.0, current rev.=2.0). Please check the version of mkfs.nilfs(2).
[  235.122446][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/c5552b0d-8116-4a27-8133-f8515c0be41e.tmp-b7:4' failed: Read-only file system
[  235.142715][T10457] vivid-000: reconnect
[  235.349953][T10494] loop4: detected capacity change from 0 to 1024
[  235.365192][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/untitled.tmp-b7:4' failed: Read-only file system
[  235.372402][T10478] loop5: detected capacity change from 0 to 32768
[  235.380756][T10478] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1722 (10478)
[  235.388164][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:4' failed: Read-only file system
[  235.419405][ T5862] udevd[5862]: symlink '../../loop5' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:5' failed: Read-only file system
[  235.424412][T10478] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  235.433466][T10478] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  235.526651][T10478] BTRFS info (device loop5): setting nodatasum
[  235.528688][T10478] BTRFS info (device loop5): setting nodatacow
[  235.530657][T10478] BTRFS info (device loop5): enabling free space tree
[  235.533287][T10478] BTRFS info (device loop5): max_inline set to 0
[  235.596488][ T6027] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  235.607511][ T8782] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  235.700264][T10514] netlink: 'syz.4.1731': attribute type 1 has an invalid length.
[  235.703008][T10514] netlink: 'syz.4.1731': attribute type 2 has an invalid length.
[  235.716127][T10514] netlink: 'syz.4.1731': attribute type 1 has an invalid length.
[  235.719745][T10514] netlink: 'syz.4.1731': attribute type 2 has an invalid length.
[  235.964530][ T6027] usb 3-1: Using ep0 maxpacket: 16
[  235.984329][ T6027] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  236.000863][ T6027] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.003204][ T6027] usb 3-1: Product: syz
[  236.004591][ T6027] usb 3-1: Manufacturer: syz
[  236.007450][ T6027] usb 3-1: SerialNumber: syz
[  236.027785][ T6027] r8152-cfgselector 3-1: Unknown version 0x0000
[  236.030415][ T6027] r8152-cfgselector 3-1: config 0 descriptor??
[  236.402349][   T33] audit: type=1400 audit(236.281:50): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=10527 comm="syz.5.1738"
[  236.446428][  T974] r8152-cfgselector 3-1: USB disconnect, device number 27
[  236.464269][T10526] loop4: detected capacity change from 0 to 8192
[  236.516546][ T5862] udevd[5862]: symlink '../../loop4' '/dev/disk/by-label/SYZKALLER.tmp-b7:4' failed: Read-only file system
[  236.522502][ T5862] udevd[5862]: symlink '../../loop4' '/dev/disk/by-uuid/1DC8-C73B.tmp-b7:4' failed: Read-only file system
[  237.603112][T10542] loop2: detected capacity change from 0 to 128
[  238.188573][T10552] loop4: detected capacity change from 0 to 512
[  238.213208][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  238.223467][T10552] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.1748: bad orphan inode 13
[  238.230692][T10552] ext4_test_bit(bit=12, block=4) = 1
[  238.232789][T10552] is_bad_inode(inode)=0
[  238.234516][T10552] NEXT_ORPHAN(inode)=0
[  238.239669][T10552] max_ino=32
[  238.241397][T10552] i_nlink=1
[  238.244535][T10552] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.274301][ T8112] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.335206][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  238.452943][T10570] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1756'.
[  239.604295][T10598] loop5: detected capacity change from 0 to 32768
[  239.674735][T10608] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1768'.
[  239.678580][T10598] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  239.967890][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/c496e05e-540d-4c72-b591-04d79d8b4eeb.tmp-b7:5' failed: Read-only file system
[  240.021820][T10598] XFS (loop5): Ending clean mount
[  240.029132][T10598] XFS (loop5): Quotacheck needed: Please wait.
[  240.098326][T10598] XFS (loop5): Quotacheck: Done.
[  240.183971][ T8782] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  241.022343][T10634] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.1770'.
[  241.255888][T10644] loop5: detected capacity change from 0 to 4096
[  241.267479][T10644] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  241.279717][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  241.284641][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/7089678B273CDB5C.tmp-b7:5' failed: Read-only file system
[  241.298638][T10644] ntfs3(loop5): ino=1a, mi_enum_attr
[  241.300690][T10644] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  241.353418][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  241.826862][   T10] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  242.095111][   T10] usb 5-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1
[  242.099215][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.102334][   T10] usb 5-1: Product: syz
[  242.104000][   T10] usb 5-1: Manufacturer: syz
[  242.105860][   T10] usb 5-1: SerialNumber: syz
[  242.113488][   T10] usb 5-1: config 0 descriptor??
[  242.394887][   T10] int51x1 5-1:0.0: probe with driver int51x1 failed with error -22
[  242.593302][   T10] usb 5-1: USB disconnect, device number 11
[  242.606568][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  242.612272][ T5856] Bluetooth: hci0: command 0x0c1a tx timeout
[  242.688381][T10670] loop5: detected capacity change from 0 to 4096
[  242.699734][T10670] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[  242.712113][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  242.721630][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/5EB3BBC71C8702BB.tmp-b7:5' failed: Read-only file system
[  242.828457][T10672] loop5: detected capacity change from 0 to 1764
[  242.861081][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  242.965722][T10676] netlink: 'syz.5.1795': attribute type 1 has an invalid length.
[  243.290606][T10678] loop5: detected capacity change from 0 to 32768
[  243.300697][T10678] JBD2: Ignoring recovery information on journal
[  243.324854][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/03e7aa51-a951-448e-b9eb-6dd609435e20.tmp-b7:5' failed: Read-only file system
[  243.342008][T10678] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  243.437982][ T8782] ocfs2: Unmounting device (7,5) on (node local)
[  243.556096][T10689] loop4: detected capacity change from 0 to 512
[  243.587574][T10689] EXT4-fs: Ignoring removed i_version option
[  243.591820][T10689] EXT4-fs: Ignoring removed nobh option
[  243.595772][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  243.596866][T10689] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  243.620773][T10689] EXT4-fs (loop4): 1 truncate cleaned up
[  243.624633][T10689] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.773225][ T8112] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.840947][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  244.145826][T10722] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  244.683464][T10724] loop4: detected capacity change from 0 to 40427
[  244.711730][T10724] F2FS-fs (loop4): build fault injection rate: 25
[  244.714388][T10724] F2FS-fs (loop4): build fault injection type: 0x7698c
[  244.723794][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  244.731353][T10724] F2FS-fs (loop4): invalid crc value
[  244.735662][T10724] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1cb/0x970
[  244.752461][T10724] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  244.837447][T10724] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  244.850246][T10724] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  244.883195][T10724] F2FS-fs (loop4): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[  244.942103][ T8112] syz-executor: attempt to access beyond end of device
[  244.942103][ T8112] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  244.954997][ T8112] CPU: 0 UID: 0 PID: 8112 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  244.955049][ T8112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  244.955059][ T8112] Call Trace:
[  244.955065][ T8112]  <TASK>
[  244.955071][ T8112]  dump_stack_lvl+0x189/0x250
[  244.955099][ T8112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.955115][ T8112]  ? __pfx_queue_work_on+0x10/0x10
[  244.955128][ T8112]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  244.955150][ T8112]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  244.955179][ T8112]  f2fs_handle_critical_error+0x37c/0x540
[  244.955206][ T8112]  f2fs_write_end_io+0x886/0xb60
[  244.955237][ T8112]  __submit_merged_bio+0x27a/0x6a0
[  244.955264][ T8112]  __submit_merged_write_cond+0x255/0x530
[  244.955289][ T8112]  f2fs_write_data_pages+0x261d/0x3000
[  244.955301][ T8112]  ? __lock_acquire+0xab9/0xd20
[  244.955351][ T8112]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  244.955404][ T8112]  ? __mod_zone_page_state+0xd7/0x140
[  244.955434][ T8112]  ? folios_put_refs+0x560/0x640
[  244.955461][ T8112]  ? __lock_acquire+0xab9/0xd20
[  244.955487][ T8112]  ? do_raw_spin_lock+0x121/0x290
[  244.955514][ T8112]  ? do_raw_spin_unlock+0x4d/0x240
[  244.955530][ T8112]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  244.955545][ T8112]  do_writepages+0x32e/0x550
[  244.955575][ T8112]  ? do_raw_spin_unlock+0x4d/0x240
[  244.955595][ T8112]  filemap_fdatawrite+0x199/0x240
[  244.955615][ T8112]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  244.955676][ T8112]  ? do_raw_spin_unlock+0x4d/0x240
[  244.955695][ T8112]  f2fs_sync_dirty_inodes+0x31f/0x830
[  244.955724][ T8112]  f2fs_write_checkpoint+0x95a/0x1df0
[  244.955761][ T8112]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  244.955818][ T8112]  ? kill_f2fs_super+0x298/0x6c0
[  244.955837][ T8112]  kill_f2fs_super+0x2c3/0x6c0
[  244.955857][ T8112]  ? __pfx_kill_f2fs_super+0x10/0x10
[  244.955874][ T8112]  ? radix_tree_delete_item+0x2b6/0x400
[  244.955902][ T8112]  ? shrinker_free+0x2ce/0x3e0
[  244.955919][ T8112]  deactivate_locked_super+0xbc/0x130
[  244.955939][ T8112]  cleanup_mnt+0x425/0x4c0
[  244.955955][ T8112]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.955971][ T8112]  task_work_run+0x1d4/0x260
[  244.955992][ T8112]  ? __pfx_task_work_run+0x10/0x10
[  244.956008][ T8112]  ? __x64_sys_umount+0x122/0x160
[  244.956057][ T8112]  ? exit_to_user_mode_loop+0x40/0x110
[  244.956081][ T8112]  exit_to_user_mode_loop+0xec/0x110
[  244.956101][ T8112]  do_syscall_64+0x2bd/0x3b0
[  244.956115][ T8112]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.956126][ T8112]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.956140][ T8112]  ? exc_page_fault+0x9f/0xf0
[  244.956155][ T8112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.956170][ T8112] RIP: 0033:0x7f23ddd8ff17
[  244.956182][ T8112] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  244.956191][ T8112] RSP: 002b:00007ffdf6708348 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  244.956225][ T8112] RAX: 0000000000000000 RBX: 00007f23dde11c05 RCX: 00007f23ddd8ff17
[  244.956234][ T8112] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf6708400
[  244.956241][ T8112] RBP: 00007ffdf6708400 R08: 0000000000000000 R09: 0000000000000000
[  244.956249][ T8112] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf6709490
[  244.956259][ T8112] R13: 00007f23dde11c05 R14: 000000000003bc46 R15: 00007ffdf67094d0
[  244.956284][ T8112]  </TASK>
[  245.149422][ T8112] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  245.449416][T10769] vcan0: tx address claim with dest, not broadcast
[  246.134069][T10784] netlink: 256 bytes leftover after parsing attributes in process `syz.5.1842'.
[  246.947409][T10823] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1857'.
[  247.546470][   T10] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  247.696388][   T10] usb 5-1: Using ep0 maxpacket: 32
[  247.700707][   T10] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  247.704110][   T10] usb 5-1: config 0 has no interface number 0
[  247.711423][   T10] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.39
[  247.716608][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.719702][   T10] usb 5-1: Product: syz
[  247.721470][   T10] usb 5-1: Manufacturer: syz
[  247.723248][   T10] usb 5-1: SerialNumber: syz
[  247.727976][   T10] usb 5-1: config 0 descriptor??
[  247.733139][   T10] smsc95xx v2.0.0
[  247.960643][T10839] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.1863'.
