last executing test programs:

3m35.048938019s ago: executing program 1 (id=608):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000540)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x11, 0x20, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0xdf}, {0xd, 0x24, 0xf, 0x1, 0x7, 0x0, 0x3, 0x5}, {0x6, 0x24, 0x1a, 0x401, 0x26}}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x6, 0x4, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0xf1, 0x16, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x650, 0x26, 0x0, 0x7}}}}}}}]}}, 0x0)
ioctl$EVIOCRMFF(r0, 0x5501, &(0x7f0000000500))

3m33.79887484s ago: executing program 1 (id=616):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TCSETSF(r0, 0x5457, &(0x7f0000000000)={0x0, 0x629, 0xffffffff, 0x0, 0x7, "7a58bea88a00"})

3m33.699601221s ago: executing program 1 (id=617):
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000002980)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r1 = syz_open_dev$usbmon(&(0x7f00000002c0), 0x13dd, 0xc01)
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000240), 0x8080, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

3m32.789840976s ago: executing program 1 (id=621):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0)
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})

3m32.606770463s ago: executing program 1 (id=622):
socket(0x2b, 0x80801, 0x1)
socket$inet6(0xa, 0x80003, 0xff)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0x6, 0xa}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000007000000010001"], 0x48)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6(0xa, 0x5, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet6(0xa, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r3], 0x3c}}, 0x0)

3m32.278633098s ago: executing program 1 (id=624):
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
r0 = syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000003a40), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f00000001c0)={0x1})
chdir(&(0x7f0000000200)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0))

3m32.190320254s ago: executing program 32 (id=624):
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
r0 = syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000003a40), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f00000001c0)={0x1})
chdir(&(0x7f0000000200)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0))

3m24.886729001s ago: executing program 3 (id=702):
r0 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000001600), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000140)=0x2)
ioctl$BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f0000000180)={{r1}, 0x1, &(0x7f00000000c0)=[0x5], 0x9, 0xd, 0x1})

3m24.656710746s ago: executing program 3 (id=703):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
writev(r0, &(0x7f0000000240)=[{&(0x7f0000001040)="4aa9edad01cb8162ab0b7e9340", 0xd}], 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "0300", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "c1799d70", "bb0001000100"}, 0x28)

3m24.488213773s ago: executing program 3 (id=708):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20008845, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, 0x18)

3m24.4643223s ago: executing program 3 (id=710):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080), 0x3, 0x4cd, &(0x7f00000000c0)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000980)='./file0\x00', 0x0, 0x0)
getdents(r0, 0xfffffffffffffffd, 0x58)

3m24.303122396s ago: executing program 3 (id=712):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@response={0x2, 0x0, 0x0, "82d18160f7d8dda36479a6b179161b4bbff2d0508977b3928ebd2dee05607d17", "0194bd7b1b0303c5ba7f602606a285b3", {"30da2d58da817f8a5f77a23de36a2164", "3b33cfa231a427159c7b9f0eceb155f0"}}}}}}}, 0x0)

3m23.905942784s ago: executing program 3 (id=714):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x2, [@func_proto={0x0, 0x4, 0x0, 0xd, 0x5f5e0ff, [{}, {}, {0x0, 0x1000004}, {0xfffffffc}]}]}}, &(0x7f0000000f40)=""/4096, 0x46, 0x1000, 0xa}, 0x28)

3m23.801279926s ago: executing program 33 (id=714):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x2, [@func_proto={0x0, 0x4, 0x0, 0xd, 0x5f5e0ff, [{}, {}, {0x0, 0x1000004}, {0xfffffffc}]}]}}, &(0x7f0000000f40)=""/4096, 0x46, 0x1000, 0xa}, 0x28)

1m59.014844777s ago: executing program 4 (id=1775):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x78}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xc4)
write$sndseq(r1, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff81}, {}, {}, @time=@time}], 0xc4)
write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0xc4)
write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)
write$sndseq(r1, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0xc4)

1m58.881956894s ago: executing program 4 (id=1777):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0xffffffb6, 0xffffffff})
r0 = shmget$private(0x0, 0x3000, 0x54001800, &(0x7f000010d000/0x3000)=nil)
shmctl$SHM_UNLOCK(r0, 0xc)

1m58.818802919s ago: executing program 4 (id=1778):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f0000000280)="68beb429b85c2331395ae795eed1", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1m58.818641943s ago: executing program 4 (id=1779):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800002, &(0x7f0000000600)={[{@force}, {@nodecompose}, {@gid}, {@nls={'nls', 0x3d, 'macinuit'}}, {@gid}, {@type={'type', 0x3d, "1e4310ee"}}, {@nobarrier}, {@nobarrier}]}, 0x3, 0x6b3, &(0x7f0000000780)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7HipJXjorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHhlHskbhxyAIzmz9pre+PYieN1289Hmp03+96895tf5s/ubKwJ8Jl1/vXs76fI+RMXbpXL9+72Fu7d7V0flJNMJGkl7XqWopsUHyfnUk/5fPlm013xsHFevf9R0X7/w1691G6mqn1rs/U2GNmynxxYWdiXZKou/mcLHbZG91dNVT+XVvt7TMVK3GXCjg8SB+O2vEF/tXLUobHW1o9bYM+6XV83N5hMDqa+upafA9KcHR59Zhi/Tc9N/d2LAwAAAJ6Wkd/lhz3zIA9yK4d2JxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4dCjqZwYWzdQalKdSDJ7/3xl6pn5nzOE+ofeuVLPvPjPuQAAAAAAAAADgiRx7kAe5lUOD5eWi+s3/pWrhcPX6ubydm5nLYk7mVmazlKUsZibJ5FBHnVuzS0uLMxvX/GXKNZeXl283a54euebptXH11wc66n8abGgEAAAAAAAAAJ9ZP8r51d//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLyiSffWsmg4PypNptZMcSNIpplaad8Ya7A7487gDAAAAgKev28wPFf+rC8tF9Z3/SPW9/0Dezo0sZT5LWchcLlf3Aupv/a2/93sL9+72rpfTxo6/8a9txVH1mPrew+iRp6sWL6yscT7fzvdyIlO5mMXM5/uZzVLmMpVvVaXZFJls7l5M3rvbzSDWjfGeW7N0cX1sx4bKZXxHq0i6uZL5KraTudQZhN5q2h0dGu2PnWTdiHfK7BSvNbaYo8vNvNyiXzTzvWGy2vL9KxmZbnJfZuPZ4bxvzP0295P1I82ktXIP6vDqKOXi+pEeK+cHm3mZ658+3Zxv81ba2kz0f14uDfa+I5vnPPnyP/5y8WrrxrWrV26e2Du70WNav0/0hjLx4pYysVBmov8EmTjwJPHvnE6Tjfosur2z5UvVuocyn+/kzVzOXM5kOjM5m+l8LafTy+mhvL6weV6rY621vWPt+JeaQnlN+tnQtWnXTDysoszrs0N5HT7TTVZ1w++sZum5LWSp6GR0lv45MpT2F5pCOcaPh64447c+EzNDmXh+80z8+r/LSW4u3Li2eHX2rS2O93IzLw/b99aem3+zIxu0fc3mlvvLc+U/VurLxvDeUdY9P6hbl69O84tLu+lsTV0n1fFc1z3qSC17OnJnVE913YsjR+lVdUeH6tZ8ysmbWVj5FNLY9YMUgC04+MrBTvd+92/dD7o/6V7tXjjwzYmzE1/sZP9f23/a97vWb1tfL17JB/lhDo07UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4+c6712YXFuYW92AhrR3u8M7IqkEq6nc6I9ocyx7IxiejMLHZHvX71I9resjqnXHE3M1D49ndQtq7MNZERlRdWHmnm7RW4klybY884A54Gk4tXX/r1M133v3K/PXZN+bemLtx+uyZ1870vjpz+9SV+YW56fq1adwec7DAjlr9GDDuSAAAAAAAAAAAAICt2o0/bxgxbNEfw7YCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn0znX8/+forMTJ+cLpfv3e0tlNOgvNqynaSVpPhBUnycnEs9ZXKou+Jh47x6/6Nfvfz+h73VvtqD9q116/3h38vL29yKfjNlKsm+Zv5oE1vq79JQf/1tBlYrVrawTNjxQeJg3P4fAAD//+/HBYc=")
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)

1m58.638118379s ago: executing program 4 (id=1783):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x2180, 0x0, 0x0, 0x0, 0x0, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)

1m58.38037957s ago: executing program 4 (id=1788):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x40)
sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000001bc0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001a40)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x2004e101}, 0x0)
close(r0)

1m58.256172152s ago: executing program 34 (id=1788):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x40)
sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000001bc0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001a40)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x2004e101}, 0x0)
close(r0)

49.657498882s ago: executing program 0 (id=2679):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22004006, &(0x7f00000010c0)={[{@jqfmt_vfsold}, {@nouid32}, {@nobh}, {@stripe={'stripe', 0x3d, 0xffff}}, {@block_validity}, {@grpjquota, 0x22}], [], 0x2}, 0xc4, 0x46f, &(0x7f0000000940)="$eJzs3EtvG0UcAPD/rpv0RR6U8ugDaiiIiELSpAUqxAUEUi9ISHCAY0hDFZq2qAkSrSpaECpHxCcAjkh8Ak5wQcAJxBXuCKlCvVA4IKO1d4kT28Gx67qpfz9p45l9eOa/uxPP7ngdwMAqZ3+SiEpE/BIRY7Xs6hXKtZfr1y7O/XXt4lwSlcorfyTV9f68dnGuWLXYbmeemUgj0g+T2Nek3KXzF07NLi7On8vzU8un355aOn/hiYXTsyfnT86fmTl27OiR6aefmnnyhsQ5ktV173tn9+85/vonL81V4o3vv8zqe0e+vD6OmvGuyyxHefW+rBqu/n2k63e/tYzUpZMtfawIG1KKiOxwDVXb/1iUYuXgjcWLH/S1ckBPVSqVytaGuaUicbkC3MaS6HcNgP4oPuiz699iuondj767+lztAiiL+3o+1ZZsiTR72Va7Yh/pUfnliHjt8t+fZlM0vQ/R3LYe1QcAuP19nfV/Hm/W/xtN7qlbbzQfGxqPiEMRsSsi7oqI3RFxd0Rk694bEfdtsPzymnxj/+en7R0F1qas//dsPra1uv+XFquMl/LcSDX+oeTNhcX5w/k+mYihrVl+ep0yvnnh549bLavv/2VTVn7RF8zr8fuWNTfoTswuz3YTc71nFmqvjfGv3BdIImJPROzt4P2zfbbw2Bf7s/Tozsbl/x//Om7AOFPl84hHa/FfjjXxF5JaSa3GJ6e2xeL84anirGj0w49XXq7PD9Wlu4r/Brj6fsSOFse/qmgGxXjt0sbLuPLrRy2vaTo9/4eTV6vp4Xzeu7PLy+emI4bzGavmz6xsW+SL9bP4Jw42i3802RXxz2f5dvsiIjuJ74+IByLiQF73ByPioYg4uE783z3/8Fvr76H+Hv8T6x3/iPGkfry+g0Tp1LdftSq/veN/tJqayOe08/+v3Qp2s+8AAABgs0ir34FP0sn/0mk6OVn7Dv/u2JEunl1aPlSOd86cqH1XfjyG0uJO11jd/dDp/N5wkZ9Zkz8SEXdW7yhur+Yn584u9mpMHWjPzhbtP/Nbqd+1A3puQ+NojU+0AZuY5zVhcGn/MLi0fxhc2j8Mrmbt/1LE9T5UBbjJfP7D4NL+YXBp/zC4tH8YSI2PxBc/t9LJk/4riV3Hu9p8gBKlHr1z1P9oRw8SkfZ913WeSG+FahzIE1sjot2tLvX0mK49fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa/fwMAAP//GCvoLw==")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f00000001c0)={[{@usrquota}, {@usrjquota, 0x22}, {@data_ordered}, {@noload}, {@noinit_itable}, {@grpjquota, 0x22}, {@init_itable}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x61, &(0x7f00000001c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000))

49.487769367s ago: executing program 0 (id=2682):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@cache_strategy_disabled}, {@cache_strategy_readahead}, {@noacl}, {@noacl}, {@nouser_xattr}, {}]}, 0xfe, 0x177, &(0x7f0000000680)="$eJzslL9KA0EQxr/diwkROztBLAwYi1zuLio2IsEXCPgPO6M5Q/RiQnKCiZXY+gC2tr5CGsEXUSsRUlpH9naTWyV/RNAgzq+Y+/Z2dm52Dj4QBPFveX56e7x+bV0YAKaQQEy9fzHCHK7ln+XiB9OpjbvWzcPVenW20q9mp/P170cA3GcN+L2zH08n1HMLvKe3wbGo9C4YTKX3wbGjtAuGPaWPNV0R+aZ5VPJc87DiFYSwRLBFcETIfO6vfclQ0Ppj2n690TzJe55b+0Exan7tLMea1p/+v7qzsbT52eCwlc6AYVPpVcS6s5Ej0e4/EwnrG798fxIkSPw1EfpT55ZhQfOniOYfab9cTdcbzVSpnC+6RffUcTIr1pJlLTvpwIhkHOJ/8cCfJrX6EwNyoyyK87zv12wZe2tHxn6OywP/40jOy7Xw/ujAbuQ+U+dYoJLGkHSCIIixMQcWeOYInNy4GyUIgiAIgiAIgiAI4tu8BwAA//9iEXZY")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)

49.368126391s ago: executing program 0 (id=2684):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000004ec0)=[{{&(0x7f0000001a80)={0xa, 0x4e20, 0x6, @empty, 0x90}, 0x1c, &(0x7f0000002100)=[{&(0x7f0000001ac0)='a', 0x1}], 0x1}}], 0x1, 0x240409d0)

49.305939207s ago: executing program 0 (id=2685):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@jqfmt_vfsv0}, {@norecovery}, {@nogrpid}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000140)='./file0\x00')
readlink(&(0x7f0000000100)='./file2\x00', &(0x7f0000000140)=""/61, 0x3d)

49.013729892s ago: executing program 0 (id=2687):
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file1\x00', 0xa, &(0x7f00000002c0)=ANY=[], 0x0, 0x19d, &(0x7f0000000000)="$eJzs0L9rE2Ecx/H393kul1ap9ao4RLARi/FKNbmrOjgFpwgNOLg4BA0xtsUEbS+DLS10kYIU+i/oVDd/gE4iFpyLg+Ag59JNmqE4iNPJXZ7gH9HnBXef+37g+D48C9FSlAfcw7UWVTKaE3xFcIBJGXRKDfKDmX+Z3B4EN828ZfKVyePRyuqjZqfTXi7eKOJB4X8B/M66YUX0ljOKvlBFvh+utZpyv05SpavyE2aRbmTnKjhjnL6HJiltcUuxJKU5GC/3uk/K0crq5cVuc749n4yH4ez1ytVK5VpYfrjYaVfeI/5zUbxgHb9O/jWj/jq5Bs/2nGPMCOKfVLGW6T5ug+09fenCTB/lH5AgKPogLBTVHS6mN+JBjVPCS3SdqTlGFQ7ZohpyW72TwPnm/MkpRja0vtJ63HmweVfJX3enKgcjEuyTKwWE0wGz3nkKTLDLZsxUTC1mJ2b/J5PyMd0yvFdnI32/MdNZzoHL02avtxy48EVKdcL08WDsM+yisnN58Mn8Y4Ifww/LsizLsizLsizrCPgXAAD//6jEXrc=")

46.768517255s ago: executing program 0 (id=2702):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x421, 0x0, 0x25dfdbfb, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x40}}, 0x0)

46.641657724s ago: executing program 35 (id=2702):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x421, 0x0, 0x25dfdbfb, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x40}}, 0x0)

17.284625306s ago: executing program 5 (id=3096):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x30, 0x24, 0xd0f, 0x470bd2d, 0x25dfdbfc, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080)
sendmsg$nl_route_sched(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0xd27, 0xebd, 0x0, {0x0, 0x0, 0x0, r2, {0xffe0, 0xfff1}, {0x0, 0xfff2}, {0x4, 0x8}}}, 0x24}}, 0x0)

17.284408737s ago: executing program 5 (id=3097):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
syz_emit_ethernet(0x42, &(0x7f0000000140)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x34, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x4, 0x6071, 0x0, 0xe7, {[@timestamp={0x8, 0xa, 0x80000001, 0x5}]}}}}}}}, 0x0)

17.217097106s ago: executing program 5 (id=3099):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x100, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x28, 0x2, 0x6, 0xfffff034}, {0x6, 0x99, 0xff, 0x2}]}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000001080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x3, 0x1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)

17.216971511s ago: executing program 5 (id=3100):
r0 = timerfd_create(0x0, 0x0)
timerfd_gettime(r0, 0x0)

