last executing test programs:

9m31.989557912s ago: executing program 0 (id=875):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4f3, &(0x7f00000005c0)="$eJzs3d1rW+cZAPBHku3YibN8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxb8TLLkbHkLDa5cLa7XOxibLRQetH7/gW9aa4aAqXXLb3tVUloUxfakoKKjiTHH5KjtraU+Px+cKJzzqvoeV/Zz+uj97xHJ4DUOlf7JxMxHBHvRMSx+ubWJ5yrP6w/vj1TWzJRrV75KJM8r7bdfGrz/x2JiLWIGIyIP/424m+ZnXHLK6vz08ViYamxna8sLObLK6sXry9MzxXmCjfGJi9NTU2OToxP7Vlb7/7nH3cvv/H7gdc/+/fD+/99681atYYbZZvbsZfqTe+PE5v29UXEr/YjWA/kGu0Z6nVF+EZqP7/vRsT5JP+PRS75aXbmyb7WDNhv1Wq1+mX1ULvitSpwYGWTY+BMdiQi6uvZ7MhI/Rj+e3E4WyyVKz+7Vlq+MVs/Vj4e/dlr14uF0cZnhePRn6ltjyXrT7fHt21PRCTHwP/LDSXbIzOl4mx3uzpgmyPb8v/TXD3/gZTo/CM/cNDIf0gv+Q/pJf8hveQ/pJf8h/SS/5Be8h/SS/5DerXK/6M9qAfQfbv9/R/oYj2ArvrD5cu1pdq8/n325sryfOnmxdlCeX5kYXlmZKa0tDgyVyrNJdfsLDzr9Yql0uLYz2P5Vr5SKFfy5ZXVqwul5RuVq8l1/VcL/V1pFdCJE2fvvZeJiLVfDCVLbPqTL1fhYKtWM9Hra5CB3sj1ugMCesapP0ivr/EZv+2XhAEvthZf0bth8Ejbol/H4r5UB+iC7G6FTx50ryJA11047fwfpJXxf0gv4/+QXo7xgd3G/6NxL7+WjP/DC2vX8X/gQBtuc/+vo5vu3TUaEd+JiHdz/Yea9/oCDoLsh5nG8f+FYz8a3l46kPk8OUUwEBH/fOXKS7emK5Wlsdr+jzf2V15u7B/vRf2B9raO8DXztJnHAEB6rT++PdNcuhn30W/qkxB2xu9rjE0OJkcwh9czW+YqZPZo7sLanYg41Sp+pnG/8/qZj8PruR3xTzYeM/WXSOrbl9w3vTvxT2+K/8NN8c9863cF0uFerf8ZbZV/2SSnYyP/tvY/w3s0d6LZ/zXnXG+O3+z/cm36v7Mdxvj7q/9qdXo3mez96E7EmZb9bzPeYBJre/xa3S50GP/hX/70/XZl1dfqr9MqflNtLV9ZWMyXV1YvXm/WYvLS1NTk6MT4VD4Zo843R6p3+uWpt++3i19rf0Ob9r+/o/1DjTr9pMP2f/GDB38+t0v8H59v/ft3Mnnc9v5Xqxt1+GmH8T8Z/+Cv7cpq8WfbvP/ZVvGjWRox0WH88v9/59phAHiOlFdW56eLxcKSFStWnu+Vvuhi0Gf1HGvd6aCAffM06XtdEwAAAAAAAAAAAKBT7Wb/3tvD6cS9biMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEHwVQAAAP//QUvQlg==")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000a00)='./bus/file0\x00')
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

9m31.749324299s ago: executing program 0 (id=882):
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000001c0)={0x0, 0x7, 0x4, {0x2, @raw_data="93f6a5f2d18177c3e62dc3591412ac8d0b62159ae089adf892c08b17db368b92d72605031293b7b28bbcb776dadf7f66bb5eebe8cf26eec8b5379e0759990e582bc49dacbd977b9592edd3223d69a2e72a14047bd3001ad16e1c7b2484f10955c5a9bf0c342383399065321bc09856277f2b8ece58c3f17e934f04326fe0658f583d334a07ced0046f8ba7ad4bdcada26f421c16433eddfc8f30c1907b269112dccfb031df1a0236c1c386c8d53340565cb474cdbf5ec5755ea388be5298aaa5b8c99c613440ee8f"}})
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000003c0)={0x0, 0x0, 0x4, {0xa, @vbi}})

9m31.597681125s ago: executing program 0 (id=887):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000140)={[{@acl}, {@heartbeat_none}, {@inode64}, {@localalloc={'localalloc', 0x3d, 0x6b2}}, {@acl}, {@localflocks}, {@coherency_full}, {@noacl}]}, 0x1, 0x4450, &(0x7f0000008900)="$eJzs3c9vHGcZAOB3Jia1Qxvs0EORkFiJSiBAlt0T4Eo4jhPXbkxQIBXislnb28Sw9kb2GnGohLlV4oTEAXGoQOLmU+UD1yLxD3DhWK5UggMXJKSIRbs7a++Md/ESdus6eh4pHs/3a971uzPzzWHypZnG4+390vZ+qbJbqm++vf9a6cf12sFONdKPyUUfn+GMPk9JyP3FuXfrznffei3iD1t//qjZbDajZSL6mu/5/Z//eGezd9uVFvq0xu0/2qj8ICJePhNXy5WI+P7vI5KIuJmVLWXbqYi4Hp26t975+cPSiKJ5/8Pq6+Wn6+8eL7y6dvTe8eDPnkT8uva5rz3a+dsXryz85SsjOjwAAAAAAAAAAAAAAAAAAJfcyv17D74zNx8fJDFxlJx9X3cl2w56P7Y5Ml8Y/4cFAAAAAAAAAAAAAAAAAACAT6jT9/9LyY1kIiLy7/8vZ9vFAf2b3xp/jIzP6rfvLd+em8/Wf0/O1H89K/r7zSsx02fd9+L67zcL/fuv//7CyOLvxtc97nQk6WxuP01nZyN+my38/kpyLa3V9xtffbt+sLs1sjAurXz+O6v3574F2YL+w+Z/qTD++Nf//2wUv7Wt/Ydnv8r0kc//lYHtfvezZKj83yr0+zjyz7PL53+iXTbV22CxcwFo5f8XE+fnf7kw/rjyfz0iSkkr1lLubnIj6ZQPmq+Ql8//p9pluUtn9occdP7/q5D/24XxL+r6f1i8EdFXPv9X22WTuRan5/9Mev75f6cw/kXkvxX/ofv/UPL5z66kE7km7b/ksNf/lcL448r/g7Qd51/jepL7BhwlnfgH/X915OXzP3mm/vT5Lx1q/vdGoX///I/u5OzG1z1u+/mv2Wz+NNv/ctJ5/qO/fP6nBrYb9vxfLfQb9/V/MUpDPwFcHWcgl1Q+/9faZfm583T757D5X+vdeTq+/LdnJZPd/J9eT/79Qqf8Nz3zvwfjCOA5kc//pzuFaW+Lw/bP9vwvOX/+/2Zh/P+S/+RwJJ/g7PyvFf9hOpLBn3v5/L84sF0r/38a4v5/t9Bv/PP/iDlz/WeWz/9LA9u1z//J8/O/Xug37vx/aZyDAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwCS9l2OpJ0NrefprOzEbey/VfiWrJR2Spv1OqbP9qPWM7KS3EjeVSrb1Rq5e3d+la1XKnV6psRt7P6l2My2a/VG+WdypM7J2NNJY+rlb3GRrXSiIiVrPzz8VJ3rI3txk7lSUS8cVL3mbS+9+RxZbe8tb33zbm5ublYPYlhJqn+pFHdbXSO3qmNWDvpO530BNeufvMklheTH9YP9nYrtXb53Z4+tfpmpdbTZz2r+2XMJI29g93NSqNartUfdY83yB+vPmNy/geL2XZ59f737t+dP1P/MOlsl8YfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/hw8WvvGriJjo7KURUUqyX5LsX877H1ZfLz9df/d44dW1o/eOP+rXBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMByj2/d+2vdRKS42l5G/H7+/R/nz6V+303fvzjDjJzO00t3/1A35d/TKL8tR6s279PN+usjJmrvZ7Anw306GPcZmtu3ufn6vteRchURbclvUs5VtewtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/AoAAP//YvMk6w==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x2042, 0x50)
fallocate(r0, 0x0, 0x0, 0x8000c62)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

9m30.79996215s ago: executing program 0 (id=894):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @broadcast, 'macvlan1\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000500)="ab", 0x5ea}], 0x1}}], 0x484, 0x24048084)

9m30.49080136s ago: executing program 0 (id=898):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000300)='devpts\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000480)='./file0/../file0/../file0\x00', &(0x7f0000000240)='debugfs\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

9m30.410885284s ago: executing program 0 (id=900):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000000)=0x6, 0x4)

9m15.372410635s ago: executing program 32 (id=900):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000000)=0x6, 0x4)

8m36.086804778s ago: executing program 1 (id=1460):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="8c00000010001fff28bd70000000800000000000", @ANYRES32=0x0, @ANYBLOB="efb00000800000006c0012800b00010062726964676500005c00028008000500010000000c002e000100000009"], 0x8c}, 0x1, 0x0, 0x0, 0x4000084}, 0x14)

8m36.026210607s ago: executing program 1 (id=1461):
syz_emit_ethernet(0x16, &(0x7f00000000c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@llc={0x4, {@snap={0xaa, 0x0, 'o', "26739c"}}}}}, 0x0)

8m35.965584682s ago: executing program 1 (id=1462):
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000020f10120480b0320c3970102030109022400010000000009046cb402c432ad00090503000800010606090502"], 0x0)

8m34.764584377s ago: executing program 1 (id=1475):
r0 = syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1204408, &(0x7f0000000080)={[{@compress_force}, {@clear_cache}, {@nobarrier}, {@ref_verify}, {@acl}, {@space_cache_v1}]}, 0x0, 0x51ab, &(0x7f000000a440)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000840)={0xe0, 0x0, {0x1, @struct={0x7, 0xffffffff}, 0x0, 0xf, 0x0, 0x1ff, 0x3, 0x7, 0x0, @struct={0x7, 0x3}, 0x6, 0x2, [0x5, 0x3, 0x70cc, 0x4, 0x27f]}, {0x0, @usage=0x8, 0x0, 0xd4a, 0x7f, 0x0, 0x2, 0x6e1, 0x449, @struct={0x45a4, 0xc}, 0x5, 0x0, [0xba, 0x1, 0x6, 0x0, 0xfffffffffffffffe, 0x83bd]}, {0x5, @usage=0xffffffff, 0x0, 0xc, 0x9, 0x6, 0x1, 0x3, 0x4, @usage=0x2, 0x3, 0x3, [0xf, 0xffffffff987532e6, 0x8, 0x3, 0x30560, 0x1]}, {0x100000000, 0x400, 0x6}})

8m34.24796666s ago: executing program 1 (id=1481):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
mlockall(0x3)

8m32.874644244s ago: executing program 1 (id=1493):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x32b, @tick=0x440, 0xff, {0x2}, 0xfe, 0x1, 0xfb})

8m32.664929697s ago: executing program 33 (id=1493):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x32b, @tick=0x440, 0xff, {0x2}, 0xfe, 0x1, 0xfb})

8m9.444517633s ago: executing program 3 (id=1780):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d3e457201e040b40e73e000000010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)

8m6.787889668s ago: executing program 3 (id=1803):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
lseek(r3, 0x8ede, 0x0)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r6, 0x0, 0x5)

8m5.730129307s ago: executing program 3 (id=1806):
r0 = socket(0x2, 0x2, 0x1)
bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e)
connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)

8m5.655269898s ago: executing program 3 (id=1807):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}]}, 0x3, 0x570, &(0x7f0000000c00)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
write$P9_RREADLINK(r0, &(0x7f0000000180)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)

8m5.425625284s ago: executing program 3 (id=1809):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000400)={0xa, 0x2, 0x13, @loopback, 0x9}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000001100)=0x804, 0x4)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)

8m4.792215541s ago: executing program 3 (id=1810):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000780)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @info_request={0xf, 0x0, 0x0, 0x8001, 0x2}}}}}, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r1, 0x10c, 0x5, 0x0, &(0x7f0000000080))
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$isdn_base(0x22, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000"], 0x84}}, 0x20000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, 0x0, 0x800)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='mem_disconnect\x00', r6, 0x0, 0xffffffff}, 0x18)

8m4.717197142s ago: executing program 34 (id=1810):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000780)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @info_request={0xf, 0x0, 0x0, 0x8001, 0x2}}}}}, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r1, 0x10c, 0x5, 0x0, &(0x7f0000000080))
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$isdn_base(0x22, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000"], 0x84}}, 0x20000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, 0x0, 0x800)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='mem_disconnect\x00', r6, 0x0, 0xffffffff}, 0x18)

3m48.522013678s ago: executing program 2 (id=5559):
r0 = eventfd(0x7f15727)
writev(r0, &(0x7f0000000580)=[{&(0x7f00000002c0)="29a2b70ed0", 0x5}], 0x1)

3m48.521814453s ago: executing program 2 (id=5560):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
vmsplice(r0, &(0x7f0000000240)=[{0x0}, {0xffffffffffffffff}], 0x2, 0x2)

3m48.452631146s ago: executing program 2 (id=5561):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xff, 0x7fff0000}]})
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000001180)=ANY=[], 0x1, 0x68b, &(0x7f0000000a40)="$eJzs3U1sHGf9B/DvbnbX3vz/Sp02SQOqRNRIBRGROLGSYi4NCKFIVKgqB8TRSpzGyiatHBc5EYLwfuDCoXeKRG5cQOIeVM7AqVcfKyFx6SmAxKKZnbXXL7F3ndhri88nmp3nmedlnuc3Mzu7s4oc4H/WtXNpPE4t1869uVzkVx7NdFYezdzpp5NMJKknjd4qtbtJ7aPkanpLPlNsrLqrPW0/HyzMvv3xpyuf9HKNainr17drt8mV+hYbH1ZLziQ5Uq2fwbr+rm/orzVyd7XVGRYBO9sPHIxbM0l3ne+eWivZ0fDXLXBg1Xr3zU0X9FRyNMlk9Tmgd1fs3bMPtYfjHgAAAADsgxd+WX6FPzbucQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBhUv39/1q11PvpM6n1//5/q9qWKn2oPR73AAAAAAAAAABgdN/8/w0bPvckT7KcY/18t1b+5v9qmTlRvv5f3s+9zGcx57OcuSxlKYu5mGSqLG+Wr63luaWlxYtDtLy02jIDLS8NOYP27icPAAAAAAAAAIdFY/QmP861td//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIKglR3qrcjnRT0+l3kgymaRV1HuY/LWfPpB+/afBXPff3dKmao/3c0wAAAAwJi88yZMs51g/362V3/lPld/7J/N+7mYpC1lKJ/O5UT4L6H3rr688mumsPJq5Uyyb+/3qP0YaRtljes8ett7z6bJGOzezUG45n+t5N53cSL1sWTjdH8/W4/pRMabaG5UhR3ajWhcz/1WaI81qN2pD15wqI1KMqBeR6aptEY3j20dixKPT31M/9hdTX33yc+J5xny5t3r9t711MZ+fjxSTvbYxEpcGzr5T20ci+fwff/edW527tydu3jt3cKY0gomBJ2gbIzEzEImXh43ErcMaiUHTZSROruav5Rv5ds7lTN7KYhbyvcxlKfM5k69nLkcyV53PxevU9pG6ui731k4jaZXHpVm9iw4/pqXM5dWy7bEs5Ft5Nzcynyvlv0u5mNdzOZczO3CETw5x1ddHe6c9+4WBh8m/SNIert0+KAZ2fPXuNHjWT5fXwfF1W9ai9OLzvx81Plslin38pFofDBsjcXEgEi9tH4nflG8r9zp3by/emntvyP29Vq2L6+hnB+ouUZwvLxYHq8ytPzuKspc2lk324tWqfnHpla2/4xZlJ1fLdrpSW9VnuM09XSrLXt6ybKYsOz1Qtu7z1tXe5y0ADryjXzzaav+9/Zf2h+2ftm+135z82sSXJ15ppfnn5lca00deq79S+0M+zA/Wvv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7d+/+g9tznc784oZEt9v94VOK9jDRTtLfkuzUqpmd6+xNopWkTDT6idH6mRiqcmvt6Lzx+2cZc3PUVslzCVSjOsnuP7j9z263u++HaYtEc5tzfi3RrWwq6g7VfGyJf3WfX4djfmMC9tyFpTvvXbh3/8GXFu7MvTP/zvzd2cuXZ6dnL1/524WbC5356d7ruEcJ7IW1m/64RwIAAAAAAAAAAAAMaz/+W8JTdv2ffZ4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEhdOzdRpc5PF68rj2Y6xdJPr1Ysq9WT1L6f1D5Krqa3ZGqgu9rT9vPBwuzbH3+68kkv16iWsn59XbvmbmbxsFpyJsmRaj1o8hn6u16tdzWyUm11hkXAzvYDB+P23wAAAP//+B8RmQ==")
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')

3m48.367561786s ago: executing program 2 (id=5562):
syz_mount_image$ext4(&(0x7f0000000980)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}, {@nomblk_io_submit}, {@auto_da_alloc}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)

3m48.366856003s ago: executing program 2 (id=5564):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001640)=ANY=[@ANYBLOB="380000001a000100000000000000000080000000", @ANYRES32=0x0, @ANYBLOB="00000000080002000b000000140001"], 0x38}}, 0x0)

3m47.788433948s ago: executing program 2 (id=5566):
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000080)='./bus\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x227, &(0x7f0000000580)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL9zOAzHjAwKAH0cowwWkmL9hYxsgoZHOYD8jM4gAZxMDAMPlPxL0HLJIMIkhmiXL8EzvVsnyVWed9hhkd09IYGA1mcTAwMOgd0Z1pZ8DbzQQ1s7iyKjsxJye1qPgMA6r5kxn3MykygtSd+Xs1+AGjHUN3LAMjg9wGf7XF3/5IVW7cVB85vSqiZmp3082l6+MYtun/vWIi9X5iRtj/B4cEtSzy8j/Mk1H6vrlhzoeauicmjp2NynP5Wy//ffc+prY4QY3psXhXIRt/gptWzSdnJzfLx3PTq9u3FCsuyEpzmXhs6sW/CcfXMjBMvvDEVr/mzKF4xRhOKbfKuTF33eIFuZapn697wwoNIQbG/UwMDDPDdu4B+SudFyJY3gCNDAZmBgYGFQYGBiYGFoa0zJxUAw8GRgZmKMeQBWYIlGZi4ABL6CXn56S0MzCCkwBY23IGFpgZ0HiFyhg9ZmCFm25s0QBzVzuU/g+lPaD0cij9GErLoyUbFrAJ/VCeRgMDAxtDRWJJSZEhGwMDlAUXM4KLGQnAbWaCenkuE6rnjsMcDgPsDKNgFIyCUTAKRsEoGAWjYBSMglEwkgAgAAD//8ogspc=")

3m47.388132525s ago: executing program 35 (id=5566):
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000080)='./bus\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x227, &(0x7f0000000580)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL9zOAzHjAwKAH0cowwWkmL9hYxsgoZHOYD8jM4gAZxMDAMPlPxL0HLJIMIkhmiXL8EzvVsnyVWed9hhkd09IYGA1mcTAwMOgd0Z1pZ8DbzQQ1s7iyKjsxJye1qPgMA6r5kxn3MykygtSd+Xs1+AGjHUN3LAMjg9wGf7XF3/5IVW7cVB85vSqiZmp3082l6+MYtun/vWIi9X5iRtj/B4cEtSzy8j/Mk1H6vrlhzoeauicmjp2NynP5Wy//ffc+prY4QY3psXhXIRt/gptWzSdnJzfLx3PTq9u3FCsuyEpzmXhs6sW/CcfXMjBMvvDEVr/mzKF4xRhOKbfKuTF33eIFuZapn697wwoNIQbG/UwMDDPDdu4B+SudFyJY3gCNDAZmBgYGFQYGBiYGFoa0zJxUAw8GRgZmKMeQBWYIlGZi4ABL6CXn56S0MzCCkwBY23IGFpgZ0HiFyhg9ZmCFm25s0QBzVzuU/g+lPaD0cij9GErLoyUbFrAJ/VCeRgMDAxtDRWJJSZEhGwMDlAUXM4KLGQnAbWaCenkuE6rnjsMcDgPsDKNgFIyCUTAKRsEoGAWjYBSMglEwkgAgAAD//8ogspc=")