[  247.964984][T10839] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  248.145115][   T10] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  248.151721][   T10] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  248.194010][T10843] loop5: detected capacity change from 0 to 32768
[  248.197351][T10843] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1866 (10843)
[  248.218340][ T5862] udevd[5862]: symlink '../../loop5' '/dev/disk/by-uuid/395ef67a-297e-477c-816d-cd80a5b93e5d.tmp-b7:5' failed: Read-only file system
[  248.223284][T10843] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  248.227424][T10843] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  248.288766][T10843] BTRFS info (device loop5): enabling ssd optimizations
[  248.291217][T10843] BTRFS info (device loop5): enabling free space tree
[  248.333071][ T8782] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  248.571211][   T10] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000108: -71
[  248.583585][   T10] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71
[  248.592007][   T10] usb 5-1: USB disconnect, device number 12
[  249.179597][T10890] fuse: Invalid rootmode
[  249.355368][T10898] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1884'.
[  249.525326][T10912] overlayfs: failed to clone upperpath
[  249.570524][T10916] loop4: detected capacity change from 0 to 2048
[  249.587794][T10916] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.605063][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  249.626728][ T8112] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.682131][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  249.683628][T10925] loop4: detected capacity change from 0 to 164
[  249.711433][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/CDROM.tmp-b7:4' failed: Read-only file system
[  249.744994][T10927] openvswitch: netlink: IPv4 tun info is not correct
[  249.766436][ T5917] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  249.923059][ T5917] usb 6-1: config 0 has an invalid interface number: 214 but max is 0
[  249.931594][ T5917] usb 6-1: config 0 has no interface number 0
[  249.934618][ T5917] usb 6-1: config 0 interface 214 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  249.947505][ T5917] usb 6-1: config 0 interface 214 has no altsetting 0
[  249.953769][ T5917] usb 6-1: New USB device found, idVendor=07c9, idProduct=000e, bcdDevice=5d.4f
[  249.957951][ T5917] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.975634][ T5917] usb 6-1: Product: syz
[  249.977509][ T5917] usb 6-1: Manufacturer: syz
[  249.979341][ T5917] usb 6-1: SerialNumber: syz
[  249.992997][ T5917] usb 6-1: config 0 descriptor??
[  249.995838][T10910] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  250.100093][T10938] loop4: detected capacity change from 0 to 8192
[  250.131880][T10938]  loop4: p1 p3 < > p4 < p5 >
[  250.133571][T10938] loop4: partition table partially beyond EOD, truncated
[  250.144783][T10938] loop4: p3 start 100859904 is beyond EOD, truncated
[  250.182488][ T6466] udevd[6466]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory
[  250.194082][ T6013] udevd[6013]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  250.199415][ T5862] udevd[5862]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  250.244667][ T5917] ax88179_178a 6-1:0.214: probe with driver ax88179_178a failed with error -71
[  250.267058][ T5917] usb 6-1: USB disconnect, device number 8
[  251.151682][T10961] loop5: detected capacity change from 0 to 128
[  251.154708][T10961] Invalid source name
[  251.156631][T10961] UBIFS error (pid: 10961): cannot open "/dev/loop5", error -22
[  251.436604][  T974] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  251.449353][T10975] loop4: detected capacity change from 0 to 8192
[  251.460798][T10975] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  251.473990][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/SYZKALLER.tmp-b7:4' failed: Read-only file system
[  251.596530][  T974] usb 6-1: Using ep0 maxpacket: 16
[  251.603904][  T974] usb 6-1: config 1 interface 0 has no altsetting 0
[  251.611195][  T974] usb 6-1: New USB device found, idVendor=0738, idProduct=1709, bcdDevice= 0.40
[  251.614804][  T974] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.621090][  T974] usb 6-1: Product: syz
[  251.622793][  T974] usb 6-1: Manufacturer: syz
[  251.624637][  T974] usb 6-1: SerialNumber: syz
[  251.854330][  T974] usbhid 6-1:1.0: can't add hid device: -71
[  251.857737][  T974] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  251.864535][  T974] usb 6-1: USB disconnect, device number 9
[  253.667848][ T5917] usb 5-1: new low-speed USB device number 13 using dummy_hcd
[  253.819431][ T5917] usb 5-1: unable to get BOS descriptor or descriptor too short
[  253.823861][ T5917] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  253.828409][ T5917] usb 5-1: config 1 interface 0 altsetting 195 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  253.833420][ T5917] usb 5-1: config 1 interface 0 has no altsetting 0
[  253.845305][ T5917] usb 5-1: string descriptor 0 read error: -22
[  253.853923][ T5917] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  253.863036][ T5917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.878257][ T5917] usb 5-1: bad CDC descriptors
[  254.096962][ T5917] usb 5-1: USB disconnect, device number 13
[  254.739181][T11045] netlink: 'syz.4.1950': attribute type 1 has an invalid length.
[  254.741907][T11045] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1950'.
[  255.149561][T11048] openvswitch: netlink: IP tunnel dst address not specified
[  255.577591][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  255.579674][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  256.030326][T11065] xfrm0: entered promiscuous mode
[  256.031962][T11065] xfrm0: entered allmulticast mode
[  256.104339][T11067] veth5: entered allmulticast mode
[  256.690241][T11093] loop4: detected capacity change from 0 to 2048
[  256.694706][T11093] EXT4-fs warning (device loop4): ext4_multi_mount_protect:318: fsck is running on the filesystem
[  256.699109][T11093] EXT4-fs warning (device loop4): ext4_multi_mount_protect:318: MMP failure info: last update time: 1669132791, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  256.707036][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  256.725594][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  257.122993][T11099] loop4: detected capacity change from 0 to 32768
[  257.192980][T11099] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  257.211475][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/d7dc424e-7990-42cb-9f91-9cb7200a101d.tmp-b7:4' failed: Read-only file system
[  257.248293][T11099] XFS (loop4): Ending clean mount
[  257.391356][T11115] overlay: ./file1 is not a directory
[  257.734375][T11123] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1980'.
[  258.388780][ T8112] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  259.232245][T11163] tipc: Enabling of bearer </h:s> rejected, media not registered
[  259.243865][T11165] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  259.259601][T11165] tipc: Enabled bearer <udp:syz0>, priority 10
[  259.398957][T11178] Bluetooth: MGMT ver 1.23
[  259.457573][T11180] loop5: detected capacity change from 0 to 2048
[  259.471178][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  259.477970][T11180] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.539822][ T8782] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.671161][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  259.853144][T11189] macsec0: entered promiscuous mode
[  259.855027][T11189] macsec0: entered allmulticast mode
[  259.858088][T11189] veth1_macvtap: entered allmulticast mode
[  260.214839][T11207] loop5: detected capacity change from 0 to 1024
[  260.261236][ T6027] tipc: Node number set to 3481381302
[  260.271214][T11207] syz.5.2018: attempt to access beyond end of device
[  260.271214][T11207] loop5: rw=0, sector=1835012, nr_sectors = 4 limit=1024
[  260.271839][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/untitled.tmp-b7:5' failed: Read-only file system
[  260.278773][T11207] buffer_io_error: 138 callbacks suppressed
[  260.278787][T11207] Buffer I/O error on dev loop5, logical block 458753, async page read
[  260.283550][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/89204a28-3dc1-3311-9d08-7ea374525680.tmp-b7:5' failed: Read-only file system
[  260.284375][T11207] hfsplus: unable to mark blocks free: error -5
[  260.311885][T11207] hfsplus: can't free extent
[  260.663530][T11215] loop5: detected capacity change from 0 to 16384
[  260.825693][T11215] bcachefs (loop5): starting version 1.13: inode_has_child_snapshots opts=errors=continue,metadata_checksum=none,data_checksum=none,grpquota,norecovery,reconstruct_alloc
[  260.825710][T11215]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  260.841794][T11215] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  260.848100][T11215] bcachefs (loop5): invalid journal entry, version=1.13: inode_has_child_snapshots type=clock in superblock: bad size, fixing
[  260.867270][T11215] bcachefs (loop5): recovering from clean shutdown, journal seq 18
[  260.870479][T11215] bcachefs (loop5): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive
[  260.870479][T11215]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  260.880755][T11215] bcachefs (loop5): dropping and reconstructing all alloc info
[  260.910041][T11215] bcachefs (loop5): accounting_read... done
[  260.915775][T11215] bcachefs (loop5): alloc_read... done
[  260.919085][T11215] bcachefs (loop5): snapshots_read... done
[  260.922877][T11215] bcachefs (loop5): Fixed errors, running fsck a second time to verify fs is clean
[  260.927672][T11215] bcachefs (loop5): reading quotas
[  260.938129][T11215] bcachefs (loop5): quotas done
[  260.940766][T11215] bcachefs (loop5): done starting filesystem
[  260.997218][ T8782] bcachefs (loop5): shutting down
[  261.030159][ T8782] bcachefs (loop5): shutdown complete
[  261.106535][ T5917] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  261.256416][ T5917] usb 5-1: Using ep0 maxpacket: 32
[  261.260669][ T5917] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  261.264450][ T5917] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.269955][ T5917] usb 5-1: config 0 descriptor??
