last executing test programs:

2.397816426s ago: executing program 0 (id=6022):
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200)
syz_usb_connect(0x0, 0x1a2, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000b6a57e4086805b0bc5e10102030109029001020000000009040000020e0100000a2401002200020102092100000001220000090500000000000000a7008d566539461c701919d99a91c3af134dfaf61ea66b8f08810855d90c55c91f11c4a6d847caf7b449c6c760e60f6b890d99ed23074bf2538ca7bba727dfe7c00b90d0bc7f2da56768ed5ce8df38c07183564831596fd52da49a92adafa6277df5a120c898fc51ca04089f110dfbe1b258e9b9a83bf95fb0a4a24ca6acae78e1c291f671fcdca77c7128d319f7a4b51bbc2ed4bab8aac95498fb6033f760602c1a8b1eac2150072501000000000905000000000000000725010000000007250100000000090400000eb03748000a2401000000020102052405", @ANYBLOB="12aa85"], 0x0)

1.846538533s ago: executing program 2 (id=6031):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001a80)={0x14, 0x14, 0x229, 0x0, 0x25dfdbfd, {0x2}}, 0x14}}, 0x880)

1.721198792s ago: executing program 2 (id=6032):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c0002800a001a"], 0x4c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

1.502145027s ago: executing program 2 (id=6036):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xfffffffffffffff6, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000080)={0x0, 0x1012, 0x1, @discrete={0xfffffffe, 0x7fff}})

1.353206297s ago: executing program 2 (id=6039):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCOUTQ(r0, 0x4bfb, &(0x7f0000000280))

1.275853502s ago: executing program 2 (id=6041):
r0 = syz_open_dev$video(&(0x7f0000000040), 0x1, 0x400)
ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f00000000c0)={0x7, {0x7, 0x5}, {0x7fff, 0xa, 0x9, 0x6}, {0x10, 0x2}})

1.160557931s ago: executing program 2 (id=6044):
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x1800802, &(0x7f00000000c0)={[{@localalloc={'localalloc', 0x3d, 0x5}}, {@heartbeat_none}, {@usrquota}, {@barrier={'barrier', 0x3d, 0x7}}, {@heartbeat_none}, {@heartbeat_none}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181d011, 0x0, 0x40, 0x0, &(0x7f0000000140))

1.013265041s ago: executing program 3 (id=6046):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x101000)
ioctl$VIDIOC_QUERY_EXT_CTRL(r0, 0xc0445624, &(0x7f0000000300)={0xf0f000, 0x8, "9a555c14c966e134d198b9aaaa7da80f8e4fa888dece6ffdb507a3c83e58e128", 0x0, 0x100000000, 0xfffffffffdfff003, 0x0, 0x9, 0x5, 0x2, 0x2, [0x9, 0x2, 0x0, 0xfffffffd]})

982.908003ms ago: executing program 1 (id=6047):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="ab", 0x1}], 0x1, &(0x7f0000000240)=[@rights={{0x14, 0x1, 0x1, [r1]}}], 0x18}, 0x20040001)

927.609657ms ago: executing program 3 (id=6048):
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x4, 0x8000000000000001, 0x6e11, 0xfffffffffffffffc, 0x22, 0x100000001, 0xe, 0x9}, &(0x7f0000000080)={0x4, 0x3, 0x0, 0x5, 0x7, 0xe5, 0x4, 0x3}, &(0x7f00000001c0)={0xb, 0x2, 0x1, 0x9, 0x8, 0xffff, 0x9, 0xf}, 0x0, 0x0)

859.420471ms ago: executing program 3 (id=6049):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000700)=[{&(0x7f00000002c0)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000380)=ANY=[@ANYBLOB="1e000000000000000300000007000000830b040a1c01027f00000100000000001c000000000000000000000008000000", @ANYRESOCT=r0], 0x40}, 0x0)

785.346846ms ago: executing program 0 (id=6050):
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f00000003c0)={&(0x7f0000000600)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4044000}, 0x0)

785.216566ms ago: executing program 1 (id=6051):
pipe2(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c63616368653d667363616368652c63616368657461673d14e2c311e2cb86c82d4873c6af6ddc7bde3c511a1315e4f85948a98ae388123b56361ed3cc4c3e5523eb70372d9fb8f341b24358d32f"])

738.92773ms ago: executing program 3 (id=6052):
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x11c0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file4\x00', &(0x7f0000000040), 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB='mpol=bind=static:7-7d,'])

654.545095ms ago: executing program 0 (id=6053):
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x5, 0x12, r0, 0x100000000)

635.615337ms ago: executing program 1 (id=6054):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r0, 0x0, 0x10, &(0x7f0000000080)="170000000200020000ffbe8c5ee17688a2002b000103000afdff02a257fc5ad90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff", 0xb8)

580.31171ms ago: executing program 3 (id=6055):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r0, &(0x7f0000000ec0)=[{0x0, 0x71}, {&(0x7f0000000880)='\x00', 0x1}], 0x2, 0x0, 0x81)

512.381365ms ago: executing program 0 (id=6056):
r0 = creat(&(0x7f0000000280)='./bus\x00', 0x2)
pwritev2(r0, &(0x7f00000005c0)=[{&(0x7f0000000080)="ec", 0x1}, {&(0x7f0000000380)="eaa039600a0d9fd087fefda37d82e5a384494ea5ed3d8f4c0d274257d42202f5bf294f4f5abef26f4872a41231fb735fdbaa0247580a92b2dcd41418b7f147d7cf538fb08c18114333c0de1dae94dac345cbfa0b975a5027163f492931007f906e1b1d8c74a77a40354a984e9edb9c7416a9afd1cbf12d59db5f1385a3b3dfeed03140f73894836eb68f2e5ad18d9651ac74aa2a5e369024bf99d5826a3ccd45c4495ba45ee9e03fc9da626577b8df9c5d20d8", 0xb3}, {&(0x7f0000000600)="1708f6744b717429411cbd8c88c7957cee21f365582263ca265627ba0a71cd1f33b62e70b0875680b701ffc45914173343d10699e2f5bd085535552876f4ed5dfe00a6c3268e0b0f1d9a4912d3c269f24bed1a77d28a0b3a10c1e455e461124cc5ddf56cfc8a5f67ac4874ca38f53774a8d5dd63b9d9a1dd208584fe2c930030578ee8926c704c714ffa0e25586de6ef71a672711511e73c46f19bd511d74213eb2ce37c2dae70af8a805c26320edffe", 0xb0}], 0x50a57923f0e8f719, 0xfffff, 0x0, 0x4)

511.697095ms ago: executing program 1 (id=6057):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000001300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x4, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @fwd={0x2}, @struct={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}, {0x0, [0x0, 0x51]}}, &(0x7f00000005c0)=""/240, 0x40, 0xf0, 0x1}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x10000, 0x0, 0xffffffffffffffff, 0x987f, '\x00', 0x0, r0, 0x3, 0x2}, 0x50)