2m22.476530508s ago: executing program 6 (id=6588):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
syz_emit_ethernet(0x11, &(0x7f00000000c0)=ANY=[], 0x0)

2m22.411059996s ago: executing program 6 (id=6589):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/62, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc02"], 0x120}}, 0x0)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002700851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x4000804)

2m22.410568621s ago: executing program 6 (id=6590):
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x108843, 0x190)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x108843, 0xdc)
fcntl$setlease(r2, 0x400, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
sendmsg$IEEE802154_LIST_PHY(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, 0x0, 0xe24, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4040000)

2m22.273273026s ago: executing program 6 (id=6591):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000001600)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@redirect_dir_nofollow}, {@userxattr}], [], 0x2c})

2m22.145254605s ago: executing program 6 (id=6592):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb01001800000000000000140000001400000002000000000000000100000d0000001000"/46], &(0x7f0000000600)=""/152, 0x2e, 0x98, 0x1}, 0x1f)

2m21.540975574s ago: executing program 6 (id=6596):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68a75f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014000000008080002"], 0x1ec}, 0x1, 0x0, 0x0, 0x4000840}, 0x0)

2m21.41111316s ago: executing program 36 (id=6596):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68a75f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014000000008080002"], 0x1ec}, 0x1, 0x0, 0x0, 0x4000840}, 0x0)

2.545831131s ago: executing program 7 (id=8370):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
syz_mount_image$bcachefs(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x2800000, &(0x7f0000000040)=ANY=[], 0xfd, 0x5aa4, &(0x7f000000c100)="$eJzs3WuQXNV9IPBzu3s0Lz1GAgcZzGiQ0Ybg2BrxKj9SsZJN7BQ4LrmcchArGwY0IrIlodIjgExiKQteq8AuO+VUgpMPxIW9i1FcVMHGKJQJj5VYG1vFxkttYWrtLPYHbxEWVQAt5fJ6tqb7np7u233n9vT0CEn8fgVz+54+/b/nnnv69v2fvpoJAAAAvCkcvWP3iQ+f+7vf/bPJ1z7ze/+w/UAYLlfLB2KFkXR5yxvVQk6m/srK6jI7Ln7109/46dgNv/2dB4a+9vqRzRds+eHvnHXDI5+88vDdf/34q0se+uULRXHjeLp4Zj15KQlh4NvH/+KzR54+Z7osWTr9s7Q/hOXJiseXJyHc3hhi/OchhM3pyspM/Adfu3TL9PLAnf1N5csy9Yz3N7fp45yEEPaduPkd4Ue/tfH276/65t/1HXpx/0yVZKBhPIWw9LrG1/eFEAbT/6fF0RbHY5IuN4QQhhpe9+6Cdr29g3ZPW5spj+vnpctF6XK4IF58fnVmvZSpl12P+jLLoYLtzVdeO7qtV2RxZj3pUdwor52xfHm6/Fa6vHiO8cvpPpSTUEpCpd78bcnMGAkNxy0JSfVYDtTXS/VjG9L9z6wnmfVSZr3cl9mv6nbTgVZOkubyWC9THk/HlbT8gsZzdRsfbXjcWO+tsSx9o76erZMJOtzyoL5fVbFdx2dpy8lQajgHtSuvH/j0YAynZcPJipbXTLURnzuy8a415U1PHB3JaUfyQJLGT7qKv+97yxd/4v6De7Of6/X415XS+KWu4v/4qmMvX3Pwq1/Jjf/FGL/cVfxLHh166aon71id2z/HY/9Uuoo/8cJTn1919vWHctt/T4w/0FX89YeP9S858ehjue0fj/0z2FX859/3gZ/c9+zDL+bGDzH+UFfxNx3e+YX+0RMX5cZ/LPbPcHfj55VDVzw3Ovqzsbz4z8T4S7qK//X9/e+9d9mdV+Ye3w2xf0a6iv+hCx+5ffGJh8/PO3cm9/TqkxPgzems9Brrc+l6t3nmfKX5woEQwl+NVWrXfIvT/5f0ckOZi89sngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfCWd/zXD/6vj428VEnX+9MHz5dqy1i+KIRkMISwe8/Erj1bd9w49smb9u7aMbFtbGLP2OSOPbtuHbvs18d2Te7cNnHr9LPj77y09roVIaktk/Nbtt0/NTVVGmkui9v7txce+tGad//vfwlh/C0/GK3ktn/t3dvvPbvNz4xk/dT7t+/98A8u/9t0v0bSdo20adfU1NRUyGnX/7n6F/f++fGfXhTC+K/M1q6nnv/Nf2xqULVgJk6q1B9qDepPhtq2o97qtD2xvypbtm6bHJ+9f6dfX87Zj3/36Rd/vuWWL/2i1r8DufvRYf8Orp/aVvrLjR/6f395W62gqF1v1HGf7u9yTszpdsW9iO2L/TeQ9vfSdL+W5uxXJWe/7vj+Y89++9yDr+4P45VXVrUe66L96ksHQF/y1o62G7cwlCxvKh9I68cjHl+3ds/2nWt337rvnVu3T9w4eePkjvesu2zdFeOXX3H52uqer+3x/sft/5sO9//kjKdlf7z/W/FnZ+OpuV2L5twf0+0q7o/GFuW9/4Y++tkvv+fuJz9cKyg6r8Ta9fNJuhyaPs7rQsN4a+2rdvtVdHxCCGPt+uHlV68M5/yPrbcXnYcaj0zjz4xk/dTTq//1b9/9Nyt/o1ZwUs7zjQ3q8jxfb/VMe6r9NZAej6lTtH/707NpfzLctl3rnn6y766j//In9fYtWhRumdizZ9e62s/FaUsXJ+e1bVe2NO7XqurPcki7JdSHaZvxOq0v1NqXPX/G6udnXjecPjecrGi7X1nxuSMb71pT3vTE0byeTh6obWgwLKktk7fl1NyWeWG53uB22z9V339F42P0g3/z0Mce+vvLWsbHJbWfRfuV5OzXN5/9+pe/9qX/8Pe9268P/uaxkX/9n3+0plZwEs4rYV7nlXKtIfVWp+1JGs8rl4RQ9P5bFdrvR+77r9R+f4ref9ntzNRvH28ssz4cyl29Xy95dOilq568Y3Xu+/X4bO/Xxp29rel15YL366nyuZR9fyWV5nYs3PuraaAk66e+87mz9j/+mQ3n1gqKPi/rtduN60s7yD9y9usfr3lu9Kaxf//fe3fe+MavP3jtDyfW/2mtoPvjHtvSm+M+kPbvQE7/1lsd887G/n3XDTdt21wrL+rnN+76N10W5D/xVLL71n2fmti2bXLX7s72q9PP07idbC93+3kaz24rCvar1LJfC/egk/7q9P0W27+56/5qfr8Nh6Srz4V931u++BP3H9w70vKqdEPXldL4pa7i//iqYy9fc/CrX8mN/8UYv9JV/IkXnvr8qrOvP5Qb/54kjT9QHH9paIm//vCx/iUnHn0sN/54bP9gV+1//n0f+Ml9zz78Ym78EOMPd9f/rxy64rnR0Z/lxn8mSbczfY0UwoOvXbqltp6EvvT9FtvR19SukF1PMuulzHq5cb0UZxHSDZSTpLk81kvLL2hoSzt/mFMer8IGVtaWr8f1kH0we/mpptRw7m9XXnSdCgBwpovf/8dr0Pj9/2R6oZQ/0wAz5puHrcyJG/Owmfmc5u9YV6bx4+vjPODou8L49PLAWO1Cf67fI8T3Q3aeM27norc3x2g7P3G4cSPV7bfMcxbNv6/OrMd21ebLKw15aKo1r6mEDubfW7cz+/x7ZveLv88a+1xLs8Ya5q2yx68vnTFrd79Dpr2V6Qh54yM7Lxbv5xhdGjZUt9fh+MjeRxOPQ/Y+mridczMnzm7vo8kbHyOt/dDUrjg+Yr1Zxke1ycXfR7YevzBL/84cv/bRssdvDsd7YLr+Qn8/24N5w7antJM3b7iw34edEvOSbeLPaV5y72tt68wWPzMvubglfvoGO9XnDWN57KdKh/OJH8sp79V8YjxdxHYdn6UtJ4P5ROBMFfP/+Bkxnf9PX4D/30y9ojwle9UY4+XeJ5RzE3ZR3pG9Oh8OQ11dJ2w6vPML/aMnLsq9znms0/v0djatDRXc91PUj2sy64X9mDNBU5TvZbdT1O/Z+zKGw5Ku+v3r++9+773L7rwyt9831D5Ii/v9y01rSwr6/TTIF9rHly+cOvnCKXwfQ9H8WX4+Uq63Y0HykfTGp4XKR/4gp3yu+chQy4P6flWduvnIzAdpUz7Sd3LbBQCcPmL+X//+LM3//zleWKTXEUV568WZ9RgvN2/NuT7Jy1t/P13ekqk/nP6LirleN3/owkduX3zi4fNz85Z7Os1D/1PT2khhHtpd3jwY4+e1d0Nv7hfPzSPqedb88sTc9tfzxPnl6Tlf0zbk6fPLo3P7p55HN88DfPnYTKYxW/w4D5Abvz4P0MM895czlU5enlswX5fZWFztdL7uZOfR0yV9S5v3szkvHupNHp3+89mFyqM/mlM+1zx6uOVBfb+qTt08urlcHg0AnKli/h8v46r5f38IT8YKMfGc5/fsuXlBj67bs78PpB7/mQXJK2fi9+j73+K8b6Hz1oXO6xd6XuJ0//53fvdTFM8LjVR/gedCzZO9Yfe7Lkhe/M/1Rx3nxelG5cUAAJzKYv4f0/z4/f+TmXrzzU9a8re+2iXkTH5y+uXnjfVO4/z86nCy8vP+0zk/P93nvxb2PpkzK/+f0eX34q9PncH5f7XN8n8AgNNSzP/jP3uMv//vv6Tr2d9b32Gefk/2dl7fo/sePcjTO8jTezzPFuM33gdwGs8DlOc/DzB40u+PH5ypfybNA1T1BZMBAACngb5qptT67+w/ni6z/84+79/lX5NTv1OV9PL4+j27Jiev3btz88SeyWt33LR5cve1N+/aumfPZP3aeX55Y27ekuaNfaGS9kf7etm8bVn6+xCW5fw+hGz9GPa86oPW34eQ3exgwe8RmDl+nbU37/iVZqnfbnzkHe+8+H+YUz+qH/8b/uiSa7fsvnbrjq17tk5s27pvsrneSPVfUnf+dzPj95Rz+nupmR8tSnP/+53x8MyvHaWWdvSl/ZH399mTTDuWpy1Znvf3D3La/d3/9ud/fOHUL+4LYfwt5bfNq/+S9VP/+erJ399z9Ac7p9tfmrX99Zppu4r+Xmm2ftyfyrabdu95x5ab9u7I/kXJ7sT5jFJ9fYHua0jf/uUO5yc25ZTP9d/vl1senJo6np8AAKBJ/P4/Xs/G7w+/lF5AxfLCPH1Hrd58vz/OzdPHO8vTs3+XrChPz9aP+9tpnj4wzzw9u/2iPL1d/XZ5el7enRf/D3Lqz1Xn46SL+zwqaT/cf3Bv7ji5rrNxkv17BkXjJFt/ruMkmec4yW6/aJy0q99unOQd97z4H8mpn6doPFTq42F+9+XkjocvdjYefi2zXjQesvXnOh5K8xwP2e0XjYd29duNh7zj2xq/eYKgN/O/0wOjOi4mr735pl2faqi30H//IrTektFJ+xbNvHZh//5Htzrv34W972v+7Q9hfbUkr/3x+4FFc2p/p/eVzb/9Rf0/h/vKloaW+8py2//M/GbCOm//nO5LPBCf6/Tvu2TkVW99/cmar02HXdH9Z0XzuBtzyuc6j7uo5cGpyTwuvHFi/h+v5mL+f2e67PXXQKf/30nr4v77eA72d8zy+7/D65g33ed59it3n+cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZ4T+ysrq8ugdu098+Nzf/e6fTb72md/7h+0HfvXT3/jp2A2//Z0Hhr72+pHNF2z54e+cdcMjn7zy8N1//firSx765QuFgUeqPysXp6sDISQvJSEMfPv4X3z2yNPnTJclIYRyMrI/hOXJiseXJ5kI4z8PIWyut7P5yQdfu3TL9PLAnf1N5csyQbL7FYbLsT2N7QzhlsI94jQ0kI6zfSdufkf40W9tvP37q775d32HXtw/UyUZaBhPISy9rvH1fSGEwfT/aXG0rYwvTpcbQghDDa97d0G73t5h+9fmrJ+XLhely+GCOPH51Zn1UqZedj3qyywb9nWwYNNdyWtHt/WKLM6sZ09G85XXzli+PF1+K11ePMf45fh/EkpJqNSbvy2ZGSOh4bglIakey4H6eql+bEO6/5n1JLNeyqyX+zL7Vd1uOtDKSdJcHutlyuPpuJKWX9B4rm7joznlb02XA+kb9fW4HrIPaoZbHtT3qyq263jTs9lPm6r/2L5FlZyWzk2p4RzUrrx+4NODMZyWDScrWl4z1UZ87sjGu9aUNz1xdCSnHckDSRo/6Sr+vu8tX/yJ+w/uXdnyqtdq8a8rpfFLXcX/8VXHXr7m4Fe/0ho/bf8XY/xyV/EveXTopauevGN1bv8cj/1T6Sr+xAtPfX7V2dcfym3/PTH+QFfx1x8+1r/kxKOP5bZ/PPbPYFfxn3/fB35y37MPv5gbP8T4Q13F33R45xf6R09clBv/sdg/w92Nn1cOXfHc6OjPxvLiPxPjL+kq/tf33/3ee5fdeWXu8d0Q+2ekq/gfuvCR2xefePj8vHNnck+vPjkB3pzOSq+xPpeud5tnzldDvvBXY5XaNd/i9P8lvdxQxvR2li5gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzkz/dNtlH7/6/R/ZWElCSHLqTLURnysvWr9+rIvtTrzw1OdXnX39ocaylV3EAQAAAIrFPLxULxkIK8PNyWA4r239OEdwXlxLmsuzcwgxTnaOoNs4pTZxSl3EKfeoPZUexenrUZxFPYrT36M4AwVxBkJncQZniVOZHgEdtmdo1vZ0Hme4R3EW9yjOkkyIbuMs7VF7lvUozsiscTofh8t7FGdFj+Kc1aM4Z2d6qNs4b+lRe36lR3HO6VGc7JzyXMfhkrTmuXlxqg/KhXEqSbn+RLv59HPS7Zw/z+0MF2xnSdHncYfbGexwO2/PvK40x+0MdLidy+a5naTD7fzaPLdTKthOHLe3ZNsXtxPXOhz/t/Yozr4exfl0j+Lc1qM4f9KjOH/aozifCc0Xp3ONA9CpmP/P5Hsjob/yG2EoPeNkZwFivruq+rP18y7vhBTjvS1TvqgoXjZRz8Rb1Wn7jqdPZCcQMvFWZ8r7muJV6lfb9fa1xhtojLcm8+Rs+/u+9e3b1hjv4kx5/yzxmnYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6Cf7rtso9f/f6PbAxJmP6vrak24nPlRevXj3Wx3SMb71pT3vTE0cay/koXgQAAAIBCMQ/vq5cMhP7KutCfLGqqN5DOAwyk6+WR2nJ0adgwvUzGStX1oWT5rK+rpK9bu2f7zrW7b933zq3bJ26cvHFyx3vWXbbuivHLr7h87Zat2ybHaz9D6C+IF0KoTj/svnXfpya2bZvctbtWmG3/yvR1K9P1JH3d6LvC+PTyQNr+FQXbK7Vsb+EeFB89AAAAAAAAAAAAAAAA/j+79hsiaV0HAPz7zMzOjKuXG/4bD+8czlOsrPRaQ0vcB4IE/xwuQsxamxx5krR6h96J2aQHqSlFoBwcF77owiRNeuOflMg/HBhmCe11hEr5ol4UWoaKL0KZ2N155t/OONskt+f1+byY55nv7/v7fX+/h+Pg+8wCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBozdcnZ2tT0zPjSUQyIKfRRzaWL6ZpdYS6X3ly+w9K6985szNWKoywEAAAADBU1oePtSLlKBXykY+TF79tiI6BaPf9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/5/5+uRsbWp65ugkIhmQ0+gjG8sX07Q6Qt1X33r4sy+tX/+3zlhlhHUAAACA4bI+PNeKlKMSp8VYcvJC59+KZu8G1vbMX8pry9ZZt8K83ncHg/JOW2HeGSvM+9iQvM3N680BAAAAH35Z/19oRSaiVFizrB/O+v9hfX2Wd2pPXr55rXYmva/iSpIAAACAFcj6/1IrUolSodLq11fa729ohxZ/Os/mD/vdPpt/ek9eNn/Y7/mXNa9+pwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAD4/5+uRsbWp6Jp9EJANyGn1kY/limlZHqLvpqfF/XLL/jg2dsVJhhIUAAACAobI+vN16l6NUGI+xOHqx719/0X2PfunRxycjYqnNLxbj5i07dtywaeEzNmV557ywf+z7z73+7WV55yx9rtoBAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAD8x8fXK2NjU9c1QSkQzIafSRjeWLaVodoe4rn//iXx48+MRrnbHKCOsAAAAAw2V9eLv3L0clilGMExe/dfb6C3I98we9MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOHDd+85ZvbJmb23qDm9W5aeQjDoNt/I832T+nw2U/H/6b8mpvY3X/XwIAAD54p0YSjf/SSZev9q4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDDwXx9crY2NT1TTiKSATmNTKkdyMbyxTStjlA3ffLF0pp3nnqmM1YZYR0AAABguKwPb/f+5ajEWIzFCYvf+r0TaCz0/xOHcJMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAYWW+Pjlbm5qeWZNEJANyGn1kY/limlZHqPvArr2fu//Y713cGSsVRlgIAAAAGCrrw4utSDlKhY9HKU5pfp/rnpDkm9f+7wXa87Z3TRtf8bx617z8+81LChGteXf1nKzQPM3SvHK23sTStVWv2p6Xa86rdsyrRKt8tTVv8WHt7qq2Zsj5lj95AAAAOHSy/r/UikxEqVDq6P9/2rwe1bwO6nNzh3bjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBhZ74+OVubmp5JkohkQE6jj2wsX0zT6gh1b/ntR4/56s/u3tkZq4ywDgAAADBc1oe3e/9yVGJdfCTWLfb9MdGdn+X9s/bu/ff+669nRpx94oH1hd5lf5Td/PqVC5/u/YjIdWfnIo5t1ksG1PvN7++9aWPj3Qcjzj4hf8qyevH+9bqXTBuP1bZetuO5A9uHPBwAAAA4QmT9/1grMhGlwvUD+/+s8x7S/7csNuDH3rTrF8c3P5sdec+M3ESzXm5AvS9sfPjPp5/399cX+v/l9T7Zuvv03uvuP76r4FKkR5I2pq7bufnAufty2amX6ud76mfP5cvfeu3f19x8z7tL9ctRbsbX9mxlqdryz57ykTbmcntmLn1vT727fmHA+e/43TMHf7X27rcX6r916nir/hnRr/7SyQsD68dRaWP8ijt3n793/+bu+hFR7Vf/jbcvjpP+eO3tvecfj4NdC3c++c7P3geQNl7Y8Oa+8+6rXNBdP+mpnz3/nx98YPdP7vnu41n97G9FzjwtVlg/11P/+buO2/XsbZev7a6fG3D+p698af226nf+0Hv+q7tWLQzcxfLzP3TWI1e9vCW9tXcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgyDJfn5ytTU3P5JKIZEBOo49sLF9M0+oIdV+95MU3rrz7xz/sjFVGWAcAAAAYLuvD271/OSpRjGKML/b9j9W2XrbjuQPbY2JpNGleC3PbbtzxiWu27bz+6lXaOQAAALBSr16SLPb/hVZkIkqFjTHW7P+nrtu5+cC5+3JZ/59buCYRcc21c1vPjlbe83cdt+vZ2y5f23pPELH4ZwHlhbzPtPMuuvDFiTf/9PXT++Ztaue9sOHNfefdV7kgy4vOvHOi9X7iobMeuerlLemtrf115n3qa9vmmq8nsnXHr7hz9/l792/OZe8xmtfx5rpZ3lxuz8yl7+2p5yaitDCeb+aVm+cGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJabr0/O1qamZyIfkQzIaXRqBrKxfDFNqyPUvXTjL28/5p0n1nXGSoURFgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYX9+gmNo+zjAP48u8mbTTZpk/YFo2KaVkWphxYFEb2oqEgrUvBUKVJt7UEUBBGlHkylFUtVvAhWL0VUUKMUKthYLK2Siv+KFw8qKFQPQikGNUvxoJLNM5vNZKcbt1VQPh9YnnmemfnOb+Z5MpsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5VerqG6+2xXQ/Vbr/g5k+euHf68Vvfe2DHZY+98cPolhs/3t/36unJrSu3fX3T8i2H7ls3sfelo78OvPP7ibbBj842q1O3EkI8FUOovD/1/JOTn543MxZDCOU4OBbCUFx2dCjmEtb+FkLY2qhz/s4D01dtm2l37OmZN740F5K/r1AtZ/XMGpxfL/8tlbTOttceuSJ8e8PGnZ+vePut7vGTY3OHxJljymk9hbBkc/P53SGE3vSZka224ezk1G4IIfQ1nXdNm7ouXmT9a0Ko5fp1F6b2f6mttsnJ9q/K9Uu54/L9THeu7WtzvbNVVEfb43o7u17/3ObPPU3zeq6UymljTW48tUOpfTe1q/9ifjn7xFCKoatR/v1xbo2EpnmLIdbnstLolxpzG9L95/ox1y/l+uXu3H3Vr5sWWjnG+ePZcbnx7HXclcZXNr+rW7ijYPz81FbSH+rprB/yG7OqCzYa91WX1TV1hlr+CaWmd1Cr8cbEp8moprFqXLbgnD9ayPZNbnz60vKmD44NFtQR98eUHzvK3/7ZUP9db+5+eLgof3Mp5Zc6yv9u/fGf7tz98ouF+c9l+eWO8q883Hdq/Ye7VhU+n6m5N8hi8mPqZ/vuPvHRMyv+f894q7muZ+7Lnn+lo/qvnzjeM1A7fKSw/rXZ8+ntKP+b6275/vUvD54szA9Zfl9H+ZsmHny2Z6R2eWH+kdk/hWp9hXawfn4Zv/qrkZEfR4vyv8ie/0CL/Ng2/7Wxvde+snTPusL1uSF7PoMpf+EX25nyb7vk0M7+2sGLit6dcd9iv2EBaGV5+h/rqdRv9zvzwHSp5e/Ms9X0e+GF0a7Zb6D+9Bk4lxfKmbnOkr8xHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAP9mBAxIAAAAAQf9ftyNQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//742DgQ=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)