[  261.279600][ T5917] gspca_main: nw80x-2.14.0 probing 055f:d001
[  261.893777][ T5917] usb 5-1: USB disconnect, device number 14
[  262.365943][T11265] loop5: detected capacity change from 0 to 40427
[  262.373533][T11265] F2FS-fs (loop5): build fault injection rate: 771
[  262.382035][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:5' failed: Read-only file system
[  262.384866][T11265] F2FS-fs (loop5): invalid crc value
[  262.467038][T11265] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  262.472034][T11265] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  262.561526][ T8782] syz-executor: attempt to access beyond end of device
[  262.561526][ T8782] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  262.570305][ T8782] CPU: 1 UID: 0 PID: 8782 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  262.570326][ T8782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  262.570333][ T8782] Call Trace:
[  262.570339][ T8782]  <TASK>
[  262.570345][ T8782]  dump_stack_lvl+0x189/0x250
[  262.570374][ T8782]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.570390][ T8782]  ? __pfx_queue_work_on+0x10/0x10
[  262.570402][ T8782]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  262.570466][ T8782]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  262.570496][ T8782]  f2fs_handle_critical_error+0x37c/0x540
[  262.570523][ T8782]  f2fs_write_end_io+0x886/0xb60
[  262.570549][ T8782]  __submit_merged_bio+0x27a/0x6a0
[  262.570573][ T8782]  __submit_merged_write_cond+0x255/0x530
[  262.570596][ T8782]  f2fs_write_data_pages+0x261d/0x3000
[  262.570641][ T8782]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  262.570693][ T8782]  ? ktime_get+0x3e/0x1f0
[  262.570713][ T8782]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  262.570728][ T8782]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  262.570746][ T8782]  ? css_rstat_updated+0x23a/0x4f0
[  262.570772][ T8782]  ? __lock_acquire+0xab9/0xd20
[  262.570801][ T8782]  ? do_raw_spin_lock+0x121/0x290
[  262.570830][ T8782]  ? do_raw_spin_unlock+0x4d/0x240
[  262.570846][ T8782]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  262.570861][ T8782]  do_writepages+0x32e/0x550
[  262.570890][ T8782]  ? do_raw_spin_unlock+0x4d/0x240
[  262.570909][ T8782]  filemap_fdatawrite+0x199/0x240
[  262.570930][ T8782]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  262.570991][ T8782]  ? do_raw_spin_unlock+0x4d/0x240
[  262.571011][ T8782]  f2fs_sync_dirty_inodes+0x31f/0x830
[  262.571040][ T8782]  f2fs_write_checkpoint+0x95a/0x1df0
[  262.571076][ T8782]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  262.571129][ T8782]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  262.571144][ T8782]  ? kfree+0x18e/0x440
[  262.571161][ T8782]  ? kill_f2fs_super+0x298/0x6c0
[  262.571181][ T8782]  kill_f2fs_super+0x2c3/0x6c0
[  262.571202][ T8782]  ? __pfx_kill_f2fs_super+0x10/0x10
[  262.571215][ T8782]  ? radix_tree_delete_item+0x2b6/0x400
[  262.571241][ T8782]  ? shrinker_free+0x2ce/0x3e0
[  262.571259][ T8782]  deactivate_locked_super+0xbc/0x130
[  262.571279][ T8782]  cleanup_mnt+0x425/0x4c0
[  262.571296][ T8782]  ? lockdep_hardirqs_on+0x9c/0x150
[  262.571313][ T8782]  task_work_run+0x1d4/0x260
[  262.571334][ T8782]  ? __pfx_task_work_run+0x10/0x10
[  262.571350][ T8782]  ? __x64_sys_umount+0x122/0x160
[  262.571373][ T8782]  ? exit_to_user_mode_loop+0x40/0x110
[  262.571396][ T8782]  exit_to_user_mode_loop+0xec/0x110
[  262.571440][ T8782]  do_syscall_64+0x2bd/0x3b0
[  262.571462][ T8782]  ? lockdep_hardirqs_on+0x9c/0x150
[  262.571474][ T8782]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.571487][ T8782]  ? exc_page_fault+0x9f/0xf0
[  262.571501][ T8782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.571515][ T8782] RIP: 0033:0x7f3221b8ff17
[  262.571530][ T8782] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  262.571541][ T8782] RSP: 002b:00007ffd3a019fe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  262.571557][ T8782] RAX: 0000000000000000 RBX: 00007f3221c11c05 RCX: 00007f3221b8ff17
[  262.571567][ T8782] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd3a01a0a0
[  262.571575][ T8782] RBP: 00007ffd3a01a0a0 R08: 0000000000000000 R09: 0000000000000000
[  262.571583][ T8782] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd3a01b130
[  262.571592][ T8782] R13: 00007f3221c11c05 R14: 000000000004010d R15: 00007ffd3a01b170
[  262.571617][ T8782]  </TASK>
[  262.571625][ T8782] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  263.448451][   T33] audit: type=1400 audit(263.311:51): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name="sched_sw/" pid=11290 comm="syz.5.2047"
[  263.769896][T11305] binder_alloc: binder_alloc_mmap_handler: 11304 200000ffc000-200000ffd000 already mapped failed -16
[  264.085449][T11311] loop4: detected capacity change from 0 to 32768
[  264.111208][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/c496e05e-540d-4c72-b591-04d79d8b4eeb.tmp-b7:4' failed: Read-only file system
[  264.120442][T11311] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  264.142123][   T33] audit: type=1326 audit(264.021:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11322 comm="syz.5.2065" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3221b8ebe9 code=0x0
[  264.164757][T11311] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  264.175673][T11311] XFS (loop4): Starting recovery (logdev: internal)
[  264.189092][T11311] XFS (loop4): Ending recovery (logdev: internal)
[  264.237951][ T8112] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  264.770081][T11350] loop4: detected capacity change from 0 to 4096
[  264.799058][T11353] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  264.825046][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/ab2f6cf2-a99d-4328-b186-08168e7a6b7e.tmp-b7:4' failed: Read-only file system
[  264.915328][T11350] loop4: detected capacity change from 4096 to 0
[  265.159521][    C1] blk_print_req_error: 138 callbacks suppressed
[  265.159540][    C1] I/O error, dev loop4, sector 224 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  265.166577][T11357] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=0)
[  265.225865][ T8112] NILFS (loop4): DAT doesn't have a block to manage vblocknr = 648518346341351424
[  265.231007][ T8112] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=12)
[  265.238757][ T8112] Remounting filesystem read-only
[  265.240478][ T8112] NILFS (loop4): error -5 truncating bmap (ino=12)
[  265.244567][ T8112] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  265.402677][T11369] loop5: detected capacity change from 0 to 2048
[  265.446064][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/1a95d291-cd32-4c4d-814a-8221d1aa3beb.tmp-b7:5' failed: Read-only file system
[  265.462058][T11374] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  266.109840][T11371] loop4: detected capacity change from 0 to 32768
[  266.131499][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/bfdc47fc-10d8-4eed-a562-11a831b3f791.tmp-b7:4' failed: Read-only file system
[  266.155983][T11371] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  266.202859][T11371] XFS (loop4): Ending clean mount
[  266.222677][T11371] XFS (loop4): Quotacheck needed: Please wait.
[  266.274179][T11371] XFS (loop4): Quotacheck: Done.
[  266.284840][T11389] fuse: Bad value for 'fd'
[  266.343393][ T8112] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  266.484641][T11379] Process accounting resumed
[  266.945902][T11418] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2101'.
[  268.249067][T11454] netlink: 212388 bytes leftover after parsing attributes in process `syz.5.2115'.
[  268.261540][T11454] openvswitch: netlink: Message has 5 unknown bytes.
[  268.527495][T11466] delete_channel: no stack
[  269.284403][T11487] netlink: 100 bytes leftover after parsing attributes in process `syz.2.2129'.
[  269.293314][T11488] loop4: detected capacity change from 0 to 1764
[  270.020299][T11510] io-wq is not configured for unbound workers
[  270.353870][   T33] audit: type=1326 audit(270.231:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.4.2144" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23ddd8ebe9 code=0x7ffc0000
[  270.385079][   T33] audit: type=1326 audit(270.231:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.4.2144" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f23ddd8d550 code=0x7ffc0000
[  270.416381][   T33] audit: type=1326 audit(270.231:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.4.2144" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23ddd8ebe9 code=0x7ffc0000
[  270.449690][   T33] audit: type=1326 audit(270.231:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.4.2144" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23ddd8ebe9 code=0x7ffc0000
[  270.476476][   T33] audit: type=1326 audit(270.231:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.4.2144" exe="/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f23ddd8ebe9 code=0x7ffc0000
[  270.497016][   T33] audit: type=1326 audit(270.231:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.4.2144" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23ddd8ebe9 code=0x7ffc0000
[  270.526400][   T33] audit: type=1326 audit(270.231:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.4.2144" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23ddd8ebe9 code=0x7ffc0000
[  270.712389][T11541] netlink: 'syz.2.2155': attribute type 10 has an invalid length.
[  270.765153][T11541] 8021q: adding VLAN 0 to HW filter on device team0
[  270.785345][T11541] bond0: (slave team0): Enslaving as an active interface with an up link
[  271.217601][T11550] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2157'.
[  271.768963][T11557] loop5: detected capacity change from 0 to 4096
[  271.779827][T11557] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  271.796438][T11557] ntfs3(loop5): ino=0, mi_enum_attr
[  271.805112][T11557] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  271.810123][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  271.821076][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/02AFA4DB32BB7E65.tmp-b7:5' failed: Read-only file system
[  271.831925][T11557] ntfs3(loop5): volume is dirty and "force" flag is not set!
[  271.891871][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  272.178640][T11577] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2167'.
[  272.181901][T11577] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2167'.
[  272.186627][T11577] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2167'.
[  272.189912][T11577] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2167'.
[  272.276454][    T9] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  272.429926][    T9] usb 6-1: unable to get BOS descriptor or descriptor too short
[  272.433911][    T9] usb 6-1: not running at top speed; connect to a high speed hub
[  272.439105][    T9] usb 6-1: config 4 has an invalid interface number: 32 but max is 0
[  272.442377][    T9] usb 6-1: config 4 has no interface number 0
[  272.450277][    T9] usb 6-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=f1.50
[  272.453988][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.457554][    T9] usb 6-1: Product: syz
[  272.459244][    T9] usb 6-1: Manufacturer: syz
[  272.461113][    T9] usb 6-1: SerialNumber: syz
[  272.683373][    T9] usb 6-1: Found UVC 0.02 device syz (17dc:0202)
[  272.686152][    T9] usb 6-1: No valid video chain found.
[  272.691057][    T9] usb 6-1: USB disconnect, device number 10
[  273.122109][T11589] fuse: Bad value for 'fd'
[  273.339043][T11602] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2180'.
[  273.377977][T11604] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  274.654372][T11637] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2196'.
[  274.660767][T11637] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2196'.
[  275.515963][T11655] netlink: 'syz.4.2204': attribute type 1 has an invalid length.
[  275.519329][T11655] netlink: 15 bytes leftover after parsing attributes in process `syz.4.2204'.
[  275.581228][ T5860] Bluetooth: hci2: link tx timeout
[  275.584836][ T5860] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  275.807961][T11673] loop4: detected capacity change from 0 to 47
[  276.057562][ T5917] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  276.141331][T11692] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2222'.
[  276.230466][ T5917] usb 6-1: config index 0 descriptor too short (expected 69, got 36)
[  276.233037][ T5917] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  276.258130][ T5917] usb 6-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89
[  276.261092][ T5917] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.263691][ T5917] usb 6-1: Product: syz
[  276.264551][T11688] loop4: detected capacity change from 0 to 32768
[  276.265284][ T5917] usb 6-1: Manufacturer: syz
[  276.265302][ T5917] usb 6-1: SerialNumber: syz
[  276.273217][T11688] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2220 (11688)
[  276.286789][ T5917] usb 6-1: config 0 descriptor??
[  276.295043][T11688] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  276.303638][T11688] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  276.331832][ T5917] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[  276.333385][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/5e4b7888-5e56-43f0-8345-635ad0fd87c6.tmp-b7:4' failed: Read-only file system
[  276.374858][T11692] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  276.383798][T11692] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  276.393677][T11692] bond0 (unregistering): (slave syz_tun): Releasing backup interface
[  276.403753][T11692] bond0 (unregistering): (slave team0): Releasing backup interface
[  276.412402][T11692] bond0 (unregistering): Released all slaves
[  276.445573][T11688] BTRFS info (device loop4): enabling ssd optimizations
[  276.450487][T11688] BTRFS info (device loop4): enabling free space tree
[  276.498248][ T8112] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  276.870461][T11714] loop4: detected capacity change from 0 to 256
[  276.888339][T11714] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  276.897618][ T5917] gspca_pac7302: reg_w() failed i: ff v: 01 error -71
[  276.899944][ T5917] gspca_pac7302 6-1:0.0: probe with driver gspca_pac7302 failed with error -71
[  276.931629][ T5917] usb 6-1: USB disconnect, device number 11
[  277.032266][T11715] exFAT-fs (loop4): error, invalid access to FAT (entry 0xffffffff)
[  277.040868][T11715] exFAT-fs (loop4): error, invalid access to FAT (entry 0xffffffff)
[  277.665016][ T5854] Bluetooth: hci2: command 0x0406 tx timeout
[  277.724390][T11728] loop5: detected capacity change from 0 to 512
[  277.738522][T11728] EXT4-fs: user quota file already specified
[  277.756786][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/\x86\x5b.tmp-b7:5' failed: Read-only file system
[  278.143355][ T5856] Bluetooth: hci0: command 0x0c1a tx timeout
[  278.246971][T11739] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2236'.
[  278.311319][T11739] 8021q: adding VLAN 0 to HW filter on device bond1
[  278.370461][T11739] 8021q: adding VLAN 0 to HW filter on device bond1
[  278.373776][T11739] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  278.397485][T11739] bond1: (slave vcan1): Error -95 calling set_mac_address
[  278.607186][T11749] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  279.006421][ T5917] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  279.226352][ T5917] usb 6-1: Using ep0 maxpacket: 8
[  279.237311][ T5917] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  279.244976][ T5917] usb 6-1: config 0 has no interface number 0
[  279.250490][ T5917] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  279.254723][ T5917] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  279.275333][ T5917] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  279.280076][ T5917] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  279.285375][ T5917] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  279.289162][ T5917] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.301777][ T5917] usb 6-1: config 0 descriptor??
[  279.335324][ T5917] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  279.547415][ T5917] usb 6-1: USB disconnect, device number 12
[  279.557933][ T5917] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  280.116336][T11771] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  280.228560][T11773] loop5: detected capacity change from 0 to 4096
[  280.233074][T11773] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  280.306099][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  280.337014][T11773] ntfs3(loop5): Failed to initialize $Extend/$Reparse.