415.936192ms ago: executing program 3 (id=6058):
r0 = syz_mount_image$xfs(&(0x7f0000000340), &(0x7f0000000080)='./file0\x00', 0x2218a5d, &(0x7f0000000140), 0x0, 0x965a, &(0x7f0000012c40)="$eJzs+gm8pnPh+P/fZxi7jKGSUlMRLbJmiWpmMEMhWaIdkZSlpELbUFKoiGhT9i1bWULZWkn2FkoIlTXSYhvm/zjmTMb04lPfPv+fT71er8fjnPu+r/u6rvO+389rOYfZbNJGEweDuQbTGzeYtfOunTx1zNXr33nUlgseu9yp9+7/2BUXHz/yOGHkceJgMBg18vbQ9GVjB6edPmow+yPLH23euecZmn8wWH7k5ch+BitPf5j/ihnrTZulWQc69Oi3vad/PdICwz9i+Mnh++95xGAwGDPT9kODwdCUf/ig0jabMHnSo1Z/dxu2Gj3yfOavOaZ/zX/xYDD/mQM+PmZed+hJ+EjDP3PKi84dvf6T8LP/49pswuR1ZvEfPhdnG1m28vA5Pus5aGzW4/z2JTZfdWQKHzneBoPhS9xjzpX/iDabMGndweNf5wdHrXbh3tOmXzfnHEy/Ucw9GAzmGbm+zvdku9S/14SJKzxyz57xeoR9xrE8hY6LE9568sPDN+nBYLDQYDB27Rn3gqqqqvrPaMLEFdaA+/9cT3T/P+WURc/s/l9VVfWf2zoTJq4wfK+f5f4/3xPd/3da9KI9pv+3//ErT9/q4Sf3Q1RVVdW/1KR18P4/5onu/yuvcdm63f+rqqr+c9twvUfu//PNcv9f+Inu/286ebXFRtab8XvDQzPtcmim/5/w4EzLZ5tp+QMzLR89035mXn+OmZbfN9PyOYffg/XHDQZjZ/x7wamPLh47bvi9keX3z7R8/KP/TmfxNWdaPmGm5ZNmWj5xZKzDyyfPtHzyTOuv/QRTXVVV9X+mDVeYtMZgpn9nP7J4kRnv0/3/grOuW/rJGm9VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVX9Z/bwnWefOxgMhgaDwajBYOpg5PnMj4Np06ZNG359yvmXX/6kDfT/RkPnXTt56pir17/zqC0XPHa5U+/d/9FZ+o/tP/8T1L/TsP9cx48bDHbY5MkeSj0Jdf67y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/uIfvPPvckWNg1GAwdTDyfMqMx7P2e+ObR1ZdddNT7z7o0S0XH7/tyLPzrp08ddsnYexPQkPDn3XM1evfedSWCx673Kn37v9fcPb853+C+nd6xH/bocFg5PweM3wurz9hw42XGgwGB9196qYrDf7+3irD7602drbBbI9sutQj39danHc8Ze3pj+OHvy38932c8sj+15l22GxDswxipl5x3o1HvXOze1ec9XHJx/8co2Y8OeL6M+6ZNm3atMcsHGmux9l4xv5nfJZZz/ORsS81PPZldt7+Pcu8b9fdlt52+y222XqbrXdYboVVVlxp+eVWWvVly7xj2+22Xnb698eZs3GPfF/jn5mz+WadszsnzDxns362x5uzcU88Z4/scepuQxvPmLPZ/8U5W+OJ52zctiM/aPHxowebPzI1Q4PB4muOHuwy/GK5OQeDxdcaWXeR4XVXHztqMNjv0Q86/GzOvx+DQ1OG19ls0kYTHx3ZP37Cf7hOP2bFxcePPE4YeZw4fYjjBo8eimMHp50+anguHjPN8849z9D8g8HyIy9H9jNYdeTdQ2esN22WZh3o0KPf9p7+9UgLDO9k+Mm7lj37muFzcZbt///R/9P1/x+8Vhn6+0QNjXyNrDPda8LkdR79WY9Mw/DczTaybOVhk1nn7H+zfxjvuNkHY55gvJPWmbjC8OJZ5n/GJnh83bXEhR+afmyNX3n6Vg//P6PQeOd7gvGuMwHHO98Tjff4D196+vRd/a+Nd5Zr3bqPfB//z1zrBk98rZuNdrD1JYvNeq17zeMP8THn8Yw5mnOWlR7vWrfLwctPGd7/+Ce+1q07PPbRj7nWjRoMFl9jxrVu+MI3afRgv+EXyw+/mDx6cOzwixUeeTH34PzhFy99+47bbTW8YO0Zc7Ls8H7Hjx16xP3ClW9bctoB06atOTKW8WMfO9aR42PczPfzCWOnT+aMbWfsd3jVGfu95enT35s0st8J/8J+Z2xL4717genvTR7Z78RZ9jv6CfY7Y9t/OB+WGvr7hetxrjeTZrnejPyNM+PHPeZrjulf8188GMx/JvnOsu7/eM2k83euJxjvhIkrrDE8vlnO378fjnT+Xjr56uF7xfyDwWChwWDs2jPG/i829Hjjnf2JxzsRxjv7E433yuO2X+9/YbyDmcb7mONssw2nHytrjxxnk/+F43fGtrNex0Y/8u70y/7a/8x1bNw/XMd2n23ULJM9U4/3O9tWsP7054s8+nvutScdM2PuR8+y3//pd7aZPssQXMfGzPL3/Ki1bxgM0ZxPOX71y4YOfOI5Hz147N8WM+Z8xrZPNOeT/5k5f9YTz/k/+3vyUs+f/v7oWcY/85xvsO8z95kx53PMst//ac4nP/G94x/nfPxgNM35sg9Mn7cnup4+3pzP2HbGnA9/xNXGzj5Ya/ieNTLnk/6ZOV/kf+c4nwfWn/58678vOueoU18/Y85nneP/ac4n/atzPu7vx/nij7z3vFGDOeYY7LLFzjvvtNz07zNeLj/9O1+L7rt2+jw/0b308YxmbPtE58Wa/4zRmH/KaOh/Mlp09sczevTUOnLHnZ72/3otWvNfNRrwtejqY6bP2xP9XvR4cz5jW7oPLjzT9rP+Hbrheo/83j3fLPfBGZvgffCcs9bda8YuRzZ7aJZhzrivPjjT8tlmWv7ATMtHz7SfmdefY6bl9820fPgjzDHT+jNYxw3/zTuyfOqjq48d/uVp3Mjy+2daPv7RbRdfc6blE2ZaPmmm5RMfPTQWnzzT8skzrb/24F9sxn+T3nbWi3z9s/Xff93l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+Yt7+M6zzx05BkYNBlMH058PjTwOpgxtcMerhh8Hg8HolU+ctsGTPd4nuaHzrp08dczV69951JYLHrvcqffu/19w9vznf4L6d3rEf9uhwWDk/B6z7WAwWH/ChhsvNRgMNph24sqjBn9/b5Hh91YfO2ow2G/oMTuY8+/rDE0ZXmezSRtNHAzmGllj3D/80H84jx6z4uLjRx4njDxOnH59Gjd49HgdOzjt9FGD2R9Z/mjzzj3P0PyDwfIjL0f2M1h5+sP8V8xYb9oszTrQoUe/7T3965EWGP4Rw0922Wbys4fnapbt/88041q97aj/cdXOf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8hf38J1nnztyDIwaDKYOpj8fmjLyOBg6+bQXjhwio3e96ujDnuzxPskNnXft5Kljrl7/zqO2XPDY5U69d///grPnP/8T1L/TI/7bDg0GI+f3mG0Hg8H6EzbceKnBYHDY0VftOmrw9/cWGX5v9bGjBoP9hh6zgzn/vs7QlOF1Npu00cTBYK6RNcb9ww/9h/PoMSsuPn7kccLI48Tp16dxg0eP17GD004fNZj9keWPNu/c8wzNPxgsP/JyZD+Dlac/zH/FjPWmzdKsAx169Nve078eaYHhHzH8ZM/5rj15eK5m2f7/TDOu1duO+h9X7fx3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/cQ/fefa5I8fAqMFg6mD681Ejj0NTbr7poxsPPw6/XnDtva59ssf7JDd03rWTp465ev07j9pywWOXO/Xe/f8Lzp7//E9Q/07D/nMdP24w2GGTJ3so9STU+e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7iHr7z7HNHno56dOmoKR0X2NB5106eOubq9e88assFj13u1Hv3f7IH9O/2OP67549Z/PfIH7P4fzx/zOL/ifwxi/+e+WMW/0/mj1n898ofs/h/Kn/M4v/p/DGL/975Yxb/ffLHLP775o9Z/D+TP2bx/2z+mMX/c/ljFv/98scs/vvnj1n8P58/ZvE/IH/M4n9g/pjF/wv5Yxb/g/LHLP4H549Z/L+YP2bx/1L+mMX/y/ljFv+v5I9Z/L+aP2bxPyR/zOL/tfwxi//X88cs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bx/0b+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+H8zf8zi/638MYv/qfljFv/T8scs/qfnj1n8z8gfs/h/O3/M4n9m/pjF/6z8MYv/2fljFv/v5I9Z/L+bP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP7fyx+z+H8/f8zi/4P8MYv/D/PHLP4/yh+z+P84f8zif2H+mMX/ovwxi/9P8scs/hfnj1n8f5o/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/j/LH/M4v/z/DGL/y/yxyz+v8wfs/hfnT9m8b8mf8zi/6v8MYv/r/PHLP7X5o9Z/H+TP2bxvy5/zOJ/ff6Yxf+G/DGL/2/zxyz+N+aPWfxvyh+z+N+cP2bx/13+mMX/9/ljFv8/5I9Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv8/5o9Z/O/KH7P4350/ZvH/U/6Yxf+e/DGL/5/zxyz+f8kfs/j/NX/M4v+3/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvGfmj9m8X8of8zi/3D+mMV/Wv6YxH+2Qf6YxX8of8ziPyp/zOI/W/6YxX/2/DGL/+j8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8ziP1/+mMV//vwxi/9T8scs/gvkj1n8x9j8Xz3/P7WaxX9Bm/8/mcV/bP6YxX+h/DGL/8L5Yxb/p+aPWfyflj9m8X96/pjFf5H8MYv/M/LHLP6L5o9Z/J+ZP2bxf1b+mMV/sfwxi/+z88cs/s/JH7P4j8sfs/g/N3/M4v+8/DGL//Pzxyz+i+ePWfyXyB+z+L8gf8ziv2T+mMV/qfwxi/8L88cs/i/KH7P4vzh/zOL/kvwxi//S+WMW/5fmj1n8l8kfs/gvmz9m8V8uf8ziv3z+mMV/hfwxi/+K+WMW/5flj1n8V8ofs/ivnD9m8V8lf8ziv2r+mMX/5fljFv/V8scs/qvnj1n8X5E/ZvF/Zf6Yxf9V+WMW//H5Yxb/CfljFv+J+WMW/zXyxyz+a+aPWfzXyh+z+E/KH7P4T84fs/ivnT9m8V8nf8zi/+r8MYv/a/LHLP7r5o9Z/NfLH7P4r58/ZvF/bf6YxX+D/DGL/+vyxyz+G+aPWfw3yh+z+G+cP2bx3yR/zOL/+vwxi/+m+WMW/83yxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4v+2/DGL/+b5Yxb/LfLHLP5b5o9Z/N+eP2bx3yp/zOK/df6Yxf8d+WMW/23yxyz+78wfs/hvmz9m8X9X/pjF/935Yxb/7fLHLP7b549Z/HfIH7P475g/ZvF/T/6Yxf+9+WMW/53yxyz+78sfs/jvnD9m8X9//pjF/wP5Yxb/D+aPWfx3yR+z+O+aP2bx3y1/zOL/ofwxi/+H88cs/h/JH7P4fzR/zOL/sfwxi/+U/DGL/+75Yxb/PfLHLP4fzx+z+H8if8ziv2f+mMX/k/ljFv+98scs/p/KH7P4fzp/zOK/d/6YxX+f/DGL/775Yxb/z+SPWfw/mz9m8f9c/pjFf7/8MYv//vljFv/P549Z/A/IH7P4H5g/ZvH/Qv6Yxf+g/DGL/8H5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfwPyR+z+H8tf8zi//X8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfy/kT9m8T8hf8zif2L+mMX/pPwxi//J+WMW/1Pyxyz+38wfs/h/K3/M4n9q/pjF/7T8MYv/6fljFv8z8scs/t/OH7P4n5k/ZvE/K3/M4n92/pjF/zv5Yxb/7+aPWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL//fyxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/hfmD9m8b8of8zi/5P8MYv/xfljFv+f5o9Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv+r8scs/j/LH7P4/zx/zOL/i/wxi/8v88cs/lfnj1n8r8kfs/j/Kn/M4v/r/DGL/7X5Yxb/3+SPWfyvyx+z+F+fP2bxvyF/zOL/2/wxi/+N+WMW/5vyxyz+N+ePWfx/lz9m8f99/pjF/w/5Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/4/5Yxb/u/LHLP53549Z/P+UP2bxvyd/zOL/5/wxi/9f8scs/n/NH7P4/y1/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/Kfmj1n8H8ofs/g/nD9m8Z+WPybxn32QP2bxH8ofs/iPyh+z+M+WP2bxnz1/zOI/On/M4j9H/pjFf878MYv/XPljFv+588cs/vPkj1n8580fs/jPlz9m8Z8/f8zi/5T8MYv/AvljFv8x+WMW/wXzxyz+Y/PHLP4L5Y9Z/BfOH7P4PzV/zOL/tPwxi//T88cs/ovkj1n8n5E/ZvFfNH/M4v/M/DGL/7Pyxyz+i+WPWfyfnT9m8X9O/pjFf1z+mMX/ufljFv/n5Y9Z/J+fP2bxXzx/zOK/RP6Yxf8F+WMW/yXzxyz+S+WPWfxfmD9m8X9R/pjF/8X5Yxb/l+SPWfyXzh+z+L80f8ziv0z+mMV/2fwxi/9y+WMW/+Xzxyz+K+SPWfxXzB+z+L8sf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+L88fs/ivlj9m8V89f8zi/4r8MYv/K/PHLP6vyh+z+I/PH7P4T8gfs/hPzB+z+K+RP2bxXzN/zOK/Vv6YxX9S/pjFf3L+mMV/7fwxi/86+WMW/1fnj1n8X5M/ZvFfN3/M4r9e/pjFf/38MYv/a/PHLP4b5I9Z/F+XP2bx3zB/zOK/Uf6YxX/j/DGL/yb5Yxb/1+ePWfw3zR+z+G+WP2bxf0P+mMX/jfljFv835Y9Z/N+cP2bxf0v+mMX/rfljFv+35Y9Z/DfPH7P4b5E/ZvHfMn/M4v/2/DGL/1b5Yxb/rfPHLP7vyB+z+G+TP2bxf2f+mMV/2/wxi/+78scs/u/OH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/e/LHLP7vzR+z+O+UP2bxf1/+mMV/5/wxi//788cs/h/IH7P4fzB/zOK/S/6YxX/X/DGL/275Yxb/D+WPWfw/nD9m8f9I/pjF/6P5Yxb/j+WPWfyn5I9Z/HfPH7P475E/ZvH/eP6Yxf8T+WMW/z3zxyz+n8wfs/jvlT9m8f9U/pjF/9P5Yxb/vfPHLP775I9Z/PfNH7P4fyZ/zOL/2fwxi//n8scs/vvlj1n8988fs/h/Pn/M4n9A/pjF/8D8MYv/F/LHLP4H5Y9Z/A/OH7P4fzF/zOL/pfwxi/+X88cs/l/JH7P4fzV/zOJ/SP6Yxf9r+WMW/6/nj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bxPz5/zOL/jfwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+J+SP2bx/2b+mMX/W/ljFv9T88cs/qflj1n8T88fs/ifkT9m8f92/pjF/8z8MYv/WfljFv+z88cs/t/JH7P4fzd/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/L+XP2bx/37+mMX/B/ljFv8f5o9Z/H+UP2bx/3H+mMX/wvwxi/9F+WMW/5/kj1n8L84fs/j/NH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/hflT9m8f9Z/pjF/+f5Yxb/X+SPWfx/mT9m8b86f8zif03+mMX/V/ljFv9f549Z/K/NH7P4/yZ/zOJ/Xf6Yxf/6/DGL/w35Yxb/3+aPWfxvzB+z+N+UP2bxvzl/zOL/u/wxi//v88cs/n/IH7P435I/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8788cs/n/MH7P435U/ZvG/O3/M4v+n/DGL/z35Yxb/P+ePWfz/kj9m8f9r/pjF/2/5Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4j81f8zi/1D+mMX/4fwxi/+0/DGJ/+hB/pjFfyh/zOI/Kn/M4j9b/pjFf/b8MYv/6Pwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOI/X/6YxX/+/DGL/1Pyxyz+C+SPWfzH5I9Z/BfMH7P4j80fs/gvlD9m8V84f8zi/9T8MYv/0/LHLP5Pzx+z+C+SP2bxf0b+mMV/0fwxi/8z88cs/s/KH7P4L5Y/ZvF/dv6Yxf85+WMW/3H5Yxb/5+aPWfyflz9m8X9+/pjFf/H8MYv/EvljFv8X5I9Z/JfMH7P4L5U/ZvF/Yf6Yxf9F+WMW/xfnj1n8X5I/ZvFfOn/M4v/S/DGL/zL5Yxb/ZfPHLP7L5Y9Z/JfPH7P4r5A/ZvFfMX/M4v+y/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4vzx/zOK/Wv6YxX/1/DGL/yvyxyz+r8wfs/i/Kn/M4j8+f8ziPyF/zOI/MX/M4r9G/pjFf838MYv/WvljFv9J+WMW/8n5Yxb/tfPHLP7r5I9Z/F+dP2bxf03+mMV/3fwxi/96+WMW//Xzxyz+r80fs/hvkD9m8X9d/pjFf8P8MYv/RvljFv+N88cs/pvkj1n8X58/ZvHfNH/M4r9Z/pjF/w35Yxb/N+aPWfzflD9m8X9z/pjF/y35Yxb/t+aPWfzflj9m8d88f8ziv0X+mMV/y/wxi//b88cs/lvlj1n8t84fs/i/I3/M4r9N/pjF/535Yxb/bfPHLP7vyh+z+L87f8ziv13+mMV/+/wxi/8O+WMW/x3zn50WWvzfkz9m8X9v/pjFf6f8MYv/+/LHLP47549Z/N+fP2bx/0D+mMX/g/ljFv9d8scs/rvmj1n8d8sfs/h/KH/M4v/h/DGL/0fyxyz+H80fs/h/LH/M4j8lf8ziv3v+mMV/j/wxi//H88cs/p/IH7P475k/ZvH/ZP6YxX+v/DGL/6fyxyz+n84fs/jvnT9m8d8nf8ziv2/+mMX/M/ljFv/P5o9Z/D+XP2bx3y9/zOK/f/6Yxf/z+WMW/wPyxyz+B+aPWfy/kD9m8T8of8zif3D+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv9D8scs/l/LH7P4fz1/zOJ/aP6Yxf+w/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvE/Jn/M4n9s/pjF/7j8MYv/8fljFv9v5I9Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/N/PHLP7fyh+z+J+aP2bxPy1/zOJ/ev6Yxf+M/DGL/7fzxyz+Z+aPWfzPyh+z+J+dP2bx/07+mMX/u/ljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zi/738MYv/9/PHLP4/yB+z+P8wf8zi/6P8MYv/j/PHLP4X5o9Z/C/KH7P4/yR/zOJ/cf6Yxf+n+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/8/yxyz+P88fs/j/In/M4v/L/DGL/9X5Yxb/a/LHLP6/yh+z+P86f8zif23+mMX/N/ljFv/r8scs/tfnj1n8b8gfs/j/Nn/M4n9j/pjF/6b8MYv/zfljFv/f5Y9Z/H+fP2bx/0P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bx/2P+mMX/rvwxi//d+WMW/z/lj1n878kfs/j/OX/M4v+X/DGL/1/zxyz+f8sfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/6n5Yxb/h/LHLP4P549Z/Kflj0n85xjkj1n8h/LHLP6j8scs/rPlj1n8Z88fs/iPzh+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4PyV/zOK/QP6YxX9M/pjFf8H8MYv/2Pwxi/9C+WMW/4Xzxyz+T80fs/g/LX/M4v/0/DGL/yL5Yxb/Z+SPWfwXzR+z+D8zf8zi/6z8MYv/YvljFv9n549Z/J+TP2bxH5c/ZvF/bv6Yxf95+WMW/+fnj1n8F88fs/gvkT9m8X9B/pjFf8n8MYv/UvljFv8X5o9Z/F+UP2bxf3H+mMX/JfljFv+l88cs/i/NH7P4L5M/ZvFfNn/M4r9c/pjFf/n8MYv/CvljFv8V88cs/i/LH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/y/PHLP6r5Y9Z/FfPH7P4vyJ/zOL/yvwxi/+r8scs/uPzxyz+E/LHLP4T88cs/mvkj1n818wfs/ivlT9m8Z+UP2bxn5w/ZvFfO3/M4r9O/pjF/9X5Yxb/1+SPWfzXzR+z+K+XP2bxXz9/zOL/2vwxi/8G+WMW/9flj1n8N8wfs/hvlD9m8d84f8ziv0n+mMX/9fljFv9N88cs/pvlj1n835A/ZvF/Y/6Yxf9N+WMW/zfnj1n835I/ZvF/a/6Yxf9t+WMW/83zxyz+W+SPWfy3zB+z+L89f8ziv1X+mMV/6/wxi/878scs/tvkj1n835k/ZvHfNn/M4v+u/DGL/7vzxyz+2+WPWfy3zx+z+O+QP2bx3zF/zOL/nvwxi/9788cs/jvlj1n835c/ZvHfOX/M4v/+/DGL/wfyxyz+H8wfs/jvkj9m8d81f8ziv1v+mMX/Q/ljFv8P549Z/D+SP2bx/2j+mMX/Y/ljFv8p+WMW/93zxyz+e+SPWfw/nj9m8f9E/pjFf8/8MYv/J/PHLP575Y9Z/D+VP2bx/3T+mMV/7/wxi/8++WMW/33zxyz+n8kfs/h/Nn/M4v+5/DGL/375Yxb//fPHLP6fzx+z+B+QP2bxPzB/zOL/hfwxi/9B+WMW/4Pzxyz+X8wfs/h/KX/M4v/l/DGL/1fyxyz+X80fs/gfkj9m8f9a/pjF/+v5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/h/I3/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8v5k/ZvH/Vv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/L+dP2bxPzN/zOJ/Vv6Yxf/s/DGL/3fyxyz+380fs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/+/lj1n8v58/ZvH/Qf6Yxf+H+WMW/x/lj1n8f5w/ZvG/MH/M4n9R/pjF/yf5Yxb/i/PHLP4/zR+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/H+WP2bx/3n+mMX/F/ljFv9f5o9Z/K/OH7P4X5M/ZvH/Vf6Yxf/X+WMW/2vzxyz+v8kfs/hflz9m8b8+f8zif0P+mMX/t/ljFv8b88cs/jflj1n8b84fs/j/Ln/M4v/7/DGL/x/yxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOJ/R/6Yxf/O/DGL/x/zxyz+d+WPWfzvzh+z+P8pf8zif0/+mMX/z/ljFv+/5I9Z/P+aP2bx/1v+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+E/NH7P4P5Q/ZvF/OH/M4j8tf0ziP+cgf8ziP5Q/ZvEflT9m8Z8tf8ziP3v+mMV/dP6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/yn5Yxb/BfLHLP5j8scs/gvmj1n8x+aPWfwXyh+z+C+cP2bxf2r+mMX/afljFv+n549Z/BfJH7P4PyN/zOK/aP6Yxf+Z+WMW/2flj1n8F8sfs/g/O3/M4v+c/DGL/7j8MYv/c/PHLP7Pyx+z+D8/f8ziv3j+mMV/ifwxi/8L8scs/kvmj1n8l8ofs/i/MH/M4v+i/DGL/4vzxyz+L8kfs/gvnT9m8X9p/pjFf5n8MYv/svljFv/l8scs/svnj1n8V8gfs/ivmD9m8X9Z/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8X54/ZvFfLX/M4r96