2.071308565s ago: executing program 7 (id=8375):
socket$alg(0x26, 0x5, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000, 0x28})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})

814.872753ms ago: executing program 5 (id=8388):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@barrier_val={'barrier', 0x3d, 0x101}}, {@errors_remount}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@id={0x2, 0x0, @a}})

748.069119ms ago: executing program 5 (id=8389):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@index_on}, {@uuid_on}, {@volatile}], [], 0x2c})

589.674137ms ago: executing program 5 (id=8390):
r0 = syz_open_dev$video(&(0x7f0000000040), 0x6, 0x40)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee4, 0x8031, 0xffffffffffffffff, 0x63475000)
ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000540)={0x2, "2a123b084c7f8324cc76356ea2c2ef76068115ecfb56b46998cd6a640317a26f", 0x0, 0x0, 0x1, 0x400000, 0x2060501})

525.989483ms ago: executing program 7 (id=8391):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_DESTROY(r0, &(0x7f0000000200), 0x4)

525.660317ms ago: executing program 7 (id=8392):
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000080), 0x2000011a)
recvmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000000280)=""/239, 0xef}], 0x1, 0x0, 0x3c}, 0x2)

439.316666ms ago: executing program 4 (id=8393):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000480)={{{@in=@rand_addr=0x64010101, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x2, 0x4e21, 0x4b, 0x2}, {0x0, 0x0, 0x4, 0x34a, 0x0, 0x0, 0x9c0, 0x6}, {0xffffbffffffffffc, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in6=@mcast1, 0x4d3, 0x3c}, 0xa, @in6=@remote, 0x3507, 0x4, 0x3, 0x0, 0x0, 0x4000000, 0x1}}, 0xe8)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0)

373.722781ms ago: executing program 4 (id=8394):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$nbd(r1, &(0x7f0000000040)={0x67446698, 0x1, 0x4, 0x3, 0x2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000)=0x40000009, 0x4)
writev(r1, &(0x7f0000000640)=[{&(0x7f0000000540)="a4", 0x1}], 0x1)
recvfrom(r0, &(0x7f0000000240)=""/196, 0xc4, 0x10000, 0x0, 0x0)

293.68602ms ago: executing program 4 (id=8395):
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000300)={[{@dmode={'dmode', 0x3d, 0xb1}}, {}, {@overriderock}, {@gid}, {@map_acorn}, {}, {@showassoc}, {@hide}, {@gid={'gid', 0x3d, 0xee01}}, {}, {@overriderock}, {@mode={'mode', 0x3d, 0x1000}}, {@map_normal}, {@iocharset={'iocharset', 0x3d, 'cp949'}}, {@cruft}, {@uid}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'norock'}}, {@flag='mand'}, {@subj_user}]}, 0x1, 0xa4a, &(0x7f00000007c0)="$eJzs3c1vHOd9B/DvLEmJoV1JcVTXFRxxJVcK47AUSdVSBR9SiVxJTPlSkBRgoYcojahCEFu3cQs4RoEoQNFTjBZo0UN7M3rqyUAuTQ+FL0V7a049FCj8LwQ9qScGM7skl+Qul2IoklY+H2J35+U3z/PMyzMPd3d2nvDFsnZ6y9jaWvXY5/i9fz6EEnOM3Zr+/JNPPy4fP3yaE+nLO8W/JINJ6kl/kjeSganpxYW5Hgk9SR4k+SwpkpxM83VPHqT467y6Of5Zin8s8+3qxF5Tppc1fqkd9fEHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHUTE1PT4+UZzIzPy99+pNSX2HqenFhSJrazvnrC/T9JOq1+/iJz3zTYrykcHB9a6+3zi7Ofv1JPWLebM59mbVIXkG89Err5959yv9tfXlu5XmF3Jy78l+8P2PnnxndXXlex3nFsUBluqYaR4jdxrzM0sLM3M37zTqM0sL9RvXro1fuXt7qX57ZraxdH9puTFXn1ps3FxeWKyPTH29PnHjxtV6Y+z+wr35O9Njs431idd/c3J8/Fr9W2O/17i5uLQwf+VbY0tTd2dmZ2fm71Qx5ewy5np5IP7uzHJ9uXFzrl5/9Hh15eq2kvVl2/FbBk30Wp8yaLJX0OT45OTExOTkxA9bvWdvTLj2zo13ro+P9483vZrWQHZEvKCDluPlS91388GfxGGfas32P5nNTOZzL++l3vFvKtNZzELmusxvWW//L11p7Jpt2tr/Vivf3zb/XPl0Medbo4Nd2v8uZTm8vw/y/XyUJ/lOVrOalXzvyEt0uH930sh8ZrKUhcxkLjerKfXWlHpu5FquZTzfzt0MZyn9uZ2ZzKaRpdzPUpbTqI6oqSymkZtZzkIWU89IpvL11DORG7mRq6mnkbHcz0LuZT53Mp2bVSqP8rja7ld3KeNG0MRegiZ3CdrRmHdr/zdsX6Sx/Z8TXkK1XffyCziLw/6stdr/E71DR6YOo0AAAADAgfv1/8yps6/9x/8mRb5afS9/e2a2MX7UxQIAAAAOUHW53pvly0A59NUU3v8DAADAy6aofmNXJBnKcHNo/ZdQPgQAAACAl0T1/f/5FMObE7z/BwAAgJdM73vs94woRtdv/1t/2Hx92IpojhVDt2dmG2NTC7PvTuRydZeB6pcGO1LrS4qB6ucHb+dCM+rCUPN1aDPFMs/BMmpi7N2JvJ2LrRUZeat8eWukQ+RkM/JrzcivtUf2ZUvk1TISAF52F3dpj/fa/r+d0WbE6Lmqye8/t6UN7qta1nEtKwAcFxt97Px/q0uzDu3/+ea9Ac53a/9/a5f3/2XEa3k03LykYCzfzftZzcOMpnXFwXCnVNd7I2hehjDa49OAodYlCz+9Xsvojs8DBjfWtT12JZMZ7fiJQFu6xXoZrjbj+l7UXgCAw3Vx13Z4vf2vPiTv2v6P7v7+v63NdUkhABwHGz3YP+/A8N6Dj3odAYCttNIAAAAAAAAAAAAAAAAAAAAAAAAAAABw8PZ0A///upysrq4k++0soMPAT//9X3+la8yPXkkGn6eEuw/UcjBlPv4DfUmOKvdv5rmXKvfxcdl0L9NA8bSqsL9QOkd8YgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBQFElfp+m15GSS8SRXDr9UL87Toy7AQanvb7HiWZ7lw5w66OIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyya93/v5bm6yvNSemvJZeSPEjy+0ddxucx2GP+s0Mqx/HzR9Vz2/3/a8lA1or0Z21tbS0pBqamFxfmykOhOFnO//yTTz8uH12T/MH6wM5eFcoEyhy2dC7RyqFtysDWpb5cLTU0vfLBkz97/0/q07eqA/PW8u3Z6bk7i7+zGfh68eNmFwjt3SCsl/cvLv3b37RNPtHK/Mfp77Yi2/O9XeU7vTPfX+u0dJd89+Dx6spkmdNy473lP//jWvus13IheWskGdma0x+Wjy45Xdi+Pbcqflb8VXEqf58H1f4vt0axVpS76HS1/l969Hh1Zey7768+3CjTDx5/2JbAmQwnebi1lvUo03B1PunolSrXgTLX8SqofDrbI71dtaU4sbldt6zDl6tDZui51qHefR0qPbZ7q0RXt5dorawkf/unX8nlXff0yQ4pXu6RY0fFz4r/Ke7mv/OXbf1/1Mr9fykda2eHJKrItiOlfd6W6lW7tLnmk+0zvr09za61khfgR/mD/PbG/q9V5//2ejPZpd5snI++2TaxS71Zr1pd6sXJrTV1R71o6VUvdtbUfzq9o0XZmmvObmuRWmefbsu0ynm2GdWlnL+abyT9557rjPKNHmeUXsvvt/7/QzGS/8tT/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHX5H0dZpeSy4lOZPkdDleT9a2xzzdR361oWI/xTww+ynzF0/RdUWLZ3mWD3PqsEsEAAAAAAAAwItxa/rzTz79uHxU38f35TdqrTn1pD/JmeLvBqamFxfmeiQ0kDxY/0p/sHNIl8l5UD69ujn+WTn2Ro/8jvbyAQD4Qvt5AAAA//9B+m/L")

293.201479ms ago: executing program 5 (id=8396):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r0, 0x4b3a, 0x0)

216.319603ms ago: executing program 5 (id=8397):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x48}}, 0x0)

215.854409ms ago: executing program 7 (id=8398):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

215.676394ms ago: executing program 4 (id=8399):
r0 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)

215.494425ms ago: executing program 7 (id=8400):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)

136.932058ms ago: executing program 5 (id=8401):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001c00070cecfffffffde8df2507000000", @ANYRES32=r1, @ANYBLOB="0200640b0a000200aaaaaaaaaabb00000c000e8005"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a000000}, 0x10000040)

136.739926ms ago: executing program 4 (id=8402):
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)

0s ago: executing program 4 (id=8403):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
umount2(0x0, 0x3)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000300)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000780)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000340)=@allocspi={0xf8, 0x16, 0x1, 0x70bd2a, 0x25dfdbfc, {{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@multicast2, 0x4e24, 0x0, 0x4e21, 0x1, 0xa, 0x0, 0x20, 0x2c}, {@in=@loopback, 0x4d2, 0x32}, @in=@dev={0xac, 0x14, 0x14, 0x38}, {0x7, 0x8, 0x2, 0x3, 0x40, 0x2, 0x77, 0x7fffffffffffffff}, {0x4, 0x2, 0x8, 0x7fffffff}, {0x4, 0x2}, 0x70bd2d, 0x3505, 0xa, 0x4, 0xac}, 0x2, 0x9}}, 0xf8}}, 0x10)

kernel console output (not intermixed with test programs):