[  280.347929][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/68CE0ED73BAA5F78.tmp-b7:5' failed: Read-only file system
[  280.391528][T11779] nftables ruleset with unbound set
[  280.415950][T11773] [syz.5.2250/11773] FS: loop5 File: /file1 would truncate fibmap result
[  280.498818][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  280.696699][   T10] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  280.858629][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  280.863599][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  280.868666][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  280.872629][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  280.878182][   T10] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  280.882190][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.886521][  T974] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  280.887842][   T10] usb 5-1: config 0 descriptor??
[  280.955162][T11789] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2258'.
[  281.038638][  T974] usb 6-1: Using ep0 maxpacket: 32
[  281.050774][  T974] usb 6-1: config 0 has an invalid interface number: 54 but max is 0
[  281.053881][  T974] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  281.060926][  T974] usb 6-1: config 0 has no interface number 0
[  281.063412][  T974] usb 6-1: too many endpoints for config 0 interface 54 altsetting 205: 134, using maximum allowed: 30
[  281.069270][  T974] usb 6-1: config 0 interface 54 altsetting 205 has 0 endpoint descriptors, different from the interface descriptor's value: 134
[  281.074620][  T974] usb 6-1: config 0 interface 54 has no altsetting 0
[  281.085650][  T974] usb 6-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[  281.090331][  T974] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.094210][  T974] usb 6-1: Product: syz
[  281.096030][  T974] usb 6-1: Manufacturer: syz
[  281.099719][  T974] usb 6-1: SerialNumber: syz
[  281.106022][  T974] usb 6-1: config 0 descriptor??
[  281.114092][  T974] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  281.118720][  T974] usb 6-1: MIDIStreaming interface descriptor not found
[  281.194396][ T5855] udevd[5855]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.54/sound/card3/controlC3/../uevent} for writing: Read-only file system
[  281.302554][   T10] plantronics 0003:047F:FFFF.000F: ignoring exceeding usage max
[  281.326760][   T10] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  281.331434][    T9] usb 6-1: USB disconnect, device number 13
[  281.482955][T11810] netlink: zone id is out of range
[  281.490256][T11810] netlink: zone id is out of range
[  281.493472][T11810] netlink: zone id is out of range
[  281.495137][T11810] netlink: zone id is out of range
[  281.497143][T11810] netlink: zone id is out of range
[  281.498921][T11810] netlink: zone id is out of range
[  281.501007][T11810] netlink: zone id is out of range
[  281.507187][T11810] netlink: zone id is out of range
[  281.509299][T11810] netlink: zone id is out of range
[  281.518462][   T10] usb 5-1: USB disconnect, device number 15
[  282.235077][T11857] U9: renamed from lo
[  282.390164][T11868] loop4: detected capacity change from 0 to 128
[  282.411699][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/SYZKALLER.tmp-b7:4' failed: Read-only file system
[  282.426058][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/1DC8-5927.tmp-b7:4' failed: Read-only file system
[  282.539717][T11879] netlink: 212 bytes leftover after parsing attributes in process `syz.2.2299'.
[  282.544412][T11879] netlink: 'syz.2.2299': attribute type 1 has an invalid length.
[  282.694483][T11889] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2304'.
[  282.699740][T11889] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2304'.
[  283.021456][T11894] loop4: detected capacity change from 0 to 32768
[  283.064974][T11894] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  283.074700][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:4' failed: Read-only file system
[  283.107851][T11894] (syz.4.2307,11894,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0
[  283.113964][T11894] (syz.4.2307,11894,0):__ocfs2_delete_entry:1170 ERROR: status = -5
[  283.200327][T11894] (syz.4.2307,11894,1):ocfs2_unlink:993 ERROR: status = -5
[  283.230795][T11894] (syz.4.2307,11894,1):ocfs2_unlink:1046 ERROR: status = -5
[  283.466820][ T8112] ocfs2: Unmounting device (7,4) on (node local)
[  284.173553][T11939] trusted_key: syz.5.2326 sent an empty control message without MSG_MORE.
[  284.976643][T11946] loop5: detected capacity change from 0 to 32768
[  285.014366][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:5' failed: Read-only file system
[  285.420563][    T9] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  285.681480][    T9] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  285.689723][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.697503][    T9] usb 5-1: Product: syz
[  285.703989][    T9] usb 5-1: Manufacturer: syz
[  285.713950][    T9] usb 5-1: SerialNumber: syz
[  285.760235][    T9] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  285.773124][   T10] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  285.856427][  T974] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  285.988377][    C0] usb 5-1: ath: unknown panic pattern!
[  286.008236][  T974] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.012050][  T974] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.015133][  T974] usb 6-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  286.018492][  T974] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.027018][  T974] usb 6-1: config 0 descriptor??
[  286.192347][ T2336] usb 5-1: USB disconnect, device number 16
[  286.418683][   T33] audit: type=1800 audit(286.291:60): pid=11982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2346" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  286.444383][  T974] arvo 0003:1E7D:30D4.0010: unknown main item tag 0x0
[  286.448415][  T974] arvo 0003:1E7D:30D4.0010: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.5-1/input0
[  286.850095][  T974] usb 6-1: USB disconnect, device number 14
[  286.852547][   T10] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  286.855181][   T10] ath9k_htc: Failed to initialize the device
[  286.870192][ T2336] usb 5-1: ath9k_htc: USB layer deinitialized
[  287.002739][T11992] loop4: detected capacity change from 0 to 32768
[  287.030786][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/bfdc47fc-10d8-4eed-a562-11a831b3f791.tmp-b7:4' failed: Read-only file system
[  287.037059][T11992] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  287.088521][T11992] XFS (loop4): Ending clean mount
[  287.111644][ T8112] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  287.525050][T12013] loop5: detected capacity change from 0 to 16
[  287.635946][T12013] erofs (device loop5): mounted with root inode @ nid 36.
[  287.652391][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/de08ee7d-c14c-4657-8f5d-a5ca07e02e09.tmp-b7:5' failed: Read-only file system
[  287.870253][T12013] erofs (device loop5): readahead error at folio 2 @ nid 89
[  287.883317][   T55] erofs (device loop5): failed to decompress -33 in[4096, 0] out[8192]
[  287.888725][T12013] erofs (device loop5): failed to decompress -33 in[4096, 0] out[4096]
[  287.893314][T12013] erofs (device loop5): read error -117 @ 0 of nid 89
[  287.895797][   T33] audit: type=1800 audit(287.771:61): pid=12013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2357" name="file3" dev="loop5" ino=89 res=0 errno=0
[  288.285501][T12035] loop4: detected capacity change from 0 to 1024
[  288.292441][T12035] EXT4-fs: Ignoring removed nomblk_io_submit option
[  288.303068][T12035] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  288.306037][T12035] System zones: 0-1, 3-36
[  288.314781][T12035] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  288.315108][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  288.361162][ T8112] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.419423][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  288.627745][T12053] loop9: detected capacity change from 0 to 7
[  288.639114][T12053] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.643821][T12053] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.649932][T12053] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.653825][T12053] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.664855][T12053] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.673712][T12053] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.681249][T12053] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.684850][T12053] ldm_validate_partition_table(): Disk read failed.
[  288.692301][T12053] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.699312][T12053] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.703193][T12053] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.714235][T12053] Dev loop9: unable to read RDB block 0
[  288.724824][T12053]  loop9: unable to read partition table
[  288.733805][T12053] loop9: partition table beyond EOD, truncated
[  288.741770][T12053] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ
[  288.741770][T12053] ) failed (rc=-5)
[  289.931261][T12057] loop4: detected capacity change from 0 to 40427
[  289.949184][T12057] F2FS-fs (loop4): build fault injection rate: 771
[  290.004774][T12057] F2FS-fs (loop4): invalid crc value
[  290.012594][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  290.099782][T12057] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  290.110315][T12057] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  290.281978][T12068] loop5: detected capacity change from 0 to 1024
[  290.298691][T12068] EXT4-fs: Ignoring removed orlov option
[  290.301052][T12068] EXT4-fs: Ignoring removed nomblk_io_submit option
[  290.313319][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  290.325235][T12068] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.646076][T12084] net_ratelimit: 40 callbacks suppressed
[  290.646106][T12084] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  290.884961][T12098] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2393'.
[  290.924127][T12098] netlink: 'syz.2.2393': attribute type 2 has an invalid length.
[  291.095344][ T8782] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.131487][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  291.364829][T12119] IPVS: Error connecting to the multicast addr
[  291.425107][T12122] dlm: non-version read from control device 29
[  292.511226][T12138] loop4: detected capacity change from 0 to 40427
[  292.514479][T12138] F2FS-fs: heap/no_heap options were deprecated
[  292.536343][T12138] F2FS-fs (loop4): invalid crc value
[  292.551464][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  292.645971][T12138] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  292.660570][T12138] F2FS-fs (loop4): Start checkpoint disabled!
[  292.668270][T12138] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  292.705642][  T999] kworker/u10:4: attempt to access beyond end of device
[  292.705642][  T999] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  292.711651][  T999] CPU: 1 UID: 0 PID: 999 Comm: kworker/u10:4 Not tainted syzkaller #0 PREEMPT(full) 
[  292.711673][  T999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  292.711712][  T999] Workqueue: writeback wb_workfn (flush-7:4)
[  292.711738][  T999] Call Trace:
[  292.711745][  T999]  <TASK>
[  292.711752][  T999]  dump_stack_lvl+0x189/0x250
[  292.711775][  T999]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.711797][  T999]  ? __pfx_queue_work_on+0x10/0x10
[  292.711811][  T999]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  292.711833][  T999]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  292.711864][  T999]  f2fs_handle_critical_error+0x37c/0x540
[  292.711892][  T999]  f2fs_write_end_io+0x886/0xb60
[  292.711923][  T999]  __submit_merged_bio+0x27a/0x6a0
[  292.711949][  T999]  __submit_merged_write_cond+0x255/0x530
[  292.711975][  T999]  f2fs_write_data_pages+0x261d/0x3000
[  292.712018][  T999]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  292.712045][  T999]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  292.712093][  T999]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  292.712112][  T999]  ? look_up_lock_class+0x74/0x170
[  292.712136][  T999]  ? trace_f2fs_writepages+0x7f/0x200
[  292.712156][  T999]  ? f2fs_write_node_pages+0x478/0x6e0
[  292.712179][  T999]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  292.712210][  T999]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  292.712224][  T999]  do_writepages+0x32e/0x550
[  292.712246][  T999]  ? reacquire_held_locks+0x127/0x1d0
[  292.712260][  T999]  ? writeback_sb_inodes+0x384/0x1010
[  292.712286][  T999]  __writeback_single_inode+0x145/0xff0
[  292.712303][  T999]  ? do_raw_spin_unlock+0x4d/0x240
[  292.712323][  T999]  writeback_sb_inodes+0x6c7/0x1010
[  292.712366][  T999]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  292.712423][  T999]  ? rcu_is_watching+0x15/0xb0
[  292.712447][  T999]  wb_writeback+0x43b/0xaf0
[  292.712489][  T999]  ? queue_io+0x311/0x590
[  292.712508][  T999]  ? __pfx_wb_writeback+0x10/0x10
[  292.712528][  T999]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.712550][  T999]  wb_workfn+0x409/0xef0
[  292.712577][  T999]  ? __pfx_wb_workfn+0x10/0x10
[  292.712591][  T999]  ? __lock_acquire+0xab9/0xd20
[  292.712621][  T999]  ? process_scheduled_works+0x9ef/0x17b0
[  292.712637][  T999]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.712654][  T999]  ? process_scheduled_works+0x9ef/0x17b0
[  292.712666][  T999]  ? process_scheduled_works+0x9ef/0x17b0
[  292.712706][  T999]  process_scheduled_works+0xae1/0x17b0
[  292.712748][  T999]  ? __pfx_process_scheduled_works+0x10/0x10
[  292.712779][  T999]  worker_thread+0x8a0/0xda0
[  292.712824][  T999]  kthread+0x711/0x8a0
[  292.712842][  T999]  ? __pfx_worker_thread+0x10/0x10
[  292.712853][  T999]  ? __pfx_kthread+0x10/0x10
[  292.712868][  T999]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.712883][  T999]  ? lockdep_hardirqs_on+0x9c/0x150
[  292.712892][  T999]  ? __pfx_kthread+0x10/0x10
[  292.712907][  T999]  ret_from_fork+0x3fc/0x770
[  292.712922][  T999]  ? __pfx_ret_from_fork+0x10/0x10
[  292.712939][  T999]  ? __switch_to_asm+0x39/0x70
[  292.712954][  T999]  ? __switch_to_asm+0x33/0x70
[  292.712965][  T999]  ? __pfx_kthread+0x10/0x10
[  292.712981][  T999]  ret_from_fork_asm+0x1a/0x30
[  292.713004][  T999]  </TASK>
[  292.825538][  T999] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  293.420333][T12169] loop4: detected capacity change from 0 to 128
[  293.423718][T12169] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  293.457490][T12169] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  294.033760][T12171] loop5: detected capacity change from 0 to 32768
[  294.065712][T12171] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2426 (12171)
[  294.139537][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/395ef67a-297e-477c-816d-cd80a5b93e5d.tmp-b7:5' failed: Read-only file system
[  294.154198][T12171] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  294.167051][T12171] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  294.293358][T12171] BTRFS info (device loop5): enabling ssd optimizations
[  294.298078][T12171] BTRFS info (device loop5): enabling free space tree
[  294.629503][ T8782] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  296.077917][T12230] loop4: detected capacity change from 0 to 40427
[  296.089084][T12230] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  296.092334][T12230] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  296.109514][T12230] F2FS-fs (loop4): invalid crc value
[  296.153091][T12230] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  296.160066][T12230] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  296.162849][T12230] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  296.177785][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  296.940905][T12249] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2450'.