/pjF/xX5Yxb/V+aPWfxflT9m8R+fP2bxn5A/ZvGfmD9m8V8jf8ziv2b+mMV/rfwxi/+k/DGL/+T8MYv/2vljFv918scs/q/OH7P4vyZ/zOK/bv6YxX+9/DGL//r5Yxb/1+aPWfw3yB+z+L8uf8ziv2H+mMV/o/wxi//G+WMW/03yxyz+r88fs/hvmj9m8d8sf8zi/4b8MYv/G/PHLP5vyh+z+L85f8zi/5b8MYv/W/PHLP5vyx+z+G+eP2bx3yJ/zOK/Zf6Yxf/t+WMW/63yxyz+W+ePWfzfkT9m8d8mf8zi/878MYv/tvljFv935Y9Z/N+dP2bx3y5/zOK/ff6YxX+H/DGL/475Yxb/9+SPWfzfmz9m8d8pf8zi/778MYv/zvljFv/3549Z/D+QP2bx/2D+mMV/l/wxi/+u+WMW/93yxyz+H8ofs/h/OH/M4v+R/DGL/0fzxyz+H8sfs/hPyR+z+O+eP2bx3yN/zOL/8fwxi/8n8scs/nvmj1n8P5k/ZvHfK3/M4v+p/DGL/6fzxyz+e+ePWfz3yR+z+O+bP2bx/0z+mMX/s/ljFv/P5Y9Z/PfLH7P4758/ZvH/fP6Yxf+A/DGL/4H5Yxb/L+SPWfwPyh+z+B+cP2bx/2L+mMX/S/ljFv8v549Z/L+SP2bx/2r+mMX/kPwxi//X8scs/l/PH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zif3z+mMX/G/ljFv8T8scs/ifmj1n8T8ofs/ifnD9m8T8lf8zi/838MYv/t/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4v/t/DGL/5n5Yxb/s/LHLP5n549Z/L+TP2bx/27+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+H8vf8zi//38MYv/D/LHLP4/zB+z+P8of8zi/+P8MYv/hfljFv+L8scs/j/JH7P4X5w/ZvH/af6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4v+z/DGL/8/zxyz+v8gfs/j/Mn/M4n91/pjF/5r8MYv/r/LHLP6/zh+z+F+bP2bx/03+mMX/uvwxi//1+WMW/xvyxyz+v80fs/jfmD9m8b8pf8zif3P+mMX/d/ljFv/f549Z/P+QP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/P+YP2bxvyt/zOJ/d/6Yxf9P+WMW/3vyxyz+f84fs/j/JX/M4v/X/DGL/9/yxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6YxX9q/pjF/6H8MYv/w/ljFv9p+WMS/7kG+WMW/6H8MYv/qPwxi/9s+WMW/9nzxyz+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOL/qvwxi//4/DGL/4T8MYv/xPwxi/8a+WMW/zXzxyz+a+WPWfwn5Y9Z/Cfnj1n8184fs/ivkz9m8X91/pjF/zX5Yxb/dfPHLP7r5Y9Z/NfPH7P4vzZ/zOK/Qf6Yxf91+WMW/w3zxyz+G+WPWfw3zh+z+G+SP2bxf33+mMV/0/wxi/9m+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvF/W/6YxX/z/DGL/xb5Yxb/LfPHLP5vzx+z+G+VP2bx3zp/zOL/jvwxi/82+WMW/3fmj1n8t80fs/i/K3/M4v/u/DGL/3b5Yxb/7fPHLP475I9Z/HfMH7P4vyd/zOL/3vwxi/9O+WMW//flj1n8d84fs/i/P3/M4v+B/DGL/wfzxyz+u+SPWfx3zR+z+O+WP2bx/1D+mMX/w/ljFv+P5I9Z/D+aP2bx/1j+mMV/Sv6YxX/3/DGL/x75Yxb/j+ePWfw/kT9m8d8zf8zi/8n8MYv/XvljFv9P5Y9Z/D+dP2bx3zt/zOK/T/6YxX/f/DGL/2fyxyz+n80fs/h/Ln/M4r9f/pjFf//8MYv/5/PHLP4H5I9Z/A/MH7P4fyF/zOJ/UP6Yxf/g/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+h+SPWfy/lj9m8f96/pjF/9D8MYv/YfljFv/D88cs/kfkj1n8j8wfs/gflT9m8T86f8zif0z+mMX/2Pwxi/9x+WMW/+Pzxyz+38gfs/ifkD9m8T8xf8zif1L+mMX/5Pwxi/8p+WMW/2/mj1n8v5U/ZvE/NX/M4n9a/pjF//T8MYv/GfljFv9v549Z/M/MH7P4n5U/ZvE/O3/M4v+d/DGL/3fzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf97+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/x/nj1n8L8wfs/hflD9m8f9J/pjF/+L8MYv/T/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/VfljFv+f5Y9Z/H+eP2bx/0X+mMX/l/ljFv+r88cs/tfkj1n8f5U/ZvH/df6Yxf/a/DGL/2/yxyz+1+WPWfyvzx+z+N+QP2bx/23+mMX/xvwxi/9N+WMW/5vzxyz+v8sfs/j/Pn/M4v+H/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4v/H/DGL/135Yxb/u/PHLP5/yh+z+N+TP2bx/3P+mMX/L/ljFv+/5o9Z/P+WP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP5T88cs/g/lj1n8H84fs/hPyx+T+M89yB+z+A/lj1n8R+WPWfxnyx+z+M+eP2bxH50/ZvGfI3/M4j9n/pjFf678sZn8Z/9v9p87f8xy/s+TP2bxnzd/zOI/X/6YxX/+/DGL/1Pyxyz+C+SPWfzH5I9Z/BfMH7P4j80fs/gvlD9m8V84f8zi/9T8MYv/0/LHLP5Pzx+z+C+SP2bxf0b+mMV/0fwxi/8z88cs/s/KH7P4L5Y/ZvF/dv6Yxf85+WMW/3H5Yxb/5+aPWfyflz9m8X9+/pjFf/H8MYv/EvljFv8X5I9Z/JfMH7P4L5U/ZvF/Yf6Yxf9F+WMW/xfnj1n8X5I/ZvFfOn/M4v/S/DGL/zL5Yxb/ZfPHLP7L5Y9Z/JfPH7P4r5A/ZvFfMX/M4v+y/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4vzx/zOK/Wv6YxX/1/DGL/yvyxyz+r8wfs/i/Kn/M4j8+f8ziPyF/zOI/MX/M4r9G/pjFf838MYv/WvljFv9J+WMW/8n5Yxb/tfPHLP7r5I9Z/F+dP2bxf03+mMV/3fwxi/96+WMW//Xzxyz+r80fs/hvkD9m8X9d/pjFf8P8MYv/RvljFv+N88cs/pvkj1n8X58/ZvHfNH/M4r9Z/pjF/w35Yxb/N+aPWfzflD9m8X9z/pjF/y35Yxb/t+aPWfzflj9m8d88f8ziv0X+mMV/y/wxi//b88cs/lvlj1n8t84fs/i/I3/M4r9N/pjF/535Yxb/bfPHLP7vyh+z+L87f8ziv13+mMV/+/wxi/8O+WMW/x3zxyz+78kfs/i/N3/M4r9T/pjF/335Yxb/nfPHLP7vzx+z+H8gf8zi/8H8MYv/LvljFv9d88cs/rvlj1n8P5Q/ZvH/cP6Yxf8j+WMW/4/mj1n8P5Y/ZvGfkj9m8d89f8ziv0f+mMX/4/ljFv9P5I9Z/PfMH7P4fzJ/zOK/V/6Yxf9T+WMW/0/nj1n8984fs/jvkz9m8d83f8zi/5n8MYv/Z/PHLP6fyx+z+O+XP2bx3z9/zOL/+fwxi/8B+WMW/wPzxyz+X8gfs/gflD9m8T84f8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/IfljFv+v5Y9Z/L+eP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/N/LHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/5v5Yxb/b+WPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/b+WMW/zPzxyz+Z+WPWfzPzh+z+H8nf8zi/938MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8f9e/pjF//v5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/C/PHLP4X5Y9Z/H+SP2bxvzh/zOL/0/wxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf9n+WMW/5/nj1n8f5E/ZvH/Zf6Yxf/q/DGL/zX5Yxb/X+WPWfx/nT9m8b82f8zi/5v8MYv/dfljFv/r88cs/jfkj1n8f5s/ZvG/MX/M4n9T/pjF/+b8MYv/7/LHLP6/zx+z+P8hf8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+P8xf8zif1f+mMX/7vwxi/+f8scs/vfkj1n8/5w/ZvH/S/6Yxf+v+WMW/7/lj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi//U/DGL/0P5Yxb/h/PHLP7T8sck/vMM8scs/kP5Yxb/UfljFv/Z8scs/rPnj1n8R+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/J+SP2bxXyB/zOI/Jn/M4r9g/pjFf2z+mMV/ofwxi//C+WMW/6fmj1n8n5Y/ZvF/ev6YxX+R/DGL/zPyxyz+i+aPWfyfmT9m8X9W/pjFf7H8MYv/s/PHLP7PyR+z+I/LH7P4Pzd/zOL/vPwxi//z88cs/ovnj1n8l8gfs/i/IH/M4r9k/pjFf6n8MYv/C/PHLP4vyh+z+L84f8zi/5L8MYv/0vljFv+X5o9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv+X5Y9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/+X5Yxb/1fLHLP6r549Z/F+RP2bxf2X+mMX/VfljFv/x+WMW/wn5Yxb/ifljFv818scs/mvmj1n818ofs/hPyh+z+E/OH7P4r50/ZvFfJ3/M4v/q/DGL/2vyxyz+6+aPWfzXyx+z+K+fP2bxf23+mMV/g/wxi//r8scs/hvmj1n8N8ofs/hvnD9m8d8kf8zi//r8MYv/pvljFv/N8scs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOL/tvwxi//m+WMW/y3yxyz+W+aPWfzfnj9m8d8qf8ziv3X+mMX/HfljFv9t8scs/u/MH7P4b5s/ZvF/1z/6v/L/03H9H83i/+7Of8ziv13+mMV/+/wxi/8O+WMW/x3zxyz+78kfs/i/N3/M4r9T/pjF/335Yxb/nfPHLP7vzx+z+H8gf8zi/8H8MYv/LvljFv9d88cs/rvlj1n8P5Q/ZvH/cP6Yxf8j+WMW/4/mj1n8P5Y/ZvGfkj9m8d89f+y/13/a0Mz+e+SP/ff6P/b8/3j+mMX/E/ljFv8988cs/p/MH7P475U/ZvH/VP6Yxf/T+WMW/73zxyz+++SPWfz3zR+z+H8mf8zi/9n8MYv/5/LHLP775Y9Z/PfPH7P4fz5/zOJ/QP6Yxf/A/DGL/xfyxyz+B+WPWfwPzh+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8zif0j+mMX/a/ljFv+v549Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8T8+f8zi/438MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8f9m/pjF/1v5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvH/dv6Yxf/M/DGL/1n5Yxb/s/PHLP7fyR+z+H83f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfy/lz9m8f9+/pjF/wf5Yxb/H+aPWfx/lD9m8f9x/pjF/8L8MYv/RfljFv+f5I9Z/C/OH7P4/zR/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvH/Wf6Yxf/n+WMW/1/kj1n8f5k/ZvG/On/M4n9N/pjF/1f5Yxb/X+ePWfyvzR+z+P8mf8zif13+mMX/+vwxi/8N+WMW/9/mj1n8b8wfs/jflD9m8b85f8zi/7v8MYv/7/PHLP5/yB+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/x35Yxb/O/PHLP5/zB+z+N+VP2bxvzt/zOL/p/wxi/89+WMW/z/nj1n8/5I/ZvH/a/6Yxf9v+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOI/NX/M4v9Q/pjF/+H8MYv/tPwxif+8g/wxi/9Q/pjFf1T+mMV/tvwxi//s+WMW/9H5Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv+n5I9Z/BfIH7P4j8kfs/gvmD9m8R+bP2bxXyh/zOK/cP6Yxf+p+WMW/6flj1n8n54/ZvFfJH/M4v+M/DGL/6L5Yxb/Z+aPWfyflT9m8V8sf8zi/+z8MYv/c/LHLP7j8scs/s/NH7P4Py9/zOL//Pwxi//i+WMW/yXyxyz+L8gfs/gvmT9m8V8qf8zi/8L8MYv/i/LHLP4vzh+z+L8kf8ziv3T+mMX/pfljFv9l8scs/svmj1n8l8sfs/gvnz9m8V8hf8ziv2L+mMX/ZfljFv+V8scs/ivnj1n8V8kfs/ivmj9m8X95/pjFf7X8MYv/6vljFv9X5I9Z/F+ZP2bxf1X+mMV/fP6YxX9C/pjFf2L+mMV/jfwxi/+a+WMW/7Xyxyz+k/LHLP6T88cs/mvnj1n818kfs/i/On/M4v+a/DGL/7r5Yxb/9fLHLP7r549Z/F+bP2bx3yB/zOL/uvwxi/+G+WMW/43yxyz+G+ePWfw3yR+z+L8+f8ziv2n+mMV/s/wxi/8b8scs/m/MH7P4vyl/zOL/5vwxi/9b8scs/m/NH7P4vy1/zOK/ef6YxX+L/DGL/5b5Yxb/t+ePWfy3yh+z+G+dP2bxf0f+mMV/m/wxi/8788cs/tvmj1n835U/ZvF/d/6YxX+7/DGL//b5Yxb/HfLHLP475o9Z/N+TP2bxf2/+mMV/p/wxi//78scs/jvnj1n8358/ZvH/QP6Yxf+D+WMW/13yxyz+u+aPWfx3yx+z+H8of8zi/+H8MYv/R/LHLP4fzR+z+H8sf8ziPyV/zOK/e/6YxX+P/DGL/8fzxyz+n8gfs/jvmT9m8f9k/pjFf6/8MYv/p/LHLP6fzh+z+O+dP2bx3yd/zOK/b/6Yxf8z+WMW/8/mj1n8P5c/ZvHfL3/M4r9//pjF//P5Yxb/A/LHLP4H5o9Z/L+QP2bxPyh/zOJ/cP6Yxf+L+WMW/y/lj1n8v5w/ZvH/Sv6Yxf+r+WMW/0Pyxyz+X8sfs/h/PX/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/2/kj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/8388cs/t/KH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/t/PHLP5n5o9Z/M/KH7P4n50/ZvH/Tv6Yxf+7+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOL/vfwxi//388cs/j/IH7P4/zB/zOL/o/wxi/+P88cs/hfmj1n8L8ofs/j/JH/M4n9x/pjF/6f5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/z/LHLP4/zx+z+P8if8zi/8v8MYv/1fljFv9r8scs/r/KH7P4/zp/zOJ/bf6Yxf83+WMW/+vyxyz+1+ePWfxvyB+z+P82f8zif2P+mMX/pvwxi//N+WMW/9/lj1n8f58/ZvH/Q/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvH/Y/6Yxf+u/DGL/935Yxb/P+WPWfzvyR+z+P85f8zi/5f8MYv/X/PHLP5/yx+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/qfljFv+H8scs/g/nj1n8p+WPSfznG+SPWfyH8scs/qPyxyz+s+WPWfxnzx+z+I/OH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/g/JX/M4r9A/pjFf0z+mMV/wfwxi//Y/DGL/0L5Yxb/hfPHLP5PzR+z+D8tf8zi//T8MYv/IvljFv9n5I9Z/BfNH7P4PzN/zOL/rPwxi/9i+WMW/2fnj1n8n5M/ZvEflz9m8X9u/pjF/3n5Yxb/5+ePWfwXzx+z+C+RP2bxf0H+mMV/yfwxi/9S+WMW/xfmj1n8X5Q/ZvF/cf6Yxf8l+WMW/6Xzxyz+L80fs/gvkz9m8V82f8ziv1z+mMV/+fwxi/8K+WMW/xXzxyz+L8sfs/ivlD9m8V85f8ziv0r+mMV/1fwxi//L88cs/qvlj1n8V88fs/i/In/M4v/K/DGL/6vyxyz+4/PHLP4T8scs/hPzxyz+a+SPWfzXzB+z+K+VP2bxn5Q/ZvGfnD9m8V87f8ziv07+mMX/1fljFv/X5I9Z/NfNH7P4r5c/ZvFfP3/M4v/a/DGL/wb5Yxb/1+WPWfw3zB+z+G+UP2bx3zh/zOK/Sf6Yxf/1+WMW/03zxyz+m+WPWfzfkD9m8X9j/pjF/035Yxb/N+ePWfzfkj9m8X9r/pjF/235Yxb/zfPHLP5b5I9Z/LfMH7P4vz1/zOK/Vf6YxX/r/DGL/zvyxyz+2+SPWfzfmT9m8d82f8zi/678MYv/u/PHLP7b5Y9Z/LfPH7P475A/ZvHfMX/M4v+e/DGL/3vzxyz+O+WPWfzflz9m8d85f8zi//78MYv/B/LHLP4fzB+z+O+SP2bx3zV/zOK/W/6Yxf9D+WMW/w/nj1n8P5I/ZvH/aP6Yxf9j+WMW/yn5Yxb/3fPHLP575I9Z/D+eP2bx/0T+mMV/z/wxi/8n88cs/nvlj1n8P5U/ZvH/dP6YxX/v/DGL/z75Yxb/ffPHLP6fyR+z+H82f8zi/7n8MYv/fvljFv/988cs/p/PH7P4H5A/ZvE/MH/M4v+F/DGL/0H5Yxb/g/PHLP5fzB+z+H8pf8zi/+X8MYv/V/LHhv0Hg8GU/3b/r+aPWc7/Q/LHLP5fyx+z+H89f8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/b+SPWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/zfzxyz+38ofs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+388cs/mfmj1n8z8ofs/ifnT9m8f9O/pjF/7v5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4v+9/DGL//fzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+F+aPWfwvyh+z+P8kf8zif3H+mMX/p/ljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//P8scs/j/PH7P4/yJ/zOL/y/wxi//V+WMW/2vyxyz+v8ofs/j/On/M4n9t/pjF/zf5Yxb/6/LHLP7X549Z/G/IH7P4/zZ/zOJ/Y/6Yxf+m/DGL/835Yxb/3+WPWfx/nz9m8f9D/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8f9j/pjF/678MYv/3fljFv8/5Y9Z/O/JH7P4/zl/zOL/l/wxi/9f88cs/n/LH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+p+WMW/4fyxyz+D+ePWfyn5Y9J/Ocf5I9Z/Ifyxyz+o/LHLP6z5Y9Z/GfPH7P4j84fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+8+WPWfznzx+z+D8lf8ziv0D+mMV/TP6YxX/B/DGL/9j8MYv/QvljFv+F88cs/k/NH7P4Py1/zOL/9Pwxi/8i+WMW/2fkj1n8F80fs/g/M3/M4v+s/DGL/2L5Yxb/Z+ePWfyfkz9m8R+XP2bxf27+mMX/efljFv/n50/tPpD4L54/Zjn/l8gfs/i/IH/M4r9k/pjFf6n8MYv/C/PHLP4vyh+z+L84f8zi/5L8MYv/0vljFv+X5o9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv+X5Y9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/+X5Yxb/1fLHLP6r549Z/F+RP2bxf2X+mMX/VfljFv/x+WMW/wn5Yxb/ifljFv818scs/mvmj1n818ofs/hPyh+z+E/OH7P4r50/ZvFfJ3/M4v/q/DGL/2vyxyz+6+aPWfzXyx+z+K+fP2bxf23+mMV/g/wxi//r8scs/hvmj1n8N8ofs/hvnD9m8d8kf8zi//r8MYv/pvljFv/N8scs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOL/tvwxi//m+WMW/y3yxyz+W+aPWfzfnj9m8d8qf8ziv3X+mMX/HfljFv9t8scs/u/MH7P4b5s/ZvF/V/6Yxf/d+WMW/+3yxyz+2+ePWfx3yB+z+O+YP2bxf0/+mMX/vfljFv+d8scs/u/LH7P475w/ZvF/f/6Yxf8D+WMW/w/mj1n8d8kfs/jvmj9m8d8tf8zi/6H8MYv/h/PHLP4fyR+z+H80f8zi/7H8MYv/lPwxi//u+WMW/z3yxyz+H88fs/h/In/M4r9n/pjF/5P5Yxb/vfLHLP6fyh+z+H86f8ziv3f+mMV/n/wxi/+++WMW/8/kj1n8P5s/ZvH/XP6YxX+//DGL//75Yxb/z+ePWfwPyB+z+B+YP2bx/0L+mMX/oPwxi//B+WMW/y/K/ed4nOUW/y/J/R8vi/+X88cs/l/JH7P4fzV/zOJ/SP6Yxf9r+WMW/6/nj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bxPz5/zOL/jfwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+J+SP2bx/2b+mMX/W/ljFv9T88cs/qflj1n8T88fs/ifkT9m8f92/pjF/8z8MYv/WfljFv+z88cs/t/JH7P4fzd/zOJ/Tv7TO+TWsdvN9NLif27+mMX/vPwxi//5+WMW/wvyxyz+38sfs/h/P3/M4v+D/DGL/w/zxyz+P8ofs/j/OH/M4n9h/pjF/6L8MYv/T/LHLP4X549Z/H+aP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4/yx/zOL/8/wxi/8v8scs/r/MH7P4X50/ZvG/Jn/M4v+r/DGL/6/zxyz+1+aPWfx/kz9m8b8uf8zif33+mMX/hvwxi/9v88cs/jfmj1n8b8ofs/jfnD9m8f9d/pjF//f5Yxb/P+SPWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/P+aPWfzvyh+z+N+dP2bx/1P+mMX/nvwxi/+f88cs/n/JH7P4/zV/zOL/t/wxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxn5o/ZvF/KH/M4v9w/pjFf1r+mMT/KYP8MYv/UP6YxX9U/pjFf7b8MYv/7PljFv/R+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/p+SPWfwXyB+z+I/JH7P4L5g/ZvEfmz9m8V8of8ziv3D+mMX/qfljFv+n5Y9Z/J+eP2bxXyR/zOL/jPwxi/+i+WMW/2fmj1n8n5U/ZvFfLH/M4v/s/DGL/3Pyxyz+4/LHLP7PzR+z+D8vf8zi//z8MYv/4vljFv8l8scs/i/IH7P4L5k/ZvFfKn/M4v/C/DGL/4vyxyz+L84fs/i/JH/M4r90/pjF/6X5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvFfIX/M4r9i/pjF/2X5Yxb/lfLHLP4r5/+YZsyNxX+V/DGL/6r5Yxb/l+ePWfxXyx+z+K+eP2bxf0X+mMX/lfljFv9X5Y9Z/Mfnj1n8J+SPWfwn5o9Z/NfIH7P4r5k/ZvFfK3/M4j8pf8ziPzl/zOK/dv6YxX+d/DGL/6vzxyz+r8kfs/ivmz9m8V8vf8ziv37+mMX/tfljFv8N8scs/q/LH7P4b5g/ZvHfKH/M4r9x/pjFf5P8MYv/6/PHLP6b5o9Z/DfLH7P4vyF/