[  486.844427][ T8771] bridge0: port 1(bridge_slave_0) entered forwarding state
[  486.854918][ T8771] bridge0: port 2(bridge_slave_1) entered blocking state
[  486.857196][ T8771] bridge0: port 2(bridge_slave_1) entered forwarding state
[  486.882306][T18908] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  486.887510][T18908] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  486.991756][T18908] 8021q: adding VLAN 0 to HW filter on device batadv0
[  487.133395][T18908] veth0_vlan: entered promiscuous mode
[  487.141277][T18908] veth1_vlan: entered promiscuous mode
[  487.170117][T18908] veth0_macvtap: entered promiscuous mode
[  487.177679][T18908] veth1_macvtap: entered promiscuous mode
[  487.192576][T18908] batman_adv: batadv0: Interface activated: batadv_slave_0
[  487.206851][T18908] batman_adv: batadv0: Interface activated: batadv_slave_1
[  487.217584][ T5683] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  487.221192][ T5683] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  487.228511][T10509] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  487.232216][T10509] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  487.325492][ T8764] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  487.328525][ T8764] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  487.355919][ T8764] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  487.358961][ T8764] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  487.565760][T18974] block nbd6: shutting down sockets
[  487.810066][T18984] loop6: detected capacity change from 0 to 32768
[  487.824365][T18984] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.5595 (18984)
[  487.836475][T18984] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  487.839548][T18984] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  487.878157][   T33] audit: type=1326 audit(525032.207:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19001 comm="syz.5.5598" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x0
[  487.934068][T18984] BTRFS info (device loop6): enabling ssd optimizations
[  487.936944][T18984] BTRFS info (device loop6): turning on sync discard
[  487.951831][T18984] BTRFS info (device loop6): enabling free space tree
[  488.015802][T18908] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  488.353121][ T5912] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  488.498896][ T5238] Bluetooth: hci1: command tx timeout
[  488.504904][ T5912] usb 7-1: Using ep0 maxpacket: 16
[  488.515370][ T5912] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=f4.9b
[  488.529739][ T5912] usb 7-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  488.539741][ T5912] usb 7-1: Product: syz
[  488.541569][ T5912] usb 7-1: SerialNumber: syz
[  488.558714][ T5912] usb 7-1: config 0 descriptor??
[  488.591714][ T5912] usb 7-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  488.601001][ T5912] dvb_usb_af9015 7-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  488.613500][ T5912] usb 7-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  488.616218][ T5912] dvb_usb_af9035 7-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[  488.774234][ T5912] usb 7-1: USB disconnect, device number 2
[  489.890284][T19066] loop6: detected capacity change from 0 to 40427
[  489.898843][T19066] F2FS-fs (loop6): invalid crc value
[  489.948223][T19066] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  489.954181][T19066] F2FS-fs (loop6): Start checkpoint disabled!
[  489.962031][T19066] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  489.978108][T19066] syz.6.5624: attempt to access beyond end of device
[  489.978108][T19066] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  490.008889][ T8771] kworker/u10:9: attempt to access beyond end of device
[  490.008889][ T8771] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  490.017914][ T8771] CPU: 1 UID: 0 PID: 8771 Comm: kworker/u10:9 Not tainted syzkaller #0 PREEMPT(full) 
[  490.017935][ T8771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  490.017944][ T8771] Workqueue: writeback wb_workfn (flush-7:6)
[  490.017969][ T8771] Call Trace:
[  490.017976][ T8771]  <TASK>
[  490.017983][ T8771]  dump_stack_lvl+0x189/0x250
[  490.018006][ T8771]  ? __pfx_dump_stack_lvl+0x10/0x10
[  490.018022][ T8771]  ? __pfx_queue_work_on+0x10/0x10
[  490.018036][ T8771]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  490.018056][ T8771]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  490.018093][ T8771]  f2fs_handle_critical_error+0x37c/0x540
[  490.018119][ T8771]  f2fs_write_end_io+0x886/0xb60
[  490.018149][ T8771]  __submit_merged_bio+0x27a/0x6a0
[  490.018174][ T8771]  __submit_merged_write_cond+0x255/0x530
[  490.018220][ T8771]  f2fs_write_data_pages+0x261d/0x3000
[  490.018264][ T8771]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  490.018291][ T8771]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  490.018336][ T8771]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  490.018367][ T8771]  ? trace_f2fs_writepages+0x7f/0x200
[  490.018386][ T8771]  ? f2fs_write_node_pages+0x478/0x6e0
[  490.018410][ T8771]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  490.018439][ T8771]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  490.018454][ T8771]  do_writepages+0x32e/0x550
[  490.018476][ T8771]  ? reacquire_held_locks+0x127/0x1d0
[  490.018491][ T8771]  ? writeback_sb_inodes+0x384/0x1010
[  490.018515][ T8771]  __writeback_single_inode+0x145/0xff0
[  490.018532][ T8771]  ? do_raw_spin_unlock+0x4d/0x240
[  490.018551][ T8771]  writeback_sb_inodes+0x6c7/0x1010
[  490.018592][ T8771]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  490.018645][ T8771]  ? rcu_is_watching+0x15/0xb0
[  490.018691][ T8771]  wb_writeback+0x43b/0xaf0
[  490.018716][ T8771]  ? queue_io+0x2f1/0x590
[  490.018736][ T8771]  ? __pfx_wb_writeback+0x10/0x10
[  490.018759][ T8771]  ? _raw_spin_unlock_irq+0x23/0x50
[  490.018779][ T8771]  wb_workfn+0x409/0xef0
[  490.018805][ T8771]  ? __pfx_wb_workfn+0x10/0x10
[  490.018822][ T8771]  ? __lock_acquire+0xab9/0xd20
[  490.018849][ T8771]  ? process_scheduled_works+0x9ef/0x17b0
[  490.018866][ T8771]  ? _raw_spin_unlock_irq+0x23/0x50
[  490.018880][ T8771]  ? process_scheduled_works+0x9ef/0x17b0
[  490.018889][ T8771]  ? process_scheduled_works+0x9ef/0x17b0
[  490.018903][ T8771]  process_scheduled_works+0xae1/0x17b0
[  490.018940][ T8771]  ? __pfx_process_scheduled_works+0x10/0x10
[  490.018967][ T8771]  worker_thread+0x8a0/0xda0
[  490.019005][ T8771]  kthread+0x711/0x8a0
[  490.019024][ T8771]  ? __pfx_worker_thread+0x10/0x10
[  490.019037][ T8771]  ? __pfx_kthread+0x10/0x10
[  490.019055][ T8771]  ? _raw_spin_unlock_irq+0x23/0x50
[  490.019080][ T8771]  ? lockdep_hardirqs_on+0x9c/0x150
[  490.019092][ T8771]  ? __pfx_kthread+0x10/0x10
[  490.019108][ T8771]  ret_from_fork+0x439/0x7d0
[  490.019124][ T8771]  ? __pfx_ret_from_fork+0x10/0x10
[  490.019144][ T8771]  ? __switch_to_asm+0x39/0x70
[  490.019158][ T8771]  ? __switch_to_asm+0x33/0x70
[  490.019171][ T8771]  ? __pfx_kthread+0x10/0x10
[  490.019187][ T8771]  ret_from_fork_asm+0x1a/0x30
[  490.019218][ T8771]  </TASK>
[  490.021155][ T8771] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  490.562892][ T5238] Bluetooth: hci1: command tx timeout
[  492.238131][T19120] loop6: detected capacity change from 0 to 1024
[  492.329350][ T8771] hfsplus: b-tree write err: -5, ino 4
[  492.567367][T19126] loop6: detected capacity change from 0 to 128
[  492.576581][T19126] EXT4-fs (loop6): Test dummy encryption mode enabled
[  492.597809][T19126] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  492.626352][T19126] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  492.653028][ T5238] Bluetooth: hci1: command tx timeout
[  492.754746][T18908] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  493.725886][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119403400: rx timeout, send abort
[  493.728773][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119403000: rx timeout, send abort
[  493.731820][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888119403400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  493.737417][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888119403000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  493.788932][T19157] loop6: detected capacity change from 0 to 1024
[  494.446540][T19170] bridge0: port 2(bridge_slave_1) entered disabled state
[  494.954669][T19187] loop6: detected capacity change from 0 to 32768
[  494.958911][T19187] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.5674 (19187)
[  494.980963][T19187] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  495.003118][T19187] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  495.089513][T19187] BTRFS info (device loop6): enabling ssd optimizations
[  495.097569][T19187] BTRFS info (device loop6): enabling free space tree
[  495.118739][   T33] audit: type=1800 audit(525039.447:322): pid=19187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5674" name="file1" dev="loop6" ino=260 res=0 errno=0
[  495.217353][T18908] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  495.565075][T19223] loop6: detected capacity change from 0 to 4096
[  495.789133][T19237] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5689'.
[  495.876257][T19241] netlink: 'syz.5.5691': attribute type 10 has an invalid length.
[  495.973459][   T24] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  496.143258][   T24] usb 7-1: Using ep0 maxpacket: 8
[  496.148245][   T24] usb 7-1: unable to get BOS descriptor or descriptor too short
[  496.163424][   T24] usb 7-1: config 7 has an invalid descriptor of length 48, skipping remainder of the config
[  496.167608][   T24] usb 7-1: config 7 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 12408, setting to 64
[  496.171481][   T24] usb 7-1: config 7 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  496.178000][   T24] usb 7-1: New USB device found, idVendor=0489, idProduct=e0b5, bcdDevice=ae.2a
[  496.182115][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.185691][   T24] usb 7-1: Product: syz
[  496.187089][   T24] usb 7-1: Manufacturer: syz
[  496.188891][   T24] usb 7-1: SerialNumber: syz
[  496.417466][   T24] usb 7-1: USB disconnect, device number 3
[  496.805549][T19275] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  496.814313][T19275] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  498.019790][T19314] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5727'.
[  498.162794][T18969] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  498.332863][T18969] usb 7-1: Using ep0 maxpacket: 8
[  498.337410][T18969] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  498.345858][T18969] usb 7-1: config 1 has no interface number 1
[  498.352352][T18969] usb 7-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  498.370217][T18969] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  498.377934][T18969] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.380633][T18969] usb 7-1: Product: syz
[  498.382301][T18969] usb 7-1: Manufacturer: syz
[  498.393728][T18969] usb 7-1: SerialNumber: syz
[  498.622089][T18969] usb 7-1: 2:1 : format type 0 is detected, processed as PCM
[  498.625240][T18969] usb 7-1: 2:1 : sample bitwidth 243 in over sample bytes 3
[  498.628283][T18969] usb 7-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  498.630933][T18969] usb 7-1: 2:1 : invalid channels 0
[  498.655936][T18969] usb 7-1: USB disconnect, device number 4
[  498.705974][T19017] udevd[19017]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  498.769135][T19341] overlayfs: failed to clone upperpath
[  500.792675][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  500.794821][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  500.965396][T19393] loop6: detected capacity change from 0 to 32768
[  501.030482][T19393] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  501.047713][T19393] XFS (loop6): Ending clean mount
[  501.052817][T19393] XFS (loop6): Quotacheck needed: Please wait.
[  501.105428][T19393] XFS (loop6): Quotacheck: Done.
[  501.116239][T19393] XFS (loop6): User initiated shutdown received.
[  501.119660][T19393] XFS (loop6): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:472).  Shutting down filesystem.
[  501.125527][T19393] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  501.151509][T18908] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  503.459200][T19489] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5802'.
[  503.514305][T19489] vxlan0: entered promiscuous mode
[  503.546709][ T5891] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  503.570523][ T5891] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  503.581404][ T5891] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  503.610401][ T5891] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  503.756224][   T24] IPVS: starting estimator thread 0...
[  503.870101][T19498] IPVS: using max 49 ests per chain, 117600 per kthread
[  504.837955][T19514] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5811'.
[  507.568714][T19521] loop6: detected capacity change from 0 to 262144
[  507.868957][T19521] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.5814 (19521)
[  507.989224][T19521] BTRFS info (device loop6): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  507.993231][T19521] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  508.064002][ T1008] BTRFS warning (device loop6): checksum verify failed on logical 22036480 mirror 1 wanted 0x23e101be1e001a29 found 0x09049c5cc74d15fb level 0
[  508.093592][T19521] BTRFS info (device loop6): enabling ssd optimizations
[  508.096202][T19521] BTRFS info (device loop6): enabling free space tree
[  508.131247][T18908] BTRFS info (device loop6): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  509.021670][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5827'.
[  509.025417][T19565] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5827'.
[  509.784418][T19588] loop6: detected capacity change from 0 to 1024
[  509.815093][T19588] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  509.825070][   T33] audit: type=1800 audit(525053.507:323): pid=19588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5837" name="file1" dev="loop6" ino=15 res=0 errno=0
[  509.846578][T19588] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[  509.874909][T18908] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.556331][T19634] loop6: detected capacity change from 0 to 32768
[  511.559764][T19634] XFS: attr2 mount option is deprecated.
[  511.571649][T19634] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  511.599413][T19634] XFS (loop6): Ending clean mount
[  511.608806][T19634] XFS (loop6): Quotacheck needed: Please wait.
[  511.646064][T19634] XFS (loop6): Quotacheck: Done.
[  511.723303][T18908] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  512.777447][T19670] loop6: detected capacity change from 0 to 128
[  512.810643][T19670] FAT-fs (loop6): Directory bread(block 32) failed
[  512.813332][T19670] FAT-fs (loop6): Directory bread(block 33) failed
[  512.827069][T19670] FAT-fs (loop6): Directory bread(block 34) failed
[  512.834353][T19670] FAT-fs (loop6): Directory bread(block 35) failed
[  512.841303][T19670] FAT-fs (loop6): Directory bread(block 36) failed
[  512.846049][T19670] FAT-fs (loop6): Directory bread(block 37) failed
[  512.852210][T19670] FAT-fs (loop6): Directory bread(block 38) failed
[  512.858470][T19670] FAT-fs (loop6): Directory bread(block 39) failed
[  512.864019][T19670] FAT-fs (loop6): Directory bread(block 40) failed
[  512.871373][T19670] FAT-fs (loop6): Directory bread(block 41) failed
[  512.942608][T19670] syz.6.5867: attempt to access beyond end of device
[  512.942608][T19670] loop6: rw=0, sector=4112, nr_sectors = 4 limit=128
[  512.948353][T19670] Buffer I/O error on dev loop6, logical block 1028, async page read
[  512.951838][T19670] syz.6.5867: attempt to access beyond end of device
[  512.951838][T19670] loop6: rw=0, sector=167964, nr_sectors = 4 limit=128
[  512.964186][T19670] Buffer I/O error on dev loop6, logical block 41991, async page read
[  512.969367][T19670] FAT-fs (loop6): Filesystem has been set read-only
[  512.972297][T19670] syz.6.5867: attempt to access beyond end of device
[  512.972297][T19670] loop6: rw=0, sector=4112, nr_sectors = 4 limit=128
[  512.977462][T19670] Buffer I/O error on dev loop6, logical block 1028, async page read
[  512.980847][T19670] syz.6.5867: attempt to access beyond end of device
[  512.980847][T19670] loop6: rw=0, sector=167964, nr_sectors = 4 limit=128
[  512.986343][T19670] Buffer I/O error on dev loop6, logical block 41991, async page read
[  513.292657][T19696] loop6: detected capacity change from 0 to 256
[  513.299048][T19696] exFAT-fs (loop6): failed to read boot sector
[  513.302034][T19696] exFAT-fs (loop6): failed to recognize exfat type
[  513.525619][T19706] syz.4.5885(19706): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  513.698388][T19700] loop6: detected capacity change from 0 to 40427
[  513.701876][T19700] F2FS-fs: heap/no_heap options were deprecated
[  513.721355][T19700] F2FS-fs (loop6): Invalid segment count (1)
[  513.723988][T19700] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  513.730075][T19700] F2FS-fs (loop6): invalid crc value
[  513.832025][T19700] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  513.836842][T19700] F2FS-fs (loop6): Try to recover 1th superblock, ret: -30
[  513.840003][T19700] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  514.347991][T19734] overlayfs: failed to clone upperpath
[  515.090267][T19759] overlayfs: failed to clone upperpath
[  515.390237][T19778] loop6: detected capacity change from 0 to 128
[  515.396966][T19778] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  515.407989][T19778] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  515.450079][ T1095] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  515.798836][T18969] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  515.959456][T18969] usb 7-1: Using ep0 maxpacket: 8
[  515.985918][T18969] usb 7-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  515.997928][T18969] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.093057][T18969] usb 7-1: config 0 descriptor??
[  516.361106][T18969] usb 7-1: string descriptor 0 read error: -71
[  516.363365][T18969] usb 7-1: Found UVC 0.00 device <unnamed> (2833:0201)
[  516.367146][T18969] usb 7-1: No valid video chain found.
[  516.370679][T18969] usb 7-1: USB disconnect, device number 5
[  516.784996][T19802] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5927'.
[  518.670007][T19855] overlayfs: failed to clone upperpath
[  518.857718][T19863] 9pnet_fd: Insufficient options for proto=fd
[  519.093572][   T33] audit: type=1326 audit(525062.179:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.6.5962" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  519.115474][   T33] audit: type=1326 audit(525062.179:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.6.5962" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  519.125705][   T33] audit: type=1326 audit(525062.188:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.6.5962" exe="/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  519.140061][   T33] audit: type=1326 audit(525062.188:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.6.5962" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  519.151233][   T33] audit: type=1326 audit(525062.188:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.6.5962" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  519.184858][T19886] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (15)
[  520.921749][   T10] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  521.084238][   T10] usb 7-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=3c.71
[  521.093571][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.097247][   T10] usb 7-1: Product: syz
[  521.112302][   T10] usb 7-1: Manufacturer: syz
[  521.114372][   T10] usb 7-1: SerialNumber: syz
[  521.126656][   T10] usb 7-1: config 0 descriptor??
[  521.142271][   T10] redrat3 7-1:0.0: Couldn't find all endpoints
[  521.380916][   T10] usb 7-1: USB disconnect, device number 6
[  523.268764][T20013] loop6: detected capacity change from 0 to 40427
[  523.290482][T20013] F2FS-fs (loop6): Invalid log sectors per block(24) log sectorsize(9)
[  523.295682][T20013] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  523.299047][T20013] F2FS-fs (loop6): build fault injection rate: 14
[  523.301846][T20013] F2FS-fs (loop6): build fault injection type: 0xb23a
[  523.308873][T20013] F2FS-fs (loop6): invalid crc value
[  523.313892][T20013] F2FS-fs (loop6): inject kvmalloc in f2fs_kvmalloc of f2fs_build_segment_manager+0x3227/0x49f0
[  523.318994][T20013] F2FS-fs (loop6): Failed to initialize F2FS segment manager (-12)
[  524.006172][   T33] audit: type=1107 audit(525066.725:329): pid=20028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='I'
[  524.276041][   T33] audit: type=1326 audit(525067.015:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.6.6035" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  524.296333][   T33] audit: type=1326 audit(525067.024:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.6.6035" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  524.332105][   T33] audit: type=1326 audit(525067.024:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.6.6035" exe="/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  524.345798][   T33] audit: type=1326 audit(525067.024:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.6.6035" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  525.428054][T20060] loop6: detected capacity change from 0 to 2048
[  525.454936][T20060] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  525.523239][T18908] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.600422][T20069] loop6: detected capacity change from 0 to 512
[  525.654645][T20069] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  525.665408][   T33] audit: type=1800 audit(525068.315:334): pid=20069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.6045" name="file1" dev="loop6" ino=19 res=0 errno=0
[  525.711530][T18908] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  526.223544][T20120] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6071'.
[  526.756546][   T24] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  526.927593][   T24] usb 7-1: Using ep0 maxpacket: 16
[  526.932098][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  526.936689][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  526.940574][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  526.943709][   T24] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  526.946757][   T24] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  526.956112][   T24] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  526.959706][   T24] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  526.962819][   T24] usb 7-1: Manufacturer: syz
[  526.973243][   T24] usb 7-1: config 0 descriptor??
[  527.270105][   T24] rc_core: IR keymap rc-hauppauge not found
[  527.272476][   T24] Registered IR keymap rc-empty
[  527.274353][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.291147][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.316824][   T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0
[  527.321716][   T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input19
[  527.343771][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.391925][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.408807][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.451621][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.476450][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.505330][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.526419][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.562911][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.569605][T20152] 9pnet_fd: Insufficient options for proto=fd
[  527.583242][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.615404][   T24] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  527.680485][   T24] mceusb 7-1:0.0: Registered  with mce emulator interface version 1
[  527.683761][   T24] mceusb 7-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  527.695341][   T24] usb 7-1: USB disconnect, device number 7
[  528.751334][T20179] netlink: 'syz.4.6093': attribute type 50 has an invalid length.
[  528.829688][T20161] loop6: detected capacity change from 0 to 32768
[  529.977048][T20197] netlink: 'syz.5.6103': attribute type 21 has an invalid length.
[  530.157077][ T5912] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  530.330186][ T5912] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  530.333472][ T5912] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  530.350975][ T5912] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  530.354735][ T5912] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  530.357836][ T5912] usb 7-1: Manufacturer: syz
[  530.363051][ T5912] usb 7-1: config 0 descriptor??
[  530.371315][ T5912] igorplugusb 7-1:0.0: incorrect number of endpoints
[  530.591876][ T5912] usb 7-1: USB disconnect, device number 8
[  531.223986][T20233] loop6: detected capacity change from 0 to 4096
[  531.234294][T20233] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512).
[  531.254114][T20233] ntfs3(loop6): Failed to load $Secure (-22).
[  531.256876][T20233] ntfs3(loop6): Failed to initialize $Secure (-22).
[  531.527879][T20251] overlayfs: failed to clone upperpath
[  531.794755][T20255] loop6: detected capacity change from 0 to 32768
[  531.822947][   T33] audit: type=1326 audit(525074.077:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20258 comm="syz.5.6132" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x0
[  532.889653][T20274] loop6: detected capacity change from 0 to 40427
[  532.896136][T20274] F2FS-fs: heap/no_heap options were deprecated
[  532.902018][T20274] F2FS-fs (loop6): invalid crc value
[  532.988742][T20274] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  532.993809][T20274] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  533.027492][T18908] syz-executor: attempt to access beyond end of device
[  533.027492][T18908] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  533.033538][T18908] CPU: 1 UID: 0 PID: 18908 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  533.033557][T18908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  533.033566][T18908] Call Trace:
[  533.033572][T18908]  <TASK>
[  533.033577][T18908]  dump_stack_lvl+0x189/0x250
[  533.033601][T18908]  ? __pfx_dump_stack_lvl+0x10/0x10
[  533.033617][T18908]  ? __pfx_queue_work_on+0x10/0x10
[  533.033630][T18908]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  533.033649][T18908]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  533.033677][T18908]  f2fs_handle_critical_error+0x37c/0x540
[  533.033702][T18908]  f2fs_write_end_io+0x886/0xb60
[  533.033730][T18908]  __submit_merged_bio+0x27a/0x6a0
[  533.033753][T18908]  __submit_merged_write_cond+0x255/0x530
[  533.033774][T18908]  f2fs_write_data_pages+0x261d/0x3000
[  533.033808][T18908]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  533.033866][T18908]  ? folios_put_refs+0x559/0x640
[  533.033889][T18908]  ? __pfx_folios_put_refs+0x10/0x10
[  533.033902][T18908]  ? rcu_is_watching+0x15/0xb0
[  533.033923][T18908]  ? __lock_acquire+0xab9/0xd20
[  533.033955][T18908]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  533.033968][T18908]  do_writepages+0x32e/0x550
[  533.033995][T18908]  ? do_raw_spin_unlock+0x4d/0x240
[  533.034014][T18908]  filemap_fdatawrite+0x199/0x240
[  533.034031][T18908]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  533.034088][T18908]  ? do_raw_spin_unlock+0x4d/0x240
[  533.034107][T18908]  f2fs_sync_dirty_inodes+0x31f/0x830
[  533.034133][T18908]  f2fs_write_checkpoint+0x95a/0x1df0
[  533.034166][T18908]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  533.034214][T18908]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  533.034227][T18908]  ? kfree+0x18e/0x440
[  533.034243][T18908]  ? kill_f2fs_super+0x298/0x6c0
[  533.034261][T18908]  kill_f2fs_super+0x2c3/0x6c0
[  533.034281][T18908]  ? __pfx_kill_f2fs_super+0x10/0x10
[  533.034293][T18908]  ? radix_tree_delete_item+0x2b6/0x400
[  533.034319][T18908]  ? shrinker_free+0x2ce/0x3e0
[  533.034335][T18908]  deactivate_locked_super+0xbc/0x130
[  533.034353][T18908]  cleanup_mnt+0x425/0x4c0
[  533.034368][T18908]  ? lockdep_hardirqs_on+0x9c/0x150
[  533.034384][T18908]  task_work_run+0x1d4/0x260
[  533.034431][T18908]  ? __pfx_task_work_run+0x10/0x10
[  533.034447][T18908]  ? __x64_sys_umount+0x122/0x160
[  533.034468][T18908]  ? exit_to_user_mode_loop+0x40/0x110
[  533.034489][T18908]  exit_to_user_mode_loop+0xec/0x110
[  533.034507][T18908]  do_syscall_64+0x2bd/0x3b0
[  533.034520][T18908]  ? lockdep_hardirqs_on+0x9c/0x150
[  533.034533][T18908]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.034546][T18908]  ? exc_page_fault+0x9f/0xf0
[  533.034560][T18908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.034591][T18908] RIP: 0033:0x7f1222d8fed7
[  533.034604][T18908] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  533.034616][T18908] RSP: 002b:00007ffe755f1f88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  533.034630][T18908] RAX: 0000000000000000 RBX: 00007f1222e11c05 RCX: 00007f1222d8fed7
[  533.034638][T18908] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe755f2040
[  533.034646][T18908] RBP: 00007ffe755f2040 R08: 0000000000000000 R09: 0000000000000000
[  533.034655][T18908] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe755f30d0
[  533.034663][T18908] R13: 00007f1222e11c05 R14: 0000000000081afa R15: 00007ffe755f3110
[  533.034687][T18908]  </TASK>
[  533.034712][T18908] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  534.335522][T20302] loop6: detected capacity change from 0 to 40427
[  534.378013][T20302] F2FS-fs (loop6): invalid crc value
[  534.483107][T20302] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  534.498662][T20302] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  534.533275][T20302] syz.6.6149: attempt to access beyond end of device
[  534.533275][T20302] loop6: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  534.570552][T18908] syz-executor: attempt to access beyond end of device
[  534.570552][T18908] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  534.582029][T18908] CPU: 1 UID: 0 PID: 18908 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  534.582048][T18908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  534.582055][T18908] Call Trace:
[  534.582060][T18908]  <TASK>
[  534.582065][T18908]  dump_stack_lvl+0x189/0x250
[  534.582086][T18908]  ? __pfx_dump_stack_lvl+0x10/0x10
[  534.582102][T18908]  ? __pfx_queue_work_on+0x10/0x10
[  534.582113][T18908]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  534.582131][T18908]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  534.582158][T18908]  f2fs_handle_critical_error+0x37c/0x540
[  534.582183][T18908]  f2fs_write_end_io+0x886/0xb60
[  534.582212][T18908]  __submit_merged_bio+0x27a/0x6a0
[  534.582233][T18908]  __submit_merged_write_cond+0x255/0x530
[  534.582289][T18908]  f2fs_write_data_pages+0x261d/0x3000
[  534.582333][T18908]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  534.582394][T18908]  ? __mod_zone_page_state+0xd7/0x140
[  534.582422][T18908]  ? folios_put_refs+0x560/0x640
[  534.582449][T18908]  ? __lock_acquire+0xab9/0xd20
[  534.582476][T18908]  ? do_raw_spin_lock+0x121/0x290
[  534.582503][T18908]  ? do_raw_spin_unlock+0x4d/0x240
[  534.582519][T18908]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  534.582533][T18908]  do_writepages+0x32e/0x550
[  534.582561][T18908]  ? do_raw_spin_unlock+0x4d/0x240
[  534.582581][T18908]  filemap_fdatawrite+0x199/0x240
[  534.582598][T18908]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  534.582660][T18908]  ? do_raw_spin_unlock+0x4d/0x240
[  534.582679][T18908]  f2fs_sync_dirty_inodes+0x31f/0x830
[  534.582709][T18908]  f2fs_write_checkpoint+0x95a/0x1df0
[  534.582745][T18908]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  534.582805][T18908]  ? kill_f2fs_super+0x298/0x6c0
[  534.582823][T18908]  kill_f2fs_super+0x2c3/0x6c0
[  534.582844][T18908]  ? __pfx_kill_f2fs_super+0x10/0x10
[  534.582855][T18908]  ? radix_tree_delete_item+0x2b6/0x400
[  534.582882][T18908]  ? shrinker_free+0x2ce/0x3e0
[  534.582900][T18908]  deactivate_locked_super+0xbc/0x130
[  534.582918][T18908]  cleanup_mnt+0x425/0x4c0
[  534.582931][T18908]  ? lockdep_hardirqs_on+0x9c/0x150
[  534.582946][T18908]  task_work_run+0x1d4/0x260
[  534.582963][T18908]  ? __pfx_task_work_run+0x10/0x10
[  534.582976][T18908]  ? __x64_sys_umount+0x122/0x160
[  534.582994][T18908]  ? exit_to_user_mode_loop+0x40/0x110
[  534.583016][T18908]  exit_to_user_mode_loop+0xec/0x110
[  534.583034][T18908]  do_syscall_64+0x2bd/0x3b0
[  534.583045][T18908]  ? lockdep_hardirqs_on+0x9c/0x150
[  534.583058][T18908]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.583071][T18908]  ? exc_page_fault+0x9f/0xf0
[  534.583085][T18908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.583096][T18908] RIP: 0033:0x7f1222d8fed7
[  534.583109][T18908] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  534.583118][T18908] RSP: 002b:00007ffe755f1f88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  534.583131][T18908] RAX: 0000000000000000 RBX: 00007f1222e11c05 RCX: 00007f1222d8fed7
[  534.583139][T18908] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe755f2040
[  534.583146][T18908] RBP: 00007ffe755f2040 R08: 0000000000000000 R09: 0000000000000000
[  534.583152][T18908] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe755f30d0
[  534.583159][T18908] R13: 00007f1222e11c05 R14: 000000000008209a R15: 00007ffe755f3110
[  534.583181][T18908]  </TASK>
[  534.583188][T18908] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  535.334780][T20340] loop6: detected capacity change from 0 to 1024
[  535.338293][T20340] EXT4-fs: Ignoring removed orlov option
[  535.340744][T20340] EXT4-fs: Ignoring removed nomblk_io_submit option
[  535.373513][T20340] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  535.730120][T18908] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.879650][T20357] loop6: detected capacity change from 0 to 512
[  535.889790][T20357] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  535.899973][T20357] EXT4-fs (loop6): invalid journal inode
[  536.491847][T20363] loop6: detected capacity change from 0 to 32768
[  536.504591][T20363] (syz.6.6172,20363,1):ocfs2_init_local_system_inodes:496 ERROR: status=-22, sysfile=7, slot=0
[  536.513879][T20363] (syz.6.6172,20363,1):ocfs2_init_local_system_inodes:505 ERROR: status = -22
[  536.517141][T20363] (syz.6.6172,20363,1):ocfs2_mount_volume:1758 ERROR: status = -22
[  536.534504][T20363] (syz.6.6172,20363,1):ocfs2_fill_super:1177 ERROR: status = -22
[  536.594630][T20372] vcan0: tx drop: invalid sa for name 0x0000000000000003
[  536.769700][T20378] 8021q: VLANs not supported on gre0
[  536.895060][T20380] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  537.090861][ T4375] Bluetooth: hci3: Frame reassembly failed (-84)
[  537.482863][T20402] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  537.485861][T20402] IPv6: NLM_F_CREATE should be set when creating new route
[  537.488811][T20402] IPv6: NLM_F_CREATE should be set when creating new route
[  537.491778][T20402] IPv6: NLM_F_CREATE should be set when creating new route
[  537.564426][   T33] audit: type=1326 audit(525079.446:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20407 comm="syz.4.6191" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  537.593678][   T33] audit: type=1326 audit(525079.455:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20407 comm="syz.4.6191" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  537.603028][   T33] audit: type=1326 audit(525079.474:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20407 comm="syz.4.6191" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  537.616170][   T33] audit: type=1326 audit(525079.474:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20407 comm="syz.4.6191" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  537.626820][   T33] audit: type=1326 audit(525079.474:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20407 comm="syz.4.6191" exe="/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  537.636587][   T33] audit: type=1326 audit(525079.474:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20407 comm="syz.4.6191" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  537.646549][   T33] audit: type=1326 audit(525079.474:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20407 comm="syz.4.6191" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  537.656318][   T33] audit: type=1326 audit(525079.484:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20407 comm="syz.4.6191" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  537.684841][   T33] audit: type=1326 audit(525079.484:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20407 comm="syz.4.6191" exe="/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  538.626025][T20428] process '/newroot/1396/file0' started with executable stack
[  539.200713][ T5238] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  539.537909][T20449] loop6: detected capacity change from 0 to 32768
[  539.604177][T20449] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  539.604195][T20449]   allowing incompatible features above 0.0: (unknown version)
[  539.604201][T20449]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  539.626010][T20449] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  539.628918][T20449] bcachefs (loop6): initializing new filesystem
[  539.638347][T20449] bcachefs (loop6): going read-write
[  539.647026][T20449] bcachefs (loop6): marking superblocks
[  539.684073][T20449] bcachefs (loop6): initializing freespace
[  539.693381][T20449] bcachefs (loop6): done initializing freespace
[  539.706528][T20449] bcachefs (loop6): reading snapshots table
[  539.708825][T20449] bcachefs (loop6): reading snapshots done
[  539.748771][T20449] bcachefs (loop6): done starting filesystem
[  539.909113][T18908] bcachefs (loop6): shutting down
[  539.910867][T18908] bcachefs (loop6): going read-only
[  539.912681][T18908] bcachefs (loop6): finished waiting for writes to stop
[  539.915592][T18908] bcachefs (loop6): flushing journal and stopping allocators, journal seq 3
[  539.969182][T18908] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 4
[  539.976852][T18908] bcachefs (loop6): clean shutdown complete, journal seq 5
[  539.982908][T18908] bcachefs (loop6): marking filesystem clean
[  540.011888][T18908] bcachefs (loop6): shutdown complete
[  540.247958][   T33] audit: type=1326 audit(525081.953:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20472 comm="syz.5.6219" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  542.660051][T20532] loop6: detected capacity change from 0 to 2048
[  542.683176][T20532] NILFS (loop6): invalid segment: Magic number mismatch
[  542.688615][T20532] NILFS (loop6): trying rollback from an earlier position
[  542.704915][T20532] NILFS (loop6): recovery complete
[  542.714710][T20534] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  543.177189][   T24] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[  543.373829][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  543.384944][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  543.397143][   T24] usb 7-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  543.400295][   T24] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  543.408739][   T24] usb 7-1: Manufacturer: syz
[  543.447117][   T24] usb 7-1: config 0 descriptor??
[  544.012528][   T24] cougar 0003:060B:700A.0010: unknown main item tag 0x0
[  544.016859][   T24] cougar 0003:060B:700A.0010: unknown main item tag 0x0
[  544.019582][   T24] cougar 0003:060B:700A.0010: unknown main item tag 0x0
[  544.025579][   T24] cougar 0003:060B:700A.0010: unknown main item tag 0x0
[  544.028332][   T24] cougar 0003:060B:700A.0010: unknown main item tag 0x0
[  544.040534][   T24] cougar 0003:060B:700A.0010: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[  544.234665][   T10] usb 7-1: USB disconnect, device number 9
[  544.811744][T20572] loop6: detected capacity change from 0 to 512
[  544.820385][T20572] FAT-fs (loop6): bogus number of FAT sectors
[  544.826476][T20572] FAT-fs (loop6): Can't find a valid FAT filesystem
[  545.834161][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  545.834180][   T33] audit: type=1326 audit(525087.182:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.6.6265" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  545.848164][   T33] audit: type=1326 audit(525087.191:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.6.6265" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  545.857647][   T33] audit: type=1326 audit(525087.191:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.6.6265" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  545.867232][   T33] audit: type=1326 audit(525087.191:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.6.6265" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  545.879280][   T33] audit: type=1326 audit(525087.201:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.6.6265" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  545.889848][   T33] audit: type=1326 audit(525087.201:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.6.6265" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  545.898940][   T33] audit: type=1326 audit(525087.201:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.6.6265" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  545.907660][   T33] audit: type=1326 audit(525087.201:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.6.6265" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  545.924672][   T33] audit: type=1326 audit(525087.201:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.6.6265" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  545.933150][   T33] audit: type=1326 audit(525087.219:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.6.6265" exe="/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7f1222d8eba9 code=0x7ffc0000
[  545.950011][T20593] loop6: detected capacity change from 0 to 256
[  545.954314][T20593] exfat: Deprecated parameter 'utf8'
[  545.956588][T20593] exfat: Deprecated parameter 'namecase'
[  545.968156][T20593] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  547.185609][T20620] loop6: detected capacity change from 0 to 512
[  547.241278][T20620] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  547.319558][T18908] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  547.916286][T20651] loop6: detected capacity change from 0 to 32768
[  547.950993][T20651] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  547.982584][T20651] XFS (loop6): Ending clean mount
[  547.994279][T20651] XFS (loop6): Quotacheck needed: Please wait.
[  548.046556][T20651] XFS (loop6): Quotacheck: Done.
[  548.071556][T18908] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  548.506600][T20681] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6301'.
[  549.633683][T20700] loop6: detected capacity change from 0 to 32768
[  549.658985][T20700] bcachefs (/dev/loop6): error validating superblock: Invalid superblock section replicas_v0: invalid device 1 in entry (unknown data_type 122): 1/246 [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 5 5 6 7 8 9 10 11 14 24 27 31 35 42 43 47 47 51 56 65 80 89 96 102 119 128 132 172 173 174 179 205 222 235 245]
[  549.658985][T20700] replicas_v0 (size 64):
[  549.658985][T20700] (unknown data_type 122): 246 [119 43 0 222 65 89 132 205 31 174 173 5 172 235 128 0 0 0 0 0 0 0 0 0 0 1 8 0 0 0 179 245 51 102 0 0 0 0 0 0 14 96 0 0 0 0 0 0 0 0 0 0 0 0 5 0 0 0 0 0 0 0 9 0 0 0 0 0 0 0 7 0 0 0 0 0 0 0 24 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 80 0 0 0 10 0 0 0 0 0 0 0 0 0 0 0 56 0 0 0 0 0 0 0 0 0 0 0 0 0 0
[  549.659154][T20700] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[  550.304340][T20724] loop6: detected capacity change from 0 to 512
[  550.307230][T20724] EXT4-fs: Ignoring removed oldalloc option
[  550.327697][T20724] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.6320: Parent and EA inode have the same ino 15
[  550.341298][T20724] EXT4-fs (loop6): 1 orphan inode deleted
[  550.344300][T20724] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  550.378247][T20724] EXT4-fs error (device loop6): ext4_lookup:1787: inode #15: comm syz.6.6320: unexpected EA_INODE flag
[  550.403047][T18908] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.728295][T20744] loop6: detected capacity change from 0 to 8192
[  551.571988][   T24] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  551.751515][   T24] usb 7-1: Using ep0 maxpacket: 32
[  551.756988][   T24] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  551.760527][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.774297][   T24] usb 7-1: config 0 descriptor??
[  552.000646][   T24] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  552.025228][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  552.032116][   T24] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  552.034947][   T24] usb 7-1: media controller created
[  552.058712][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  552.120997][   T24] DVB: Unable to find symbol dib7000p_attach()
[  552.123440][   T24] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  552.193490][   T24] rc_core: IR keymap rc-dib0700-rc5 not found
[  552.195820][   T24] Registered IR keymap rc-empty
[  552.197554][   T24] dvb-usb: could not initialize remote control.
[  552.210486][   T24] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  552.228156][   T24] usb 7-1: USB disconnect, device number 10
[  552.297569][   T24] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  552.611583][   T33] kauditd_printk_skb: 5 callbacks suppressed
[  552.611602][   T33] audit: type=1326 audit(525311.523:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20831 comm="syz.4.6373" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  552.627262][   T33] audit: type=1326 audit(525311.523:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20831 comm="syz.4.6373" exe="/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  552.634811][   T33] audit: type=1326 audit(525311.523:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20831 comm="syz.4.6373" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  552.641827][   T33] audit: type=1326 audit(525311.523:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20831 comm="syz.4.6373" exe="/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  552.649248][   T33] audit: type=1326 audit(525311.523:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20831 comm="syz.4.6373" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  552.847995][T20846] netlink: 'syz.6.6379': attribute type 1 has an invalid length.
[  552.852860][T20846] netlink: 'syz.6.6379': attribute type 2 has an invalid length.
[  552.981735][T20852] loop6: detected capacity change from 0 to 256
[  552.985070][T20852] exfat: Deprecated parameter 'namecase'
[  552.987355][T20852] exfat: Deprecated parameter 'utf8'
[  552.989905][T20852] exFAT-fs (loop6): bogus fat length
[  552.995665][T20852] exFAT-fs (loop6): failed to read boot sector
[  552.998066][T20852] exFAT-fs (loop6): failed to recognize exfat type
[  553.755786][T20858] loop6: detected capacity change from 0 to 131072
[  553.760901][T20858] F2FS-fs (loop6): invalid crc value
[  553.794572][T20858] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  553.798973][T20858] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  553.892887][T20876] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6390'.
[  553.897653][T20875] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6390'.
[  554.570337][T20880] loop6: detected capacity change from 0 to 32768
[  554.604942][T20880] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  554.643419][T20880] XFS (loop6): Ending clean mount
[  554.722359][T18908] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  554.847485][T20901] ip6gre1: entered allmulticast mode
[  555.004348][T20907] loop6: detected capacity change from 0 to 64
[  555.080467][T20911] binder: 20909:20911 ioctl c0306201 200000000640 returned -22
[  555.227452][T20919] overlayfs: failed to clone upperpath