[  297.073982][T12253] loop5: detected capacity change from 0 to 4096
[  297.079681][T12253] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[  297.093986][T12253] ntfs3(loop5): ino=0, mi_enum_attr
[  297.102006][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  297.104150][T12253] ntfs3(loop5): mft corrupted
[  297.106146][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/5EB3BBC71C8702BB.tmp-b7:5' failed: Read-only file system
[  297.107567][T12253] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  297.108771][T12253] ntfs3(loop5): Failed to load $MFT (-22).
[  297.144903][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  297.212668][T12261] loop5: detected capacity change from 0 to 128
[  297.229499][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:5' failed: Read-only file system
[  297.252642][T12261] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  297.270595][T12261] fscrypt: key with description 'fscrypt:e8dab99234bb312e' is too short (got 30 bytes, need 32+ bytes)
[  297.274812][T12261] fscrypt: key with description 'fscrypt:e8dab99234bb312e' is too short (got 30 bytes, need 32+ bytes)
[  297.313910][ T8782] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  298.903178][T12310] loop5: detected capacity change from 0 to 32768
[  299.018930][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:5' failed: Read-only file system
[  299.024974][T12310] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  299.575905][ T8782] ocfs2: Unmounting device (7,5) on (node local)
[  299.833457][T12341] loop4: detected capacity change from 0 to 1024
[  299.863670][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:4' failed: Read-only file system
[  299.898817][T12343] loop5: detected capacity change from 0 to 512
[  299.902087][T12343] EXT4-fs: Ignoring removed nobh option
[  299.913639][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/\x86\x5b.tmp-b7:5' failed: Read-only file system
[  299.925216][T12343] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  299.933289][T12343] EXT4-fs (loop5): invalid journal inode
[  299.935927][T12343] EXT4-fs (loop5): can't get journal size
[  299.941619][T12343] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[  299.945125][T12343] System zones: 1-12, 13-13
[  299.950560][T12343] EXT4-fs (loop5): 1 truncate cleaned up
[  299.953944][T12343] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.025611][ T8782] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.095184][T12354] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  300.333877][T12371] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2501'.
[  300.556501][    T9] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  300.716372][    T9] usb 6-1: Using ep0 maxpacket: 32
[  300.721555][    T9] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  300.725099][    T9] usb 6-1: config 0 has no interface number 0
[  300.734216][    T9] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  300.739658][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.743162][    T9] usb 6-1: Product: syz
[  300.744904][    T9] usb 6-1: Manufacturer: syz
[  300.750204][    T9] usb 6-1: SerialNumber: syz
[  300.756583][    T9] usb 6-1: config 0 descriptor??
[  300.776137][    T9] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  300.994043][    T9] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  301.010787][    T9] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  301.207119][    C0] quatech-serial ttyUSB0: qt2_process_read_urb - xmit_empty message too short
[  301.408190][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  301.412374][    T9] usb 6-1: USB disconnect, device number 15
[  301.421067][    T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  301.453664][    T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  301.468087][    T9] quatech2 6-1:0.51: device disconnected
[  301.696521][T12419] fuse: root generation should be zero
[  301.809974][T12424] loop4: detected capacity change from 0 to 256
[  301.833485][T12424] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf059ff26, utbl_chksum : 0xe619d30d)
[  302.532823][T12426] loop5: detected capacity change from 0 to 32768
[  302.549895][T12426] bcachefs (/dev/loop5): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section
[  302.549895][T12426] clean (size 2912):
[  302.549895][T12426] flags:          0
[  302.549895][T12426] journal_seq:    10
[  302.549895][T12426] usage: type=inodes v=8
[  302.549895][T12426] usage: type=key_version v=0
[  302.549895][T12426] usage: type=reserved v=0
[  302.549895][T12426] usage: type=reserved v=0
[  302.549895][T12426] usage: type=reserved v=0
[  302.549895][T12426] usage: type=reserved v=0
[  302.549895][T12426] data_usage: btree: 1/1 [0]=2816
[  302.549895][T12426] data_usage: journal: 1/1 [0]=0
[  302.549895][T12426] data_usage: user: 1/1 [0]=16
[  302.549895][T12426] dev_usage: dev=0  
[  302.549895][T12426]   free: buckets=83 sectors=0 fragmented=0
[  302.549895][T12426]   sb: buckets=25 sectors=6152 fragmented=248
[  302.549895][T12426]   journal: buckets=8 sectors=2048 fragmented=0
[  302.549895][T12426]   btree: buckets=11 sectors=2816 fragmented=0
[  302.549895][T12426]   user: buckets=1 sectors=16 fragmented=240
[  302.549895][T12426]   cached: buckets=0 sectors=0 fragmented=0
[  302.549895][T12426]   parity: buckets=0 sectors=0 fragmented=0
[  302.549895][T12426]   stripe: buckets=0 sectors=0 fragmented=0
[  302.549895][T12426]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  302.549895][T12426]   need_discard: buckets=0 sectors=0 fragmented=0
[  302.549895][T12426] clock: read=0
[  302.549895][T12426] clock: write=1280
[  302.549895][T12426] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 POS_MAX len 511 ver 0: seq c
[  302.550115][T12426] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  302.892018][T12436] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  302.900460][T12436] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  303.007318][T12440] loop5: detected capacity change from 0 to 4096
[  303.013632][T12442] loop4: detected capacity change from 0 to 1024
[  303.019836][T12440] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[  303.025908][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  303.038007][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/5EB3BBC71C8702BB.tmp-b7:5' failed: Read-only file system
[  303.042645][ T5862] udevd[5862]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  303.049102][T12442] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.059551][T12440] ntfs3(loop5): Failed to initialize MFT zone (-22).
[  303.091106][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  303.118226][ T8112] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.170476][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  303.268503][   T33] audit: type=1800 audit(303.151:62): pid=12459 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2539" name="file1" dev="tmpfs" ino=2478 res=0 errno=0
[  303.482914][T12475] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  303.661177][T12471] loop5: detected capacity change from 0 to 32768
[  303.675056][T12471] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2545 (12471)
[  303.693158][T12471] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  303.697995][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/ed167579-eb65-4e76-9a50-61ac97e9b59d.tmp-b7:5' failed: Read-only file system
[  303.699818][T12471] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  303.844863][T12471] BTRFS info (device loop5): enabling ssd optimizations
[  303.856589][T12471] BTRFS info (device loop5): enabling free space tree
[  303.886023][T12477] loop4: detected capacity change from 0 to 32768
[  303.894753][T12477] XFS: ikeep mount option is deprecated.
[  303.903033][ T8782] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  303.911365][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/d7dc424e-7990-42cb-9f91-9cb7200a101d.tmp-b7:4' failed: Read-only file system
[  303.943606][T12477] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  304.013448][T12477] XFS (loop4): Ending clean mount
[  304.035069][T12477] XFS (loop4): Quotacheck needed: Please wait.
[  304.063999][T12477] XFS (loop4): Quotacheck: Done.
[  304.099237][T12507] loop5: detected capacity change from 0 to 16
[  304.106940][T12507] erofs (device loop5): rootino(nid 36) is not a directory(i_mode 120040)
[  304.110488][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/fcd48663-7311-483d-ab26-e63db9076faf.tmp-b7:5' failed: Read-only file system
[  304.257030][ T8112] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  307.469411][T12592] loop5: detected capacity change from 0 to 16
[  307.473833][T12592] erofs (device loop5): mounted with root inode @ nid 36.
[  307.499743][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/dc99752b-953d-459c-b2db-a5c46e0e7dba.tmp-b7:5' failed: Read-only file system
[  307.675020][T12601] netlink: 'syz.5.2596': attribute type 1 has an invalid length.
[  307.684869][T12601] netlink: 'syz.5.2596': attribute type 2 has an invalid length.
[  307.706499][ T2336] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  307.877239][ T2336] usb 5-1: Using ep0 maxpacket: 8
[  307.883333][ T2336] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  307.896605][ T2336] usb 5-1: config 0 has no interface number 0
[  307.899107][ T2336] usb 5-1: config 0 interface 1 has no altsetting 0
[  307.911591][ T2336] usb 5-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=70.1d
[  307.922410][ T2336] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.925983][ T2336] usb 5-1: Product: syz
[  307.928852][ T2336] usb 5-1: Manufacturer: syz
[  307.930818][ T2336] usb 5-1: SerialNumber: syz
[  307.944012][ T2336] usb 5-1: config 0 descriptor??
[  308.128116][T12622] loop5: detected capacity change from 0 to 32768
[  308.136035][T12622] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2606 (12622)
[  308.147719][ T5862] udevd[5862]: symlink '../../loop5' '/dev/disk/by-uuid/395ef67a-297e-477c-816d-cd80a5b93e5d.tmp-b7:5' failed: Read-only file system
[  308.155452][T12622] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  308.166775][T12622] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  308.182456][ T2336] i2c-cp2615 5-1:0.1: probe with driver i2c-cp2615 failed with error -71
[  308.208021][ T2336] usb 5-1: USB disconnect, device number 17
[  308.308633][T12622] BTRFS info (device loop5): enabling ssd optimizations
[  308.311872][T12622] BTRFS info (device loop5): enabling free space tree
[  308.368364][ T8782] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  308.836627][    T9] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  309.020384][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  309.024673][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  309.036484][    T9] usb 6-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[  309.040091][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.057838][    T9] usb 6-1: config 0 descriptor??
[  309.398600][T12691] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  309.472113][    T9] ortek 0003:1223:3F07.0011: unknown main item tag 0x6
[  309.474977][    T9] ortek 0003:1223:3F07.0011: report_id 29495 is invalid
[  309.481734][    T9] ortek 0003:1223:3F07.0011: item 0 2 1 8 parsing failed
[  309.485224][    T9] ortek 0003:1223:3F07.0011: probe with driver ortek failed with error -22
[  309.542273][T12697] loop4: detected capacity change from 0 to 512
[  309.559215][T12697] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[  309.659205][T12699] loop4: detected capacity change from 0 to 4096
[  309.664612][T12699] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  309.674910][ T2336] usb 6-1: USB disconnect, device number 16
[  309.679879][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/68CE0ED73BAA5F78.tmp-b7:4' failed: Read-only file system
[  309.715818][T12699] ntfs3(loop4): ino=19, mi_enum_attr
[  309.721789][T12699] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  309.932967][T12707] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2639'.