17.21670414s ago: executing program 5 (id=3102):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x2000, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008452, &(0x7f0000000000), 0x7, 0x4d2, &(0x7f0000000740)="$eJzs3EFsFFUYAOB/ti0tUKQiolTUIhobjS0UFA4mBqKJB02MeNBj0xaCFGpoTYQQWRKDR0Pi3Xj06sGrejOeTLzi0cSQEENiAE9jZne23W6n27LdstJ+X7LsezNv5s2bN2/2zXtMA9i0hrJ/koj+iLgRETsjotSYYKj6dff25Yl7ty9PRDlNT/6dZJvFnSyeS/Lv7XlkuBRR+iJZWFFn9uKls+PT01MX8vjo3LlPRmcvXnrlzLnx01Onp86PHTt25PCho6+NvXr/hSrILyvXncHPZ/btffuj6+9OdNeW9+Xf9eVol6EYKjqUihfanVmH7agLJ93NUr6x/gfDqmXXf1ZdPZX2vzO6omnlARtImqZp7/Kry2mjq0uWAA+tJDp9BEBn1H7os+ff2qeoI7BlfbofHXfrePUBKCv33fwT8WxlYW0cpKfh+badhiLiw/K/32SfWKdxCACAej8dr/UEG/p/AxF76tI9ks+hDETEoxGxKyIei4jdEfF4VNM+ERFPNuy/KyLSJvkPNcSX9n9KN9dWwuay/t/r+dzWQv8v6mfBBrry2I6IWod56mB+Toajp/fUmempQ03y+PnN379abl19/y/7ZPnX+oL5cdzsbhigmxyfG2+5wA1uXY0Y7G4sf9IdkczPBCQRsTciBhdteeKfZvsdqAufeem7ffORnsXpVi5/RVo4j9aGqYr024gXq/VfjkX1v5Bj0nx+crQvpqcOjmZXwcHCPH797dp7y+W/Yvl/+LNxk7eO/ngyb1lrl9X/trrrP2rztwvlH0gikvn52tkVdlhauujaH18u+0zT6vW/JfmgEq49l342Pjd34VDEluSdpcvHFratxbPvKFfLP3yguP3vyrfJzsRTEZFdxE9HxDNRfUIcivTK/oh4LiIONDklv5x4/uNVl78viq7/dZOVf7Lw/reo/hfm65cLJOVq6oJVXWf337g3WJz/6ur/SCU0nC8pvv8li24RTY50UWCt5w8AAAAeBqWI6K8bS+qPUmlkpDoGtDu2laZnZudePjXz6fnJ6jsCA9FTqo10VceDe5La+OdAXXysIX44Hzf+umtrJT4yMTM92dGSA9srbT4pjczfC6rtP/NXe4aYgf8zr/zA5rVS+99z/QEdCPDA+f2Hzauu/ZeXSVL2P2VgY1rN77+xQNiYitr/lRa2AR4uqbYMm9r9tH/3CthYuuP9+XDB+5vABuY3HTalVb0k33Ig7S1e1RdLE0df8x12RWuHsbUgr44Esp5VR3Lf2spWtb+msGyaKN3fDnujPXV6au2n5fSetl/8aT4/1u4a/L61dhqx5tyb3zfG+tfvngQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBO/wUAAP//IGPbXQ==")
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

17.087629291s ago: executing program 5 (id=3106):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=@newlink={0x48, 0x10, 0xc3b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x10, 0x21800}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0x47033}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}]}}}]}, 0x48}}, 0x0)

2.088212142s ago: executing program 36 (id=3106):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=@newlink={0x48, 0x10, 0xc3b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x10, 0x21800}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0x47033}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}]}}}]}, 0x48}}, 0x0)

1.186133633s ago: executing program 2 (id=3288):
r0 = syz_io_uring_setup(0x5c2, &(0x7f00000002c0)={0x0, 0x3594, 0x10, 0x1003, 0x21e}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x0, 0x3938700}, 0x1, 0x8})
syz_io_uring_setup(0xa4d, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x1, 0x24f}, &(0x7f00000000c0), 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_enter(r0, 0x6efc, 0x3900, 0xb, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f00000000c0)={0x1, 0xffffffffffffffff, 0x35, {0x5, 0x1}, 0x1}, 0x1)

1.185996723s ago: executing program 6 (id=3289):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000300000000000000403f0000180100002020782500000000002020207b1a00fe000000007b0a0000000000000701b092f8ffffffb702000008000000b70300000f000000a500feff0600000095"], &(0x7f0000000140)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)

1.086656958s ago: executing program 6 (id=3290):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8000)
ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, 0x0)

1.016940449s ago: executing program 6 (id=3291):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000060000008500000061000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x320e, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.016735194s ago: executing program 6 (id=3292):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000e0000008500000006000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x32, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)

916.412814ms ago: executing program 2 (id=3293):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r2, 0x2, 0x0)

916.184251ms ago: executing program 6 (id=3294):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)

856.030173ms ago: executing program 2 (id=3295):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r0, 0x18000000000002a0, 0x36, 0x0, &(0x7f0000000000)="b9fe0307681f5c8c989a14f088a8657986dda8c6e96fd9d5a77080d1016acfeb01579fc3d254915a9fb541ed4dd4baf692bb595bce14", 0x0, 0x9e, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

855.802124ms ago: executing program 2 (id=3296):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xfffffffe}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x800}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

756.594035ms ago: executing program 2 (id=3297):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000002f40), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000003080)=@e={0xff, 0xd, 0x8, 0x9, @generic, 0x1, 0x0, 0x4})

756.315756ms ago: executing program 2 (id=3298):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
io_setup(0x3fe, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000280)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0xfffd, 0xffffffffffffffff, 0x0}])
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000b80), 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'trusted:', 'syz', 0x20, 0x1000}, 0x2d, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)

0s ago: executing program 6 (id=3299):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x11, 0x3, &(0x7f0000000080)=@framed={{}, [@exit, @call={0x85, 0x0, 0x0, 0x92}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1b}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000b00), r0)
sendmsg$NFC_CMD_DEV_DOWN(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010028bd7000fbdbdf2503000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)

kernel console output (not intermixed with test programs):