[  555.234699][T20921] loop6: detected capacity change from 0 to 256
[  555.267278][T20921] FAT-fs (loop6): Directory bread(block 64) failed
[  555.273884][T20921] FAT-fs (loop6): Directory bread(block 65) failed
[  555.276528][T20921] FAT-fs (loop6): Directory bread(block 66) failed
[  555.279038][T20921] FAT-fs (loop6): Directory bread(block 67) failed
[  555.281823][T20921] FAT-fs (loop6): Directory bread(block 68) failed
[  555.284333][T20921] FAT-fs (loop6): Directory bread(block 69) failed
[  555.287019][T20921] FAT-fs (loop6): Directory bread(block 70) failed
[  555.294877][T20921] FAT-fs (loop6): Directory bread(block 71) failed
[  555.297791][T20921] FAT-fs (loop6): Directory bread(block 72) failed
[  555.300342][T20921] FAT-fs (loop6): Directory bread(block 73) failed
[  555.403480][T20926] loop6: detected capacity change from 0 to 22
[  555.406620][T20926] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  555.430207][T20926] VFS: Can't find a romfs filesystem on dev loop6.
[  555.430207][T20926] 
[  556.071334][   T24] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  556.255358][   T24] usb 7-1: Using ep0 maxpacket: 16
[  556.263639][   T24] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  556.271408][   T24] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  556.285540][   T24] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  556.292977][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  556.304489][   T24] usb 7-1: SerialNumber: syz
[  556.319199][   T24] cdc_acm 7-1:1.0: skipping garbage
[  556.534712][  T794] usb 7-1: USB disconnect, device number 11
[  557.203291][T20981] loop6: detected capacity change from 0 to 4096
[  557.207744][T20981] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  557.461646][T20989] loop6: detected capacity change from 0 to 1024
[  557.465891][T20989] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  557.488780][T20989] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  557.518422][T20989] EXT4-fs error (device loop6): ext4_xattr_inode_iget:437: inode #11: comm syz.6.6439: missing EA_INODE flag
[  557.529130][T20989] EXT4-fs (loop6): Remounting filesystem read-only
[  557.577538][T18908] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.872655][T21003] loop6: detected capacity change from 0 to 32768
[  557.882660][T21003] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6443 (21003)
[  557.907555][T21003] BTRFS info (device loop6): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  557.911514][T21003] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  557.976072][T21003] BTRFS info (device loop6): enabling ssd optimizations
[  557.978704][T21003] BTRFS info (device loop6): enabling free space tree
[  558.084671][T18908] BTRFS info (device loop6): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  558.565527][T21004] 9pnet_fd: p9_fd_create_tcp (21004): problem connecting socket to 127.0.0.1
[  559.197666][T21053] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  559.676047][  T794] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  559.847790][  T794] usb 7-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  559.852270][  T794] usb 7-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  559.858828][  T794] usb 7-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  559.863182][  T794] usb 7-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  559.867811][  T794] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  559.876277][T21060] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  560.142489][T21081] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6474'.
[  560.934529][T21126] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6495'.
[  560.938945][T21126] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6495'.
[  560.976767][  T794] aiptek 7-1:17.0: Aiptek using 400 ms programming speed
[  560.983318][  T794] input: Aiptek as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:17.0/input/input21
[  561.069606][  T794] usb 7-1: USB disconnect, device number 12
[  561.069696][    C0] aiptek 7-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  562.376258][   T47] IPVS: starting estimator thread 0...
[  562.475831][T21162] IPVS: using max 68 ests per chain, 163200 per kthread
[  562.556459][T21160] loop6: detected capacity change from 0 to 32768
[  562.874326][T21172] netlink: 'syz.5.6514': attribute type 2 has an invalid length.
[  563.250435][T21197] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6511'.
[  563.510197][T21206] loop6: detected capacity change from 0 to 1024
[  563.526428][T21206] hfsplus: failed to load root directory
[  564.027189][T21210] loop6: detected capacity change from 0 to 32768
[  564.063603][T21210] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6531 (21210)
[  564.392502][T21210] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  564.396385][T21210] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  564.457872][T21210] BTRFS info (device loop6): enabling ssd optimizations
[  564.460780][T21210] BTRFS info (device loop6): enabling free space tree
[  564.665337][T18908] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  564.800289][T21246] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6537'.
[  564.988879][T21252] loop6: detected capacity change from 0 to 2048
[  565.010182][T21252] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  565.055246][T21252] syz.6.6542: attempt to access beyond end of device
[  565.055246][T21252] loop6: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  565.059925][T21259] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  565.086326][T21252] NILFS error (device loop6): nilfs_check_folio: bad entry in directory #2: directory entry across blocks - offset=104, inode=16, rec_len=1816, name_len=0
[  565.104766][T21252] Remounting filesystem read-only
[  566.141369][T21281] loop6: detected capacity change from 0 to 256
[  566.156143][T21281] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  566.487478][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  566.489651][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  566.495178][T21297] netlink: 10 bytes leftover after parsing attributes in process `syz.5.6564'.
[  566.749172][T21306] loop6: detected capacity change from 0 to 2048
[  566.775838][T21306] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  566.917924][T21312] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6571'.
[  568.280047][  T794] kernel write not supported for file bpf-prog (pid: 794 comm: kworker/0:2)
[  568.800611][T21357] loop6: detected capacity change from 0 to 16
[  568.810026][T21357] erofs (device loop6): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk!
[  568.814446][T21357] erofs (device loop6): mounted with root inode @ nid 36.
[  569.069769][T21366] loop6: detected capacity change from 0 to 1024
[  569.097397][T21366] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  569.164722][T18908] EXT4-fs error (device loop6): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 11
[  569.169805][T18908] EXT4-fs error (device loop6): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 11
[  569.514570][ T5891] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.585494][ T5891] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.648504][ T5891] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.726074][T18908] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  569.726234][ T5891] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.754274][T18908] syz-executor (18908) used greatest stack depth: 17424 bytes left
[  569.929677][ T5891] bridge_slave_1: left allmulticast mode
[  569.939618][ T5891] bridge_slave_1: left promiscuous mode
[  569.943224][ T5891] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.954247][ T5891] bridge_slave_0: left allmulticast mode
[  569.962718][ T5891] bridge0: port 1(bridge_slave_0) entered disabled state
[  570.725224][ T5869] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  570.733193][ T5869] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  570.738343][ T5869] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  570.748595][ T5869] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  570.753736][ T5869] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  571.177327][ T5891] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  571.197656][ T5891] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  571.212988][ T5891] bond0 (unregistering): Released all slaves
[  571.593933][T21383] chnl_net:caif_netlink_parms(): no params data found
[  571.719017][ T5891] hsr_slave_0: left promiscuous mode
[  571.722242][ T5891] hsr_slave_1: left promiscuous mode
[  571.728045][ T5891] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  571.731620][ T5891] batman_adv: batadv0: Removing interface: batadv_slave_0
[  571.738481][ T5891] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  571.741385][ T5891] batman_adv: batadv0: Removing interface: batadv_slave_1
[  571.776166][ T5891] veth1_macvtap: left promiscuous mode
[  571.778770][ T5891] veth0_macvtap: left promiscuous mode
[  571.781056][ T5891] veth1_vlan: left promiscuous mode
[  571.783161][ T5891] veth0_vlan: left promiscuous mode
[  572.685955][ T5891] team0 (unregistering): Port device team_slave_1 removed
[  572.770665][ T5891] team0 (unregistering): Port device team_slave_0 removed
[  572.987761][ T5869] Bluetooth: hci1: command tx timeout
[  573.530594][T21383] bridge0: port 1(bridge_slave_0) entered blocking state
[  573.537110][T21383] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.541136][T21383] bridge_slave_0: entered allmulticast mode
[  573.546911][T21383] bridge_slave_0: entered promiscuous mode
[  573.602296][T21383] bridge0: port 2(bridge_slave_1) entered blocking state
[  573.608703][T21383] bridge0: port 2(bridge_slave_1) entered disabled state
[  573.617864][T21383] bridge_slave_1: entered allmulticast mode
[  573.630153][T21383] bridge_slave_1: entered promiscuous mode
[  573.698785][T21383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  573.747020][T21383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  573.824732][T21383] team0: Port device team_slave_0 added
[  573.829284][T21383] team0: Port device team_slave_1 added
[  573.920212][T21383] batman_adv: batadv0: Adding interface: batadv_slave_0
[  573.923622][T21383] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  573.934763][T21383] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  573.964178][T21383] batman_adv: batadv0: Adding interface: batadv_slave_1
[  573.966790][T21383] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  573.978880][T21383] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  574.043016][ T5891] IPVS: stop unused estimator thread 0...
[  574.089090][T21383] hsr_slave_0: entered promiscuous mode
[  574.092157][T21383] hsr_slave_1: entered promiscuous mode
[  574.095022][T21383] debugfs: 'hsr0' already exists in 'hsr'
[  574.109441][T21383] Cannot create hsr debugfs directory
[  574.315880][T21383] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  574.323296][T21383] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  574.329569][T21383] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  574.338432][T21383] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  574.419243][T21383] 8021q: adding VLAN 0 to HW filter on device bond0
[  574.451060][T21383] 8021q: adding VLAN 0 to HW filter on device team0
[  574.465180][ T4375] bridge0: port 1(bridge_slave_0) entered blocking state
[  574.467792][ T4375] bridge0: port 1(bridge_slave_0) entered forwarding state
[  574.477858][ T4375] bridge0: port 2(bridge_slave_1) entered blocking state
[  574.480553][ T4375] bridge0: port 2(bridge_slave_1) entered forwarding state
[  574.635908][T21383] 8021q: adding VLAN 0 to HW filter on device batadv0
[  574.885541][T21383] veth0_vlan: entered promiscuous mode
[  574.902842][T21383] veth1_vlan: entered promiscuous mode
[  574.934817][T21383] veth0_macvtap: entered promiscuous mode
[  574.941965][T21383] veth1_macvtap: entered promiscuous mode
[  574.963499][T21383] batman_adv: batadv0: Interface activated: batadv_slave_0
[  574.980757][T21383] batman_adv: batadv0: Interface activated: batadv_slave_1
[  574.992988][ T5891] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  574.998129][ T5891] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  575.003082][ T5891] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  575.007690][ T5891] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  575.168707][ T4375] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  575.171512][ T4375] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  575.201156][ T5869] Bluetooth: hci1: command tx timeout
[  575.213841][ T4375] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  575.218192][ T4375] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  577.425969][ T5869] Bluetooth: hci1: command tx timeout
[  579.645915][ T5869] Bluetooth: hci1: command tx timeout
[  579.929122][T21596] netlink: 'syz.5.6682': attribute type 1 has an invalid length.
[  580.104922][T21609] overlayfs: failed to clone upperpath
[  580.260650][T21617] loop7: detected capacity change from 0 to 64
[  580.303169][T21617] Bad inode number on dev loop7: 6 is out of range
[  583.219578][T21710] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6732'.
[  583.913298][T21745] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  585.113627][T21768] netlink: 212376 bytes leftover after parsing attributes in process `syz.7.6759'.
[  587.861588][T21850] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6797'.
[  588.152057][T21860] netlink: 68 bytes leftover after parsing attributes in process `syz.4.6801'.
[  588.289663][T21864] 9pnet_fd: Insufficient options for proto=fd
[  589.279792][T21909] loop7: detected capacity change from 0 to 136
[  589.283447][T21909] iso9660: Bad value for 'mode'
[  589.620865][T21915] loop7: detected capacity change from 0 to 32768
[  589.629490][T21915] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.6825 (21915)
[  589.828984][T21915] BTRFS info (device loop7): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  589.839554][T21915] BTRFS info (device loop7): using blake2b (blake2b-256-generic) checksum algorithm
[  590.213221][T21915] BTRFS info (device loop7): enabling ssd optimizations
[  590.220253][T21915] BTRFS info (device loop7): enabling free space tree
[  590.469619][T21383] BTRFS info (device loop7): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  592.543600][T21989] loop7: detected capacity change from 0 to 32768
[  592.549334][T21989] bcachefs (/dev/loop7): error reading default superblock: unknown checksum type 63
[  592.553466][T21989] syz.7.6848: attempt to access beyond end of device
[  592.553466][T21989] loop7: rw=6144, sector=4611686018427418624, nr_sectors = 16 limit=32768
[  592.559079][T21989] bcachefs (/dev/loop7): error reading superblock: checksum error, type crc32c_nonzero: got 575417db should be 49607f70IO error: -5
[  592.563832][T21989] bcachefs: bch2_fs_get_tree() error: EIO
[  593.878296][T22027] vlan2: entered allmulticast mode
[  593.880497][T22027] dummy0: entered allmulticast mode
[  594.935361][T22073] loop7: detected capacity change from 0 to 16
[  594.950400][T22073] erofs (device loop7): mounted with root inode @ nid 36.
[  594.967998][T22073] syz.7.6884: attempt to access beyond end of device
[  594.967998][T22073] loop7: rw=0, sector=1152, nr_sectors = 257 limit=16
[  594.974993][T22073] erofs (device loop7): read error -5 @ 0 of nid 36
[  597.361977][T22154] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6920'.
[  598.381894][T22211] loop7: detected capacity change from 0 to 1024
[  598.401708][T22211] EXT4-fs: Ignoring removed nomblk_io_submit option
[  598.448480][T22211] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  598.507931][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  598.786158][T22233] loop7: detected capacity change from 0 to 256
[  598.790355][T22233] exfat: Deprecated parameter 'utf8'
[  598.792285][T22233] exfat: Deprecated parameter 'utf8'
[  598.831373][T22233] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x4d7dfc9d, utbl_chksum : 0xe619d30d)
[  598.952597][T22243] loop7: detected capacity change from 0 to 1024
[  599.189380][T22254] IPVS: set_ctl: invalid protocol: 43 100.1.1.1:20001
[  599.232367][T18969] IPVS: starting estimator thread 0...
[  599.334313][T22255] IPVS: using max 68 ests per chain, 163200 per kthread
[  599.939825][ T8771] hfsplus: b-tree write err: -5, ino 4
[  600.035176][T22266] loop7: detected capacity change from 0 to 16
[  600.044782][T22266] erofs (device loop7): invalid sb_extslots 4208 (more than a fs block)
[  600.230534][T22269] loop7: detected capacity change from 0 to 4096
[  600.254106][T22270] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  600.582557][T22283] netlink: 'syz.7.6976': attribute type 12 has an invalid length.
[  600.600983][T22283] netlink: 9472 bytes leftover after parsing attributes in process `syz.7.6976'.
[  600.890001][T22304] overlayfs: failed to clone upperpath
[  606.522138][T22492] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  607.359417][T22506] loop7: detected capacity change from 0 to 512
[  607.387589][T22506] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  607.390994][T22506] EXT4-fs (loop7): DAX unsupported by block device.
[  607.479228][T22508] input: syz1 as /devices/virtual/input/input22
[  609.985253][T22558] loop7: detected capacity change from 0 to 512
[  611.057936][T22607] netlink: 'syz.5.7123': attribute type 2 has an invalid length.
[  611.061180][T22607] netlink: 132 bytes leftover after parsing attributes in process `syz.5.7123'.
[  611.178632][T22611] loop7: detected capacity change from 0 to 764
[  611.945703][T22622] loop7: detected capacity change from 0 to 256
[  612.176811][T22630] loop7: detected capacity change from 0 to 4096
[  612.185525][T22630] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512).
[  612.217339][T22630] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  612.329031][T22636] loop7: detected capacity change from 0 to 128
[  612.698034][   T33] audit: type=1326 audit(527945.732:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22654 comm="syz.4.7143" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x0
[  613.399334][T22676] netlink: 'syz.5.7152': attribute type 2 has an invalid length.
[  613.403267][T22676] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7152'.
[  613.463363][T22680] overlayfs: failed to clone upperpath
[  613.577645][T22686] loop7: detected capacity change from 0 to 512
[  613.592577][T22686] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  613.628606][T22686] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.7157: bg 0: block 104: invalid block bitmap
[  613.639840][T22686] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  613.643648][T22686] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.7157: invalid indirect mapped block 1 (level 1)
[  613.654022][T22686] EXT4-fs (loop7): 1 truncate cleaned up
[  613.659078][T22686] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  613.725574][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  613.909666][T22704] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7165'.
[  616.177521][T22764] overlayfs: failed to clone upperpath
[  616.325869][T22770] netlink: 'syz.4.7194': attribute type 11 has an invalid length.
[  616.834394][T22776] overlay: Unknown parameter '\'
[  617.112957][   T33] audit: type=1326 audit(527949.858:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22787 comm="syz.5.7203" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  617.129623][   T33] audit: type=1326 audit(527949.858:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22787 comm="syz.5.7203" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  617.143444][   T33] audit: type=1326 audit(527949.867:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22787 comm="syz.5.7203" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  617.156804][   T33] audit: type=1326 audit(527949.867:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22787 comm="syz.5.7203" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  617.176010][   T33] audit: type=1326 audit(527949.867:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22787 comm="syz.5.7203" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  617.195368][   T33] audit: type=1326 audit(527949.877:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22787 comm="syz.5.7203" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  617.206152][   T33] audit: type=1326 audit(527949.877:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22787 comm="syz.5.7203" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  617.220649][   T33] audit: type=1326 audit(527949.877:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22787 comm="syz.5.7203" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  617.236744][   T33] audit: type=1326 audit(527949.895:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22787 comm="syz.5.7203" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  617.237356][T22792] loop7: detected capacity change from 0 to 4096
[  617.274151][T22792] EXT4-fs: Ignoring removed nomblk_io_submit option
[  617.304494][T22792] EXT4-fs (loop7): Test dummy encryption mode enabled
[  617.314361][T22792] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  617.320064][T22792] System zones: 0-5
[  617.340479][T22792] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  617.386771][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  619.075298][T22841] loop7: detected capacity change from 0 to 256
[  619.220263][T22845] netlink: 14560 bytes leftover after parsing attributes in process `syz.7.7225'.
[  619.473085][T22853] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3)
[  619.476254][T22853] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  619.500141][T22853] vhci_hcd vhci_hcd.0: Device attached
[  619.517670][T22853] vhci_hcd vhci_hcd.0: pdev(7) rhport(1) sockfd(5)
[  619.520344][T22853] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  619.523603][T22853] vhci_hcd vhci_hcd.0: Device attached
[  619.659064][T22862] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  619.691524][T22853] vhci_hcd vhci_hcd.0: pdev(7) rhport(2) sockfd(7)
[  619.694101][T22853] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  619.713582][T22862] vhci_hcd vhci_hcd.0: pdev(7) rhport(4) sockfd(12)
[  619.716302][T22862] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  619.732041][T22869] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  619.835101][T18969] usb 47-1: new low-speed USB device number 2 using vhci_hcd
[  619.838389][T22853] vhci_hcd vhci_hcd.0: Device attached
[  619.884333][T22862] vhci_hcd vhci_hcd.0: Device attached
[  620.067705][T22872] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  620.076329][T22853] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  620.098916][T22853] vhci_hcd vhci_hcd.0: port 0 already used
[  620.115732][T22855] vhci_hcd: connection reset by peer
[  620.123195][T22866] vhci_hcd: connection closed
[  620.123980][T22858] vhci_hcd: connection closed
[  620.124708][T10509] vhci_hcd: stop threads
[  620.125610][T22864] vhci_hcd: connection closed
[  620.139865][T10509] vhci_hcd: release socket
[  620.156205][T10509] vhci_hcd: disconnect device
[  620.160557][T10509] vhci_hcd: stop threads
[  620.165634][T10509] vhci_hcd: release socket
[  620.174479][T10509] vhci_hcd: disconnect device
[  620.181972][T10509] vhci_hcd: stop threads
[  620.183440][T10509] vhci_hcd: release socket
[  620.185874][T10509] vhci_hcd: disconnect device
[  620.192118][T10509] vhci_hcd: stop threads
[  620.195745][T10509] vhci_hcd: release socket
[  620.201492][T10509] vhci_hcd: disconnect device
[  620.566336][   T33] kauditd_printk_skb: 5 callbacks suppressed
[  620.566347][   T33] audit: type=1800 audit(527953.095:385): pid=22886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.7237" name="file1" dev="tmpfs" ino=9957 res=0 errno=0
[  621.128870][   T47] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  621.445206][   T47] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  622.318812][T22913] loop7: detected capacity change from 0 to 32768
[  622.324403][T22913] XFS: noikeep mount option is deprecated.