[  310.239280][T12709] loop4: detected capacity change from 0 to 40427
[  310.256916][T12709] F2FS-fs (loop4): build fault injection rate: 14
[  310.262542][T12709] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[  310.270522][T12709] F2FS-fs (loop4): invalid crc value
[  310.278571][    C0] F2FS-fs (loop4): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  310.283921][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  310.294665][T12715] loop5: detected capacity change from 0 to 512
[  310.300248][    C0] F2FS-fs (loop4): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  310.330740][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  310.337613][T12715] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.382382][T12719] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2643'.
[  310.388211][T12709] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  310.391615][T12709] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  310.410340][T12709] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  310.429328][T12709] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  310.434821][ T8782] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.435917][T12709] F2FS-fs (loop4): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0xab1/0x1cf0
[  310.447481][T12709] F2FS-fs (loop4): inconsistent node block, node_type:0, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[  310.493781][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  310.539164][    C1] F2FS-fs (loop4): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[  310.544127][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  310.544148][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  310.544164][    C1] Call Trace:
[  310.544170][    C1]  <TASK>
[  310.544178][    C1]  dump_stack_lvl+0x189/0x250
[  310.544204][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  310.544221][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  310.544240][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  310.544263][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  310.544285][    C1]  ? f2fs_hw_is_readonly+0x39b/0x470
[  310.544309][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  310.544334][    C1]  f2fs_write_end_io+0x886/0xb60
[  310.544362][    C1]  blk_update_request+0x57e/0xe60
[  310.544393][    C1]  blk_mq_end_request+0x3e/0x70
[  310.544411][    C1]  blk_flush_complete_seq+0x678/0xcc0
[  310.544437][    C1]  flush_end_io+0xbaf/0xe60
[  310.544462][    C1]  __blk_mq_end_request+0x46a/0x630
[  310.544483][    C1]  blk_done_softirq+0x10a/0x160
[  310.544499][    C1]  handle_softirqs+0x286/0x870
[  310.544515][    C1]  ? run_ksoftirqd+0x9b/0x100
[  310.544532][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  310.544548][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  310.544564][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  310.544575][    C1]  run_ksoftirqd+0x9b/0x100
[  310.544589][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  310.544608][    C1]  smpboot_thread_fn+0x542/0xa60
[  310.544622][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  310.544638][    C1]  kthread+0x711/0x8a0
[  310.544657][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  310.544670][    C1]  ? __pfx_kthread+0x10/0x10
[  310.544688][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  310.544709][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  310.544722][    C1]  ? __pfx_kthread+0x10/0x10
[  310.544738][    C1]  ret_from_fork+0x3fc/0x770
[  310.544754][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  310.544772][    C1]  ? __switch_to_asm+0x39/0x70
[  310.544790][    C1]  ? __switch_to_asm+0x33/0x70
[  310.544805][    C1]  ? __pfx_kthread+0x10/0x10
[  310.544823][    C1]  ret_from_fork_asm+0x1a/0x30
[  310.544852][    C1]  </TASK>
[  310.544858][    C1] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  310.630016][ T8112] F2FS-fs (loop4): do_checkpoint failed err:-5, stop checkpoint
[  310.685383][T12730] loop5: detected capacity change from 0 to 2048
[  310.700752][T12730] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[  310.709464][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/LinuxUDF.tmp-b7:5' failed: Read-only file system
[  310.715209][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/1234567812345678.tmp-b7:5' failed: Read-only file system
[  310.718337][T12730] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  310.783432][   T33] audit: type=1800 audit(310.661:63): pid=12730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2649" name="file1" dev="loop5" ino=1346 res=0 errno=0
[  310.897570][T12733] loop4: detected capacity change from 0 to 4096
[  310.910830][T12738] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (36)
[  310.925934][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  310.939438][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/399AA58E54924951.tmp-b7:4' failed: Read-only file system
[  311.256553][ T6027] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[  311.289890][T12753] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check.
[  311.327682][T12755] netlink: 'syz.5.2660': attribute type 25 has an invalid length.
[  311.363273][T12757] loop5: detected capacity change from 0 to 16
[  311.371410][T12757] erofs (device loop5): mounted with root inode @ nid 36.
[  311.408283][ T6027] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  311.412412][ T6027] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  311.424158][ T6027] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  311.428897][ T6027] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  311.433468][ T6027] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  311.444257][ T6027] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  311.447843][ T6027] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  311.452569][ T6027] usb 5-1: Product: syz
[  311.458870][ T6027] usb 5-1: Manufacturer: syz
[  311.460726][ T6027] usb 5-1: SerialNumber: syz
[  311.480706][ T6027] usb 5-1: config 0 descriptor??
[  311.702607][ T6027] radio-si470x 5-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  311.705190][ T6027] radio-si470x 5-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  311.791576][T12779] overlayfs: failed to clone upperpath
[  311.903780][ T6027] radio-si470x 5-1:0.0: software version 0, hardware version 0
[  311.906616][ T6027] radio-si470x 5-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  311.916391][ T6027] radio-si470x 5-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  311.934409][T12788] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2676'.
[  312.104900][ T6027] radio-si470x 5-1:0.0: submitting int urb failed (-90)
[  312.255418][ T2336] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  312.265800][T12792] netlink: 'syz.2.2678': attribute type 1 has an invalid length.
[  312.269074][T12792] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2678'.
[  312.406326][ T2336] usb 6-1: Using ep0 maxpacket: 32
[  312.410285][ T2336] usb 6-1: config 4 has an invalid interface number: 10 but max is 0
[  312.421345][ T2336] usb 6-1: config 4 has no interface number 0
[  312.423925][ T2336] usb 6-1: config 4 interface 10 has no altsetting 0
[  312.431239][ T2336] usb 6-1: New USB device found, idVendor=0979, idProduct=0280, bcdDevice=98.4c
[  312.434846][ T2336] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.438381][ T2336] usb 6-1: Product: syz
[  312.440285][ T2336] usb 6-1: Manufacturer: syz
[  312.442158][ T2336] usb 6-1: SerialNumber: syz
[  312.667231][ T2336] gspca_main: jeilinj-2.14.0 probing 0979:0280
[  312.690070][ T2336] usb 6-1: USB disconnect, device number 17
[  313.096582][T12821] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  313.096582][T12821] The task syz.2.2691 (12821) triggered the difference, watch for misbehavior.
[  313.121853][ T6027] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[  313.127225][ T6027] radio-si470x 5-1:0.0: si470x_get_report: usb_control_msg returned -71
[  313.140469][ T6027] usb 5-1: USB disconnect, device number 18
[  313.261466][T12826] loop5: detected capacity change from 0 to 256
[  313.270450][T12826] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5658fca8, utbl_chksum : 0xe619d30d)
[  313.344151][T12830] loop5: detected capacity change from 0 to 128
[  313.348183][T12830] EXT4-fs: Ignoring removed nobh option
[  313.355510][T12830] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  313.358556][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:5' failed: Read-only file system
[  313.404277][ T8782] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  313.696414][ T2336] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  313.857299][ T2336] usb 6-1: Using ep0 maxpacket: 16
[  313.862367][ T2336] usb 6-1: config 252 has an invalid interface number: 165 but max is 0
[  313.865738][ T2336] usb 6-1: config 252 has no interface number 0
[  313.869876][ T2336] usb 6-1: New USB device found, idVendor=0b48, idProduct=300d, bcdDevice=d4.cd
[  313.874086][ T2336] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.885389][ T2336] dvb-usb: found a 'Technotrend TT-connect CT-3650' in cold state, will try to load a firmware
[  313.892392][ T2336] dvb-usb: did not find the firmware file '(null)' (status -22). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  313.922637][T12839] sctp: [Deprecated]: syz.2.2698 (pid 12839) Use of struct sctp_assoc_value in delayed_ack socket option.
[  313.922637][T12839] Use struct sctp_sack_info instead
[  314.090099][ T2336] usb 6-1: USB disconnect, device number 18
[  314.724648][   T33] audit: type=1326 audit(314.601:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12850 comm="syz.5.2704" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3221b8ebe9 code=0x0
[  314.830820][T12861] tipc: Started in network mode
[  314.833441][T12861] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[  314.848980][T12861] tipc: Enabled bearer <eth:vlan0>, priority 10
[  314.971234][T12876] tipc: Resetting bearer <eth:vlan0>
[  315.063987][T12878] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  315.076588][T12878] overlayfs: failed to set xattr on upper
[  315.078920][T12878] overlayfs: ...falling back to index=off.
[  315.081331][T12878] overlayfs: ...falling back to uuid=null.
[  315.640847][T12892] loop5: detected capacity change from 0 to 512
[  315.662230][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  315.663261][T12892] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  315.694724][T12892] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.735072][T12892] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  315.798893][ T8782] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.840175][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  316.004004][  T974] tipc: Node number set to 10005162
[  316.226374][ T6027] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  316.372724][T12935] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  316.378092][ T6027] usb 6-1: Using ep0 maxpacket: 8
[  316.378613][T12932] IPVS: stopping backup sync thread 12935 ...
[  316.383370][ T6027] usb 6-1: unable to get BOS descriptor or descriptor too short
[  316.388897][ T6027] usb 6-1: config 6 has an invalid interface number: 81 but max is 0
[  316.392939][ T6027] usb 6-1: config 6 has no interface number 0
[  316.395381][ T6027] usb 6-1: config 6 interface 81 has no altsetting 0
[  316.414569][ T6027] usb 6-1: New USB device found, idVendor=061d, idProduct=c1a0, bcdDevice=f7.ec
[  316.423224][ T6027] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  316.427680][ T6027] usb 6-1: Product: syz
[  316.429304][ T6027] usb 6-1: Manufacturer: syz
[  316.431076][ T6027] usb 6-1: SerialNumber: syz
[  316.650107][ T6027] quatech2 6-1:6.81: Quatech 2nd gen USB to Serial Driver converter detected
[  316.660406][ T6027] usb 6-1: qt2_attach - failed to power on unit: -71
[  316.662896][ T6027] quatech2 6-1:6.81: probe with driver quatech2 failed with error -71
[  316.670306][ T6027] usb 6-1: USB disconnect, device number 19
[  317.019336][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  317.022078][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  317.066530][  T974] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  317.224605][  T974] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  317.228378][  T974] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.232223][  T974] usb 5-1: Product: syz
[  317.234021][  T974] usb 5-1: Manufacturer: syz
[  317.236028][  T974] usb 5-1: SerialNumber: syz
[  317.244320][  T974] usb 5-1: config 0 descriptor??