[T10553] FAT-fs (loop5): Directory bread(block 64) failed
[  210.698402][T10553] FAT-fs (loop5): Directory bread(block 65) failed
[  210.707382][T10553] FAT-fs (loop5): Directory bread(block 66) failed
[  210.711981][T10553] FAT-fs (loop5): Directory bread(block 67) failed
[  210.714760][T10553] FAT-fs (loop5): Directory bread(block 68) failed
[  210.719237][T10553] FAT-fs (loop5): Directory bread(block 69) failed
[  210.724300][T10553] FAT-fs (loop5): Directory bread(block 70) failed
[  210.727138][T10553] FAT-fs (loop5): Directory bread(block 71) failed
[  210.731179][T10553] FAT-fs (loop5): Directory bread(block 72) failed
[  210.734693][T10553] FAT-fs (loop5): Directory bread(block 73) failed
[  210.754223][   T33] kauditd_printk_skb: 20 callbacks suppressed
[  210.754235][   T33] audit: type=1800 audit(1755300726.711:148): pid=10553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1861" name="file2" dev="loop5" ino=1048648 res=0 errno=0
[  210.827892][T10559] loop5: detected capacity change from 0 to 764
[  210.894052][T10560] Symlink component flag not implemented
[  210.896698][T10560] Symlink component flag not implemented
[  210.899494][T10560] Symlink component flag not implemented (128)
[  210.902493][T10560] Symlink component flag not implemented (122)
[  211.126643][T10557] loop0: detected capacity change from 0 to 32768
[  211.157897][T10557] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  211.250581][   T54] Bluetooth: hci1: command tx timeout
[  211.593568][ T5845] ocfs2: Unmounting device (7,0) on (node local)
[  212.435029][T10587] loop0: detected capacity change from 0 to 256
[  213.339728][   T54] Bluetooth: hci1: command tx timeout
[  213.869552][T10652] tun0: tun_chr_ioctl cmd 1074025676
[  213.871952][T10652] tun0: owner set to 0
[  213.997395][   T54] Bluetooth: hci0: unexpected event for opcode 0x0c5a
[  214.180407][T10676] loop0: detected capacity change from 0 to 512
[  214.206659][T10676] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  214.212250][T10676] FAT-fs (loop0): Filesystem has been set read-only
[  214.351961][T10689] loop0: detected capacity change from 0 to 256
[  214.451910][   T33] audit: type=1800 audit(1755300730.411:149): pid=10690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1918" name="file1" dev="loop0" ino=1048654 res=0 errno=0
[  215.672045][T10721] loop0: detected capacity change from 0 to 8
[  215.687295][T10721] SQUASHFS error: xz decompression failed, data probably corrupt
[  215.691690][T10721] SQUASHFS error: Failed to read block 0x108: -5
[  215.694440][T10721] SQUASHFS error: Unable to read metadata cache entry [106]
[  215.699892][T10721] SQUASHFS error: Unable to read inode 0x11f
[  216.020935][T10729] loop0: detected capacity change from 0 to 32768
[  216.025290][T10729] 
[  216.025290][T10729]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  216.025290][T10729] 
[  216.034826][T10729] ERROR: (device loop0): diWrite: ixpxd invalid
[  216.034826][T10729] 
[  216.041955][T10729] ERROR: (device loop0): txCommit: 
[  216.041955][T10729] 
[  216.053942][ T5845] 
[  216.053942][ T5845]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  216.053942][ T5845] 
[  216.058233][ T5845] 
[  216.058233][ T5845]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  216.058233][ T5845] 
[  216.174009][T10731] loop0: detected capacity change from 0 to 2048
[  216.178004][T10731] NILFS (loop0): couldn't find nilfs on the device
[  216.629833][   T10] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  216.789753][   T10] usb 6-1: Using ep0 maxpacket: 32
[  216.798130][   T10] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  216.803457][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  216.807991][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  216.813587][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  216.818206][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  216.825487][   T10] usb 6-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  216.829983][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.833283][   T10] usb 6-1: Product: syz
[  216.835133][   T10] usb 6-1: Manufacturer: syz
[  216.837098][   T10] usb 6-1: SerialNumber: syz
[  216.844241][   T10] usb 6-1: config 0 descriptor??
[  217.254315][   T10] iforce 6-1:0.0: usb_submit_urb failed: -32
[  217.256425][   T10] input input19: Device does not respond to id packet M
[  217.259331][   T10] iforce 6-1:0.0: usb_submit_urb failed: -32
[  217.261887][   T10] input input19: Device does not respond to id packet P
[  217.266571][   T10] iforce 6-1:0.0: usb_submit_urb failed: -32
[  217.271220][   T10] input input19: Device does not respond to id packet B
[  217.351259][ T1926] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  217.476149][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  217.479455][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  217.484995][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  217.488204][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  217.496045][   T10] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input19
[  217.507629][   T10] usb 6-1: USB disconnect, device number 4
[  217.613145][ T1926] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.617829][ T1926] usb 1-1: New USB device found, idVendor=05ac, idProduct=0237, bcdDevice= 0.00
[  217.621748][ T1926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.626979][ T1926] usb 1-1: config 0 descriptor??
[  217.634446][ T1926] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input20
[  217.810226][   T54] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  217.823928][   T54] Bluetooth: hci0: command 0x0406 tx timeout
[  217.865463][ T5282] bcm5974 1-1:0.0: could not read from device
[  217.872035][ T5282] bcm5974 1-1:0.0: could not read from device
[  217.874091][ T1926] usb 1-1: USB disconnect, device number 41
[  218.401059][T10797] netlink: 6 bytes leftover after parsing attributes in process `syz.0.1969'.
[  218.531542][T10799] loop5: detected capacity change from 0 to 32768
[  218.539505][T10799] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  218.573867][T10374] ocfs2: Unmounting device (7,5) on (node local)
[  218.669969][   T10] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  218.825381][   T10] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  218.837560][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  218.843025][   T10] usb 1-1: config 0 has no interface number 0
[  218.847732][   T10] usb 1-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  218.851878][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.859944][   T10] usb 1-1: Product: syz
[  218.861785][   T10] usb 1-1: Manufacturer: syz
[  218.864422][   T10] usb 1-1: SerialNumber: syz
[  218.869052][   T10] usb 1-1: config 0 descriptor??
[  218.874983][   T10] ims_pcu 1-1:0.41: Missing CDC union descriptor
[  218.877743][   T10] ims_pcu 1-1:0.41: probe with driver ims_pcu failed with error -22
[  219.106436][   T10] usb 1-1: USB disconnect, device number 42
[  219.429793][ T5929] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  219.595438][ T5929] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  219.599112][ T5929] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.606681][ T5929] usb 6-1: config 0 descriptor??
[  219.614584][T10860] pimreg3: entered allmulticast mode
[  220.020324][ T5881] usb 1-1: new full-speed USB device number 43 using dummy_hcd
[  220.024266][ T5929] ath6kl: Failed to submit usb control message: -71
[  220.027450][ T5929] ath6kl: unable to send the bmi data to the device: -71
[  220.039790][ T5929] ath6kl: Unable to send get target info: -71
[  220.053357][ T5929] ath6kl: Failed to init ath6kl core: -71
[  220.056839][ T5929] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71
[  220.068238][ T5929] usb 6-1: USB disconnect, device number 5
[  220.172514][ T5881] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  220.176810][ T5881] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.180801][ T5881] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  220.184721][ T5881] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.199763][ T5881] usb 1-1: config 0 descriptor??
[  220.673920][ T5881] isku 0003:1E7D:319C.0011: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.0-1/input0
[  220.786085][T10891] loop5: detected capacity change from 0 to 512
[  220.788785][T10891] EXT4-fs: Ignoring removed mblk_io_submit option
[  220.793786][T10891] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  220.798129][T10891] EXT4-fs (loop5): can't mount with data_err=abort, fs mounted w/o journal
[  221.078242][ T5881] usb 1-1: USB disconnect, device number 43
[  221.625882][T10914] erspan0: entered promiscuous mode
[  221.633095][T10914] erspan0: left promiscuous mode
[  222.202746][T10954] loop5: detected capacity change from 0 to 16
[  222.206743][T10954] erofs (device loop5): mounted with root inode @ nid 36.
[  222.297986][T10958] netlink: 'syz.5.2038': attribute type 10 has an invalid length.
[  222.309137][T10958] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  223.163965][T10983] loop0: detected capacity change from 0 to 128
[  223.168668][T10983] EXT4-fs (loop0): Test dummy encryption mode enabled
[  223.175475][T10983] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0082]
[  223.178666][T10983] System zones: 1-3, 19-19, 35-36
[  223.184246][T10983] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  223.192573][T10983] ext4 filesystem being mounted at /538/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.230262][ T5845] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  223.468016][T10992] loop0: detected capacity change from 0 to 32768
[  223.471688][T10992] XFS: ikeep mount option is deprecated.
[  223.504443][T10992] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  223.523645][T10999] loop5: detected capacity change from 0 to 2048
[  223.528891][T10999] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  223.536038][T10992] XFS (loop0): Ending clean mount
[  223.541103][T10992] XFS (loop0): Quotacheck needed: Please wait.
[  223.573578][T10992] XFS (loop0): Quotacheck: Done.
[  223.601565][ T5845] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  223.982499][T11009] loop0: detected capacity change from 0 to 32768
[  224.100404][T11017] loop0: detected capacity change from 0 to 512
[  224.109040][T11017] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  224.199844][ T5929] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  224.258459][T11028] loop0: detected capacity change from 0 to 128
[  224.362272][ T5929] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  224.368653][ T5929] usb 6-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  224.372843][ T5929] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.378930][ T5929] usb 6-1: config 0 descriptor??
[  224.792177][ T5929] itetech 0003:258A:6A88.0012: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.5-1/input0
[  224.988728][ T5894] usb 6-1: USB disconnect, device number 6
[  225.902300][T11075] loop5: detected capacity change from 0 to 128
[  226.919409][T11109] loop0: detected capacity change from 0 to 1024
[  227.097751][T11109] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.152506][T11109] EXT4-fs error (device loop0): ext4_generic_delete_entry:2668: inode #12: block 7: comm syz.0.2090: bad entry in directory: inode out of bounds - offset=0, inode=150994957, rec_len=16, size=56 fake=0
[  227.170682][T11109] EXT4-fs error (device loop0) in ext4_delete_inline_entry:1687: Corrupt filesystem
[  227.175440][T11118] loop5: detected capacity change from 0 to 256
[  227.191465][T11118] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  227.203930][T11118] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d)
[  227.211635][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.579961][ T1926] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  227.734995][ T1926] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  227.743031][ T1926] usb 6-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38
[  227.746404][ T1926] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.751877][ T1926] usb 6-1: Product: syz
[  227.753532][ T1926] usb 6-1: Manufacturer: syz
[  227.755254][ T1926] usb 6-1: SerialNumber: syz
[  227.759076][ T1926] usb 6-1: config 0 descriptor??
[  227.805609][T11137] loop0: detected capacity change from 0 to 32768
[  227.813452][T11137] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  227.825576][T11137] XFS (loop0): Ending clean mount
[  227.831681][T11137] XFS (loop0): Quotacheck needed: Please wait.
[  227.853688][T11137] XFS (loop0): Quotacheck: Done.
[  227.889794][ T5845] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  227.974761][ T5929] usb 6-1: USB disconnect, device number 7
[  228.130443][T11164] loop0: detected capacity change from 0 to 40427
[  228.134705][T11164] F2FS-fs (loop0): invalid crc value
[  228.166596][T11164] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  228.169901][T11164] F2FS-fs (loop0): Start checkpoint disabled!
[  228.174262][T11164] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  228.187237][T11164] bio_check_eod: 102 callbacks suppressed
[  228.187249][T11164] syz.0.2109: attempt to access beyond end of device
[  228.187249][T11164] loop0: rw=2049, sector=45096, nr_sectors = 88 limit=40427
[  228.196450][T11164] syz.0.2109: attempt to access beyond end of device
[  228.196450][T11164] loop0: rw=2049, sector=45184, nr_sectors = 8 limit=40427
[  228.219018][ T4654] kworker/u10:6: attempt to access beyond end of device
[  228.219018][ T4654] loop0: rw=2049, sector=45192, nr_sectors = 8 limit=40427
[  228.224230][ T4654] CPU: 1 UID: 0 PID: 4654 Comm: kworker/u10:6 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  228.224246][ T4654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  228.224253][ T4654] Workqueue: writeback wb_workfn (flush-7:0)
[  228.224270][ T4654] Call Trace:
[  228.224274][ T4654]  <TASK>
[  228.224279][ T4654]  dump_stack_lvl+0x189/0x250
[  228.224298][ T4654]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.224342][ T4654]  ? __pfx_queue_work_on+0x10/0x10
[  228.224355][ T4654]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  228.224370][ T4654]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  228.224391][ T4654]  f2fs_handle_critical_error+0x37c/0x540
[  228.224432][ T4654]  f2fs_write_end_io+0x886/0xb60
[  228.224457][ T4654]  __submit_merged_bio+0x27a/0x6a0
[  228.224478][ T4654]  __submit_merged_write_cond+0x255/0x530
[  228.224498][ T4654]  f2fs_write_data_pages+0x261d/0x3000
[  228.224541][ T4654]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  228.224577][ T4654]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  228.224616][ T4654]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  228.224641][ T4654]  ? trace_f2fs_writepages+0x7f/0x200
[  228.224657][ T4654]  ? f2fs_write_node_pages+0x478/0x6e0
[  228.224675][ T4654]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  228.224701][ T4654]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  228.224718][ T4654]  do_writepages+0x32e/0x550
[  228.224737][ T4654]  ? reacquire_held_locks+0x127/0x1d0
[  228.224749][ T4654]  ? writeback_sb_inodes+0x384/0x1010
[  228.224771][ T4654]  __writeback_single_inode+0x145/0xff0
[  228.224785][ T4654]  ? do_raw_spin_unlock+0x4d/0x240
[  228.224802][ T4654]  writeback_sb_inodes+0x6c7/0x1010
[  228.224836][ T4654]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  228.224883][ T4654]  ? rcu_is_watching+0x15/0xb0
[  228.224902][ T4654]  wb_writeback+0x43b/0xaf0
[  228.224921][ T4654]  ? queue_io+0x3d1/0x590
[  228.224936][ T4654]  ? __pfx_wb_writeback+0x10/0x10
[  228.224956][ T4654]  ? _raw_spin_unlock_irq+0x23/0x50
[  228.224970][ T4654]  wb_workfn+0x409/0xef0
[  228.224995][ T4654]  ? __pfx_wb_workfn+0x10/0x10
[  228.225010][ T4654]  ? __lock_acquire+0xab9/0xd20
[  228.225035][ T4654]  ? process_scheduled_works+0x9ef/0x17b0
[  228.225052][ T4654]  ? _raw_spin_unlock_irq+0x23/0x50
[  228.225064][ T4654]  ? process_scheduled_works+0x9ef/0x17b0
[  228.225074][ T4654]  ? process_scheduled_works+0x9ef/0x17b0
[  228.225087][ T4654]  process_scheduled_works+0xae1/0x17b0
[  228.225123][ T4654]  ? __pfx_process_scheduled_works+0x10/0x10
[  228.225150][ T4654]  worker_thread+0x8a0/0xda0
[  228.225164][ T4654]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  228.225183][ T4654]  ? __kthread_parkme+0x7b/0x200
[  228.225202][ T4654]  kthread+0x711/0x8a0
[  228.225217][ T4654]  ? __pfx_worker_thread+0x10/0x10
[  228.225226][ T4654]  ? __pfx_kthread+0x10/0x10
[  228.225240][ T4654]  ? _raw_spin_unlock_irq+0x23/0x50
[  228.225253][ T4654]  ? lockdep_hardirqs_on+0x9c/0x150
[  228.225265][ T4654]  ? __pfx_kthread+0x10/0x10
[  228.225279][ T4654]  ret_from_fork+0x3fc/0x770
[  228.225294][ T4654]  ? __pfx_ret_from_fork+0x10/0x10
[  228.225337][ T4654]  ? __switch_to_asm+0x39/0x70
[  228.225352][ T4654]  ? __switch_to_asm+0x33/0x70
[  228.225364][ T4654]  ? __pfx_kthread+0x10/0x10
[  228.225379][ T4654]  ret_from_fork_asm+0x1a/0x30
[  228.225407][ T4654]  </TASK>
[  228.227129][ T4654] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  228.551136][T11172] netlink: 'syz.2.2114': attribute type 5 has an invalid length.
[  228.554001][T11172] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2114'.
[  228.587082][T11178] loop5: detected capacity change from 0 to 256
[  228.592495][T11178] exfat: Deprecated parameter 'utf8'
[  228.594604][T11178] exfat: Deprecated parameter 'utf8'
[  228.596826][T11178] exfat: Deprecated parameter 'utf8'
[  228.603917][T11178] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  228.737201][T11195] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2124'.
[  229.474242][T11209] IPVS: Scheduler module ip_vs_sip not found
[  230.341679][T11231] loop0: detected capacity change from 0 to 32768
[  230.349019][T11231] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  230.358046][T11231] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  230.414092][ T5845] ocfs2: Unmounting device (7,0) on (node local)
[  230.568383][T11245] loop0: detected capacity change from 0 to 256
[  230.573672][T11245] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  230.722868][T11260] netlink: 'syz.5.2149': attribute type 29 has an invalid length.
[  230.949538][T11268] loop0: detected capacity change from 0 to 32768
[  231.234164][ T5929] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  231.389777][ T5929] usb 6-1: Using ep0 maxpacket: 16
[  231.398592][ T5929] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  231.409847][ T5929] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  231.423831][ T5929] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  231.426776][ T5929] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.431864][ T5929] usb 6-1: Product: syz
[  231.433327][ T5929] usb 6-1: Manufacturer: syz
[  231.435130][ T5929] usb 6-1: SerialNumber: syz
[  231.439327][ T5929] usb 6-1: config 0 descriptor??
[  231.444427][ T5929] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  231.447924][ T5929] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class)
[  231.601353][T11281] loop0: detected capacity change from 0 to 32768
[  231.604521][T11281] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section members_v2: device 0: bucket size 9 smaller than btree node size 256
[  231.604521][T11281] members_v2 (size 152):
[  231.604521][T11281] Device:                        0
[  231.604521][T11281]   Label:                       (none)
[  231.604521][T11281]   UUID:                        7af6772b-00de-4159-84cd-1faead05e13e
[  231.604521][T11281]   Size:                        589824
[  231.604521][T11281]   read errors:                 0
[  231.604521][T11281]   write errors:                0
[  231.604521][T11281]   checksum errors:             0
[  231.604521][T11281]   seqread iops:                0
[  231.604521][T11281]   seqwrite iops:               0
[  231.604521][T11281]   randread iops:               0
[  231.604521][T11281]   randwrite iops:              0
[  231.604521][T11281]   Bucket size:                 4608
[  231.604521][T11281]   First bucket:                0
[  231.604521][T11281]   Buckets:                     128
[  231.604521][T11281]   Last mount:                  1714618368
[  231.604521][T11281]   Last superblock write:       42
[  231.604521][T11281]   State:                       rw
[  231.604521][T11281]   Data allowed:                journal,btree,user
[  231.604521][T11281]   Has data:                    (none)
[  231.604521][T11281]   Btree allocated bitmap blocksize:1