zOL/xvwxi/+b8scs/m/OH7P4vyV/zOL/1vwxi//b8scs/pvnj1n8t8gfs/hvmT9m8X97/pjFf6v8MYv/1vljFv935I9Z/LfJH7P4vzN/zOK/bf6Yxf9d+WMW/3fnj1n8t8sfs/hvnz9m8d8hf8ziv2P+mMX/PfljFv/35o9Z/HfKH7P4vy9/zOK/c/6Yxf/9+WMW/w/kj1n8P5g/ZvHfJX/M4r9r/pjFf7f8MYv/h/LHLP4fzh+z+H8kf8zi/9H8MYv/x/LHLP5T8scs/rvnj1n898gfs/h/PH/M4v+J/DGL/575Yxb/T+aPWfz3yh+z+H8qf8zi/+n8MYv/3vljFv998scs/vvmj1n8P5M/ZvH/bP6Yxf9z+WMW//3yxyz+++ePWfw/nz9m8T8gf8zif2D+mMX/C/ljFv+D8scs/gfnj1n8v5g/ZvH/Uv6Yxf/L+WMW/6/kj1n8v5o/ZvE/JH/M4v+1/DGL/9fzxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvH/Rv6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4fzN/zOL/rfwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+H87f8zif2b+mMX/rPwxi//Z+WMW/+/kj1n8v5s/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/t/LH7P4fz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOJ/Yf6Yxf+i/DGL/0/yxyz+F+ePWfx/mj9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+P8sf8zi//P8MYv/L/LHLP6/zB+z+F+dP2bxvyZ/zOL/q/wxi/+v88cs/tfmj1n8f5M/ZvG/Ln/M4n99/pjF/4b8MYv/b/PHLP435o9Z/G/KH7P435w/ZvH/Xf6Yxf/3+WMW/z/kj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/z/mj1n878ofs/jfnT9m8f9T/pjF/578MYv/n/PHLP5/yR+z+P81f8zi/7f8MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8Z+aP2bxfyh/zOL/cP6YxX9a/pjEf4FB/pjFfyh/zOI/Kn/M4j9b/pjFf/b8MYv/6Pwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOI/X/6YxX/+/DGL/1Pyxyz+C+SPWfzH5I9Z/BfMH7P4j80fs/gvlD9m8V84f8zi/9T8MYv/0/LHLP5Pzx+z+C+SP2bxf0b+mMV/0fwxi/8z88cs/s/KH7P4L5Y/ZvF/dv6Yxf85+WMW/3H5Yxb/5+aPWfyflz9m8X9+/pjFf/H8MYv/EvljFv8X5I9Z/JfMH7P4L5U/ZvF/Yf6Yxf9F+WMW/xfnj1n8X5I/ZvFfOn/M4v/S/DGL/zL5Yxb/ZfPHLP7L5Y9Z/JfPH7P4r5A/ZvFfMX/M4v+y/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4vzx/zOK/Wv6YxX/1/DGL/yvyxyz+r8wfs/i/Kn/M4j8+f8ziPyF/zOI/MX/M4r9G/pjFf838MYv/WvljFv9J+WMW/8n5Yxb/tfPHLP7r5I9Z/F+dP2bxf03+mMV/3fwxi/96+WMW//Xzxyz+r80fs/hvkD9m8X9d/pjFf8P8MYv/RvljFv+N88cs/pvkj1n8X58/ZvHfNH/M4r9Z/pjF/w35Yxb/N+aPWfzflD9m8X9z/pjF/y35Yxb/t+aPWfzflj9m8d88f8ziv0X+mMV/y/wxi//b88cs/lvlj1n8t84fs/i/I3/M4r9N/pjF/535Yxb/bfPHLP7vyh+z+L87f8ziv13+mMV/+/wxi/8O+WMW/x3zxyz+78kfs/i/N3/M4r9T/pjF/335Yxb/nfPHLP7vzx+z+H8gf8zi/8H8MYv/LvljFv9d88cs/rvlj1n8P5Q/ZvH/cP6Yxf8j+WMW/4/mj1n8P5Y/ZvGfkj9m8d89//8f+/TQBIiBAGF0Zz27wcS2bdu2bdtOqmLbtm3btm3bvuTYv2D6vVPfv+qopf/e+kct/ffRP2rpv6/+UUv//fSPWvrvr3/U0v8A/aOW/gfqH7X0P0j/qKX/wfpHLf0P0T9q6X+o/lFL/8P0j1r6H65/1NL/CP2jlv5H6h+19D9K/6il/9H6Ry39j9E/aul/rP5RS//j9I9a+h+vf9TS/wT9o5b+J+oftfQ/Sf+opf/J+kct/U/RP2rpf6r+UUv/0/SPWvqfrn/U0v8M/aOW/mfqH7X0P0v/qKX/2fpHLf3P0T9q6X+u/lFL//P0j1r6n69/1NL/Av2jlv4X6h+19L9I/6il/8X6Ry39L9E/aul/qf5RS//L9I9a+l+uf9TS/wr9o5b+V+oftfS/Sv+opf/V+kct/a/RP2rpf63+UUv/6/SPWvpfr3/U0v8G/aOW/jfqH7X0v0n/qKX/zfpHLf1v0T9q6X+r/lFL/9v0j1r6365/1NL/Dv2jlv536h+19L9L/6il/936Ry3979E/aul/r/5RS//79I9a+t+vf9TS/wH9o5b+D+oftfR/SP+opf/D+kct/R/RP2rp/6j+UUv/x/SPWvo/rn/U0v8J/aOW/k/qH7X0f0r/qKX/0/pHLf2f0T9q6f+s/lFL/+f0j1r6P69/1NL/Bf2jlv4v6h+19H9J/6il/8v6Ry39X9E/aun/qv5RS//X9I9a+r+uf9TS/w39o5b+b+oftfR/S/+opf/b+kct/d/RP2rp/67+UUv/9/SPWvq/r3/U0v8D/aOW/h/qH7X0/0j/qKX/x/pHLf0/0T9q6f+p/lFL/8/0j1r6f65/1NL/C/2jlv5f6h+19P9K/6il/9f6Ry39v9E/aun/rf5RS//v9I9a+n+vf9TS/wf9o5b+P+oftfT/Sf+opf/P+kct/X/RP2rp/6v+UUv/3/SPWvr/rn/U0v8P/aOS/oP+pn/U0n+A/lFL/7/rH7X0/4f+UUv/f+oftfT/l/5RS/9/6x+19P+P/lFL///qH7X0H6h/1NL/f/pHLf3/r3/U0n8I/aOW/kPqH7X0H0r/qKX/0PpHLf0H6R+19B9G/6il/7D6Ry39h9M/auk/vP5RS/8R9I9a+o+of9TSfyT9o5b+I+sftfQfRf+opf+o+kct/UfTP2rpP7r+UUv/MfSPWvqPqX/U0n8s/aOW/mPrH7X0H0f/qKX/uPpHLf3H0z9q6T++/lFL/wn0j1r6T6h/1NJ/Iv2jlv4T6x+19J9E/6il/6T6Ry39J9M/auk/uf5RS/8p9I9a+k+pf9TSfyr9o5b+U+sftfSfRv+opf+0+kct/afTP2rpP73+UUv/GfSPWvrPqH/U0n8m/aOW/jPrH7X0n0X/qKX/rPpHLf1n0z9q6T+7/lFL/zn0j1r6z6l/1NJ/Lv2jlv5z6x+19J9H/6il/7z6Ry3959M/auk/v/5RS/8F9I9a+i+of9TSfyH9o5b+C+sftfRfRP+opf+i+kct/RfTP2rpv7j+UUv/JfSPWvovqX/U0n8p/aOW/kvrH7X0X0b/qKX/svpHLf2X0z9q6b+8/lFL/xX0j1r6r6h/1NJ/Jf2jlv4r6x+19F9F/6il/6r6Ry39V9M/aum/uv5RS/819I9a+q+pf9TSfy39o5b+a+sftfRfR/+opf+6+kct/dfTP2rpv77+UUv/DfSPWvpvqH/U0n8j/aOW/hvrH7X030T/qKX/pvpHLf030z8aMPCvMZj331z/qOX/W+gftfTfUv+opf9W+kct/bfWP2rpv43+UUv/bfWPWvpvp3/U0n97/aOW/jvoH7X031H/qKX/TvpHLf131j9q6b+L/lFL/131j1r676Z/1NJ/d/2jlv576B+19N9T/6il/176R4NdfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTfbuNrbMs/Dh+d1vH2J9/MuKCy9BkkwuFRJjtHjJeEDYZ2+qgG89jgKNbu7HRbrPrsCvgHl5MIoQHSSZZokTZMpQwExqJgWAFEQ26qIkGHwBRiKJxIgTdEhdrTnta2mPXeK56XYvy+bzoOfd99ru3NfnuvhcYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+9GhoXHhlfM+zU+KEHHzzc0vc65+jKmw/8tufCgdfyx8tGuOS4oQe9vb29c56bvaN8eEpRFKWfbWf5eFLluHT9nfVf6Ow/Cgt6XlpyfMrPG48cWHP6I3XdR++v7TtbW9y0bkNry8fGFUW4uLboLB3U1RRFWFxb3Fc6qC8dLKktHikdzO47OLX4dung/LWbW5tLJ5ZGf8/gf0VD485i/LBii2F/Ggztf2f9t+4ceB3lkgNXm1CU+7+i6/tvVXw24AT9D1w/LKzsv+rfIHBC1fX/woKB11Eu+S/3/8lPrXplpM9O3P/A9cPH9Q/pjPD8P6zRyuf+iuf/GSNccnB/VU3X8VL/l9727MzyqQn/zvP/u9cPF1f2P27Y83/pOX7RwPP/KUURLhnjtwPeUxoadx0Z7f4/ev8Tpldsaob2f0b75v2l/h9f8r0nyqdqq+x/0Sj3/3FLK36tQHUaGr/cW3H/r6L/4iMjXHKw/7ef+PXDpf4f+/0DZw75rJr+L6nsf1ZH25ZZW7d3nbehrWl9y/qWTXWz58+ZV18374K5s/oeCfq/jvG7Au8NY7v/F5MrNjVF0TK4v6b7wNOl/uc++OCc8qlJVfa/eNT7/wz3fxjRh8YVEycWnU0dHe11/V8HDuv7v/b/sBH6r+Lv/2edU/5hteXXmqKYNri/68y7V5T6f+fQs7vLpyZW2f+SUftfMPjzAhHGeP9vrtgM6//goZf6nv+X3XvwjPKpav/+v3TU/l91/4exaGis+B9+/sNK/e8qLovsNDT473+QTo7+H3vnhp64dfiE/iGdHP3/7nNHz41bh2X6h3Ry9D9h4wPPx63DpfqHdHL0v3zq/BVx63CZ/iGdHP2vffXcP8etQ6P+IZ0c/Z/zpd2dceuwXP+QTo7+H2qfsy1uHVboH9LJ0f9PT3votbh1uFz/kE6O/o8du+fGuHW4Qv+QTo7+u/ec/YO4dbhS/5BOjv4vX7cwxK3DVfqHdHL0P33aHx+PW4er9Q/p5Oh/3p/+flrcOlyjf0gnR/93fH7Fvrh1uFb/kE6O/sdf/8qLceuwUv+QTo7+l569bWHcOlynf0gnR//NP2nujVuHVfqHdHL0P+vrP9oQtw7X6x/SydH/4eWP7olbhxv0D+nk6H9PXTElbh1u1D+kk6P/r3339ENx6/BJ/UM6Ofr/zVNPzo9bh9X6h3Ry9P/cB27/Rtw63KR/SCdH//euefGsuHVo0j+kk6P/h/c+/8W4dVijf0gnR/9vvNH2f3HrsFb/kE6O/idPOvX1uHVo1j+kk6P/hbd+pT1uHVr0D+nk6L9td/cP49Zhnf4hnRz9f/j4tFVx67Be/5BOjv5Xzt37/rh1uFn/kE6O/t+37MJdceuwQf+QTo7+L+r56EVx67BR/5BOjv47nvnsV+PW4Rb9Qzo5+t8787XFcevQqn9IJ0f/L69e+uO4dWjTP6STo/+3Hr1uU9w6bNI/pJOj/yd/9vaxuHXYrH9IJ0f//3/Bor/GrcMW/UM6OfpfvOTNtXHr8Cn9Qzo5+t/Y/Y+X49ahXf+QTo7+Zx6+elncOmzVP6STo//vnFe3P24dOvQP6eTo/84r99XHrcM2/UM6Ofrff/Cuu+PW4Vb9Qzo5+n/zFzOmx63Dp/UP6eTo//4ph66NW4dO/UM6Ofr/5abaZ+LWYbv+IZ0c/f9t39QdcevQpX9IJ0f/T7/e84e4dbhN/5BOjv5XT/jVxLh1uF3/kE6O/qd2bbkvbh3u0D+kk6P/+fc0nR+3Dp/RP6STo/+tf3nhm3HrsEP/kM7W7V23NLW2trR744033gy+Odl/MgGpvRv9yf6VAAAAAAAAAAAAAAAAJ5LjnxOd7N8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD/ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCwAAAAAI87cOoncDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgKwAA//8ZLeDr")
open_by_handle_at(r0, &(0x7f0000000000)=@fuse_with_parent={0x12, 0x82, {{0x80, 0x6, 0x6}, {0x2, 0xa2, 0x8}}}, 0x400)