[  317.272974][T12966] loop5: detected capacity change from 0 to 1024
[  317.291315][ T5862] udevd[5862]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  317.298942][T12966] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.337356][ T8782] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.381066][ T5862] udevd[5862]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  317.470979][  T974] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  318.500263][T13003] loop5: detected capacity change from 0 to 32768
[  318.535293][ T5862] udevd[5862]: symlink '../../loop5' '/dev/disk/by-uuid/35307472-fd4b-42de-878f-83186a645fa6.tmp-b7:5' failed: Read-only file system
[  318.621554][T13009] loop5: detected capacity change from 0 to 1024
[  318.624989][T13009] EXT4-fs warning (device loop5): read_mmp_block:115: Error -117 while reading MMP block 64
[  318.679146][  T974] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  318.690886][  T974] usb 5-1: USB disconnect, device number 19
[  319.130863][T13025] loop5: detected capacity change from 0 to 40427
[  319.136519][T13025] F2FS-fs (loop5): Small segment_count (9 < 1 * 24)
[  319.143003][T13025] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  319.143240][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:5' failed: Read-only file system
[  319.615680][T13025] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  319.627725][T13025] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  319.630570][T13025] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  319.690103][ T8782] syz-executor: attempt to access beyond end of device
[  319.690103][ T8782] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  319.695683][ T8782] CPU: 0 UID: 0 PID: 8782 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  319.695701][ T8782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  319.695709][ T8782] Call Trace:
[  319.695715][ T8782]  <TASK>
[  319.695720][ T8782]  dump_stack_lvl+0x189/0x250
[  319.695746][ T8782]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.695762][ T8782]  ? __pfx_queue_work_on+0x10/0x10
[  319.695775][ T8782]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  319.695799][ T8782]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  319.695828][ T8782]  f2fs_handle_critical_error+0x37c/0x540
[  319.695857][ T8782]  f2fs_write_end_io+0x886/0xb60
[  319.695888][ T8782]  __submit_merged_bio+0x27a/0x6a0
[  319.695914][ T8782]  __submit_merged_write_cond+0x255/0x530
[  319.695940][ T8782]  f2fs_write_data_pages+0x261d/0x3000
[  319.695985][ T8782]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  319.696052][ T8782]  ? folios_put_refs+0x559/0x640
[  319.696077][ T8782]  ? __pfx_folios_put_refs+0x10/0x10
[  319.696090][ T8782]  ? rcu_is_watching+0x15/0xb0
[  319.696112][ T8782]  ? __lock_acquire+0xab9/0xd20
[  319.696147][ T8782]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  319.696161][ T8782]  do_writepages+0x32e/0x550
[  319.696191][ T8782]  ? do_raw_spin_unlock+0x4d/0x240
[  319.696264][ T8782]  filemap_fdatawrite+0x199/0x240
[  319.696283][ T8782]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  319.696342][ T8782]  ? do_raw_spin_unlock+0x4d/0x240
[  319.696361][ T8782]  f2fs_sync_dirty_inodes+0x31f/0x830
[  319.696385][ T8782]  f2fs_write_checkpoint+0x95a/0x1df0
[  319.696420][ T8782]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  319.696473][ T8782]  ? call_rcu+0x6ff/0x9c0
[  319.696486][ T8782]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.696499][ T8782]  ? kill_f2fs_super+0x298/0x6c0
[  319.696516][ T8782]  kill_f2fs_super+0x2c3/0x6c0
[  319.696532][ T8782]  ? __pfx_kill_f2fs_super+0x10/0x10
[  319.696543][ T8782]  ? radix_tree_delete_item+0x2b6/0x400
[  319.696566][ T8782]  ? shrinker_free+0x2ce/0x3e0
[  319.696580][ T8782]  deactivate_locked_super+0xbc/0x130
[  319.696597][ T8782]  cleanup_mnt+0x425/0x4c0
[  319.696610][ T8782]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.696622][ T8782]  task_work_run+0x1d4/0x260
[  319.696640][ T8782]  ? __pfx_task_work_run+0x10/0x10
[  319.696653][ T8782]  ? __x64_sys_umount+0x122/0x160
[  319.696673][ T8782]  ? exit_to_user_mode_loop+0x40/0x110
[  319.696694][ T8782]  exit_to_user_mode_loop+0xec/0x110
[  319.696712][ T8782]  do_syscall_64+0x2bd/0x3b0
[  319.696726][ T8782]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.696738][ T8782]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.696751][ T8782]  ? exc_page_fault+0x9f/0xf0
[  319.696765][ T8782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.696778][ T8782] RIP: 0033:0x7f3221b8ff17
[  319.696790][ T8782] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  319.696803][ T8782] RSP: 002b:00007ffd3a019fe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  319.696815][ T8782] RAX: 0000000000000000 RBX: 00007f3221c11c05 RCX: 00007f3221b8ff17
[  319.696823][ T8782] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd3a01a0a0
[  319.696830][ T8782] RBP: 00007ffd3a01a0a0 R08: 0000000000000000 R09: 0000000000000000
[  319.696838][ T8782] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd3a01b130
[  319.696846][ T8782] R13: 00007f3221c11c05 R14: 000000000004e044 R15: 00007ffd3a01b170
[  319.696870][ T8782]  </TASK>
[  319.852720][ T8782] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  319.956893][   T33] audit: type=1326 audit(319.841:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13048 comm="syz.2.2795" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8a6518ebe9 code=0x0
[  320.514375][T13060] ieee802154 phy0 wpan0: encryption failed: -22
[  320.825208][T13064] loop5: detected capacity change from 0 to 4096
[  320.829121][T13064] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  320.862385][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  320.867564][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-uuid/7089678B273CDB5C.tmp-b7:5' failed: Read-only file system
[  320.960949][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  321.099354][T13085] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2810'.
[  322.658740][T13126] netlink: 'syz.5.2829': attribute type 29 has an invalid length.
[  322.731365][T13130] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2830'.
[  322.742879][T13130] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2830'.
[  322.753338][T13130] tipc: MTU too low for tipc bearer
[  322.755407][T13134] netlink: 'syz.4.2832': attribute type 12 has an invalid length.
[  323.140388][T13157] loop5: detected capacity change from 0 to 4096
[  323.150009][T13157] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  323.164010][ T5850] udevd[5850]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  323.200841][T13157] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.214071][T13157] fs-verity (loop5, inode 13): Unknown hash algorithm number: 0
[  323.235256][ T8782] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.322532][ T5850] udevd[5850]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  323.445031][T13163] loop5: detected capacity change from 0 to 256
[  323.465784][T13163] exfat: Deprecated parameter 'utf8'
[  323.469448][T13163] exfat: Deprecated parameter 'namecase'
[  323.471622][T13163] exfat: Deprecated parameter 'namecase'
[  323.473633][T13163] exfat: Deprecated parameter 'utf8'
[  323.478960][T13163] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  323.629225][T13169] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2848'.
[  323.776561][    T9] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  323.949532][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  323.952365][    T9] usb 6-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  323.955349][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.963328][    T9] usb 6-1: config 0 descriptor??
[  324.230538][T13190] loop4: detected capacity change from 0 to 32768
[  324.248236][T13190] (syz.4.2858,13190,1):ocfs2_verify_volume:2322 ERROR: Superblock slots found greater than file system maximum: found 65535, max 255
[  324.262135][T13190] (syz.4.2858,13190,1):ocfs2_verify_volume:2331 ERROR: status = -22
[  324.269414][T13190] (syz.4.2858,13190,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  324.273813][ T5862] udevd[5862]: symlink '../../loop4' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:4' failed: Read-only file system
[  324.281546][T13190] (syz.4.2858,13190,1):ocfs2_fill_super:1177 ERROR: status = -22
[  324.541425][T13201] loop4: detected capacity change from 0 to 2048
[  324.560887][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/1a95d291-cd32-4c4d-814a-8221d1aa3beb.tmp-b7:4' failed: Read-only file system
[  324.562504][T13201] NILFS (loop4): Invalid checkpoint (checkpoint number=2)
[  324.572951][T13201] NILFS (loop4): error -22 while loading last checkpoint (checkpoint number=2)
[  324.865810][T13201] loop4: detected capacity change from 0 to 32768
[  324.916141][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/35307472-fd4b-42de-878f-83186a645fa6.tmp-b7:4' failed: Read-only file system
[  324.947820][T13201] ialloc: diAlloc returned -5!
[  324.986141][    T9] radio-keene 6-1:0.0: V4L2 device registered as radio48
[  325.218952][    T9] usb 6-1: USB disconnect, device number 20
[  325.646079][T13222] loop4: detected capacity change from 0 to 32768
[  325.674582][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-uuid/c496e05e-540d-4c72-b591-04d79d8b4eeb.tmp-b7:4' failed: Read-only file system
[  325.701511][T13222] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  325.726766][T13222] XFS (loop4): Ending clean mount
[  325.741101][T13222] XFS (loop4): Quotacheck needed: Please wait.
[  325.773884][T13222] XFS (loop4): Quotacheck: Done.
[  325.837274][ T8112] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  326.104996][T13242] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  326.536379][  T974] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  326.686459][  T974] usb 5-1: Using ep0 maxpacket: 32
[  326.694798][  T974] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  326.705146][  T974] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.717201][  T974] usb 5-1: config 0 descriptor??
[  326.931083][  T974] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  326.937299][  T974] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  326.941361][  T974] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  326.944113][  T974] usb 5-1: media controller created
[  326.960170][  T974] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  326.998602][  T974] DVB: Unable to find symbol dib7000p_attach()
[  327.001349][  T974] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  327.049087][  T974] rc_core: IR keymap rc-dib0700-rc5 not found
[  327.051656][  T974] Registered IR keymap rc-empty
[  327.053930][  T974] dvb-usb: could not initialize remote control.
[  327.057177][  T974] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  327.143947][  T974] usb 5-1: USB disconnect, device number 20
[  327.213765][  T974] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  327.707333][T13290] loop4: detected capacity change from 0 to 1024
[  327.723174][ T5850] udevd[5850]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  327.735644][T13290] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.809884][ T8112] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /599/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  327.828927][ T8112] EXT4-fs error (device loop4): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  327.841201][ T8112] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[  327.850238][ T8112] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /599/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  327.864059][ T8112] EXT4-fs error (device loop4): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  327.872631][ T8112] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[  327.880608][ T8112] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /599/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  327.901381][ T8112] EXT4-fs error (device loop4): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  327.911439][ T8112] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[  327.922277][ T8112] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /599/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  327.942644][ T8112] EXT4-fs error (device loop4): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  327.954891][ T8112] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[  327.961121][ T8112] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /599/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  327.975816][ T8112] EXT4-fs error (device loop4): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  327.985548][ T8112] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[  327.996435][ T8112] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[  328.005525][ T8112] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[  328.012466][ T8112] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[  328.019558][ T8112] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[  328.025912][ T8112] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[  328.285993][T13110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.460158][ T5881] bridge_slave_1: left allmulticast mode
[  328.462469][ T5881] bridge_slave_1: left promiscuous mode
[  328.464739][ T5881] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.470698][ T5881] bridge_slave_0: left allmulticast mode
[  328.473151][ T5881] bridge_slave_0: left promiscuous mode
[  328.475566][ T5881] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.620507][ T2336] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  328.783328][ T2336] usb 6-1: Using ep0 maxpacket: 8
[  328.812777][ T2336] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  328.815709][ T2336] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.820805][ T2336] usb 6-1: Product: syz
[  328.822603][ T2336] usb 6-1: Manufacturer: syz
[  328.824370][ T2336] usb 6-1: SerialNumber: syz
[  328.843888][ T2336] usb 6-1: config 0 descriptor??
[  329.007085][ T5856] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  329.013589][ T5856] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  329.040960][ T5856] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  329.049009][ T5856] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  329.053188][ T5856] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  329.065554][ T2336] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  329.236586][ T5881] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  329.241258][ T5881] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  329.245785][ T5881] bond0 (unregistering): Released all slaves
[  329.262897][T13303] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  329.591375][T13304] chnl_net:caif_netlink_parms(): no params data found
[  329.798162][ T5881] hsr_slave_0: left promiscuous mode
[  329.800822][ T5881] hsr_slave_1: left promiscuous mode
[  329.803027][ T5881] batman_adv: batadv0: Removing interface: batadv_slave_0
[  329.806048][ T5881] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.095978][ T2336] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  330.122171][ T2336] usb 6-1: USB disconnect, device number 21
[  330.403597][T13329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2914'.