[  231.604521][T11281]   Btree allocated bitmap:      0000000000000000000001000010000010011000000000000000000000000000
[  231.604521][T11281]   Durab
[  231.604663][T11281] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  232.059464][ T5929] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  232.067936][ T5929] em28xx 6-1:0.0: Config register raw data: 0xfffffffb
[  232.321668][T11311] loop0: detected capacity change from 0 to 1024
[  232.326639][T11311] EXT4-fs: Ignoring removed mblk_io_submit option
[  232.412924][T11311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.910108][ T5929] em28xx 6-1:0.0: AC97 command still being executed: not handled properly!
[  232.913550][ T5929] em28xx 6-1:0.0: Unknown AC97 audio processor detected!
[  233.018525][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.084422][T11320] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  233.093175][ T5929] em28xx 6-1:0.0: couldn't setup AC97 register 2
[  233.098379][ T5929] em28xx 6-1:0.0: couldn't setup AC97 register 4
[  233.104838][ T5929] em28xx 6-1:0.0: couldn't setup AC97 register 6
[  233.108929][ T5929] em28xx 6-1:0.0: couldn't setup AC97 register 54
[  233.115702][ T5929] em28xx 6-1:0.0: couldn't setup AC97 register 56
[  233.121464][ T5929] usb 6-1: USB disconnect, device number 8
[  233.739599][T11351] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  234.159947][T11361] loop0: detected capacity change from 0 to 256
[  234.169231][T11361] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x23633d53, utbl_chksum : 0xe619d30d)
[  234.327607][T11369] loop0: detected capacity change from 0 to 4096
[  234.332317][T11369] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  234.349562][T11369] ntfs3(loop0): ino=19, mi_enum_attr
[  234.352171][T11369] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  234.362184][T11369] ntfs3(loop0): failed to convert "c46c" to cp1255
[  234.365808][T11369] ntfs3(loop0): ino=20, mi_enum_attr
[  234.768356][T11374] loop0: detected capacity change from 0 to 40427
[  234.782704][T11380] loop5: detected capacity change from 0 to 8192
[  234.847411][T11374] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  234.853407][T11374] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  234.875340][T11374] F2FS-fs (loop0): Stopped filesystem due to reason: 0
[  235.112409][ T5881] usb 6-1: new low-speed USB device number 9 using dummy_hcd
[  235.262123][ T5881] usb 6-1: unable to get BOS descriptor or descriptor too short
[  235.266085][ T5881] usb 6-1: config 9 has an invalid interface number: 166 but max is 1
[  235.268985][ T5881] usb 6-1: config 9 has an invalid interface number: 224 but max is 1
[  235.271918][ T5881] usb 6-1: config 9 has no interface number 0
[  235.274411][ T5881] usb 6-1: config 9 has no interface number 1
[  235.276727][ T5881] usb 6-1: config 9 interface 166 has no altsetting 0
[  235.279273][ T5881] usb 6-1: config 9 interface 224 has no altsetting 0
[  235.284771][ T5881] usb 6-1: string descriptor 0 read error: -22
[  235.286943][ T5881] usb 6-1: New USB device found, idVendor=06f8, idProduct=3002, bcdDevice=d8.0a
[  235.290497][ T5881] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.503425][ T5978] usb 6-1: USB disconnect, device number 9
[  236.069863][T11405] loop0: detected capacity change from 0 to 32768
[  236.072404][T11405] XFS: ikeep mount option is deprecated.
[  236.096713][T11405] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  236.135363][T11405] XFS (loop0): Ending clean mount
[  236.183343][ T5845] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  236.309196][T11423] loop5: detected capacity change from 0 to 32768
[  236.320766][T11423] 
[  236.320766][T11423]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.320766][T11423] 
[  236.335839][T11423] 
[  236.335839][T11423]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.335839][T11423] 
[  236.336434][   T33] audit: type=1800 audit(1755300752.291:150): pid=11423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2210" name="file1" dev="loop5" ino=4 res=0 errno=0
[  236.341705][T11423] 
[  236.341705][T11423]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.341705][T11423] 
[  236.356573][T11423] 
[  236.356573][T11423]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.356573][T11423] 
[  236.373730][T11423] 
[  236.373730][T11423]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.373730][T11423] 
[  236.380728][T11423] 
[  236.380728][T11423]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.380728][T11423] 
[  236.393581][  T115] 
[  236.393581][  T115]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.393581][  T115] 
[  236.398112][T11428] 
[  236.398112][T11428]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.398112][T11428] 
[  236.403612][ T1152] 
[  236.403612][ T1152]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.403612][ T1152] 
[  236.408662][ T1152] 
[  236.408662][ T1152]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.408662][ T1152] 
[  236.416980][ T1152] 
[  236.416980][ T1152]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.416980][ T1152] 
[  236.423873][T11428] 
[  236.423873][T11428]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.423873][T11428] 
[  236.456627][T10374] 
[  236.456627][T10374]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.456627][T10374] 
[  236.461049][T10374] 
[  236.461049][T10374]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.461049][T10374] 
[  236.616698][T11440] loop0: detected capacity change from 0 to 128
[  236.625150][T11440] FAT-fs (loop0): Directory bread(block 162) failed
[  236.627975][T11440] FAT-fs (loop0): Directory bread(block 163) failed
[  236.632680][T11440] FAT-fs (loop0): Directory bread(block 164) failed
[  236.637296][T11440] FAT-fs (loop0): Directory bread(block 165) failed
[  236.640670][T11440] FAT-fs (loop0): Directory bread(block 166) failed
[  236.642938][T11440] FAT-fs (loop0): Directory bread(block 167) failed
[  236.645114][T11440] FAT-fs (loop0): Directory bread(block 168) failed
[  236.650938][T11440] FAT-fs (loop0): Directory bread(block 169) failed
[  236.656141][T11440] FAT-fs (loop0): Directory bread(block 162) failed
[  236.658610][T11440] FAT-fs (loop0): Directory bread(block 163) failed
[  236.663749][T11440] syz.0.2218: attempt to access beyond end of device
[  236.663749][T11440] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[  236.668568][T11440] syz.0.2218: attempt to access beyond end of device
[  236.668568][T11440] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128
[  236.716081][T11444] loop5: detected capacity change from 0 to 4096
[  236.721828][T11444] ntfs3(loop5): ino=3, Correct links count -> 2.
[  236.899339][T11459] overlayfs: failed to clone upperpath
[  236.949935][ T5978] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  237.080404][T11469] loop5: detected capacity change from 0 to 1024
[  237.083183][T11469] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  237.098137][T11469] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2232: bg 0: block 10: padding at end of block bitmap is not set
[  237.104748][T11469] Quota error (device loop5): write_blk: dquota write failed
[  237.107212][T11469] Quota error (device loop5): find_free_dqentry: Can't write quota data block 2
[  237.111183][T11469] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  237.114446][T11469] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2232: Failed to acquire dquot type 0
[  237.120430][ T5978] usb 1-1: Using ep0 maxpacket: 16
[  237.122601][T11469] Quota error (device loop5): write_blk: dquota write failed
[  237.128403][T11469] Quota error (device loop5): find_free_dqentry: Can't write quota data block 2
[  237.134471][ T5978] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  237.142146][T11469] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  237.142396][ T5978] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.145773][T11469] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2232: Failed to acquire dquot type 0
[  237.149491][ T5978] usb 1-1: config 0 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  237.149510][ T5978] usb 1-1: config 0 interface 0 has no altsetting 0
[  237.149528][ T5978] usb 1-1: New USB device found, idVendor=05ac, idProduct=025a, bcdDevice= 0.00
[  237.149537][ T5978] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.151076][ T5978] usb 1-1: config 0 descriptor??
[  237.155294][T11469] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.2232: Freeing blocks not in datazone - block = 0, count = 4096
[  237.177887][T11469] Quota error (device loop5): write_blk: dquota write failed
[  237.178635][ T5978] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input21
[  237.181968][T11469] Quota error (device loop5): find_free_dqentry: Can't write quota data block 2
[  237.188607][T11469] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  237.192679][T11469] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2232: Failed to acquire dquot type 0
[  237.196975][T11469] EXT4-fs (loop5): 1 orphan inode deleted
[  237.199765][T11469] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.225161][T10374] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.379432][ T5282] bcm5974 1-1:0.0: could not read from device
[  237.385707][ T5282] bcm5974 1-1:0.0: could not read from device
[  237.388825][ T5978] usb 1-1: USB disconnect, device number 44
[  237.504083][T11491] loop9: detected capacity change from 0 to 7
[  237.515540][T11491] Dev loop9: unable to read RDB block 7
[  237.517461][T11491]  loop9: unable to read partition table
[  237.519471][T11491] loop9: partition table beyond EOD, truncated
[  237.521607][T11491] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5)
[  238.160784][ T5978] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  238.651665][ T5978] usb 1-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  238.655561][ T5978] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.661901][ T5978] usb 1-1: config 0 descriptor??
[  238.689382][T11511] CUSE: unknown device info ""
[  238.694987][T11511] CUSE: unknown device info ""
[  238.697608][T11511] CUSE: unknown device info ""
[  238.699580][T11511] CUSE: unknown device info ""
[  238.702653][T11511] CUSE: zero length info key specified
[  239.526427][T11530] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2256'.
[  239.820287][T11532] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2256'.
[  239.984399][T11538] loop5: detected capacity change from 0 to 128
[  239.993881][T11538] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  239.999163][T11538] ext4 filesystem being mounted at /119/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  240.887802][T10374] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  241.137073][T11562] loop5: detected capacity change from 0 to 4096
[  241.141118][T11562] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  241.155888][T11562] ntfs3(loop5): Failed to load $Extend (-22).
[  241.158553][T11562] ntfs3(loop5): Failed to initialize $Extend.
[  241.191406][ T5978] pegasus 1-1:0.0: setup Pegasus II specific registers
[  242.818346][ T5978] pegasus 1-1:0.0: can't locate MII phy, using default
[  242.849818][ T5978] pegasus 1-1:0.0: eth9, ELECOM USB Ethernet LD-USB20, a6:7d:18:d9:a0:ed
[  242.854778][ T5978] usb 1-1: USB disconnect, device number 45
[  243.673759][T11636] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2301'.
[  244.061046][T11648] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[  244.063502][T11648] PKCS7: Only support pkcs7_signedData type
[  244.176779][T11652] loop5: detected capacity change from 0 to 512
[  244.180313][T11652] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  244.187223][T11652] EXT4-fs (loop5): 1 truncate cleaned up
[  244.192111][T11652] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.204083][T11652] EXT4-fs error (device loop5): ext4_read_inline_dir:1476: inode #12: block 7: comm syz.5.2307: path /newroot/141/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  244.212762][T11652] EXT4-fs (loop5): Remounting filesystem read-only
[  244.234638][T10374] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.573308][ T5894] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  244.739773][ T5894] usb 6-1: Using ep0 maxpacket: 32
[  244.752560][ T5894] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  244.756641][ T5894] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  244.762707][ T5894] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  244.767352][ T5894] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.783777][ T5894] usb 6-1: config 0 descriptor??
[  244.796674][ T5894] hub 6-1:0.0: USB hub found
[  245.008450][ T5894] hub 6-1:0.0: config failed, hub has too many ports! (err -19)
[  245.227979][ T5894] usbhid 6-1:0.0: can't add hid device: -71
[  245.230690][ T5894] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  245.250842][ T5894] usb 6-1: USB disconnect, device number 10
[  246.104453][ T5978] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  246.282046][ T5978] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  246.289939][ T5978] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  246.299734][ T5978] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  246.303317][ T5978] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  246.314217][ T5978] usb 6-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16
[  246.317589][ T5978] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.320620][ T5978] usb 6-1: Product: syz
[  246.322086][ T5978] usb 6-1: Manufacturer: syz
[  246.323645][ T5978] usb 6-1: SerialNumber: syz
[  246.330881][ T5978] usb 6-1: config 0 descriptor??
[  246.337111][ T5978] kvaser_usb 6-1:0.0: CMD_MAP_CHANNEL_REQ failed for CAN0
[  246.342581][ T5978] kvaser_usb 6-1:0.0: error -EMSGSIZE: Failed to initialize card
[  246.345718][ T5978] kvaser_usb 6-1:0.0: probe with driver kvaser_usb failed with error -90
[  246.558292][ T5929] usb 6-1: USB disconnect, device number 11
[  247.644845][T11727] Bluetooth: Invalid esc byte 0x02
[  247.815036][T11735] loop0: detected capacity change from 0 to 1024
[  247.827639][T11735] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.835759][T11737] loop5: detected capacity change from 0 to 1024
[  247.841093][T11737] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  247.846457][T11737] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  247.855543][T11737] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  247.859539][T11737] EXT4-fs (loop5): orphan cleanup on readonly fs
[  247.862819][T11737] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.2345: Freeing blocks not in datazone - block = 0, count = 4096
[  247.863719][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.868350][T11737] EXT4-fs (loop5): Remounting filesystem read-only
[  247.873887][T11737] EXT4-fs (loop5): 1 orphan inode deleted
[  247.876664][T11737] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  247.908422][T10374] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.023949][T11757] loop5: detected capacity change from 0 to 128
[  248.128983][T11757] syz.5.2352: attempt to access beyond end of device
[  248.128983][T11757] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[  248.150418][T11757] syz.5.2352: attempt to access beyond end of device
[  248.150418][T11757] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[  248.155899][T11757] syz.5.2352: attempt to access beyond end of device
[  248.155899][T11757] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128
[  248.165222][T11757] syz.5.2352: attempt to access beyond end of device
[  248.165222][T11757] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[  248.172189][T11757] syz.5.2352: attempt to access beyond end of device
[  248.172189][T11757] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128
[  248.179234][T11757] syz.5.2352: attempt to access beyond end of device
[  248.179234][T11757] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[  248.186413][T11757] syz.5.2352: attempt to access beyond end of device
[  248.186413][T11757] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128
[  248.197477][T11757] syz.5.2352: attempt to access beyond end of device
[  248.197477][T11757] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128
[  248.208806][T11757] syz.5.2352: attempt to access beyond end of device
[  248.208806][T11757] loop5: rw=2049, sector=281, nr_sectors = 8 limit=128
[  248.214771][T11757] syz.5.2352: attempt to access beyond end of device
[  248.214771][T11757] loop5: rw=2049, sector=297, nr_sectors = 8 limit=128
[  248.241439][T11771] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.2358'.
[  248.549029][T11800] netlink: 'syz.0.2372': attribute type 1 has an invalid length.
[  248.559767][T11800] netlink: 'syz.0.2372': attribute type 4 has an invalid length.
[  248.563009][T11800] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.2372'.
[  248.567779][T11803] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2373'.
[  248.772385][T11817] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  248.828336][T11808] loop5: detected capacity change from 0 to 32768
[  248.865178][T11808] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  248.878524][T11832] loop0: detected capacity change from 0 to 512
[  248.882603][T11832] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  248.895139][T11832] EXT4-fs (loop0): 1 truncate cleaned up
[  248.898666][T11832] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.902782][T11808] XFS (loop5): Corruption warning: Metadata has LSN (1024:16) ahead of current LSN (1:80). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  248.908015][T11832] EXT4-fs error (device loop0): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.0.2384: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  248.908842][T11808] XFS (loop5): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xe0, xfs_inobt block 0xc 
[  248.921574][T11832] EXT4-fs (loop0): Remounting filesystem read-only
[  248.922664][T11808] XFS (loop5): Unmount and run xfs_repair
[  248.925225][T11832] EXT4-fs warning (device loop0): ext4_rename_delete:3735: inode #2: comm syz.0.2384: Deleting old file: nlink 4, error=-117
[  248.927252][T11808] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  248.935257][T11808] 00000000: 49 41 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  IAB3............
[  248.938305][T11808] 00000010: 00 00 00 00 00 00 00 0c 00 00 04 00 00 00 00 10  ................
[  248.941479][T11808] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  248.944542][T11808] 00000030: 00 00 00 00 4a d4 d4 6c 00 00 18 00 00 00 40 37  ....J..l......@7
[  248.947523][T11808] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  248.950659][T11808] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  248.954080][T11808] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  248.957018][T11808] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  248.960028][T11808] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0xc len 4 error 74
[  248.963757][T11808] XFS (loop5): Failed to read root inode 0x1800, error 117
[  248.966444][T11808] XFS (loop5): Uncorrected metadata errors detected; please run xfs_repair.
[  249.244262][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.298129][T11841] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  249.563072][T11847] loop5: detected capacity change from 0 to 32768
[  249.588916][T11847] overlayfs: upper fs needs to support d_type.
[  249.592986][T11847] overlayfs: upper fs does not support tmpfile.
[  249.600638][T11847] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  249.606320][T11847] ERROR: (device loop5): dbAlloc: the hint is outside the map
[  249.606320][T11847] 
[  249.614486][T11847] ERROR: (device loop5): remounting filesystem as read-only
[  249.617524][T11847] overlayfs: failed to set uuid (/file0, err=-5); falling back to uuid=null.
[  249.761620][T11853] bridge0: entered promiscuous mode
[  249.765081][T11853] bridge0: port 3(macsec1) entered blocking state
[  249.767518][T11853] bridge0: port 3(macsec1) entered disabled state
[  249.773339][T11853] macsec1: entered allmulticast mode
[  249.775508][T11853] bridge0: entered allmulticast mode
[  249.779127][T11853] macsec1: left allmulticast mode
[  249.782502][T11853] bridge0: left allmulticast mode
[  249.785959][T11853] bridge0: left promiscuous mode
[  250.358214][T11872] loop0: detected capacity change from 0 to 8
[  250.362084][T11872] squashfs image failed sanity check
[  250.984772][T11899] loop5: detected capacity change from 0 to 1764
[  251.076800][T11902] loop5: detected capacity change from 0 to 4096
[  251.247896][T11910] vivid-001: disconnect