363.331135ms ago: executing program 0 (id=6059):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x4, 0x5, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x1, 0x17, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1ffffc}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x7, 0x1, 0xb, 0x9, 0x0, 0x20}}, {{0x6, 0x0, 0x6, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x5, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2}, {0x85, 0x0, 0x17, 0xb5}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

310.344549ms ago: executing program 1 (id=6060):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newlink={0x4c, 0x10, 0x49920d862a92153b, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x90}, @IFLA_BR_MCAST_QUERY_RESPONSE_INTVL={0xc, 0x22, 0x80401}]}}}]}, 0x4c}}, 0x40c0)

117.516912ms ago: executing program 0 (id=6061):
r0 = openat$sequencer2(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)="f093b9273f4c03fdff0011b7", 0xc}], 0x1)

0s ago: executing program 1 (id=6062):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt(r0, 0x0, 0x1, 0x0, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

: 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  443.707988][ T5813] snd_usb_pod: probe of 2-1:1.1 failed with error -71
[  443.731749][ T5813] usb 2-1: USB disconnect, device number 20
[  444.002867][T18968] loop3: detected capacity change from 0 to 1764
[  444.433512][T19006] loop0: detected capacity change from 0 to 128
[  444.476363][T19006] FAT-fs (loop0): Directory bread(block 32) failed
[  444.486464][T19006] FAT-fs (loop0): Directory bread(block 33) failed
[  444.493152][T19006] FAT-fs (loop0): Directory bread(block 34) failed
[  444.511694][T19006] FAT-fs (loop0): Directory bread(block 35) failed
[  444.520667][T19006] FAT-fs (loop0): Directory bread(block 36) failed
[  444.529104][T19006] FAT-fs (loop0): Directory bread(block 37) failed
[  444.536152][T19006] FAT-fs (loop0): Directory bread(block 38) failed
[  444.542820][T19006] FAT-fs (loop0): Directory bread(block 39) failed
[  444.549985][T19006] FAT-fs (loop0): Directory bread(block 40) failed
[  444.559593][T19006] FAT-fs (loop0): Directory bread(block 41) failed
[  444.613936][    T8] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  444.664146][ T5761] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  444.705539][T19006] FAT-fs (loop0): Filesystem has been set read-only
[  444.782401][T19020] set match dimension is over the limit!
[  444.804067][    T8] usb 4-1: Using ep0 maxpacket: 16
[  444.817059][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  444.833790][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 41692, setting to 1024
[  444.865441][ T5761] usb 3-1: unable to get BOS descriptor or descriptor too short
[  444.875468][ T5761] usb 3-1: config 129 has an invalid interface number: 135 but max is 0
[  444.890780][ T5761] usb 3-1: config 129 has an invalid interface number: 5 but max is 0
[  444.906446][    T8] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  444.916058][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  444.925211][ T5761] usb 3-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  444.937318][    T8] usb 4-1: Product: syz
[  444.941546][    T8] usb 4-1: Manufacturer: syz
[  444.946423][ T5761] usb 3-1: config 129 has no interface number 0
[  444.952842][ T5761] usb 3-1: config 129 has no interface number 1
[  444.959532][    T8] usb 4-1: SerialNumber: syz
[  444.965900][ T5761] usb 3-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  444.982137][    T8] usb 4-1: config 0 descriptor??
[  444.987793][ T5761] usb 3-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[  445.001748][    T8] hub 4-1:0.0: bad descriptor, ignoring hub
[  445.008938][ T5761] usb 3-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  445.024939][    T8] hub: probe of 4-1:0.0 failed with error -5
[  445.039172][    T8] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input30
[  445.049768][ T5761] usb 3-1: config 129 interface 135 has no altsetting 0
[  445.058538][ T5761] usb 3-1: config 129 interface 5 has no altsetting 0
[  445.077422][ T5761] usb 3-1: string descriptor 0 read error: -22
[  445.095183][ T5761] usb 3-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00
[  445.104987][ T5761] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.131310][ T5761] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[  445.152228][ T5761] usb 3-1: MIDIStreaming interface descriptor not found
[  445.392004][   T23] usb 4-1: USB disconnect, device number 26
[  445.435907][ T5813] usb 3-1: USB disconnect, device number 23
[  445.505686][   T27] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  445.692863][T19096] loop1: detected capacity change from 0 to 4096
[  445.702207][T19096] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  445.718132][   T27] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  445.730389][   T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.740249][   T27] usb 1-1: Product: syz
[  445.747609][   T27] usb 1-1: Manufacturer: syz
[  445.752655][   T27] usb 1-1: SerialNumber: syz
[  445.772106][   T27] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  445.791840][T19096] ntfs3: loop1: Failed to initialize $Secure (-22).
[  445.800276][   T23] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  445.998921][T19106] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  446.039968][T19106] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  446.285028][T19123] netlink: 'syz.2.4640': attribute type 1 has an invalid length.
[  446.293010][T19123] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.4640'.
[  446.335143][ T5813] usb 1-1: USB disconnect, device number 33
[  446.506348][T19132] loop3: detected capacity change from 0 to 4096
[  446.527150][T19132] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  446.608505][T19132] ntfs3: loop3: Failed to initialize $Secure (-22).
[  446.756241][T19151] loop2: detected capacity change from 0 to 256
[  446.772797][T19151] exfat: Deprecated parameter 'utf8'
[  446.780772][T19151] exfat: Deprecated parameter 'utf8'
[  446.798818][T19151] exfat: Deprecated parameter 'utf8'
[  446.834506][T19151] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  446.847569][   T23] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  446.865813][   T23] ath9k_htc: Failed to initialize the device
[  446.893469][ T5813] usb 1-1: ath9k_htc: USB layer deinitialized
[  447.275011][T19186] loop1: detected capacity change from 0 to 512
[  447.359485][T19186] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  447.404063][T19186] ext4 filesystem being mounted at /1166/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  447.527241][T19186] EXT4-fs error (device loop1): ext4_xattr_block_get:597: inode #15: comm syz.1.4657: corrupted xattr block 33: invalid header
[  447.602092][T19186] fscrypt (loop1, inode 15): Error -117 getting encryption context
[  447.716579][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.841606][T19227] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4668'.
[  448.724180][ T5761] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  448.793464][T19300] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.4691'.
[  448.830501][T19299] loop1: detected capacity change from 0 to 2048
[  448.858058][T19299] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  448.890834][T19299] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh
[  448.913140][ T5761] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  448.943855][ T5761] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  448.975935][ T5761] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  449.011522][ T5761] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.054858][ T5761] usb 3-1: config 0 descriptor??
[  449.280353][ T5761] ath6kl: Failed to submit usb control message: -71
[  449.295606][ T5761] ath6kl: unable to send the bmi data to the device: -71
[  449.305184][ T5761] ath6kl: Unable to send get target info: -71
[  449.321685][ T5761] ath6kl: Failed to init ath6kl core: -71
[  449.334811][ T5761] ath6kl_usb: probe of 3-1:0.0 failed with error -71
[  449.373281][ T5761] usb 3-1: USB disconnect, device number 24
[  449.610829][T19320] loop1: detected capacity change from 0 to 32768
[  449.627775][T19320] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 scanned by syz.1.4695 (19320)
[  449.644039][   T23] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  449.689818][T19320] BTRFS info (device loop1): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  449.705551][T19320] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  449.716171][T19320] BTRFS info (device loop1): enabling disk space caching
[  449.724198][T19320] BTRFS info (device loop1): force clearing of disk cache
[  449.731993][T19320] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  449.744647][T19320] BTRFS info (device loop1): use zstd compression, level 3
[  449.753470][T19320] BTRFS info (device loop1): disk space caching is enabled
[  449.832824][T19320] BTRFS info (device loop1): enabling ssd optimizations
[  449.841405][T19320] BTRFS info (device loop1): auto enabling async discard
[  449.855750][   T23] usb 1-1: unable to get BOS descriptor or descriptor too short
[  449.865127][   T23] usb 1-1: config 129 has an invalid interface number: 135 but max is 0
[  449.873558][   T23] usb 1-1: config 129 has an invalid interface number: 5 but max is 0
[  449.881947][   T23] usb 1-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  449.891036][T19320] BTRFS info (device loop1): rebuilding free space tree
[  449.899177][   T23] usb 1-1: config 129 has no interface number 0
[  449.905617][   T23] usb 1-1: config 129 has no interface number 1
[  449.911946][   T23] usb 1-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  449.925357][   T23] usb 1-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[  449.936784][   T23] usb 1-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  449.950876][   T23] usb 1-1: config 129 interface 135 has no altsetting 0
[  449.958089][   T23] usb 1-1: config 129 interface 5 has no altsetting 0
[  449.968367][   T23] usb 1-1: string descriptor 0 read error: -22
[  449.974800][   T23] usb 1-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00
[  449.985526][T19320] BTRFS info (device loop1): disabling free space tree
[  450.002065][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.019884][T19320] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  450.040539][T19320] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  450.097376][   T23] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  450.125987][   T23] usb 1-1: MIDIStreaming interface descriptor not found
[  450.274743][ T5774] BTRFS info (device loop1): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  450.308812][   T23] usb 1-1: USB disconnect, device number 34
[  451.040614][T19388] loop2: detected capacity change from 0 to 32768
[  451.057436][T19431] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.4712'.
[  451.076352][T19388] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.4706 (19388)
[  451.082795][T19433] loop3: detected capacity change from 0 to 512
[  451.166777][T19388] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  451.183853][T19388] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  451.195656][T19433] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  451.225709][T19388] BTRFS info (device loop2): force clearing of disk cache
[  451.259837][T19388] BTRFS info (device loop2): metadata ratio 0
[  451.283991][T19433] ext4 filesystem being mounted at /1187/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  451.301848][T19388] BTRFS info (device loop2): enabling ssd optimizations
[  451.343218][T19388] BTRFS info (device loop2): using spread ssd allocation scheme
[  451.380928][T19388] BTRFS info (device loop2): using free space tree
[  451.465257][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.679351][T19388] BTRFS info (device loop2): auto enabling async discard