[  330.464900][ T5881] team0 (unregistering): Port device team_slave_1 removed
[  330.540634][ T5881] team0 (unregistering): Port device team_slave_0 removed
[  330.891706][T13348] binder: 13345:13348 ioctl c0306201 200000000480 returned -14
[  331.173253][ T5856] Bluetooth: hci0: command tx timeout
[  331.254929][T13304] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.257833][T13304] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.260547][T13304] bridge_slave_0: entered allmulticast mode
[  331.264516][T13304] bridge_slave_0: entered promiscuous mode
[  331.268887][T13304] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.271666][T13304] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.273941][T13304] bridge_slave_1: entered allmulticast mode
[  331.280103][T13304] bridge_slave_1: entered promiscuous mode
[  331.310925][T13304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  331.315932][T13304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  331.428024][T13304] team0: Port device team_slave_0 added
[  331.435106][T13304] team0: Port device team_slave_1 added
[  331.463450][T13304] batman_adv: batadv0: Adding interface: batadv_slave_0
[  331.467848][T13304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.479037][T13304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  331.484793][T13304] batman_adv: batadv0: Adding interface: batadv_slave_1
[  331.492041][T13304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.502208][T13304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  331.551407][ T5881] ------------[ cut here ]------------
[  331.553620][ T5881] WARNING: CPU: 0 PID: 5881 at net/ipv6/xfrm6_tunnel.c:341 xfrm6_tunnel_net_exit+0x7e/0x100
[  331.554262][T13304] hsr_slave_0: entered promiscuous mode
[  331.557603][ T5881] Modules linked in:
[  331.562119][ T5881] CPU: 0 UID: 0 PID: 5881 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  331.562793][T13304] hsr_slave_1: entered promiscuous mode
[  331.567142][ T5881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  331.567210][ T5881] Workqueue: netns cleanup_net
[  331.567235][ T5881] RIP: 0010:xfrm6_tunnel_net_exit+0x7e/0x100
[  331.567256][ T5881] Code: a8 ef de f7 4b 83 3c 2c 00 75 19 e8 0c 7e 7b f7 49 81 fd f8 07 00 00 74 1d e8 fe 7d 7b f7 49 83 c5 08 eb c9 e8 f3 7d 7b f7 90 <0f> 0b 90 49 81 fd f8 07 00 00 75 e3 48 81 c3 00 08 00 00 45 31 f6
[  331.567270][ T5881] RSP: 0018:ffffc90003d7f8b0 EFLAGS: 00010293
[  331.567283][ T5881] RAX: ffffffff8a4430ed RBX: ffff88812083c000 RCX: ffff8880243f1cc0
[  331.567294][ T5881] RDX: 0000000000000000 RSI: ffffffff8d9b9313 RDI: ffff88812083c000
SYZFAIL: failed to recv rpc
[  331.567304][ T5881] RBP: ffffc90003d7f9b0 R08: ffffffff8fa3a037 R09: 1ffffffff1f47406
[  331.567314][ T5881] R10: dffffc0000000000 R11: fffffbfff1f47407 R12: ffff88812083c000
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  331.567325][ T5881] R13: 0000000000000000 R14: ffff8881251f8000 R15: dffffc0000000000
[  331.567335][ T5881] FS:  0000000000000000(0000) GS:ffff8880b8615000(0000) knlGS:0000000000000000
[  331.567347][ T5881] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  331.567356][ T5881] CR2: 00007f8a660c4fc8 CR3: 0000000039ac2000 CR4: 00000000000006f0
[  331.567388][ T5881] Call Trace:
[  331.567396][ T5881]  <TASK>
[  331.567407][ T5881]  ops_undo_list+0x49a/0x990
[  331.567428][ T5881]  ? __pfx_ops_undo_list+0x10/0x10
[  331.619175][ T5881]  ? do_raw_spin_unlock+0x4d/0x240
[  331.621023][ T5881]  cleanup_net+0x4c5/0x800
[  331.622467][ T5881]  ? __pfx_cleanup_net+0x10/0x10
[  331.624205][ T5881]  ? _raw_spin_unlock_irq+0x23/0x50
[  331.626140][ T5881]  ? process_scheduled_works+0x9ef/0x17b0
[  331.628292][ T5881]  ? process_scheduled_works+0x9ef/0x17b0
[  331.630325][ T5881]  process_scheduled_works+0xae1/0x17b0
[  331.632105][ T5881]  ? __pfx_process_scheduled_works+0x10/0x10
[  331.634245][ T5881]  worker_thread+0x8a0/0xda0
[  331.635999][ T5881]  kthread+0x711/0x8a0
[  331.637513][ T5881]  ? __pfx_worker_thread+0x10/0x10
[  331.639196][ T5881]  ? __pfx_kthread+0x10/0x10
[  331.640708][ T5881]  ? _raw_spin_unlock_irq+0x23/0x50
[  331.642535][ T5881]  ? lockdep_hardirqs_on+0x9c/0x150
[  331.644214][ T5881]  ? __pfx_kthread+0x10/0x10
[  331.645731][ T5881]  ret_from_fork+0x3fc/0x770
[  331.647617][ T5881]  ? __pfx_ret_from_fork+0x10/0x10
[  331.649504][ T5881]  ? __switch_to_asm+0x39/0x70
[  331.651142][ T5881]  ? __switch_to_asm+0x33/0x70
[  331.652755][ T5881]  ? __pfx_kthread+0x10/0x10
[  331.654317][ T5881]  ret_from_fork_asm+0x1a/0x30
[  331.656002][ T5881]  </TASK>
[  331.657265][ T5881] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  331.659745][ T5881] CPU: 0 UID: 0 PID: 5881 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  331.663087][ T5881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  331.666571][ T5881] Workqueue: netns cleanup_net
[  331.668133][ T5881] Call Trace:
[  331.669141][ T5881]  <TASK>
[  331.670543][ T5881]  dump_stack_lvl+0x99/0x250
[  331.672042][ T5881]  ? __asan_memcpy+0x40/0x70
[  331.673776][ T5881]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.675788][ T5881]  ? __pfx__printk+0x10/0x10
[  331.677418][ T5881]  vpanic+0x281/0x750
[  331.678736][ T5881]  ? __pfx__printk+0x10/0x10
[  331.680419][ T5881]  ? __pfx_vpanic+0x10/0x10
[  331.681985][ T5881]  ? is_bpf_text_address+0x292/0x2b0
[  331.683695][ T5881]  panic+0xb9/0xc0
[  331.684875][ T5881]  ? __pfx_panic+0x10/0x10
[  331.686563][ T5881]  __warn+0x31b/0x4b0
[  331.688095][ T5881]  ? xfrm6_tunnel_net_exit+0x7e/0x100
[  331.689885][ T5881]  ? xfrm6_tunnel_net_exit+0x7e/0x100
[  331.691674][ T5881]  report_bug+0x2be/0x4f0
[  331.693124][ T5881]  ? xfrm6_tunnel_net_exit+0x7e/0x100
[  331.694990][ T5881]  ? xfrm6_tunnel_net_exit+0x7e/0x100
[  331.696830][ T5881]  ? xfrm6_tunnel_net_exit+0x80/0x100
[  331.698843][ T5881]  handle_bug+0x84/0x160
[  331.700423][ T5881]  exc_invalid_op+0x1a/0x50
[  331.701952][ T5881]  asm_exc_invalid_op+0x1a/0x20
[  331.703653][ T5881] RIP: 0010:xfrm6_tunnel_net_exit+0x7e/0x100
[  331.705563][ T5881] Code: a8 ef de f7 4b 83 3c 2c 00 75 19 e8 0c 7e 7b f7 49 81 fd f8 07 00 00 74 1d e8 fe 7d 7b f7 49 83 c5 08 eb c9 e8 f3 7d 7b f7 90 <0f> 0b 90 49 81 fd f8 07 00 00 75 e3 48 81 c3 00 08 00 00 45 31 f6
[  331.711449][ T5881] RSP: 0018:ffffc90003d7f8b0 EFLAGS: 00010293
[  331.713276][ T5881] RAX: ffffffff8a4430ed RBX: ffff88812083c000 RCX: ffff8880243f1cc0
[  331.715838][ T5881] RDX: 0000000000000000 RSI: ffffffff8d9b9313 RDI: ffff88812083c000
[  331.718687][ T5881] RBP: ffffc90003d7f9b0 R08: ffffffff8fa3a037 R09: 1ffffffff1f47406
[  331.721184][ T5881] R10: dffffc0000000000 R11: fffffbfff1f47407 R12: ffff88812083c000
[  331.723856][ T5881] R13: 0000000000000000 R14: ffff8881251f8000 R15: dffffc0000000000
[  331.726846][ T5881]  ? xfrm6_tunnel_net_exit+0x7d/0x100
[  331.728673][ T5881]  ops_undo_list+0x49a/0x990
[  331.730520][ T5881]  ? __pfx_ops_undo_list+0x10/0x10
[  331.732487][ T5881]  ? do_raw_spin_unlock+0x4d/0x240
[  331.734031][ T5881]  cleanup_net+0x4c5/0x800
[  331.735517][ T5881]  ? __pfx_cleanup_net+0x10/0x10
[  331.737399][ T5881]  ? _raw_spin_unlock_irq+0x23/0x50
[  331.739242][ T5881]  ? process_scheduled_works+0x9ef/0x17b0
[  331.741048][ T5881]  ? process_scheduled_works+0x9ef/0x17b0
[  331.742765][ T5881]  process_scheduled_works+0xae1/0x17b0
[  331.744643][ T5881]  ? __pfx_process_scheduled_works+0x10/0x10
[  331.746488][ T5881]  worker_thread+0x8a0/0xda0
[  331.747941][ T5881]  kthread+0x711/0x8a0
[  331.749196][ T5881]  ? __pfx_worker_thread+0x10/0x10
[  331.750770][ T5881]  ? __pfx_kthread+0x10/0x10
[  331.752212][ T5881]  ? _raw_spin_unlock_irq+0x23/0x50
[  331.753861][ T5881]  ? lockdep_hardirqs_on+0x9c/0x150
[  331.755504][ T5881]  ? __pfx_kthread+0x10/0x10
[  331.756950][ T5881]  ret_from_fork+0x3fc/0x770
[  331.758409][ T5881]  ? __pfx_ret_from_fork+0x10/0x10
[  331.759994][ T5881]  ? __switch_to_asm+0x39/0x70
[  331.761507][ T5881]  ? __switch_to_asm+0x33/0x70
[  331.763011][ T5881]  ? __pfx_kthread+0x10/0x10
[  331.764464][ T5881]  ret_from_fork_asm+0x1a/0x30
[  331.765960][ T5881]  </TASK>
[  331.767600][ T5881] Kernel Offset: disabled
[  331.768957][ T5881] Rebooting in 86400 seconds..

VM DIAGNOSIS:
02:33:31  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000031 RBX=0000000000000031 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90003d7f050
R8 =ffff888106d90237 R9 =1ffff11020db2046 R10=dffffc0000000000 R11=ffffffff854f6e40
R12=dffffc0000000000 R13=ffffffff99b008c6 R14=ffffffff99df5420 R15=0000000000000000
RIP=ffffffff854f6ebc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8615000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f8a660c4fc8 CR3=0000000039ac2000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff8167993b ffffffff8167993b
XMM02=00007f3221d97498 ffffffff8167993b XMM03=00007f3221d974a8 00007f3221d974a0
XMM04=00007f32228fd100 00007f3221d97460 XMM05=00007f3221d97478 00007f3221d974c0
XMM06=00007f3221d974b8 00007f3221d974b0 XMM07=00007f3221d974a8 00007f3221d974a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f3221c12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff81a02655 RBX=ffffffff81a02614 RCX=ffff888020fb0000 RDX=0000000000000000
RSI=ffffffff8dba8965 RDI=ffffffff8be33980 RBP=ffffc90002d1ec70 RSP=ffffc90002d1eb60
R8 =0000000000000000 R9 =ffffffff81a02614 R10=dffffc0000000000 R11=fffffbfff1c25c21
R12=dffffc0000000000 R13=1ffff920005a3d70 R14=0000000000000200 R15=0000000000000025
RIP=ffffffff81a02643 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555a296500 ffffffff 00c00000
GS =0000 ffff8881a3c15000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b32922ff8 CR3=000000002b104000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff823469a2 ffffffff81c737ad
XMM02=00007f8a65397498 ffffffff81c737ad XMM03=00007f8a653974a8 00007f8a653974a0
XMM04=00007f8a65efd100 00007f8a65397460 XMM05=00007f8a65397478 00007f8a653974c0
XMM06=00007f8a653974b8 00007f8a653974b0 XMM07=00007f8a653974a8 00007f8a653974a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f8a65212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