[  251.253670][T11909] vivid-001: reconnect
[  251.377427][T11916] loop5: detected capacity change from 0 to 2048
[  251.384285][T11916] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  251.567437][T11920] loop0: detected capacity change from 0 to 40427
[  251.570308][T11920] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  251.572837][T11920] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  251.577962][T11920] F2FS-fs (loop0): invalid crc value
[  251.606256][T11920] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  251.611077][T11920] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  251.613386][T11920] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  251.882925][T11943] f2fs: Unknown parameter '01777777777777777777777	Z* m.Dc8'@C9G9?9S{1Jլ5æԌqqY糔'
[  251.896835][   T33] kauditd_printk_skb: 2 callbacks suppressed
[  251.896887][   T33] audit: type=1800 audit(1755300767.851:153): pid=11943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2422" name="file1" dev="loop0" ino=10 res=0 errno=0
[  252.990777][T11959] loop0: detected capacity change from 0 to 136
[  253.054460][T11967] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2440'.
[  253.209911][ T5978] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  253.359719][ T5978] usb 6-1: Using ep0 maxpacket: 8
[  253.371279][ T5978] usb 6-1: config 0 interface 0 has no altsetting 0
[  253.377006][ T5978] usb 6-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  253.385002][ T5978] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.388345][ T5978] usb 6-1: Product: syz
[  253.399741][ T5978] usb 6-1: Manufacturer: syz
[  253.401730][ T5978] usb 6-1: SerialNumber: syz
[  253.406247][ T5978] usb 6-1: config 0 descriptor??
[  253.411942][ T5978] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 found
[  253.447776][T11979] loop0: detected capacity change from 0 to 32768
[  253.451589][T11979] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2446 (11979)
[  253.458779][T11979] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  253.462980][T11979] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  253.466576][T11979] BTRFS info (device loop0): using free-space-tree
[  253.515073][T11979] BTRFS info (device loop0): checking UUID tree
[  253.556078][ T5845] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  253.623723][ T5978] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 now disconnected
[  253.629558][ T5978] snd_usb_toneport 6-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  253.729812][T12001] netlink: 'syz.2.2449': attribute type 1 has an invalid length.
[  253.733241][T12001] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2449'.
[  253.834670][ T5929] usb 6-1: USB disconnect, device number 12
[  254.542075][   T33] audit: type=1326 audit(1755300770.501:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.2.2465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  254.567950][   T33] audit: type=1326 audit(1755300770.511:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.2.2465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  254.589481][   T33] audit: type=1326 audit(1755300770.511:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.2.2465" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  254.610618][   T33] audit: type=1326 audit(1755300770.511:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.2.2465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  254.629504][   T33] audit: type=1326 audit(1755300770.511:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.2.2465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  254.642640][   T33] audit: type=1326 audit(1755300770.511:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.2.2465" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  254.655960][   T33] audit: type=1326 audit(1755300770.511:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.2.2465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  254.667937][   T33] audit: type=1326 audit(1755300770.521:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.2.2465" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f818b985ba7 code=0x7ffc0000
[  254.676678][   T33] audit: type=1326 audit(1755300770.521:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.2.2465" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f818b92add9 code=0x7ffc0000
[  254.725353][T12042] loop5: detected capacity change from 0 to 2048
[  254.736381][T12042] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  255.171269][T12071] bridge0: port 3(netdevsim0) entered blocking state
[  255.174974][T12071] bridge0: port 3(netdevsim0) entered disabled state
[  255.179903][T12071] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  255.191057][T12071] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  255.195886][T12071] bridge0: port 3(netdevsim0) entered blocking state
[  255.198922][T12071] bridge0: port 3(netdevsim0) entered forwarding state
[  255.577405][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[  255.580345][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  255.924613][T12088] overlayfs: failed to clone upperpath
[  256.090678][ T5978] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  256.149791][ T5929] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[  256.249751][ T5978] usb 1-1: Using ep0 maxpacket: 32
[  256.253310][ T5978] usb 1-1: config 0 has an invalid interface number: 242 but max is 0
[  256.256535][ T5978] usb 1-1: config 0 has no interface number 0
[  256.271677][ T5978] usb 1-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=eb.4e
[  256.274663][ T5978] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.277546][ T5978] usb 1-1: Product: syz
[  256.278852][ T5978] usb 1-1: Manufacturer: syz
[  256.282600][ T5978] usb 1-1: SerialNumber: syz
[  256.287812][ T5978] usb 1-1: config 0 descriptor??
[  256.328780][ T5929] usb 6-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  256.332937][ T5929] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.336345][ T5929] usb 6-1: Product: syz
[  256.338223][ T5929] usb 6-1: Manufacturer: syz
[  256.346533][ T5929] usb 6-1: SerialNumber: syz
[  256.362212][ T5929] usb 6-1: config 0 descriptor??
[  256.497724][ T5978] cdc_subset 1-1:0.242: probe with driver cdc_subset failed with error -71
[  256.508424][ T5978] usb 1-1: USB disconnect, device number 46
[  257.007213][ T5929] airspy 6-1:0.0: Board ID: 00
[  257.009118][ T5929] airspy 6-1:0.0: Firmware version: 
[  257.449797][ T5929] airspy 6-1:0.0: usb_control_msg() failed -71 request 12
[  257.467743][ T5929] airspy 6-1:0.0: Registered as swradio24
[  257.475224][ T5929] airspy 6-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  257.483498][ T5929] usb 6-1: USB disconnect, device number 13
[  257.830114][T12136] loop0: detected capacity change from 0 to 512
[  257.833857][T12136] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  257.842736][T12136] EXT4-fs (loop0): 1 truncate cleaned up
[  257.846482][T12136] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.863885][T12136] EXT4-fs (loop0): shut down requested (2)
[  257.894160][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.055872][T12148] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  258.429417][T12151] loop5: detected capacity change from 0 to 1024
[  258.455575][  T271] hfsplus: b-tree write err: -5, ino 4
[  258.730655][T12159] block nbd5: NBD_DISCONNECT
[  258.737020][T12159] block nbd5: Send disconnect failed -22
[  258.739584][T12159] block nbd5: Send disconnect failed -22
[  258.746097][T12158] block nbd5: Disconnected due to user request.
[  258.749869][T12158] block nbd5: shutting down sockets
[  259.075975][T12172] overlayfs: missing 'lowerdir'
[  259.265258][T12178] loop0: detected capacity change from 0 to 128
[  259.276018][T12178] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  259.368246][T12180] loop5: detected capacity change from 0 to 8
[  259.415876][T12180] SQUASHFS error: Unable to read inode 0xa7
[  260.049149][T12188] loop0: detected capacity change from 0 to 32768
[  260.056508][T12188] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  260.110635][ T5845] ocfs2: Unmounting device (7,0) on (node local)
[  260.436817][T12207] loop0: detected capacity change from 0 to 40427
[  260.440115][T12207] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  260.442646][T12207] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  260.446374][T12207] F2FS-fs (loop0): invalid crc value
[  260.480419][T12207] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  260.488222][T12207] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  260.491414][T12207] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  260.594957][T12224] loop5: detected capacity change from 0 to 1764
[  261.035833][   T33] kauditd_printk_skb: 24 callbacks suppressed
[  261.035849][   T33] audit: type=1800 audit(1755300776.661:187): pid=12228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2537" name="file1" dev="loop0" ino=10 res=0 errno=0
[  261.679819][ T5894] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  261.861464][ T5894] usb 6-1: config 3 has an invalid interface number: 56 but max is 0
[  261.864831][ T5894] usb 6-1: config 3 has no interface number 0
[  261.867367][ T5894] usb 6-1: config 3 interface 56 has no altsetting 0
[  261.874128][ T5894] usb 6-1: New USB device found, idVendor=03f0, idProduct=2101, bcdDevice=80.cc
[  261.877978][ T5894] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.881767][ T5894] usb 6-1: Product: syz
[  261.883567][ T5894] usb 6-1: Manufacturer: syz
[  261.885589][ T5894] usb 6-1: SerialNumber: syz
[  262.102161][ T5894] safe_serial 6-1:3.56: safe_serial converter detected
[  262.107169][ T5894] usb 6-1: safe_serial converter now attached to ttyUSB0
[  262.112451][ T5894] usb 6-1: USB disconnect, device number 14
[  262.117219][ T5894] safe_serial ttyUSB0: safe_serial converter now disconnected from ttyUSB0
[  262.122417][ T5894] safe_serial 6-1:3.56: device disconnected
[  262.771273][T12248] loop5: detected capacity change from 0 to 4096
[  263.495171][ T5845] bio_check_eod: 68 callbacks suppressed
[  263.495181][ T5845] syz-executor: attempt to access beyond end of device
[  263.495181][ T5845] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  263.505092][ T5845] CPU: 1 UID: 0 PID: 5845 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  263.505104][ T5845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  263.505109][ T5845] Call Trace:
[  263.505113][ T5845]  <TASK>
[  263.505116][ T5845]  dump_stack_lvl+0x189/0x250
[  263.505144][ T5845]  ? __pfx_dump_stack_lvl+0x10/0x10
[  263.505153][ T5845]  ? __pfx_queue_work_on+0x10/0x10
[  263.505159][ T5845]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  263.505169][ T5845]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  263.505182][ T5845]  f2fs_handle_critical_error+0x37c/0x540
[  263.505195][ T5845]  f2fs_write_end_io+0x886/0xb60
[  263.505210][ T5845]  __submit_merged_bio+0x27a/0x6a0
[  263.505218][ T5845]  ? up_write+0x1c4/0x420
[  263.505229][ T5845]  __submit_merged_write_cond+0x44c/0x530
[  263.505241][ T5845]  f2fs_sync_node_pages+0x1479/0x15e0
[  263.505258][ T5845]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  263.505285][ T5845]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  263.505293][ T5845]  ? up_write+0x1c4/0x420
[  263.505300][ T5845]  ? do_raw_spin_unlock+0x4d/0x240
[  263.505310][ T5845]  f2fs_write_checkpoint+0xe6f/0x1df0
[  263.505328][ T5845]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  263.505355][ T5845]  ? kill_f2fs_super+0x298/0x6c0
[  263.505364][ T5845]  kill_f2fs_super+0x2c3/0x6c0
[  263.505374][ T5845]  ? __pfx_kill_f2fs_super+0x10/0x10
[  263.505379][ T5845]  ? radix_tree_delete_item+0x2b6/0x400
[  263.505392][ T5845]  ? shrinker_free+0x2ce/0x3e0
[  263.505402][ T5845]  deactivate_locked_super+0xbc/0x130
[  263.505411][ T5845]  cleanup_mnt+0x425/0x4c0
[  263.505419][ T5845]  ? lockdep_hardirqs_on+0x9c/0x150
[  263.505429][ T5845]  task_work_run+0x1d4/0x260
[  263.505440][ T5845]  ? __pfx_task_work_run+0x10/0x10
[  263.505447][ T5845]  ? __x64_sys_umount+0x122/0x160
[  263.505458][ T5845]  ? exit_to_user_mode_loop+0x40/0x110
[  263.505470][ T5845]  exit_to_user_mode_loop+0xec/0x110
[  263.505479][ T5845]  do_syscall_64+0x2bd/0x3b0
[  263.505488][ T5845]  ? lockdep_hardirqs_on+0x9c/0x150
[  263.505496][ T5845]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.505502][ T5845]  ? exc_page_fault+0x9f/0xf0
[  263.505511][ T5845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.505517][ T5845] RIP: 0033:0x7fe8d058ff17
[  263.505527][ T5845] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  263.505533][ T5845] RSP: 002b:00007ffc8e8c3678 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  263.505541][ T5845] RAX: 0000000000000000 RBX: 00007fe8d0611c05 RCX: 00007fe8d058ff17
[  263.505546][ T5845] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc8e8c3730
[  263.505550][ T5845] RBP: 00007ffc8e8c3730 R08: 0000000000000000 R09: 0000000000000000
[  263.505554][ T5845] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc8e8c47c0
[  263.505558][ T5845] R13: 00007fe8d0611c05 R14: 000000000003fc9e R15: 00007ffc8e8c4800
[  263.505571][ T5845]  </TASK>
[  263.505574][ T5845] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  263.558169][T12253] loop5: detected capacity change from 0 to 40427
[  263.769245][T12255] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2556'.
[  264.216391][T12266] syz.5.2560: attempt to access beyond end of device
[  264.216391][T12266] loop11: rw=0, sector=0, nr_sectors = 1 limit=0
[  264.224603][T12266] FAT-fs (loop11): unable to read boot sector
[  264.271504][T12270] loop0: detected capacity change from 0 to 512
[  264.279928][T12270] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  264.288444][T12270] EXT4-fs (loop0): invalid journal inode
[  264.290831][T12270] EXT4-fs (loop0): can't get journal size
[  264.293260][T12270] EXT4-fs (loop0): orphan cleanup on readonly fs
[  264.295706][T12270] EXT4-fs (loop0): 1 truncate cleaned up
[  264.299012][T12270] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  265.200565][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.247407][T12277] loop0: detected capacity change from 0 to 64
[  265.255092][T12277] syz.0.2565: attempt to access beyond end of device
[  265.255092][T12277] loop0: rw=0, sector=16777216, nr_sectors = 2 limit=64
[  265.261551][T12277] Buffer I/O error on dev loop0, logical block 8388608, async page read
[  267.327506][T12310] loop5: detected capacity change from 0 to 40427
[  267.336711][T12310] F2FS-fs (loop5): Image doesn't support compression
[  267.339530][T12310] F2FS-fs (loop5): build fault injection rate: 3
[  267.344458][T12310] F2FS-fs (loop5): build fault injection type: 0x35f7
[  267.347627][T12310] F2FS-fs (loop5): inject kmalloc in f2fs_kmalloc of f2fs_fill_super+0x2e45/0x6ff0
[  268.666356][T12356] loop0: detected capacity change from 0 to 256
[  268.672069][T12356] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  268.956396][T12360] loop0: detected capacity change from 0 to 32768
[  268.983949][T12360] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  269.051422][ T5845] ocfs2: Unmounting device (7,0) on (node local)
[  269.188677][T12381] overlayfs: failed lookup in lower (newroot/706, name='file1', err=-40): overlapping layers
[  269.706698][T12387] loop0: detected capacity change from 0 to 40427
[  269.792942][T12387] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  269.798407][T12387] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  269.819158][   T33] audit: type=1800 audit(1755300785.771:188): pid=12387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2611" name="bus" dev="loop0" ino=10 res=0 errno=0
[  269.935057][ T5845] syz-executor: attempt to access beyond end of device
[  269.935057][ T5845] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  269.942475][ T5845] CPU: 0 UID: 0 PID: 5845 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  269.942490][ T5845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  269.942495][ T5845] Call Trace:
[  269.942499][ T5845]  <TASK>
[  269.942502][ T5845]  dump_stack_lvl+0x189/0x250
[  269.942516][ T5845]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.942525][ T5845]  ? __pfx_queue_work_on+0x10/0x10
[  269.942532][ T5845]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  269.942541][ T5845]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  269.942555][ T5845]  f2fs_handle_critical_error+0x37c/0x540
[  269.942567][ T5845]  f2fs_write_end_io+0x886/0xb60
[  269.942582][ T5845]  __submit_merged_bio+0x27a/0x6a0
[  269.942594][ T5845]  __submit_merged_write_cond+0x255/0x530
[  269.942606][ T5845]  f2fs_write_data_pages+0x261d/0x3000
[  269.942615][ T5845]  ? __lock_acquire+0xab9/0xd20
[  269.942639][ T5845]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  269.942666][ T5845]  ? __mod_zone_page_state+0xd7/0x140
[  269.942680][ T5845]  ? folios_put_refs+0x560/0x640
[  269.942693][ T5845]  ? __pfx_folios_put_refs+0x10/0x10
[  269.942699][ T5845]  ? rcu_is_watching+0x15/0xb0
[  269.942710][ T5845]  ? __lock_acquire+0xab9/0xd20
[  269.942726][ T5845]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  269.942736][ T5845]  do_writepages+0x32e/0x550
[  269.942750][ T5845]  ? do_raw_spin_unlock+0x4d/0x240
[  269.942760][ T5845]  filemap_fdatawrite+0x199/0x240
[  269.942770][ T5845]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  269.942798][ T5845]  ? do_raw_spin_unlock+0x4d/0x240
[  269.942808][ T5845]  f2fs_sync_dirty_inodes+0x31f/0x830
[  269.942821][ T5845]  f2fs_write_checkpoint+0x95a/0x1df0
[  269.942838][ T5845]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  269.942865][ T5845]  ? kill_f2fs_super+0x298/0x6c0
[  269.942874][ T5845]  kill_f2fs_super+0x2c3/0x6c0
[  269.942883][ T5845]  ? __pfx_kill_f2fs_super+0x10/0x10
[  269.942889][ T5845]  ? radix_tree_delete_item+0x2b6/0x400
[  269.942901][ T5845]  ? shrinker_free+0x2ce/0x3e0
[  269.942909][ T5845]  deactivate_locked_super+0xbc/0x130
[  269.942919][ T5845]  cleanup_mnt+0x425/0x4c0
[  269.942926][ T5845]  ? lockdep_hardirqs_on+0x9c/0x150
[  269.942936][ T5845]  task_work_run+0x1d4/0x260
[  269.942947][ T5845]  ? __pfx_task_work_run+0x10/0x10
[  269.942954][ T5845]  ? __x64_sys_umount+0x122/0x160
[  269.942965][ T5845]  ? exit_to_user_mode_loop+0x40/0x110
[  269.943005][ T5845]  exit_to_user_mode_loop+0xec/0x110
[  269.943016][ T5845]  do_syscall_64+0x2bd/0x3b0
[  269.943025][ T5845]  ? lockdep_hardirqs_on+0x9c/0x150
[  269.943033][ T5845]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.943040][ T5845]  ? exc_page_fault+0x9f/0xf0
[  269.943049][ T5845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.943055][ T5845] RIP: 0033:0x7fe8d058ff17
[  269.943063][ T5845] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  269.943069][ T5845] RSP: 002b:00007ffc8e8c3678 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  269.943077][ T5845] RAX: 0000000000000000 RBX: 00007fe8d0611c05 RCX: 00007fe8d058ff17
[  269.943082][ T5845] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc8e8c3730
[  269.943086][ T5845] RBP: 00007ffc8e8c3730 R08: 0000000000000000 R09: 0000000000000000
[  269.943090][ T5845] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc8e8c47c0
[  269.943094][ T5845] R13: 00007fe8d0611c05 R14: 0000000000041d98 R15: 00007ffc8e8c4800
[  269.943107][ T5845]  </TASK>
[  269.943110][ T5845] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  270.402633][T12419] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2620'.
[  270.405744][T12419] nbd: socks must be embedded in a SOCK_ITEM attr
[  270.936248][T12437] netlink: 'syz.2.2632': attribute type 10 has an invalid length.
[  271.277684][T12447] kernel read not supported for file /cpuacct.usage_percpu (pid: 12447 comm: syz.5.2637)
[  271.287690][   T33] audit: type=1800 audit(1755300787.241:189): pid=12447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2637" name="cpuacct.usage_percpu" dev="mqueue" ino=26139 res=0 errno=0
[  271.490562][T12451] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  271.518499][ T1926] IPVS: starting estimator thread 0...
[  271.619887][T12453] IPVS: using max 80 ests per chain, 192000 per kthread
[  271.736285][T12463] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2643'.
[  271.783543][T12467] loop5: detected capacity change from 0 to 256
[  271.801703][T12467] FAT-fs (loop5): Directory bread(block 64) failed
[  271.804152][T12467] FAT-fs (loop5): Directory bread(block 65) failed
[  271.806809][T12467] FAT-fs (loop5): Directory bread(block 66) failed
[  271.809432][T12467] FAT-fs (loop5): Directory bread(block 67) failed