[  622.408573][T22913] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  622.453161][T22913] XFS (loop7): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  622.472714][T22913] XFS (loop7): Starting recovery (logdev: internal)
[  622.501671][T22913] XFS (loop7): Ending recovery (logdev: internal)
[  622.677136][T21383] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  624.193174][T22960] 9pnet_fd: Insufficient options for proto=fd
[  624.889072][T22988] loop7: detected capacity change from 0 to 512
[  624.895548][T22988] EXT4-fs: Ignoring removed mblk_io_submit option
[  624.906024][T22988] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  624.924489][T22988] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  624.927971][T22988] System zones: 1-12
[  624.932544][T22988] EXT4-fs error (device loop7): ext4_iget_extra_inode:5104: inode #15: comm syz.7.7276: corrupted in-inode xattr: e_value size too large
[  624.939247][T22988] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.7276: couldn't read orphan inode 15 (err -117)
[  624.949423][T22988] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  624.998778][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  625.068357][T22998] sctp: [Deprecated]: syz.7.7279 (pid 22998) Use of int in max_burst socket option.
[  625.068357][T22998] Use struct sctp_assoc_value instead
[  625.305389][T23010] loop7: detected capacity change from 0 to 2048
[  625.333153][T18969] vhci_hcd: vhci_device speed not set
[  625.338907][T23010] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  625.487640][T23021] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  625.669245][T23036] 9pnet_fd: Insufficient options for proto=fd
[  626.523912][T23054] loop7: detected capacity change from 0 to 256
[  626.607363][T23058] loop7: detected capacity change from 0 to 512
[  626.619725][T23058] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #15: comm syz.7.7308: casefold flag without casefold feature
[  626.624351][T23058] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.7308: couldn't read orphan inode 15 (err -117)
[  626.629866][T23058] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  626.642378][T23058] EXT4-fs: Ignoring removed nomblk_io_submit option
[  626.646660][T23058] EXT4-fs: Can't set or change test_dummy_encryption on remount
[  626.667202][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  627.005420][   T33] audit: type=1326 audit(527959.111:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23072 comm="syz.5.7316" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  627.024153][   T33] audit: type=1326 audit(527959.120:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23072 comm="syz.5.7316" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  627.040295][   T33] audit: type=1326 audit(527959.120:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23072 comm="syz.5.7316" exe="/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  627.056273][   T33] audit: type=1326 audit(527959.120:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23072 comm="syz.5.7316" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fd18eba9 code=0x7ffc0000
[  627.081023][T23063] loop7: detected capacity change from 0 to 32768
[  627.131142][T23063] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.7310 (23063)
[  627.175260][T23063] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  627.186430][T23063] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[  627.313324][T23063] BTRFS info (device loop7): enabling ssd optimizations
[  627.329402][T23063] BTRFS info (device loop7): enabling free space tree
[  627.332138][T23063] BTRFS info (device loop7): use lzo compression, level 1
[  627.464321][T21383] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  627.784814][T23091] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  627.810770][T23091] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  628.302375][T10509] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  628.305673][T10509] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  628.308917][T10509] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  628.320468][T10509] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  628.365449][T10509] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  628.368769][T10509] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  628.372647][T10509] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  628.397779][T10509] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  629.688629][T23144] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7338'.
[  630.027300][T23148] netlink: 'syz.7.7340': attribute type 1 has an invalid length.
[  630.068168][T23148] 8021q: adding VLAN 0 to HW filter on device bond1
[  630.097923][T23148] erspan0: entered allmulticast mode
[  630.119390][T23148] bond1: (slave erspan0): making interface the new active one
[  630.125391][T23148] bond1: (slave erspan0): Enslaving as an active interface with an up link
[  632.203434][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  632.206252][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  633.397369][T23251] overlayfs: failed to clone upperpath
[  633.406342][T23251] overlayfs: failed to clone upperpath
[  633.942320][T23261] loop7: detected capacity change from 0 to 40427
[  633.946265][T23261] F2FS-fs (loop7): build fault injection rate: 14
[  633.948352][T23261] F2FS-fs (loop7): build fault injection type: 0x3bfe8c
[  633.952197][T23261] F2FS-fs (loop7): invalid crc value
[  633.958021][    C0] F2FS-fs (loop7): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  633.974431][    C0] F2FS-fs (loop7): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  634.037812][T23261] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  634.041247][T23261] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  634.046357][T23261] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  634.065593][T23261] F2FS-fs (loop7): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  634.071428][T23261] F2FS-fs (loop7): inject inconsistent footer in sanity_check_node_footer of f2fs_write_inline_data+0x9b/0x790
[  634.075890][T23261] F2FS-fs (loop7): inconsistent node block, node_type:1, nid:10, node_footer[nid:10,ino:10,ofs:0,cpver:0,blkaddr:0]
[  634.115730][T21383] syz-executor: attempt to access beyond end of device
[  634.115730][T21383] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  634.120417][T21383] CPU: 0 UID: 0 PID: 21383 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  634.120430][T21383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  634.120435][T21383] Call Trace:
[  634.120439][T21383]  <TASK>
[  634.120443][T21383]  dump_stack_lvl+0x189/0x250
[  634.120459][T21383]  ? __pfx_dump_stack_lvl+0x10/0x10
[  634.120469][T21383]  ? __pfx_queue_work_on+0x10/0x10
[  634.120477][T21383]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  634.120489][T21383]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  634.120507][T21383]  f2fs_handle_critical_error+0x37c/0x540
[  634.120523][T21383]  f2fs_write_end_io+0x886/0xb60
[  634.120540][T21383]  __submit_merged_bio+0x27a/0x6a0
[  634.120555][T21383]  __submit_merged_write_cond+0x255/0x530
[  634.120569][T21383]  f2fs_write_data_pages+0x261d/0x3000
[  634.120576][T21383]  ? __lock_acquire+0xab9/0xd20
[  634.120611][T21383]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  634.120626][T21383]  ? __up_read+0x280/0x680
[  634.120652][T21383]  ? read_node_folio+0x323/0x3f0
[  634.120675][T21383]  ? __lock_acquire+0xab9/0xd20
[  634.120694][T21383]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  634.120702][T21383]  do_writepages+0x32e/0x550
[  634.120719][T21383]  ? do_raw_spin_unlock+0x4d/0x240
[  634.120731][T21383]  filemap_fdatawrite+0x199/0x240
[  634.120743][T21383]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  634.120777][T21383]  ? do_raw_spin_unlock+0x4d/0x240
[  634.120789][T21383]  f2fs_sync_dirty_inodes+0x31f/0x830
[  634.120805][T21383]  f2fs_write_checkpoint+0x95a/0x1df0
[  634.120825][T21383]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  634.120858][T21383]  ? kill_f2fs_super+0x298/0x6c0
[  634.120869][T21383]  kill_f2fs_super+0x2c3/0x6c0
[  634.120881][T21383]  ? __pfx_kill_f2fs_super+0x10/0x10
[  634.120887][T21383]  ? radix_tree_delete_item+0x2b6/0x400
[  634.120904][T21383]  ? shrinker_free+0x2ce/0x3e0
[  634.120914][T21383]  deactivate_locked_super+0xbc/0x130
[  634.120925][T21383]  cleanup_mnt+0x425/0x4c0
[  634.120935][T21383]  ? lockdep_hardirqs_on+0x9c/0x150
[  634.120944][T21383]  task_work_run+0x1d4/0x260
[  634.120956][T21383]  ? __pfx_task_work_run+0x10/0x10
[  634.120965][T21383]  ? __x64_sys_umount+0x122/0x160
[  634.120979][T21383]  ? exit_to_user_mode_loop+0x40/0x110
[  634.120993][T21383]  exit_to_user_mode_loop+0xec/0x110
[  634.121004][T21383]  do_syscall_64+0x2bd/0x3b0
[  634.121012][T21383]  ? lockdep_hardirqs_on+0x9c/0x150
[  634.121019][T21383]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.121026][T21383]  ? exc_page_fault+0x9f/0xf0
[  634.121035][T21383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.121042][T21383] RIP: 0033:0x7fd36f18fed7
[  634.121051][T21383] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  634.121058][T21383] RSP: 002b:00007ffe2b26cbc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  634.121067][T21383] RAX: 0000000000000000 RBX: 00007fd36f211c05 RCX: 00007fd36f18fed7
[  634.121072][T21383] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe2b26cc80
[  634.121077][T21383] RBP: 00007ffe2b26cc80 R08: 0000000000000000 R09: 0000000000000000
[  634.121082][T21383] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe2b26dd10
[  634.121087][T21383] R13: 00007fd36f211c05 R14: 0000000000098c55 R15: 00007ffe2b26dd50
[  634.121101][T21383]  </TASK>
[  634.121105][T21383] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  634.818629][T23283] lo speed is unknown, defaulting to 1000
[  634.821166][T23283] lo speed is unknown, defaulting to 1000
[  634.841457][T23283] lo speed is unknown, defaulting to 1000
[  634.866431][T23283] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  634.904277][T23283] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  635.059951][T23283] lo speed is unknown, defaulting to 1000
[  635.076977][T23283] lo speed is unknown, defaulting to 1000
[  635.080189][T23283] lo speed is unknown, defaulting to 1000
[  635.083164][T23283] lo speed is unknown, defaulting to 1000
[  635.164854][T23286] overlayfs: failed to resolve './file1metacopy=off': -2
[  635.688584][T23307] loop7: detected capacity change from 0 to 4096
[  637.165302][    C0] vcan0: j1939_tp_rxtimer: 0xffff888028ec8000: rx timeout, send abort
[  637.174015][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888028ec8000: 0x10000: (3) A timeout occurred and this is the connection abort to close the session.
[  638.220260][T23350] netlink: 'syz.7.7427': attribute type 3 has an invalid length.
[  638.425661][T23364] netlink: 'syz.7.7434': attribute type 10 has an invalid length.
[  638.429982][T23364] veth1_macvtap: left promiscuous mode
[  638.442503][T23364] bridge0: port 3(macsec0) entered blocking state
[  638.445799][T23364] bridge0: port 3(macsec0) entered disabled state
[  638.448830][T23364] macsec0: entered allmulticast mode
[  638.452864][T23364] macsec0: entered promiscuous mode
[  638.648037][T23371] loop7: detected capacity change from 0 to 4096
[  638.656555][T23371] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[  638.694282][T23371] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  638.696658][T23371] ntfs3(loop7): ino=3, ntfs_set_state failed, -22.
[  638.704207][T23371] ntfs3(loop7): Failed to load $Bitmap (-22).
[  638.706209][T23371] ntfs3(loop7): ino=3, ntfs3_write_inode failed, -22.
[  640.621452][   T33] audit: type=1326 audit(527971.853:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23437 comm="syz.4.7468" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x0
[  640.986594][T23451] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7473'.
[  642.214042][   T33] audit: type=1326 audit(527973.341:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23511 comm="syz.7.7502" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36f18eba9 code=0x7ffc0000
[  642.236443][   T33] audit: type=1326 audit(527973.341:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23511 comm="syz.7.7502" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36f18eba9 code=0x7ffc0000
[  642.245919][   T33] audit: type=1326 audit(527973.360:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23511 comm="syz.7.7502" exe="/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7fd36f18eba9 code=0x7ffc0000
[  642.293687][   T33] audit: type=1326 audit(527973.360:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23511 comm="syz.7.7502" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36f18eba9 code=0x7ffc0000
[  642.302175][   T33] audit: type=1326 audit(527973.360:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23511 comm="syz.7.7502" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36f18eba9 code=0x7ffc0000
[  642.331513][T23518] loop7: detected capacity change from 0 to 64
[  642.363435][T23518] syz.7.7505: attempt to access beyond end of device
[  642.363435][T23518] loop7: rw=0, sector=1024, nr_sectors = 2 limit=64
[  642.368312][T23520] bridge0: port 3(hsr_slave_1) entered blocking state
[  642.371521][T23520] bridge0: port 3(hsr_slave_1) entered disabled state
[  642.376132][T23518] Buffer I/O error on dev loop7, logical block 512, async page read
[  642.379495][T23520] hsr_slave_1: entered allmulticast mode
[  642.381163][T23520] hsr_slave_1: left allmulticast mode
[  642.384795][T23518] syz.7.7505: attempt to access beyond end of device
[  642.384795][T23518] loop7: rw=0, sector=113152, nr_sectors = 2 limit=64
[  642.392796][T23518] Buffer I/O error on dev loop7, logical block 56576, async page read
[  642.526036][T23523] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  642.814315][T23545] loop7: detected capacity change from 0 to 1024
[  642.838732][T23545] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  642.918811][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  644.151176][T23577] netlink: 296 bytes leftover after parsing attributes in process `syz.4.7528'.
[  644.482792][T23606] netlink: 36 bytes leftover after parsing attributes in process `syz.5.7539'.
[  645.309754][T23635] overlayfs: failed to clone upperpath
[  645.566195][   T33] audit: type=1326 audit(527976.484:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23642 comm="syz.5.7556" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f43fd18eba9 code=0x0
[  646.451494][T23677] loop7: detected capacity change from 0 to 512
[  646.490833][T23677] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  646.540028][T23677] EXT4-fs (loop7): 1 truncate cleaned up
[  646.554033][T23677] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  646.833868][T23680] netlink: 'syz.5.7571': attribute type 1 has an invalid length.
[  646.868295][T23680] 8021q: adding VLAN 0 to HW filter on device bond1
[  647.040275][   T33] audit: type=1800 audit(527977.860:397): pid=23669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.7569" name="bus" dev="tmpfs" ino=10694 res=0 errno=0
[  647.267468][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  647.686632][T23689] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  647.879237][T23693] loop7: detected capacity change from 0 to 4096
[  647.922438][T23693] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  647.963759][T23693] ntfs3(loop7): ino=1a, mi_enum_attr
[  647.965978][T23693] ntfs3(loop7): ino=1a, mi_enum_attr
[  647.973062][T23693] ntfs3(loop7): Failed to initialize $Extend/$Reparse.
[  648.785478][T23715] loop7: detected capacity change from 0 to 32768
[  648.868569][T23715] ocfs2: Mounting device (7,7) on (node local, slot 0) with writeback data mode.
[  648.894777][T23715] (syz.7.7584,23715,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[  648.946596][T21383] ocfs2: Unmounting device (7,7) on (node local)
[  649.087718][   T33] audit: type=1800 audit(527979.703:398): pid=23729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.7591" name="nullb0" dev="tmpfs" ino=9131 res=0 errno=0
[  649.510185][T23753] loop7: detected capacity change from 0 to 2048
[  649.515682][T23753] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  649.722749][T23766] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7609'.
[  649.725571][T23766] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7609'.
[  649.784221][T23773] dummy0: entered promiscuous mode
[  649.788774][T23773] dummy0: entered allmulticast mode
[  653.777222][T23891] loop7: detected capacity change from 0 to 8
[  653.800151][T23891] MTD: Attempt to mount non-MTD device "/dev/loop7"
[  653.874542][   T33] audit: type=1326 audit(527984.250:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23898 comm="syz.5.7671" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f43fd18eba9 code=0x0
[  655.021665][T23924] 9pnet_fd: Insufficient options for proto=fd
[  655.080011][T23927] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  655.085804][T23927] block device autoloading is deprecated and will be removed.
[  655.153571][T23922] md2: using deprecated bitmap file support
[  655.156348][T23922] md2: error: failed to get bitmap file
[  655.187439][T23922] md2: using deprecated bitmap file support
[  655.189807][T23922] md2: error: failed to get bitmap file
[  655.215822][T23938] 9pnet: p9_errstr2errno: server reported unknown error @cF	S++
[  656.451094][T23960] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  656.453704][T23960] IPv6: NLM_F_CREATE should be set when creating new route
[  656.456315][T23960] IPv6: NLM_F_CREATE should be set when creating new route
[  656.750755][T23972] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  656.776151][ T9709] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  656.813749][T23974] loop7: detected capacity change from 0 to 1024
[  656.834712][T23974] hfsplus: bad catalog entry used to create inode
[  656.863617][T21321] hfsplus: b-tree write err: -5, ino 4
[  657.545290][ T9709] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  658.793574][T24006] netlink: 'syz.5.7716': attribute type 5 has an invalid length.
[  659.745442][T24010] Process accounting resumed
[  659.893898][T24021] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7722'.
[  660.064563][T24029] futex_wake_op: syz.5.7726 tries to shift op by -2048; fix this program
[  660.304686][T24044] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  660.307570][T24044] netdevsim netdevsim5 netdevsim0: left allmulticast mode
[  660.310402][T24044] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  660.389866][T24051] dummy0: left promiscuous mode
[  660.392195][T24051] dummy0: left allmulticast mode
[  660.397897][T24051] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  660.559827][T24064] loop7: detected capacity change from 0 to 256
[  660.587313][T24064] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xf4000b1f, utbl_chksum : 0xe619d30d)
[  665.126542][T24153] loop7: detected capacity change from 0 to 32768
[  665.130159][T24153] BTRFS warning: Compression level ignored for LZO
[  665.133827][T24153] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 0 transid 8 /dev/loop7 (7:7) scanned by syz.7.7779 (24153)
[  665.773916][T24180] loop7: detected capacity change from 0 to 32768
[  665.778406][T24180] XFS: ikeep mount option is deprecated.
[  665.780878][T24180] XFS (loop7): invalid logbufs value: 1 [not 2-8]
[  666.242877][T24195] loop7: detected capacity change from 0 to 32768
[  666.330831][T24207] loop7: detected capacity change from 0 to 256
[  666.338732][T24207] exfat: Deprecated parameter 'namecase'
[  666.362829][T24207] exfat: Deprecated parameter 'utf8'
[  666.376517][T24207] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  666.704405][   T24] lo speed is unknown, defaulting to 1000
[  666.709599][   T47] lo speed is unknown, defaulting to 1000
[  667.032464][T24248] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7820'.
[  667.440475][T24259] netlink: 56 bytes leftover after parsing attributes in process `syz.7.7824'.
[  667.482483][T24259] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7824'.
[  667.795461][T24267] 9pnet_fd: Insufficient options for proto=fd
[  668.249612][T24280] netlink: 'syz.4.7833': attribute type 32 has an invalid length.
[  669.769823][T24310] loop7: detected capacity change from 0 to 65536
[  669.778326][T24310] XFS (loop7): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  669.797070][T24310] XFS (loop7): Ending clean mount
[  669.849698][T24328] 9pnet_fd: Insufficient options for proto=fd
[  669.995302][T21383] XFS (loop7): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  670.648131][T24349] loop7: detected capacity change from 0 to 4096
[  670.669736][T24349] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[  670.817500][T24355] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  670.835395][T24355] loop7: detected capacity change from 0 to 1024
[  670.864551][T24355] hfsplus: invalid catalog btree flag
[  670.866556][T24355] hfsplus: failed to load catalog file
[  671.107082][T24357] loop7: detected capacity change from 0 to 32768
[  671.111671][T24357] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.7866 (24357)
[  671.152949][T24357] BTRFS info (device loop7): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  671.156624][T24357] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm
[  671.233775][T24357] BTRFS info (device loop7): enabling ssd optimizations
[  671.236116][T24357] BTRFS info (device loop7): using spread ssd allocation scheme
[  671.242558][T24357] BTRFS info (device loop7): enabling free space tree
[  671.244741][T24357] BTRFS info (device loop7): doing ref verification
[  671.246889][T24357] BTRFS info (device loop7): max_inline set to 4096
[  671.316350][T21383] BTRFS info (device loop7): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  673.658076][T24453] bond0: (slave dummy0): Releasing backup interface
[  673.662149][T24453] batman_adv: batadv0: Adding interface: dummy0
[  673.667308][T24453] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  673.675825][T24453] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  674.865717][T24487] loop7: detected capacity change from 0 to 1024
[  674.898872][T24487] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  674.996408][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  675.555498][T24520] loop7: detected capacity change from 0 to 65
[  675.578982][T24520] BFS-fs: bfs_fill_super(): NOTE: filesystem loop7 was created with 512 inodes, the real maximum is 511, mounting anyway
[  678.397477][T24591] netlink: 'syz.4.7963': attribute type 5 has an invalid length.
[  678.616222][T24601] 9pnet_fd: Insufficient options for proto=fd
[  679.273601][T24628] 9pnet_fd: Insufficient options for proto=fd
[  680.439175][T24655] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7990'.
[  680.445705][T24655] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7990'.
[  683.316825][T24715] netlink: 60 bytes leftover after parsing attributes in process `syz.5.8018'.
[  684.147162][T24738] loop7: detected capacity change from 0 to 8
[  684.156554][T24738] SQUASHFS error: xz decompression failed, data probably corrupt
[  684.161496][T24738] SQUASHFS error: Failed to read block 0x108: -5
[  684.163744][T24738] SQUASHFS error: Unable to read metadata cache entry [106]
[  684.172601][T24738] SQUASHFS error: Unable to read inode 0x11f
[  685.611797][T24772] loop7: detected capacity change from 0 to 8
[  685.622695][T24772] SQUASHFS error: xz decompression failed, data probably corrupt
[  685.633046][T24772] SQUASHFS error: Failed to read block 0x108: -5
[  685.635988][T24772] SQUASHFS error: Unable to read metadata cache entry [106]
[  685.638322][T24772] SQUASHFS error: Unable to read inode 0x11f
[  685.706928][T24775] netlink: 'syz.5.8044': attribute type 3 has an invalid length.
[  685.952669][T24788] syz.7.8052: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  685.976368][T24788] CPU: 1 UID: 0 PID: 24788 Comm: syz.7.8052 Not tainted syzkaller #0 PREEMPT(full) 
[  685.976395][T24788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  685.976405][T24788] Call Trace:
[  685.976414][T24788]  <TASK>