[  271.813368][T12467] FAT-fs (loop5): Directory bread(block 68) failed
[  271.815917][T12467] FAT-fs (loop5): Directory bread(block 69) failed
[  271.818542][T12467] FAT-fs (loop5): Directory bread(block 70) failed
[  271.821805][T12467] FAT-fs (loop5): Directory bread(block 71) failed
[  271.824607][T12467] FAT-fs (loop5): Directory bread(block 72) failed
[  271.828001][T12467] FAT-fs (loop5): Directory bread(block 73) failed
[  272.001464][ T5929] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  272.050026][T12477] loop5: detected capacity change from 0 to 2048
[  272.057522][T12477] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=18576, location=18576
[  272.072508][T12477] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  272.157359][ T5929] usb 1-1: Using ep0 maxpacket: 32
[  272.163371][ T5929] usb 1-1: New USB device found, idVendor=04b4, idProduct=861f, bcdDevice=f9.d6
[  272.164832][T12483] loop5: detected capacity change from 0 to 512
[  272.166937][ T5929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.171477][T12483] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  272.176493][T12483] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  272.177516][ T5929] usb 1-1: config 0 descriptor??
[  272.180190][T12483] EXT4-fs (loop5): failed to initialize system zone (-117)
[  272.184867][T12483] EXT4-fs (loop5): mount failed
[  272.189720][ T5929] usb 1-1: dvb_usb_v2: found a 'Anysee' in warm state
[  272.203744][ T5929] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  272.206744][ T5929] dvb_usb_anysee 1-1:0.0: probe with driver dvb_usb_anysee failed with error -22
[  272.253912][T12490] dlm: plock device version mismatch: kernel (1.2.0), user (1.4.8)
[  272.428984][ T5929] usb 1-1: USB disconnect, device number 47
[  273.028978][T12521] loop0: detected capacity change from 0 to 512
[  273.114921][T12525] sctp: [Deprecated]: syz.0.2672 (pid 12525) Use of int in maxseg socket option.
[  273.114921][T12525] Use struct sctp_assoc_value instead
[  273.153391][T12527] loop0: detected capacity change from 0 to 2048
[  273.163467][T12527] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  273.199143][T12515] loop5: detected capacity change from 0 to 32768
[  273.210658][T12515] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2667 (12515)
[  273.218592][T12515] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  273.229081][T12515] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  273.235510][T12515] BTRFS info (device loop5): disk space caching is enabled
[  273.238494][T12515] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  273.316501][T12515] BTRFS info (device loop5): rebuilding free space tree
[  273.353481][T12515] BTRFS info (device loop5): disabling free space tree
[  273.357165][T12515] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  273.379835][T12515] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  273.396501][T12557] loop0: detected capacity change from 0 to 512
[  273.399991][T12557] EXT4-fs: Ignoring removed nobh option
[  273.414020][T12557] fscrypt (loop0, inode 2): Error -61 getting encryption context
[  273.422831][T12557] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -61
[  273.426757][T12557] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #13: comm syz.0.2679: casefold flag without casefold feature
[  273.437879][   T33] audit: type=1800 audit(1755300789.391:190): pid=12515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2667" name="bus" dev="loop5" ino=263 res=0 errno=0
[  273.440913][T12557] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2679: couldn't read orphan inode 13 (err -117)
[  273.447543][   T33] audit: type=1800 audit(1755300789.401:191): pid=12515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2667" name="bus" dev="loop5" ino=263 res=0 errno=0
[  273.474857][T12557] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.500607][T12561] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2680'.
[  273.521228][T12557] EXT4-fs: group quota file already specified
[  273.549556][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.599680][   T33] audit: type=1800 audit(1755300789.551:192): pid=12515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2667" name="bus" dev="loop5" ino=263 res=0 errno=0
[  273.618008][T12566] loop0: detected capacity change from 0 to 16
[  273.631438][T12566] erofs (device loop0): mounted with root inode @ nid 36.
[  273.769470][T12572] loop0: detected capacity change from 0 to 512
[  273.786458][T12572] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  273.844762][T12572] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  273.847920][T12572] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  273.860933][T12572] System zones: 0-1, 15-15, 18-18, 34-34
[  273.863118][T12572] EXT4-fs (loop0): orphan cleanup on readonly fs
[  273.865255][T12572] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0
[  273.875192][T12572] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  273.895257][T10374] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  273.899457][T12572] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  273.907428][T12572] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2685: bg 0: block 40: padding at end of block bitmap is not set
[  273.921858][T12572] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  273.929895][T12572] EXT4-fs (loop0): 1 truncate cleaned up
[  273.933057][T12572] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  273.976362][T12572] EXT4-fs error (device loop0): ext4_encrypted_get_link:46: inode #16: comm syz.0.2685: bad symlink.
[  274.389824][ T1926] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  274.490523][T12582] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2690'.
[  274.541447][ T1926] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  274.545972][ T1926] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  274.561053][ T1926] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  274.564251][ T1926] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  274.566817][ T1926] usb 6-1: SerialNumber: syz
[  274.789056][ T1926] usb 6-1: 0:2 : does not exist
[  274.804726][ T1926] usb 6-1: USB disconnect, device number 15
[  275.438560][T12596] netlink: 'syz.5.2696': attribute type 2 has an invalid length.
[  275.867331][ T5861] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.095575][ T5861] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.172851][ T5861] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.230769][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.273632][ T5861] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.485890][ T5861] bridge_slave_1: left allmulticast mode
[  276.487798][ T5861] bridge_slave_1: left promiscuous mode
[  276.494691][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.502688][ T5861] bridge_slave_0: left allmulticast mode
[  276.505018][ T5861] bridge_slave_0: left promiscuous mode
[  276.507036][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.743050][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  276.751577][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  276.759576][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  276.772048][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  276.776160][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  276.779911][ T5929] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  276.927639][ T5861] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  276.932330][ T5861] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  276.933455][ T5929] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.940630][ T5929] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.941306][ T5861] bond0 (unregistering): Released all slaves
[  276.944806][ T5929] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  276.952463][ T5861] bond1 (unregistering): Released all slaves
[  276.955636][ T5929] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  276.959434][ T5929] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.964680][ T5929] usb 6-1: config 0 descriptor??
[  277.025802][ T5861] bridge: left promiscuous mode
[  277.166297][T12617] chnl_net:caif_netlink_parms(): no params data found
[  277.324346][ T5861] hsr_slave_0: left promiscuous mode
[  277.327272][ T5861] hsr_slave_1: left promiscuous mode
[  277.331257][ T5861] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  277.334323][ T5861] batman_adv: batadv0: Removing interface: batadv_slave_0
[  277.338492][ T5861] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  277.343753][ T5861] batman_adv: batadv0: Removing interface: batadv_slave_1
[  277.357679][ T5861] veth1_macvtap: left promiscuous mode
[  277.360229][ T5861] veth0_macvtap: left promiscuous mode
[  277.362639][ T5861] veth1_vlan: left promiscuous mode
[  277.364975][ T5861] veth0_vlan: left promiscuous mode
[  277.392886][ T5929] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  277.756670][ T5861] team0 (unregistering): Port device team_slave_1 removed
[  277.806578][ T5861] team0 (unregistering): Port device team_slave_0 removed
[  278.635494][T12617] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.638490][T12617] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.644192][T12617] bridge_slave_0: entered allmulticast mode
[  278.648163][T12617] bridge_slave_0: entered promiscuous mode
[  278.659603][T12617] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.664119][T12617] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.667347][T12617] bridge_slave_1: entered allmulticast mode
[  278.677986][T12617] bridge_slave_1: entered promiscuous mode
[  278.747865][T12617] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  278.754987][T12617] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  278.777853][T12617] team0: Port device team_slave_0 added
[  278.782706][T12617] team0: Port device team_slave_1 added
[  278.819150][T12617] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.822840][T12617] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.832085][T12617] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.836709][T12617] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.839492][T12617] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.849174][T12617] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.852885][ T5848] Bluetooth: hci0: command tx timeout
[  278.886249][T12617] hsr_slave_0: entered promiscuous mode
[  278.889131][T12617] hsr_slave_1: entered promiscuous mode
[  278.934091][ T5861] IPVS: stop unused estimator thread 0...
[  279.078962][T12617] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  279.087135][T12617] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  279.096940][T12617] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  279.104123][T12617] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  279.174268][T12617] 8021q: adding VLAN 0 to HW filter on device bond0
[  279.198239][T12617] 8021q: adding VLAN 0 to HW filter on device team0
[  279.207809][ T1093] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.210872][ T1093] bridge0: port 1(bridge_slave_0) entered forwarding state
[  279.230443][ T1093] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.233759][ T1093] bridge0: port 2(bridge_slave_1) entered forwarding state
[  279.268328][T12617] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  279.286987][T12617] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  279.429486][T12617] 8021q: adding VLAN 0 to HW filter on device batadv0
[  279.524448][T12680] overlayfs: failed to clone upperpath
[  279.576893][T12617] veth0_vlan: entered promiscuous mode
[  279.592795][T12617] veth1_vlan: entered promiscuous mode
[  279.614259][T12617] veth0_macvtap: entered promiscuous mode
[  279.627547][T12617] veth1_macvtap: entered promiscuous mode
[  279.638496][T12617] batman_adv: batadv0: Interface activated: batadv_slave_0
[  279.652444][T12617] batman_adv: batadv0: Interface activated: batadv_slave_1
[  279.661372][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  279.673181][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  279.676938][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  279.698420][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  279.761567][   T10] usb 6-1: reset high-speed USB device number 16 using dummy_hcd
[  279.787451][ T1093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.796300][ T1093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  279.974749][ T4446] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.980943][ T4446] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.331387][ T5894] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  280.382377][   T10] usb 6-1: device firmware changed
[  280.390515][ T5929] usb 6-1: USB disconnect, device number 16
[  280.501797][ T5894] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  280.506071][ T5894] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  280.513728][ T5894] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  280.517579][ T5894] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.520988][ T5894] usb 7-1: Product: syz
[  280.523030][ T5894] usb 7-1: Manufacturer: syz
[  280.525018][ T5894] usb 7-1: SerialNumber: syz
[  280.530784][ T5929] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  280.681221][ T5929] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  280.684173][ T5929] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  280.688480][ T5929] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  280.693179][ T5929] usb 6-1: config 1 has no interface number 1
[  280.697147][ T5929] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  280.702392][ T5929] usb 6-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  280.708538][ T5929] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  280.713020][ T5929] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.715621][ T5929] usb 6-1: Product: syz
[  280.717769][ T5929] usb 6-1: Manufacturer: syz
[  280.719324][ T5929] usb 6-1: SerialNumber: syz
[  280.762941][ T5894] usb 7-1: 0:2 : does not exist
[  280.775923][ T5894] usb 7-1: USB disconnect, device number 2
[  280.929821][ T5848] Bluetooth: hci0: command tx timeout
[  280.943964][ T5929] usb 6-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  280.946549][ T5929] usb 6-1: MIDIStreaming interface descriptor not found
[  280.970481][ T5929] usb 6-1: USB disconnect, device number 17
[  281.311217][T12726] loop6: detected capacity change from 0 to 256
[  281.323031][T12726] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  282.156734][T12769] loop5: detected capacity change from 0 to 64
[  282.853667][T12800] bond0: entered promiscuous mode
[  282.862811][T12800] bond_slave_0: entered promiscuous mode
[  282.869103][T12800] bond_slave_1: entered promiscuous mode
[  283.009802][ T5848] Bluetooth: hci0: command tx timeout
[  283.552842][   T33] audit: type=1326 audit(1755300799.501:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.2779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  283.570243][   T33] audit: type=1326 audit(1755300799.501:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.2779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  283.592615][   T33] audit: type=1326 audit(1755300799.511:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.2779" exe="/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  283.604883][   T33] audit: type=1326 audit(1755300799.511:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.2779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  283.622638][   T33] audit: type=1326 audit(1755300799.511:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.2779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  283.772663][T12869] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2788'.
[  283.778975][T12869] vlan0: entered allmulticast mode
[  283.781680][T12869] bridge0: port 3(vlan0) entered blocking state
[  283.784094][T12869] bridge0: port 3(vlan0) entered disabled state
[  283.787448][T12869] vlan0: entered promiscuous mode
[  283.907730][T12879] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2793'.
[  284.075275][ T1926] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  284.232045][ T1926] usb 7-1: Using ep0 maxpacket: 16
[  284.243385][ T1926] usb 7-1: unable to get BOS descriptor or descriptor too short
[  284.247794][ T1926] usb 7-1: config 5 has an invalid interface number: 29 but max is 0
[  284.253825][ T1926] usb 7-1: config 5 has no interface number 0
[  284.257164][ T1926] usb 7-1: config 5 interface 29 has no altsetting 0
[  284.265261][ T1926] usb 7-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=90.00
[  284.268347][ T1926] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.273800][ T1926] usb 7-1: Product: syz
[  284.275206][ T1926] usb 7-1: Manufacturer: syz
[  284.276724][ T1926] usb 7-1: SerialNumber: syz
[  284.587357][ T1926] usb 7-1: Found UVC 0.00 device syz (05ac:8501)
[  284.589396][ T1926] usb 7-1: No valid video chain found.
[  284.594954][ T1926] usb 7-1: USB disconnect, device number 3
[  285.089883][ T5848] Bluetooth: hci0: command tx timeout
[  285.116462][   T33] audit: type=1326 audit(1755300801.071:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12914 comm="syz.5.2809" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc33838ebe9 code=0x7ffc0000
[  285.126968][   T33] audit: type=1326 audit(1755300801.071:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12914 comm="syz.5.2809" exe="/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fc33838ebe9 code=0x7ffc0000
[  285.134809][   T33] audit: type=1326 audit(1755300801.071:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12914 comm="syz.5.2809" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc33838ebe9 code=0x7ffc0000
[  285.359804][   T24] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  285.479712][   T10] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  285.533524][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  285.536679][   T24] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  285.539581][   T24] usb 7-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[  285.542986][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.547757][   T24] usb 7-1: config 0 descriptor??
[  285.630991][   T10] usb 6-1: Using ep0 maxpacket: 8
[  285.635327][   T10] usb 6-1: config 0 has an invalid interface number: 151 but max is 1
[  285.638405][   T10] usb 6-1: config 0 has no interface number 1
[  285.644189][   T10] usb 6-1: config 0 interface 151 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  285.649346][   T10] usb 6-1: config 0 interface 151 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[  285.659459][   T10] usb 6-1: config 0 interface 151 altsetting 0 endpoint 0x83 has invalid maxpacket 64466, setting to 1024
[  285.667587][   T10] usb 6-1: config 0 interface 151 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  285.673568][   T10] usb 6-1: config 0 interface 151 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  285.679194][   T10] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC9, changing to 0x89
[  285.687608][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  285.692957][   T10] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  285.703120][   T10] usb 6-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7
[  285.706915][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.713754][   T10] usb 6-1: Product: syz
[  285.719339][   T10] usb 6-1: Manufacturer: syz
[  285.722273][   T10] usb 6-1: SerialNumber: syz
[  285.731955][   T10] usb 6-1: config 0 descriptor??
[  285.736594][T12926] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  285.743235][   T10] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  285.749975][   T10] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  285.757046][ T5929] usb 7-1: USB disconnect, device number 4
[  285.794192][   T10] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -12
[  285.949881][   T24] usb 6-1: USB disconnect, device number 18
[  286.348770][T12961] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.2829'.
[  286.352395][T12956] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.2829'.
[  286.670135][T12969] loop6: detected capacity change from 0 to 2048
[  286.705423][T12969]  loop6: p1 < > p4
[  286.714237][T12969] loop6: p4 size 722688 extends beyond EOD, truncated
[  287.026237][T12979] loop5: detected capacity change from 0 to 8
[  287.030443][T12979] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  287.046111][T12979] cramfs: Error -3 while decompressing!
[  287.049119][T12979] cramfs: ffffffff99beb628(26)->ffff88811b15f000(4096)
[  287.052591][T12979] cramfs: Error -3 while decompressing!
[  287.054963][T12979] cramfs: ffffffff99beb642(26)->ffff88811b05f000(4096)
[  287.057756][T12979] cramfs: Error -3 while decompressing!
[  287.060594][T12979] cramfs: ffffffff99beb65c(16)->ffff888111790000(4096)
[  287.063191][T12979] cramfs: Error -3 while decompressing!
[  287.065170][T12979] cramfs: ffffffff99beb628(26)->ffff88811b15f000(4096)
[  287.960210][ T5929] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  288.149743][ T5929] usb 6-1: Using ep0 maxpacket: 16
[  288.156542][ T5929] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  288.161963][ T5929] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  288.165361][ T5929] usb 6-1: config 0 has no interface number 0
[  288.175066][ T5929] usb 6-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  288.178630][ T5929] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.183796][ T5929] usb 6-1: Product: syz
[  288.186167][ T5929] usb 6-1: Manufacturer: syz
[  288.187761][ T5929] usb 6-1: SerialNumber: syz
[  288.191606][ T5929] usb 6-1: config 0 descriptor??
[  288.195002][ T5929] uvcvideo 6-1:0.105: probe with driver uvcvideo failed with error -22
[  288.294857][T13022] netlink: 'syz.6.2857': attribute type 32 has an invalid length.
[  288.298069][T13022] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2857'.
[  288.308644][T13022] (unnamed net_device) (uninitialized): option coupled_control: invalid value (196)
[  288.398351][    T9] usb 6-1: USB disconnect, device number 19
[  288.407621][T13030] netlink: 'syz.6.2861': attribute type 30 has an invalid length.
[  288.507154][T13038] loop6: detected capacity change from 0 to 2048
[  288.514679][T13038] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d
[  288.518942][T13038] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  288.978697][   T33] audit: type=1326 audit(1755300804.931:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13051 comm="syz.2.2870" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  288.990024][   T33] audit: type=1326 audit(1755300804.951:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13051 comm="syz.2.2870" exe="/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  288.999156][   T33] audit: type=1326 audit(1755300804.951:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13051 comm="syz.2.2870" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  289.013297][   T33] audit: type=1326 audit(1755300804.951:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13051 comm="syz.2.2870" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  289.934789][T13076] loop5: detected capacity change from 0 to 2048
[  289.956177][T13076] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #2: comm syz.5.2881: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  289.968751][T13076] EXT4-fs (loop5): get root inode failed
[  289.972467][T13076] EXT4-fs (loop5): mount failed
[  290.106572][ T5848] Bluetooth: hci2: unexpected event for opcode 0x2003
[  290.745996][T13099] loop6: detected capacity change from 0 to 32768
[  290.762928][T13099] 
[  290.762928][T13099]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  290.762928][T13099] 
[  290.796660][T12617] 
[  290.796660][T12617]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  290.796660][T12617] 
[  290.803547][T12617] 
[  290.803547][T12617]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  290.803547][T12617] 
[  291.095799][T13108] loop6: detected capacity change from 0 to 32768
[  291.137969][T13108] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  291.137987][T13108]   allowing incompatible features above 0.0: (unknown version)
[  291.137994][T13108]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  291.156145][T13108] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  291.159684][T13108] bcachefs (loop6): initializing new filesystem
[  291.168350][T13108] bcachefs (loop6): going read-write
[  291.173836][T13108] bcachefs (loop6): marking superblocks
[  291.188945][T13108] bcachefs (loop6): initializing freespace
[  291.196421][T13108] bcachefs (loop6): done initializing freespace
[  291.206402][T13108] bcachefs (loop6): reading snapshots table
[  291.209064][T13108] bcachefs (loop6): reading snapshots done
[  291.235677][T13108] bcachefs (loop6): done starting filesystem
[  291.311713][ T5929] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  291.327291][T12617] bcachefs (loop6): shutting down
[  291.331410][T12617] bcachefs (loop6): going read-only
[  291.333695][T12617] bcachefs (loop6): finished waiting for writes to stop
[  291.338447][T12617] bcachefs (loop6): flushing journal and stopping allocators, journal seq 2
[  291.374245][T12617] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 3
[  291.379021][T12617] bcachefs (loop6): clean shutdown complete, journal seq 4
[  291.383196][T12617] bcachefs (loop6): marking filesystem clean
[  291.408431][T12617] bcachefs (loop6): shutdown complete
[  291.480135][ T5929] usb 6-1: Using ep0 maxpacket: 32
[  291.487493][ T5929] usb 6-1: config 0 has an invalid interface number: 12 but max is 0
[  291.491200][ T5929] usb 6-1: config 0 has no interface number 0
[  291.494006][ T5929] usb 6-1: config 0 interface 12 has no altsetting 0
[  291.502328][ T5929] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  291.506335][ T5929] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.510730][ T5929] usb 6-1: Product: syz
[  291.512577][ T5929] usb 6-1: Manufacturer: syz
[  291.515203][ T5929] usb 6-1: SerialNumber: syz
[  291.519256][ T5929] usb 6-1: config 0 descriptor??
[  291.765474][T13126] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2899'.
[  292.338394][ T5929] f81534 6-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71
[  292.342574][ T5929] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71
[  292.345510][ T5929] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  292.348660][ T5929] f81534 6-1:0.12: probe with driver f81534 failed with error -71
[  292.374223][ T5929] usb 6-1: USB disconnect, device number 20
[  292.629920][T13132] loop6: detected capacity change from 0 to 32768
[  292.666034][T13132] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  292.695523][T13132] (syz.6.2896,13132,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0
[  292.764163][T12617] ocfs2: Unmounting device (7,6) on (node local)
[  293.041215][T13164] loop5: detected capacity change from 0 to 1024
[  293.062029][T13164] hfsplus: catalog searching failed
[  293.082257][T12827] hfsplus: b-tree write err: -5, ino 3
[  293.089566][T10374] hfsplus: node 4:3 still has 1 user(s)!
[  293.202462][ T5929] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  293.243040][T13183] 9pnet_fd: Insufficient options for proto=fd
[  293.272026][T13185] loop5: detected capacity change from 0 to 256
[  293.359763][ T5929] usb 7-1: Using ep0 maxpacket: 32
[  293.362809][ T5929] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  293.366499][ T5929] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  293.371313][ T5929] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  293.375479][ T5929] usb 7-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  293.378992][ T5929] usb 7-1: Product: syz
[  293.380644][ T5929] usb 7-1: Manufacturer: syz
[  293.385110][ T5929] hub 7-1:4.0: USB hub found
[  293.587645][ T5929] hub 7-1:4.0: 2 ports detected
[  293.792456][    C0] raw-gadget.0 gadget.6: ignoring, device is not running
[  293.796461][    C0] raw-gadget.0 gadget.6: ignoring, device is not running
[  293.799741][ T5929] hub 7-1:4.0: hub_hub_status failed (err = -32)
[  293.802422][ T5929] hub 7-1:4.0: config failed, can't get hub status (err -32)
[  293.832003][ T5929] usb 7-1: USB disconnect, device number 5
[  295.091234][   T24] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  295.303250][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  295.312582][   T24] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  295.321552][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.351330][   T24] usb 7-1: config 0 descriptor??
[  295.370104][   T24] pwc: Askey VC010 type 2 USB webcam detected.
[  295.769561][   T24] pwc: recv_control_msg error -32 req 02 val 2b00
[  295.778149][   T24] pwc: recv_control_msg error -32 req 02 val 2700
[  295.788681][   T24] pwc: recv_control_msg error -32 req 02 val 2c00
[  295.798686][   T24] pwc: recv_control_msg error -32 req 04 val 1000
[  295.808706][   T24] pwc: recv_control_msg error -32 req 04 val 1300
[  295.824186][   T24] pwc: recv_control_msg error -32 req 04 val 1400
[  295.833785][   T24] pwc: recv_control_msg error -32 req 02 val 2000
[  295.842677][   T24] pwc: recv_control_msg error -32 req 02 val 2100
[  295.852447][   T24] pwc: recv_control_msg error -32 req 04 val 1500
[  295.856926][   T24] pwc: recv_control_msg error -32 req 02 val 2500
[  295.866739][   T24] pwc: recv_control_msg error -32 req 02 val 2400
[  295.873487][   T24] pwc: recv_control_msg error -32 req 02 val 2600
[  296.084834][   T24] pwc: recv_control_msg error -71 req 02 val 2800
[  296.090128][   T24] pwc: recv_control_msg error -71 req 04 val 1100
[  296.100386][   T24] pwc: recv_control_msg error -71 req 04 val 1200
[  296.121519][   T24] pwc: Registered as video103.
[  296.129375][   T24] input: PWC snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/input/input22
[  296.148757][   T24] usb 7-1: USB disconnect, device number 6
[  296.707200][T13260] loop6: detected capacity change from 0 to 1024
[  296.711811][T13260] EXT4-fs: Ignoring removed mblk_io_submit option
[  296.733339][T13260] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.826991][T12617] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.988558][T13278] loop6: detected capacity change from 0 to 1024
[  296.999555][T13278] hfsplus: bad catalog entry type
[  297.017865][T10585] hfsplus: b-tree write err: -5, ino 4
[  298.293947][T13317] loop6: detected capacity change from 0 to 128
[  298.297827][T13317] EXT4-fs (loop6): Test dummy encryption mode enabled
[  298.311246][T13317] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  298.316262][T13317] ext4 filesystem being mounted at /55/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  298.360149][T12617] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  298.746191][T13341] loop6: detected capacity change from 0 to 2048
[  298.756892][T13341] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  298.985569][T13361] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3002'.
[  299.370930][T13369] loop5: detected capacity change from 0 to 32768
[  299.402889][T13377] loop6: detected capacity change from 0 to 512
[  299.451140][T13377] loop6: detected capacity change from 0 to 256
[  299.495199][T13377] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  299.579264][T13369] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3006 (13369)
[  299.599547][T13369] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  299.603201][T13377] exFAT-fs (loop6): IO charset iso8859- not found
[  299.605443][T13369] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  299.615178][T13369] BTRFS error (device loop5): nologreplay must be used with ro mount option
[  299.619551][T13369] BTRFS error (device loop5): cannot disable free-space-tree
[  299.622692][T13369] BTRFS info (device loop5): disk space caching is enabled
[  299.626636][T13369] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  299.635332][T13369] BTRFS error (device loop5): open_ctree failed: -22
[  299.816662][T13392] vivid-000: =================  START STATUS  =================
[  299.821491][T13392] vivid-000: Test Pattern: 75% Colorbar
[  299.825268][T13392] vivid-000: Fill Percentage of Frame: 100
[  299.831820][T13392] vivid-000: Horizontal Movement: No Movement
[  299.834281][T13392] vivid-000: Vertical Movement: No Movement
[  299.836852][T13392] vivid-000: OSD Text Mode: All
[  299.838565][T13392] vivid-000: Show Border: false
[  299.843786][T13392] vivid-000: Show Square: false
[  299.845761][T13392] vivid-000: Sensor Flipped Horizontally: false
[  299.848013][T13392] vivid-000: Sensor Flipped Vertically: false
[  299.850168][T13392] vivid-000: Insert SAV Code in Image: false
[  299.852247][T13392] vivid-000: Insert EAV Code in Image: true
[  299.854606][T13392] vivid-000: Insert Video Guard Band: false
[  299.857040][T13392] vivid-000: Reduced Framerate: false
[  299.862233][T13392] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  299.865287][T13392] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  299.868022][T13392] vivid-000: Enable Capture Cropping: true grabbed
[  299.870574][T13392] vivid-000: Enable Capture Composing: true grabbed
[  299.873413][T13392] vivid-000: Enable Capture Scaler: true grabbed
[  299.875913][T13392] vivid-000: Timestamp Source: End of Frame
[  299.877890][T13392] vivid-000: Colorspace: SMPTE 170M
[  299.881282][T13392] vivid-000: Transfer Function: Default
[  299.884379][T13392] vivid-000: Y'CbCr Encoding: Default
[  299.886658][T13392] vivid-000: HSV Encoding: Hue 0-179
[  299.889564][T13392] vivid-000: Quantization: Default
[  299.892118][T13392] vivid-000: Apply Alpha To Red Only: false
[  299.894620][T13392] vivid-000: Standard Aspect Ratio: 4x3
[  299.897427][T13392] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  299.906888][T13392] vivid-000: DV Timings: 640x480p59 inactive
[  299.909978][T13392] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  299.912952][T13392] vivid-000: Maximum EDID Blocks: 2
[  299.915155][T13392] vivid-000: Limited RGB Range (16-235): false
[  299.918041][T13392] vivid-000: Rx RGB Quantization Range: Automatic
[  299.923910][T13392] vivid-000: Power Present: 0x00000001
[  299.926401][T13392] tpg source WxH: 720x576 (Y'CbCr)
[  299.929523][T13392] tpg field: 4
[  299.932014][T13392] tpg crop: (0,0)/720x64
[  299.935027][T13392] tpg compose: (0,0)/720x16
[  299.937688][T13392] tpg colorspace: 1
[  299.943859][T13392] tpg transfer function: 0/1
[  299.946909][T13392] tpg Y'CbCr encoding: 0/1
[  299.951567][T13392] tpg quantization: 0/2
[  299.954460][T13392] tpg RGB range: 0/2
[  299.962875][T13392] vivid-000: ==================  END STATUS  ==================
[  300.284639][T13421] loop6: detected capacity change from 0 to 256
[  300.298643][T13421] FAT-fs (loop6): Directory bread(block 64) failed
[  300.302176][T13421] FAT-fs (loop6): Directory bread(block 65) failed
[  300.304551][T13421] FAT-fs (loop6): Directory bread(block 66) failed
[  300.306902][T13421] FAT-fs (loop6): Directory bread(block 67) failed
[  300.309281][T13421] FAT-fs (loop6): Directory bread(block 68) failed
[  300.312780][T13421] FAT-fs (loop6): Directory bread(block 69) failed
[  300.315259][T13421] FAT-fs (loop6): Directory bread(block 70) failed
[  300.318639][T13421] FAT-fs (loop6): Directory bread(block 71) failed
[  300.322649][T13421] FAT-fs (loop6): Directory bread(block 72) failed
[  300.325170][T13421] FAT-fs (loop6): Directory bread(block 73) failed
[  301.379586][   T33] audit: type=1326 audit(1755300817.331:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13436 comm="syz.6.3037" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafb378ebe9 code=0x7fc00000
[  301.409363][   T33] audit: type=1326 audit(1755300817.351:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13436 comm="syz.6.3037" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fafb378ebe9 code=0x7fc00000
[  301.470310][    C0] hpet: Lost 1 RTC interrupts
[  302.259455][T13486] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3057'.
[  302.295392][T13490] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3059'.
[  303.171018][T13501] loop6: detected capacity change from 0 to 1024
[  303.195149][T13501] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  303.310418][T13501] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  303.335273][T13501] EXT4-fs (loop6): re-mounted 00000000-0000-0006-0000-000000000000.
[  303.381789][T12617] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  304.657123][T13530] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3074'.
[  304.704974][T13532] loop6: detected capacity change from 0 to 1024
[  304.708666][T13532] EXT4-fs: Ignoring removed bh option
[  304.712685][T13532] EXT4-fs: Ignoring removed nomblk_io_submit option
[  304.716726][T13532] EXT4-fs (loop6): Test dummy encryption mode enabled
[  304.752148][T13532] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.787318][T13532] VFS: Lookup of 'file0' in ext4 loop6 would have caused loop
[  304.868192][T12617] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.352265][T13560] IPVS: Error connecting to the multicast addr
[  305.391621][T13570] netlink: 'syz.5.3092': attribute type 39 has an invalid length.
[  305.812655][   T33] audit: type=1326 audit(1755300821.771:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13587 comm="syz.2.3098" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  305.830897][   T33] audit: type=1326 audit(1755300821.771:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13587 comm="syz.2.3098" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  305.845309][   T33] audit: type=1326 audit(1755300821.781:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13587 comm="syz.2.3098" exe="/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  305.862649][   T33] audit: type=1326 audit(1755300821.781:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13587 comm="syz.2.3098" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  305.870435][   T33] audit: type=1326 audit(1755300821.781:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13587 comm="syz.2.3098" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  305.897252][T13596] loop5: detected capacity change from 0 to 512
[  305.905660][T13596] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.3102: bg 0: block 5: invalid block bitmap
[  305.911729][T13596] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  305.914819][T13596] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3102: invalid indirect mapped block 3 (level 2)
[  305.922519][T13596] EXT4-fs (loop5): 1 orphan inode deleted
[  305.924628][T13596] EXT4-fs (loop5): 1 truncate cleaned up
[  305.928002][T13596] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.951471][T10374] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.983245][T13605] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.3107'.
[  306.187819][T13615] loop6: detected capacity change from 0 to 24
[  306.191176][T13615] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  306.195928][T13615] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  306.260733][T13618] loop6: detected capacity change from 0 to 128
[  306.864543][T13627] loop6: detected capacity change from 0 to 32768
[  306.868611][T13627] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3117 (13627)
[  306.875103][T13627] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  306.878499][T13627] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  306.881777][T13627] BTRFS info (device loop6): using free-space-tree
[  306.911920][T12617] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  307.034996][T13644] 9pnet_fd: Insufficient options for proto=fd
[  307.057793][T13646] mmap: syz.6.3118 (13646): VmData 45854720 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  307.105260][T13650] sch_tbf: burst 480 is lower than device lo mtu (65550) !
[  307.141248][T13652] loop6: detected capacity change from 0 to 512
[  307.152464][T13652] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.157872][T13652] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  307.191210][T12617] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.861652][T13675] loop6: detected capacity change from 0 to 1024
[  307.867837][T13675] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  307.989463][T13683] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3135'.
[  308.072444][T13690] netlink: 324 bytes leftover after parsing attributes in process `syz.2.3139'.
[  308.076205][T13690] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3139'.
[  308.080139][T13690] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3139'.
[  309.753192][T13719] loop6: detected capacity change from 0 to 40427
[  309.756809][T13719] F2FS-fs (loop6): extra_attr or flexible_inline_xattr feature is off
[  310.109751][    T9] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  310.262095][    T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  310.267220][    T9] usb 7-1: config 0 interface 0 has no altsetting 0
[  310.274357][    T9] usb 7-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  310.277972][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.281826][    T9] usb 7-1: Product: syz