[  685.976421][T24788]  dump_stack_lvl+0x189/0x250
[  685.976450][T24788]  ? __pfx_dump_stack_lvl+0x10/0x10
[  685.976470][T24788]  ? __pfx__printk+0x10/0x10
[  685.976491][T24788]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  685.976508][T24788]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  685.976536][T24788]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  685.976574][T24788]  warn_alloc+0x214/0x310
[  685.976599][T24788]  ? stack_depot_save_flags+0x40/0x860
[  685.976624][T24788]  ? __pfx_warn_alloc+0x10/0x10
[  685.976647][T24788]  ? kasan_save_track+0x4f/0x80
[  685.976666][T24788]  ? xskq_create+0x56/0x170
[  685.976678][T24788]  ? xsk_init_queue+0xb0/0x110
[  685.976697][T24788]  ? xsk_setsockopt+0x4dc/0x8d0
[  685.976716][T24788]  ? do_sock_setsockopt+0x17c/0x1b0
[  685.976730][T24788]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  685.976745][T24788]  ? do_syscall_64+0xfa/0x3b0
[  685.976759][T24788]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  685.976778][T24788]  __vmalloc_node_range_noprof+0x125/0x12d0
[  685.976823][T24788]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  685.976844][T24788]  ? __kasan_kmalloc+0x93/0xb0
[  685.976864][T24788]  vmalloc_user_noprof+0xad/0xf0
[  685.976885][T24788]  ? xskq_create+0xbf/0x170
[  685.976898][T24788]  xskq_create+0xbf/0x170
[  685.976914][T24788]  xsk_init_queue+0xb0/0x110
[  685.976938][T24788]  xsk_setsockopt+0x4dc/0x8d0
[  685.976959][T24788]  ? __pfx_xsk_setsockopt+0x10/0x10
[  685.976979][T24788]  ? __pfx_aa_sk_perm+0x10/0x10
[  685.977003][T24788]  ? aa_sock_opt_perm+0xff/0x1b0
[  685.977019][T24788]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  685.977035][T24788]  ? __pfx_xsk_setsockopt+0x10/0x10
[  685.977055][T24788]  do_sock_setsockopt+0x17c/0x1b0
[  685.977076][T24788]  __x64_sys_setsockopt+0x13f/0x1b0
[  685.977096][T24788]  do_syscall_64+0xfa/0x3b0
[  685.977110][T24788]  ? lockdep_hardirqs_on+0x9c/0x150
[  685.977124][T24788]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  685.977137][T24788]  ? exc_page_fault+0x9f/0xf0
[  685.977152][T24788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  685.977165][T24788] RIP: 0033:0x7fd36f18eba9
[  685.977180][T24788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  685.977192][T24788] RSP: 002b:00007fd37004d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  685.977210][T24788] RAX: ffffffffffffffda RBX: 00007fd36f3d5fa0 RCX: 00007fd36f18eba9
[  685.977220][T24788] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  685.977257][T24788] RBP: 00007fd36f211e19 R08: 0000000000000004 R09: 0000000000000000
[  685.977266][T24788] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  685.977274][T24788] R13: 00007fd36f3d6038 R14: 00007fd36f3d5fa0 R15: 00007ffe2b26d938
[  685.977293][T24788]  </TASK>
[  685.977373][T24788] Mem-Info:
[  686.109472][T24788] active_anon:14618 inactive_anon:0 isolated_anon:0
[  686.109472][T24788]  active_file:15843 inactive_file:38887 isolated_file:0
[  686.109472][T24788]  unevictable:1768 dirty:165 writeback:0
[  686.109472][T24788]  slab_reclaimable:11113 slab_unreclaimable:59756
[  686.109472][T24788]  mapped:18243 shmem:11369 pagetables:1199
[  686.109472][T24788]  sec_pagetables:0 bounce:0
[  686.109472][T24788]  kernel_misc_reclaimable:0
[  686.109472][T24788]  free:256829 free_pcp:19954 free_cma:0
[  686.127310][T24788] Node 0 active_anon:14964kB inactive_anon:0kB active_file:31864kB inactive_file:150088kB unevictable:3536kB isolated(anon):136kB isolated(file):0kB mapped:34072kB dirty:240kB writeback:0kB shmem:5700kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6796kB pagetables:2592kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  686.139904][T24788] Node 1 active_anon:43508kB inactive_anon:0kB active_file:31508kB inactive_file:5460kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:38900kB dirty:420kB writeback:0kB shmem:39776kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5512kB pagetables:2000kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  686.152199][T24788] Node 0 DMA free:15100kB boost:0kB min:640kB low:800kB high:960kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:260kB local_pcp:0kB free_cma:0kB
[  686.163571][T24788] lowmem_reserve[]: 0 811 811 811 811
[  686.165897][T24788] Node 0 DMA32 free:213588kB boost:0kB min:33660kB low:42072kB high:50484kB reserved_highatomic:0KB free_highatomic:0KB active_anon:15032kB inactive_anon:0kB active_file:31864kB inactive_file:150088kB unevictable:3536kB writepending:240kB present:1556484kB managed:830888kB mlocked:0kB bounce:0kB free_pcp:42596kB local_pcp:14444kB free_cma:0kB
[  686.179004][T24788] lowmem_reserve[]: 0 0 0 0 0
[  686.181370][T24788] Node 1 DMA32 free:458616kB boost:0kB min:19192kB low:23988kB high:28784kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:524152kB managed:458616kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  686.195887][T24788] lowmem_reserve[]: 0 0 854 854 854
[  686.198351][T24788] Node 1 Normal free:348252kB boost:0kB min:36612kB low:45764kB high:54916kB reserved_highatomic:0KB free_highatomic:0KB active_anon:43496kB inactive_anon:0kB active_file:31504kB inactive_file:5460kB unevictable:3536kB writepending:436kB present:1048576kB managed:874952kB mlocked:0kB bounce:0kB free_pcp:29436kB local_pcp:11028kB free_cma:0kB
[  686.218009][T24788] lowmem_reserve[]: 0 0 0 0 0
[  686.222479][T24788] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15100kB
[  686.239756][T24788] Node 0 DMA32: 21*4kB (E) 198*8kB (UME) 363*16kB (UME) 273*32kB (UME) 271*64kB (UME) 218*128kB (UME) 112*256kB (UME) 51*512kB (UM) 25*1024kB (ME) 13*2048kB (UM) 11*4096kB (UM) = 213524kB
[  686.254307][T24788] Node 1 DMA32: 2*4kB (M) 2*8kB (M) 2*16kB (M) 2*32kB (M) 2*64kB (M) 1*128kB (M) 2*256kB (M) 2*512kB (M) 2*1024kB (M) 2*2048kB (M) 110*4096kB (M) = 458616kB
[  686.262891][T24788] Node 1 Normal: 303*4kB (ME) 400*8kB (UME) 118*16kB (UME) 428*32kB (UME) 191*64kB (UME) 217*128kB (UME) 108*256kB (UME) 29*512kB (UM) 36*1024kB (UM) 8*2048kB (UM) 47*4096kB (UM) = 348252kB
[  686.272359][T24788] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  686.284582][T24788] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  686.290320][T24788] 68818 total pagecache pages
[  686.292744][T24788] 0 pages in swap cache
[  686.295066][T24788] Free swap  = 124996kB
[  686.297430][T24788] Total swap = 124996kB
[  686.299142][T24788] 786301 pages RAM
[  686.395095][T24788] 0 pages HighMem/MovableOnly
[  686.397472][T24788] 241347 pages reserved
[  686.401625][T24788] 0 pages cma reserved
[  687.486890][T24817] netlink: 224 bytes leftover after parsing attributes in process `syz.5.8065'.
[  687.490815][T24817] netlink: 224 bytes leftover after parsing attributes in process `syz.5.8065'.
[  687.499128][T24817] netlink: 38 bytes leftover after parsing attributes in process `syz.5.8065'.
[  688.935235][T24874] netlink: 'syz.5.8091': attribute type 39 has an invalid length.
[  689.461612][T24890] futex_wake_op: syz.5.8099 tries to shift op by -1; fix this program
[  689.682974][T24899] netlink: 'syz.4.8103': attribute type 2 has an invalid length.
[  690.165940][T24908] loop7: detected capacity change from 0 to 764
[  690.322926][T24916] Symlink component flag not implemented
[  690.337051][T24916] Symlink component flag not implemented (116)
[  691.325237][T24936] netlink: zone id is out of range
[  691.329720][T24936] netlink: zone id is out of range
[  691.331839][T24936] netlink: zone id is out of range
[  691.334101][T24936] netlink: zone id is out of range
[  691.336278][T24936] netlink: zone id is out of range
[  691.339508][T24936] netlink: zone id is out of range
[  691.348396][T24936] netlink: zone id is out of range
[  691.351202][T24936] netlink: zone id is out of range
[  691.353447][T24936] netlink: zone id is out of range
[  691.355979][T24936] netlink: zone id is out of range
[  692.214040][   T33] audit: type=1326 audit(528020.120:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24965 comm="syz.7.8134" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36f18eba9 code=0x7ffc0000
[  692.234721][   T33] audit: type=1326 audit(528020.138:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24965 comm="syz.7.8134" exe="/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7fd36f18eba9 code=0x7ffc0000
[  692.249811][   T33] audit: type=1326 audit(528020.138:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24965 comm="syz.7.8134" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36f18eba9 code=0x7ffc0000
[  692.258964][   T33] audit: type=1326 audit(528020.138:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24965 comm="syz.7.8134" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36f18eba9 code=0x7ffc0000
[  692.303474][T24968] loop7: detected capacity change from 0 to 256
[  692.410462][T24970] loop7: detected capacity change from 0 to 16
[  692.440137][T24970] erofs (device loop7): mounted with root inode @ nid 36.
[  692.830375][T24982] 9pnet_fd: Insufficient options for proto=fd
[  693.932092][T25024] netlink: 'syz.5.8163': attribute type 1 has an invalid length.
[  693.932431][T25025] netlink: 'syz.4.8162': attribute type 17 has an invalid length.
[  693.938582][T25025] netlink: 148 bytes leftover after parsing attributes in process `syz.4.8162'.
[  695.791636][T25086] pimreg: entered allmulticast mode
[  695.796491][T25086] pimreg: left allmulticast mode
[  696.733630][T25102] net_ratelimit: 17 callbacks suppressed
[  696.733659][T25102] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  696.740626][T25102] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  697.836740][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  697.839655][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  699.390246][T25147] loop7: detected capacity change from 0 to 512
[  699.435267][T25147] EXT4-fs (loop7): 1 orphan inode deleted
[  699.450203][T25147] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  699.485220][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  699.801331][T25182] loop7: detected capacity change from 0 to 128
[  699.808831][T25182] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  699.926872][   T33] audit: type=1326 audit(528027.342:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25187 comm="syz.4.8238" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  699.935444][   T33] audit: type=1326 audit(528027.342:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25187 comm="syz.4.8238" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  699.943919][   T33] audit: type=1326 audit(528027.342:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25187 comm="syz.4.8238" exe="/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  699.952294][   T33] audit: type=1326 audit(528027.342:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25187 comm="syz.4.8238" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  699.961004][   T33] audit: type=1326 audit(528027.342:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25187 comm="syz.4.8238" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  699.970262][   T33] audit: type=1326 audit(528027.342:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25187 comm="syz.4.8238" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  700.351027][   T33] audit: type=1326 audit(528027.342:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25187 comm="syz.4.8238" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  700.365029][   T33] audit: type=1326 audit(528027.342:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25187 comm="syz.4.8238" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  700.373505][   T33] audit: type=1326 audit(528027.342:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25187 comm="syz.4.8238" exe="/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  700.382415][   T33] audit: type=1326 audit(528027.342:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25187 comm="syz.4.8238" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d7d8eba9 code=0x7ffc0000
[  700.803147][T21383] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  700.869784][T25214] loop7: detected capacity change from 0 to 512
[  700.872863][T25214] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  700.910032][T25214] EXT4-fs (loop7): 1 truncate cleaned up
[  700.913781][T25214] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  700.954765][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  701.666305][T25233] overlayfs: failed to clone upperpath
[  701.670555][T25233] overlayfs: failed to clone lowerpath
[  702.205370][T25269] loop7: detected capacity change from 0 to 512
[  702.209967][T25269] EXT4-fs (loop7): orphan cleanup on readonly fs
[  702.217330][T25269] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.8271: bg 0: block 248: padding at end of block bitmap is not set
[  702.227776][T25269] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.8271: Failed to acquire dquot type 1
[  702.233318][T25269] EXT4-fs (loop7): 1 truncate cleaned up
[  702.246230][T25269] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  702.271804][T21383] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  702.411101][T25280] netlink: 'syz.7.8276': attribute type 3 has an invalid length.
[  702.462558][T25282] loop7: detected capacity change from 0 to 1764
[  702.474503][T25282] iso9660: Corrupted directory entry in block 2 of inode 1920
[  702.525951][T25284] gfs2: path_lookup on tmpfs returned error -2
[  705.526524][ T5238] Bluetooth: hci1: command 0x0406 tx timeout
[  705.586858][T25378] netlink: 36 bytes leftover after parsing attributes in process `syz.5.8323'.
[  705.591006][T25378] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8323'.
[  705.594576][T25378] netlink: 36 bytes leftover after parsing attributes in process `syz.5.8323'.
[  705.597684][T25378] netlink: 36 bytes leftover after parsing attributes in process `syz.5.8323'.
[  707.259685][T25436] hsr0: entered promiscuous mode
[  707.262757][T25436] macsec1: entered promiscuous mode
[  707.637766][T25446] overlayfs: failed to clone upperpath
[  708.272479][T25459] loop7: detected capacity change from 0 to 32768
[  708.301503][T25459] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  708.309381][T25472] futex_wake_op: syz.4.8362 tries to shift op by 36; fix this program
[  708.331188][T25459] XFS (loop7): Ending clean mount
[  708.341388][T25459] XFS (loop7): Quotacheck needed: Please wait.
[  708.461576][T25459] XFS (loop7): Quotacheck: Done.
[  708.499342][T21383] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  708.861687][T25491] loop7: detected capacity change from 0 to 32768
[  708.996483][T25491] bcachefs (loop7): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  708.996499][T25491]   allowing incompatible features above 0.0: (unknown version)
[  708.996505][T25491]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  709.008331][T25506] rdma_op ffff8881116bb9f0 conn xmit_rdma 0000000000000000
[  709.012016][T25491] bcachefs (loop7): Using encoding defined by superblock: utf8-12.1.0
[  709.012065][T25491] bcachefs (loop7): initializing new filesystem
[  709.023115][T25491] bcachefs (loop7): going read-write
[  709.037834][T25491] bcachefs (loop7): marking superblocks
[  709.044756][T25491] bcachefs (loop7): initializing freespace
[  709.048378][T25491] bcachefs (loop7): done initializing freespace
[  709.051591][T25491] bcachefs (loop7): reading snapshots table
[  709.054191][T25491] bcachefs (loop7): reading snapshots done
[  709.098109][T25491] bcachefs (loop7): done starting filesystem
[  709.232579][T21383] bcachefs (loop7): shutting down
[  709.241539][T21383] bcachefs (loop7): going read-only
[  709.243965][T21383] bcachefs (loop7): finished waiting for writes to stop
[  709.265821][T21383] bcachefs (loop7): flushing journal and stopping allocators, journal seq 3
[  709.355945][T21383] bcachefs (loop7): flushing journal and stopping allocators complete, journal seq 4
[  709.369936][T21383] bcachefs (loop7): clean shutdown complete, journal seq 5
[  709.373538][T21383] bcachefs (loop7): marking filesystem clean
[  709.425305][T21383] bcachefs (loop7): shutdown complete
[  710.560706][T25540] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  710.564084][T25540] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  710.567962][T25540] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  710.575374][T25540] overlayfs: missing 'lowerdir'
[  711.421998][T25578] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
[  711.426842][T25578] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  711.430288][T25578] CPU: 1 UID: 0 PID: 25578 Comm: syz.4.8403 Not tainted syzkaller #0 PREEMPT(full) 
[  711.435224][T25578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  711.438575][T25578] RIP: 0010:xfrm_alloc_spi+0xe0e/0xf30
[  711.440396][T25578] Code: 00 fc ff df 80 3c 03 00 4c 8b 34 24 74 08 4c 89 f7 e8 26 bd 00 f8 4d 8b 36 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 48 8b 5c 24 58 74 08 4c 89 f7 e8 ef bd 00 f8 4d 89 3e
[  711.446664][T25578] RSP: 0018:ffffc9000748f0e0 EFLAGS: 00010246
[  711.449090][T25578] RAX: 0000000000000000 RBX: 1ffff11021f87366 RCX: dffffc0000000000
[  711.451855][T25578] RDX: ffffc90008b49000 RSI: 00000000000001ad RDI: 00000000000001ae
[  711.454520][T25578] RBP: ffffc9000748f230 R08: dffffc0000000000 R09: 0000000000000002
[  711.457300][T25578] R10: 000000000000000a R11: 0000000000000002 R12: 1ffff11021f87366
[  711.460525][T25578] R13: ffff88810fc39b30 R14: 0000000000000000 R15: ffff88810fc39b28
[  711.463641][T25578] FS:  00007f48d5ff66c0(0000) GS:ffff8881a3c15000(0000) knlGS:0000000000000000
[  711.467239][T25578] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  711.469850][T25578] CR2: 0000001b2f61eff8 CR3: 00000001051cc000 CR4: 00000000000006f0
[  711.472272][T25578] Call Trace:
[  711.473397][T25578]  <TASK>
[  711.474334][T25578]  ? xfrm_alloc_spi+0x2a0/0xf30
[  711.475845][T25578]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  711.477366][T25578]  ? xfrm_find_acq+0x87/0xa0
[  711.478688][T25578]  xfrm_alloc_userspi+0x70b/0xc90
[  711.480387][T25578]  ? apparmor_capable+0x137/0x1b0
[  711.481978][T25578]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  711.483845][T25578]  ? __nla_parse+0x40/0x60
[  711.485262][T25578]  xfrm_user_rcv_msg+0x7a3/0xab0
[  711.486856][T25578]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  711.488748][T25578]  ? __pfx___mutex_trylock_common+0x10/0x10
[  711.490830][T25578]  ? rcu_is_watching+0x15/0xb0
[  711.492388][T25578]  ? trace_contention_end+0x39/0x120
[  711.494080][T25578]  ? __mutex_lock+0x335/0x1350
[  711.495592][T25578]  netlink_rcv_skb+0x208/0x470
[  711.497116][T25578]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  711.498816][T25578]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  711.500482][T25578]  ? netlink_deliver_tap+0x2e/0x1b0
[  711.502160][T25578]  ? netlink_deliver_tap+0x2e/0x1b0
[  711.503881][T25578]  xfrm_netlink_rcv+0x79/0x90
[  711.505371][T25578]  netlink_unicast+0x82f/0x9e0
[  711.506884][T25578]  ? __pfx_netlink_unicast+0x10/0x10
[  711.508733][T25578]  ? netlink_sendmsg+0x642/0xb30
[  711.510592][T25578]  ? skb_put+0x11b/0x210
[  711.512258][T25578]  netlink_sendmsg+0x805/0xb30
[  711.514145][T25578]  ? __pfx_netlink_sendmsg+0x10/0x10
[  711.516190][T25578]  ? aa_sock_msg_perm+0xf1/0x1d0
[  711.517769][T25578]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  711.519449][T25578]  ? __pfx_netlink_sendmsg+0x10/0x10
[  711.521325][T25578]  __sock_sendmsg+0x21c/0x270
[  711.522950][T25578]  ____sys_sendmsg+0x505/0x830
[  711.524920][T25578]  ? __pfx_____sys_sendmsg+0x10/0x10
[  711.526962][T25578]  ? import_iovec+0x74/0xa0
[  711.528774][T25578]  ___sys_sendmsg+0x21f/0x2a0
[  711.530717][T25578]  ? __pfx____sys_sendmsg+0x10/0x10
[  711.532851][T25578]  ? __fget_files+0x2a/0x420
[  711.534727][T25578]  ? __fget_files+0x3a0/0x420
[  711.536267][T25578]  __x64_sys_sendmsg+0x19b/0x260
[  711.537863][T25578]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  711.539669][T25578]  ? rcu_is_watching+0x15/0xb0
[  711.541270][T25578]  ? do_syscall_64+0xbe/0x3b0
[  711.542861][T25578]  do_syscall_64+0xfa/0x3b0
[  711.544638][T25578]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  711.547229][T25578]  ? asm_sysvec_call_function_single+0x1a/0x20
[  711.549735][T25578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  711.552089][T25578] RIP: 0033:0x7f48d7d8eba9
[  711.553870][T25578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  711.561405][T25578] RSP: 002b:00007f48d5ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  711.564734][T25578] RAX: ffffffffffffffda RBX: 00007f48d7fd5fa0 RCX: 00007f48d7d8eba9
[  711.567716][T25578] RDX: 0000000000000010 RSI: 0000200000000640 RDI: 0000000000000006
[  711.571014][T25578] RBP: 00007f48d7e11e19 R08: 0000000000000000 R09: 0000000000000000
[  711.574210][T25578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  711.577358][T25578] R13: 00007f48d7fd6038 R14: 00007f48d7fd5fa0 R15: 00007fff56056e18
[  711.580579][T25578]  </TASK>
[  711.581782][T25578] Modules linked in:
[  711.583730][T25578] ---[ end trace 0000000000000000 ]---
[  711.585810][T25578] RIP: 0010:xfrm_alloc_spi+0xe0e/0xf30
[  711.588041][T25578] Code: 00 fc ff df 80 3c 03 00 4c 8b 34 24 74 08 4c 89 f7 e8 26 bd 00 f8 4d 8b 36 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 48 8b 5c 24 58 74 08 4c 89 f7 e8 ef bd 00 f8 4d 89 3e
[  711.594966][T25578] RSP: 0018:ffffc9000748f0e0 EFLAGS: 00010246
[  711.597508][T25578] RAX: 0000000000000000 RBX: 1ffff11021f87366 RCX: dffffc0000000000
[  711.600602][T25578] RDX: ffffc90008b49000 RSI: 00000000000001ad RDI: 00000000000001ae
[  711.603628][T25578] RBP: ffffc9000748f230 R08: dffffc0000000000 R09: 0000000000000002
[  711.606621][T25578] R10: 000000000000000a R11: 0000000000000002 R12: 1ffff11021f87366
[  711.609886][T25578] R13: ffff88810fc39b30 R14: 0000000000000000 R15: ffff88810fc39b28
[  711.613040][T25578] FS:  00007f48d5ff66c0(0000) GS:ffff8881a3c15000(0000) knlGS:0000000000000000
[  711.616468][T25578] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  711.619060][T25578] CR2: 0000001b2f61eff8 CR3: 00000001051cc000 CR4: 00000000000006f0
[  711.621562][T25578] Kernel panic - not syncing: Fatal exception in interrupt
[  711.624641][T25578] Kernel Offset: disabled
[  711.626011][T25578] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:33:22  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff8164bbf3 RBX=0000000000000000 RCX=ffff88801bf71cc0 RDX=0000000040000000
RSI=0000000000000000 RDI=0000000000000000 RBP=ffffc9000344f6f0 RSP=ffffc9000344f520
R8 =ffff88801bf71cc7 R9 =1ffff110037ee398 R10=dffffc0000000000 R11=ffffed10037ee399
R12=0000000000000000 R13=0000000000000000 R14=ffff88801bf71cc0 R15=0000000000000000
RIP=ffffffff8164b7a2 RFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fd37004d6c0 ffffffff 00c00000
GS =0000 ffff8880b8615000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000004000 CR3=000000002b54e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=d8020010ce030802 0010cc0314040010
XMM02=10e80304080010e0 0300020010d00302 XMM03=02100019b00303f0 1000189003120800
XMM04=0019e00300100019 d00300100019c003 XMM05=0120100019800401 0000060806060168
XMM06=e600080019e00300 100019d003001000 XMM07=19c00302100019b0 0303f01000189003
XMM08=12080010e8030408 0010e00300020010 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff33bea60 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=000000000000136d RDI=000000000000136e RBP=ffffffff99df56d0 RSP=ffffc9000748e810
R8 =ffff888107b80237 R9 =1ffff11020f70046 R10=dffffc0000000000 R11=ffffffff854fa9e0
R12=dffffc0000000000 R13=0000000000000000 R14=ffffffff99df5440 R15=0000000000000000
RIP=ffffffff854faa57 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f48d5ff66c0 ffffffff 00c00000
GS =0000 ffff8881a3c15000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2f61eff8 CR3=00000001051cc000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffff000000000000 0000000000000000 XMM01=2323232323232323 2323232323232323
XMM02=0000000000000004 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ffff000000000000 0000000000000000 XMM05=00007f48d7fa7478 00007f48d7fa74c0
XMM06=00007f48d7fa74b8 00007f48d7fa74b0 XMM07=00007f48d7fa74a8 00007f48d7fa74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f48d7e12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