[  310.283593][    T9] usb 7-1: Manufacturer: syz
[  310.285683][    T9] usb 7-1: SerialNumber: syz
[  310.291969][    T9] usb 7-1: config 0 descriptor??
[  310.296963][    T9] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  310.306533][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  310.314244][    T9] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  310.318172][    T9] usb 7-1: media controller created
[  310.342722][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  310.381083][    T9] DVB: Unable to find symbol tda10046_attach()
[  310.384060][    T9] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  310.387732][    T9] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  310.699151][    T9] dvb_usb_m920x 7-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  310.704192][    T9] usb 7-1: USB disconnect, device number 7
[  311.350869][T13730] loop6: detected capacity change from 0 to 4096
[  311.356887][T13730] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  311.413478][ T5848] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  311.417259][ T5848] Bluetooth: hci0: Injecting HCI hardware error event
[  311.423360][   T54] Bluetooth: hci0: hardware error 0x00
[  312.491207][T13737] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3160'.
[  312.837548][T13768] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.3175'.
[  312.912805][T13779] loop6: detected capacity change from 0 to 256
[  313.234042][T13800] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  313.244940][T13800] CIFS mount error: No usable UNC path provided in device string!
[  313.244940][T13800] 
[  313.249266][T13800] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  313.489758][   T54] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  314.764850][T13833] loop6: detected capacity change from 0 to 512
[  314.780300][T13833] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  314.785199][T13833] EXT4-fs (loop6): 1 truncate cleaned up
[  314.787811][T13833] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  314.812813][T12617] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.914479][T13843] loop6: detected capacity change from 0 to 256
[  314.916942][T13843] exfat: Deprecated parameter 'utf8'
[  314.918811][T13843] exfat: Unknown parameter 'iocht'
[  315.246709][   T24] kernel write not supported for file /341/attr/fscreate (pid: 24 comm: kworker/1:0)
[  315.386849][T13858] bridge1: entered promiscuous mode
[  315.388926][T13858] bridge1: entered allmulticast mode
[  315.415494][T13860] netlink: 'syz.6.3216': attribute type 2 has an invalid length.
[  315.427839][T13860] : entered promiscuous mode
[  315.647911][T13874] Invalid source name
[  315.649869][T13874] UBIFS error (pid: 13874): cannot open "./file0", error -22
[  315.681356][   T33] audit: type=1326 audit(1755300831.641:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13875 comm="syz.6.3224" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafb378ebe9 code=0x7ffc0000
[  315.692953][   T33] audit: type=1326 audit(1755300831.641:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13875 comm="syz.6.3224" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafb378ebe9 code=0x7ffc0000
[  315.704333][   T33] audit: type=1326 audit(1755300831.651:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13875 comm="syz.6.3224" exe="/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fafb378ebe9 code=0x7ffc0000
[  317.017430][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[  317.020478][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  317.097160][T13896] netlink: 'syz.2.3233': attribute type 10 has an invalid length.
[  317.108638][T13896] 8021q: adding VLAN 0 to HW filter on device batadv0
[  317.115207][T13896] batadv0: entered promiscuous mode
[  317.118165][T13896] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  317.771719][ T1926] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  317.931743][ T1926] usb 7-1: config 0 has an invalid interface number: 173 but max is 0
[  317.935061][ T1926] usb 7-1: config 0 has no interface number 0
[  317.937260][ T1926] usb 7-1: New USB device found, idVendor=2040, idProduct=4982, bcdDevice=95.d3
[  317.940890][ T1926] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.945837][ T1926] usb 7-1: config 0 descriptor??
[  318.152609][ T1926] hdpvr 7-1:0.173: unexpected answer of status request, len -71
[  318.155848][ T1926] hdpvr 7-1:0.173: device init failed
[  318.158202][ T1926] hdpvr 7-1:0.173: probe with driver hdpvr failed with error -12
[  318.164548][ T1926] usb 7-1: USB disconnect, device number 8
[  318.627339][   T33] audit: type=1326 audit(1755300834.581:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13920 comm="syz.2.3245" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  318.637971][   T33] audit: type=1326 audit(1755300834.581:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13920 comm="syz.2.3245" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  318.651980][   T33] audit: type=1326 audit(1755300834.591:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13920 comm="syz.2.3245" exe="/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  318.672069][   T33] audit: type=1326 audit(1755300834.591:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13920 comm="syz.2.3245" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  318.684618][   T33] audit: type=1326 audit(1755300834.591:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13920 comm="syz.2.3245" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  318.702101][   T33] audit: type=1326 audit(1755300834.591:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13920 comm="syz.2.3245" exe="/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  318.713318][   T33] audit: type=1326 audit(1755300834.591:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13920 comm="syz.2.3245" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818b98ebe9 code=0x7ffc0000
[  319.039741][    T9] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  319.189709][    T9] usb 7-1: Using ep0 maxpacket: 16
[  319.193042][    T9] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  319.197135][    T9] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  319.205680][    T9] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  319.208948][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.212396][    T9] usb 7-1: Product: syz
[  319.214163][    T9] usb 7-1: Manufacturer: syz
[  319.216052][    T9] usb 7-1: SerialNumber: syz
[  319.427790][    T9] usb 7-1: 0:2 : does not exist
[  319.443191][    T9] usb 7-1: USB disconnect, device number 9
[  320.037449][T13947] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3257'.
[  320.416593][T13960] netlink: 220 bytes leftover after parsing attributes in process `syz.2.3263'.
[  321.063628][T13981] gretap0: entered promiscuous mode
[  321.067764][T13981] gretap0: left promiscuous mode
[  321.203220][ T5848] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  321.210334][ T5848] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  321.214016][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  321.218450][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  321.223890][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  321.427143][T13995] loop6: detected capacity change from 0 to 4096
[  321.470209][T13984] chnl_net:caif_netlink_parms(): no params data found
[  321.486666][T13995] ntfs3(loop6): Failed to initialize $Extend/$ObjId.
[  321.539167][T13995] ntfs3(loop6): ino=1c, mi_enum_attr
[  321.549486][T13995] overlayfs: upper fs does not support tmpfile.
[  321.559832][T13984] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.563032][T13984] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.566166][T13984] bridge_slave_0: entered allmulticast mode
[  321.567939][T13995] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  321.570046][T13984] bridge_slave_0: entered promiscuous mode
[  321.575825][T13984] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.578383][T13984] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.589909][T13984] bridge_slave_1: entered allmulticast mode
[  321.595005][T13984] bridge_slave_1: entered promiscuous mode
[  321.698907][   T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.718691][T13984] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.725408][T13984] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.781238][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.787596][T14015] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000000004
[  321.792389][T13984] team0: Port device team_slave_0 added
[  321.795528][T13984] team0: Port device team_slave_1 added
[  321.832053][T13984] batman_adv: batadv0: Adding interface: batadv_slave_0
[  321.834851][T13984] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.846791][T13984] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  321.902450][   T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.916031][T13984] batman_adv: batadv0: Adding interface: batadv_slave_1
[  321.918792][T13984] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.938105][T13984] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  321.966745][    C1] hrtimer: interrupt took 38204 ns
[  321.998449][   T12] bridge0: port 3(netdevsim0) entered disabled state
[  322.064979][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): left allmulticast mode
[  322.068643][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): left promiscuous mode
[  322.084392][   T12] bridge0: port 3(netdevsim0) entered disabled state
[  322.104990][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.184668][T13984] hsr_slave_0: entered promiscuous mode
[  322.187865][T13984] hsr_slave_1: entered promiscuous mode
[  322.196483][T13984] debugfs: 'hsr0' already exists in 'hsr'
[  322.198989][T13984] Cannot create hsr debugfs directory
[  322.428055][   T12] bridge_slave_1: left allmulticast mode
[  322.433021][   T12] bridge_slave_1: left promiscuous mode
[  322.436421][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.441476][   T12] bridge_slave_0: left allmulticast mode
[  322.443509][   T12] bridge_slave_0: left promiscuous mode
[  322.445507][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.002011][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  323.006583][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  323.015877][   T12] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  323.028212][   T12] bond0 (unregistering): Released all slaves
[  323.136125][   T12] ------------[ cut here ]------------
[  323.138125][   T12] wlan1: Failed check-sdata-in-driver check, flags: 0x0
[  323.142536][   T12] WARNING: CPU: 1 PID: 12 at net/mac80211/driver-ops.c:366 drv_unassign_vif_chanctx+0x50b/0x7e0
[  323.145954][   T12] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  323.148269][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  323.153716][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  323.157027][   T12] Workqueue: netns cleanup_net
[  323.158637][   T12] RIP: 0010:drv_unassign_vif_chanctx+0x50b/0x7e0
[  323.161806][   T12] Code: 8d 8d b8 09 00 00 48 85 c0 48 0f 44 f1 43 0f b6 04 3e 84 c0 0f 85 6b 02 00 00 8b 55 00 48 c7 c7 40 26 b0 8c e8 66 cc 9b f6 90 <0f> 0b 90 90 e9 ee fc ff ff e8 07 2c d8 f6 90 0f 0b 90 42 80 7c 3d
[  323.168586][   T12] RSP: 0018:ffffc900000f72a0 EFLAGS: 00010246
[  323.170826][   T12] RAX: 35e264d271808e00 RBX: 0000000000000000 RCX: ffff88801c2ed640
[  323.173258][   T12] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  323.175900][   T12] RBP: ffff888105989728 R08: 0000000000000003 R09: 0000000000000004
[  323.178404][   T12] R10: dffffc0000000000 R11: fffffbfff1bfa1ec R12: ffff88810598a9d0
[  323.180998][   T12] R13: ffff888105988d80 R14: 1ffff11020b312e5 R15: dffffc0000000000
[  323.183698][   T12] FS:  0000000000000000(0000) GS:ffff8881a3c1c000(0000) knlGS:0000000000000000
[  323.187261][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  323.190003][   T12] CR2: 00007fafb3774c40 CR3: 0000000028ec8000 CR4: 00000000000006f0
[  323.193078][   T12] Call Trace:
[  323.194513][   T12]  <TASK>
[  323.195708][   T12]  ieee80211_assign_link_chanctx+0x1ec/0xd70
[  323.198025][   T12]  __ieee80211_link_release_channel+0x33b/0x4a0
[  323.200466][   T12]  ? __pfx_ieee80211_uninit+0x10/0x10
[  323.202482][   T12]  unregister_netdevice_many_notify+0x1953/0x1ff0
[  323.204740][   T12]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  323.207259][   T12]  ? __pfx_call_rcu+0x10/0x10
[  323.208767][   T12]  unregister_netdevice_queue+0x33c/0x380
[  323.211116][   T12]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  323.213577][   T12]  _cfg80211_unregister_wdev+0x165/0x590
[  323.215758][   T12]  ieee80211_remove_interfaces+0x49a/0x6e0
[  323.217934][   T12]  ? __pfx_synchronize_rcu+0x10/0x10
[  323.219694][   T12]  ? __pfx_ieee80211_remove_interfaces+0x10/0x10
[  323.221754][   T12]  ? rcu_is_watching+0x15/0xb0
[  323.223338][   T12]  ieee80211_unregister_hw+0x5d/0x2c0
[  323.225031][   T12]  mac80211_hwsim_del_radio+0x275/0x460
[  323.226823][   T12]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[  323.228778][   T12]  hwsim_exit_net+0x584/0x640
[  323.230412][   T12]  ? __pfx_hwsim_exit_net+0x10/0x10
[  323.232067][   T12]  ? __ip_vs_dev_cleanup_batch+0x238/0x260
[  323.233918][   T12]  ops_undo_list+0x49a/0x990
[  323.235366][   T12]  ? __pfx_ops_undo_list+0x10/0x10
[  323.236992][   T12]  ? do_raw_spin_unlock+0x4d/0x240
[  323.238638][   T12]  cleanup_net+0x4c5/0x800
[  323.240116][   T12]  ? __pfx_cleanup_net+0x10/0x10
[  323.241704][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  323.243406][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  323.245259][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  323.247108][   T12]  process_scheduled_works+0xae1/0x17b0
[  323.248980][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  323.251026][   T12]  worker_thread+0x8a0/0xda0
[  323.252569][   T12]  kthread+0x711/0x8a0
[  323.254211][   T12]  ? __pfx_worker_thread+0x10/0x10
[  323.255823][   T12]  ? __pfx_kthread+0x10/0x10
[  323.257272][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  323.258920][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  323.260892][   T12]  ? __pfx_kthread+0x10/0x10
[  323.262345][   T12]  ret_from_fork+0x3fc/0x770
[  323.263849][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  323.265561][   T12]  ? __switch_to_asm+0x39/0x70
[  323.267054][   T12]  ? __switch_to_asm+0x33/0x70
[  323.268601][   T12]  ? __pfx_kthread+0x10/0x10
[  323.270036][   T54] Bluetooth: hci3: command tx timeout
[  323.270257][   T12]  ret_from_fork_asm+0x1a/0x30
[  323.274010][   T12]  </TASK>
[  323.275036][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  323.277239][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  323.281037][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  323.284164][   T12] Workqueue: netns cleanup_net
[  323.285706][   T12] Call Trace:
[  323.286813][   T12]  <TASK>
[  323.287788][   T12]  dump_stack_lvl+0x99/0x250
[  323.289388][   T12]  ? __asan_memcpy+0x40/0x70
[  323.291045][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  323.292780][   T12]  ? __pfx__printk+0x10/0x10
[  323.294305][   T12]  vpanic+0x281/0x750
[  323.295684][   T12]  ? __pfx__printk+0x10/0x10
[  323.297212][   T12]  ? __pfx_vpanic+0x10/0x10
[  323.298707][   T12]  ? is_bpf_text_address+0x26/0x2b0
[  323.300439][   T12]  panic+0xb9/0xc0
[  323.301718][   T12]  ? __pfx_panic+0x10/0x10
[  323.303299][   T12]  __warn+0x31b/0x4b0
[  323.304894][   T12]  ? drv_unassign_vif_chanctx+0x50b/0x7e0
[  323.307223][   T12]  ? drv_unassign_vif_chanctx+0x50b/0x7e0
[  323.309137][   T12]  report_bug+0x2be/0x4f0
[  323.310640][   T12]  ? drv_unassign_vif_chanctx+0x50b/0x7e0
[  323.312686][   T12]  ? drv_unassign_vif_chanctx+0x50b/0x7e0
[  323.314567][   T12]  ? drv_unassign_vif_chanctx+0x50d/0x7e0
[  323.316416][   T12]  handle_bug+0x84/0x160
[  323.317743][   T12]  exc_invalid_op+0x1a/0x50
[  323.319312][   T12]  asm_exc_invalid_op+0x1a/0x20
[  323.321044][   T12] RIP: 0010:drv_unassign_vif_chanctx+0x50b/0x7e0
[  323.323245][   T12] Code: 8d 8d b8 09 00 00 48 85 c0 48 0f 44 f1 43 0f b6 04 3e 84 c0 0f 85 6b 02 00 00 8b 55 00 48 c7 c7 40 26 b0 8c e8 66 cc 9b f6 90 <0f> 0b 90 90 e9 ee fc ff ff e8 07 2c d8 f6 90 0f 0b 90 42 80 7c 3d
[  323.330139][   T12] RSP: 0018:ffffc900000f72a0 EFLAGS: 00010246
[  323.332242][   T12] RAX: 35e264d271808e00 RBX: 0000000000000000 RCX: ffff88801c2ed640
[  323.335037][   T12] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  323.337649][   T12] RBP: ffff888105989728 R08: 0000000000000003 R09: 0000000000000004
[  323.340642][   T12] R10: dffffc0000000000 R11: fffffbfff1bfa1ec R12: ffff88810598a9d0
[  323.343675][   T12] R13: ffff888105988d80 R14: 1ffff11020b312e5 R15: dffffc0000000000
[  323.346700][   T12]  ieee80211_assign_link_chanctx+0x1ec/0xd70
[  323.348966][   T12]  __ieee80211_link_release_channel+0x33b/0x4a0
[  323.351338][   T12]  ? __pfx_ieee80211_uninit+0x10/0x10
[  323.353308][   T12]  unregister_netdevice_many_notify+0x1953/0x1ff0
[  323.355621][   T12]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  323.358376][   T12]  ? __pfx_call_rcu+0x10/0x10
[  323.360184][   T12]  unregister_netdevice_queue+0x33c/0x380
[  323.362276][   T12]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  323.364501][   T12]  _cfg80211_unregister_wdev+0x165/0x590
[  323.366588][   T12]  ieee80211_remove_interfaces+0x49a/0x6e0
[  323.368797][   T12]  ? __pfx_synchronize_rcu+0x10/0x10
[  323.370506][   T12]  ? __pfx_ieee80211_remove_interfaces+0x10/0x10
[  323.372879][   T12]  ? rcu_is_watching+0x15/0xb0
[  323.374695][   T12]  ieee80211_unregister_hw+0x5d/0x2c0
[  323.376721][   T12]  mac80211_hwsim_del_radio+0x275/0x460
[  323.378634][   T12]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[  323.380638][   T12]  hwsim_exit_net+0x584/0x640
[  323.382334][   T12]  ? __pfx_hwsim_exit_net+0x10/0x10
[  323.384190][   T12]  ? __ip_vs_dev_cleanup_batch+0x238/0x260
[  323.386287][   T12]  ops_undo_list+0x49a/0x990
[  323.387949][   T12]  ? __pfx_ops_undo_list+0x10/0x10
[  323.389775][   T12]  ? do_raw_spin_unlock+0x4d/0x240
[  323.391567][   T12]  cleanup_net+0x4c5/0x800
[  323.393354][   T12]  ? __pfx_cleanup_net+0x10/0x10
[  323.395133][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  323.396836][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  323.398927][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  323.400734][   T12]  process_scheduled_works+0xae1/0x17b0
[  323.403021][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  323.405576][   T12]  worker_thread+0x8a0/0xda0
[  323.407510][   T12]  kthread+0x711/0x8a0
[  323.409137][   T12]  ? __pfx_worker_thread+0x10/0x10
[  323.411158][   T12]  ? __pfx_kthread+0x10/0x10
[  323.412807][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  323.414581][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  323.416301][   T12]  ? __pfx_kthread+0x10/0x10
[  323.417846][   T12]  ret_from_fork+0x3fc/0x770
[  323.419457][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  323.421173][   T12]  ? __switch_to_asm+0x39/0x70
[  323.422750][   T12]  ? __switch_to_asm+0x33/0x70
[  323.424317][   T12]  ? __pfx_kthread+0x10/0x10
[  323.425877][   T12]  ret_from_fork_asm+0x1a/0x30
[  323.427488][   T12]  </TASK>
[  323.429495][   T12] Kernel Offset: disabled
[  323.431379][   T12] Rebooting in 86400 seconds..

VM DIAGNOSIS:
23:33:59  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffffff8fc0a224 RCX=dffffc0000000000 RDX=ffffffff8fc0a20c
RSI=ffffffff90413d34 RDI=ffffffff8be334a0 RBP=ffffffff8fc0a20c RSP=ffffc90002f3ed98
R8 =0000000000000007 R9 =ffffffff8172c195 R10=ffffc90002f3eeb8 R11=ffffffff81ac36c0
R12=ffffffff822c6e70 R13=ffffffff8fc0a20c R14=ffffc90002f3ee68 R15=ffffffff8fc0a218
RIP=ffffffff8172d3fe RFL=00000a02 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555893c1500 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f15c78e7d60 CR3=000000010e62c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f818ba12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000032 RBX=0000000000000032 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900000f6a50
R8 =ffff88801ffa8237 R9 =1ffff11003ff5046 R10=dffffc0000000000 R11=ffffffff854efc10
R12=dffffc0000000000 R13=ffffffff99af98ec R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854efc8c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fafb3774c40 CR3=0000000028ec8000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000000ff XMM01=0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
XMM02=ffff000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