[  451.722711][T19388] BTRFS info (device loop2): rebuilding free space tree
[  452.001834][T19492] loop3: detected capacity change from 0 to 2048
[  452.069768][ T5771] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  452.097434][T19492] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  452.372843][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  452.649446][T19528] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4733'.
[  452.659592][T19528] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4733'.
[  452.668926][T19528] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4733'.
[  453.163546][T19557] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4742'.
[  454.217278][T19637] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4768'.
[  454.432223][T19651] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4773'.
[  455.088514][T19699] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4789'.
[  455.298140][T19713] netlink: 72 bytes leftover after parsing attributes in process `syz.1.4794'.
[  455.495323][T19729] loop1: detected capacity change from 0 to 256
[  455.549644][T19732] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4800'.
[  455.578859][T19732] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4800'.
[  455.590820][T19729] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[  456.284483][    T8] usb 2-1: new full-speed USB device number 21 using dummy_hcd
[  456.349239][T19790] loop0: detected capacity change from 0 to 256
[  456.439479][T19790] FAT-fs (loop0): Directory bread(block 64) failed
[  456.459896][T19790] FAT-fs (loop0): Directory bread(block 65) failed
[  456.474726][T19790] FAT-fs (loop0): Directory bread(block 66) failed
[  456.483600][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 10
[  456.501062][T19790] FAT-fs (loop0): Directory bread(block 67) failed
[  456.508419][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  456.519289][T19790] FAT-fs (loop0): Directory bread(block 68) failed
[  456.526839][T19790] FAT-fs (loop0): Directory bread(block 69) failed
[  456.533487][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10
[  456.545517][T19790] FAT-fs (loop0): Directory bread(block 70) failed
[  456.552115][T19790] FAT-fs (loop0): Directory bread(block 71) failed
[  456.558898][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  456.569426][T19790] FAT-fs (loop0): Directory bread(block 72) failed
[  456.582496][T19802] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4821'.
[  456.588223][    T8] usb 2-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  456.601824][T19790] FAT-fs (loop0): Directory bread(block 73) failed
[  456.621696][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.638261][    T8] usb 2-1: Product: syz
[  456.642632][    T8] usb 2-1: Manufacturer: syz
[  456.647869][    T8] usb 2-1: SerialNumber: syz
[  456.655351][    T8] usb 2-1: config 0 descriptor??
[  456.906052][T19816] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4826'.
[  456.928581][    T8] adutux 2-1:0.0: Could not retrieve serial number
[  456.945879][    T8] adutux: probe of 2-1:0.0 failed with error -5
[  457.171287][ T5813] usb 2-1: USB disconnect, device number 21
[  457.382401][T19851] devtmpfs: Cannot enable quota on remount
[  457.559651][T19833] loop3: detected capacity change from 0 to 32768
[  457.576423][T19833] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by syz.3.4830 (19833)
[  457.607899][T19833] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  457.621735][T19833] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  457.635354][T19833] BTRFS info (device loop3): enabling disk space caching
[  457.643402][T19833] BTRFS info (device loop3): force clearing of disk cache
[  457.660527][T19833] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  457.671385][T19833] BTRFS info (device loop3): use zstd compression, level 3
[  457.680940][T19833] BTRFS info (device loop3): disk space caching is enabled
[  457.790852][T19878] loop1: detected capacity change from 0 to 128
[  457.839244][T19833] BTRFS info (device loop3): enabling ssd optimizations
[  457.846932][T19878] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1)
[  457.873777][T19833] BTRFS info (device loop3): auto enabling async discard
[  457.883213][T19833] BTRFS info (device loop3): rebuilding free space tree
[  457.919094][T19833] BTRFS info (device loop3): disabling free space tree
[  457.926718][T19833] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  457.962804][T19833] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  458.016152][T19886] loop0: detected capacity change from 0 to 8
[  458.067247][T19886] SQUASHFS error: lzo decompression failed, data probably corrupt
[  458.075471][T19886] SQUASHFS error: Failed to read block 0x144: -5
[  458.090616][T19886] SQUASHFS error: Unable to read metadata cache entry [142]
[  458.125320][T19886] SQUASHFS error: Unable to read directory block [142:26]
[  458.200535][T19854] loop2: detected capacity change from 0 to 32768
[  458.246364][ T5773] BTRFS info (device loop3): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  458.420025][T19900] netlink: 'syz.0.4842': attribute type 1 has an invalid length.
[  459.480736][T19947] loop3: detected capacity change from 0 to 8192
[  459.588987][T19953] loop2: detected capacity change from 0 to 8192
[  459.602527][T19947] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070)
[  459.614602][T19953] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  459.635710][T19947] FAT-fs (loop3): Filesystem has been set read-only
[  459.642902][T19953] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  459.669174][T19962] loop1: detected capacity change from 0 to 64
[  459.681807][T19953] REISERFS (device loop2): using ordered data mode
[  459.690336][T19953] reiserfs: using flush barriers
[  459.702459][T19953] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  459.733559][T19953] REISERFS (device loop2): checking transaction log (loop2)
[  459.745217][T19962] syz.1.4859: attempt to access beyond end of device
[  459.745217][T19962] loop1: rw=0, sector=2590, nr_sectors = 2 limit=64
[  459.759252][T19962] Buffer I/O error on dev loop1, logical block 1295, async page read
[  459.773095][T19962] syz.1.4859: attempt to access beyond end of device
[  459.773095][T19962] loop1: rw=0, sector=2590, nr_sectors = 2 limit=64
[  459.789269][T19962] Buffer I/O error on dev loop1, logical block 1295, async page read
[  459.801884][   T28] kauditd_printk_skb: 7 callbacks suppressed
[  459.801898][   T28] audit: type=1800 audit(2000000214.290:512): pid=19962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4859" name="file2" dev="loop1" ino=6 res=0 errno=0
[  459.866322][T19935] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  460.080139][T19953] REISERFS (device loop2): Using tea hash to sort names
[  460.097569][T19975] loop0: detected capacity change from 0 to 256
[  460.117903][T19953] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  460.164521][T19953] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  460.248701][T19981] FAT-fs (loop3): Directory bread(block 64) failed
[  460.286228][T19981] FAT-fs (loop3): Directory bread(block 65) failed
[  460.293640][T19981] FAT-fs (loop3): Directory bread(block 66) failed
[  460.303534][T19981] FAT-fs (loop3): Directory bread(block 67) failed
[  460.338560][T19981] FAT-fs (loop3): Directory bread(block 68) failed
[  460.363842][T19981] FAT-fs (loop3): Directory bread(block 69) failed
[  460.370536][T19981] FAT-fs (loop3): Directory bread(block 70) failed
[  460.404884][T19981] FAT-fs (loop3): Directory bread(block 71) failed
[  460.411581][T19981] FAT-fs (loop3): Directory bread(block 72) failed
[  460.452952][T19981] FAT-fs (loop3): Directory bread(block 73) failed
[  461.239567][   T28] audit: type=1326 audit(2000000215.730:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20032 comm="syz.2.4878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34fef9c819 code=0x7ffc0000
[  461.293791][   T28] audit: type=1326 audit(2000000215.730:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20032 comm="syz.2.4878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34fef9c819 code=0x7ffc0000
[  461.316262][    C1] vkms_vblank_simulate: vblank timer overrun
[  461.329563][   T28] audit: type=1326 audit(2000000215.760:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20032 comm="syz.2.4878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f34fef9c819 code=0x7ffc0000
[  461.392968][   T28] audit: type=1326 audit(2000000215.760:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20032 comm="syz.2.4878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34fef9c819 code=0x7ffc0000
[  461.415390][    C1] vkms_vblank_simulate: vblank timer overrun
[  461.813794][T20066] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  462.266065][T20097] set_capacity_and_notify: 1 callbacks suppressed
[  462.266082][T20097] loop1: detected capacity change from 0 to 256
[  462.374833][T20097] FAT-fs (loop1): Directory bread(block 64) failed
[  462.381464][T20097] FAT-fs (loop1): Directory bread(block 65) failed
[  462.405740][T20092] loop3: detected capacity change from 0 to 8192
[  462.423966][T20097] FAT-fs (loop1): Directory bread(block 66) failed
[  462.441406][T20104] lo: entered allmulticast mode
[  462.449735][T20097] FAT-fs (loop1): Directory bread(block 67) failed
[  462.489684][T20097] FAT-fs (loop1): Directory bread(block 68) failed
[  462.503546][T20097] FAT-fs (loop1): Directory bread(block 69) failed
[  462.511349][T20104] infiniband syz0: set down
[  462.535896][T20097] FAT-fs (loop1): Directory bread(block 70) failed
[  462.554133][T20097] FAT-fs (loop1): Directory bread(block 71) failed
[  462.560966][T20097] FAT-fs (loop1): Directory bread(block 72) failed
[  462.571219][T20097] FAT-fs (loop1): Directory bread(block 73) failed
[  462.596976][   T23] lo speed is unknown, defaulting to 1000
[  462.634791][   T23] lo speed is unknown, defaulting to 1000
[  462.831328][T20121] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4904'.
[  463.449568][T20162] netlink: 'syz.1.4916': attribute type 1 has an invalid length.
[  463.930752][T20193] tmpfs: Bad value for 'grpquota_block_hardlimit'
[  463.948643][   T28] audit: type=1326 audit(2000000218.440:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20199 comm="syz.1.4928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  464.021801][   T28] audit: type=1326 audit(2000000218.460:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20199 comm="syz.1.4928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  464.097650][   T28] audit: type=1326 audit(2000000218.470:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20199 comm="syz.1.4928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  464.160802][T20210] loop0: detected capacity change from 0 to 64
[  464.171660][   T28] audit: type=1326 audit(2000000218.480:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20199 comm="syz.1.4928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  464.218430][T20210] syz.0.4929: attempt to access beyond end of device
[  464.218430][T20210] loop0: rw=0, sector=2590, nr_sectors = 2 limit=64
[  464.218517][T20210] Buffer I/O error on dev loop0, logical block 1295, async page read
[  464.223593][   T28] audit: type=1326 audit(2000000218.480:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20199 comm="syz.1.4928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  464.228784][T20210] syz.0.4929: attempt to access beyond end of device
[  464.228784][T20210] loop0: rw=0, sector=2590, nr_sectors = 2 limit=64
[  464.228813][T20210] Buffer I/O error on dev loop0, logical block 1295, async page read
[  464.302924][T20206] loop2: detected capacity change from 0 to 4096
[  464.329476][T20206] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  464.492544][T20206] ntfs3: loop2: failed to convert "c46c" to iso8859-3
[  464.785660][T20236] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4938'.
[  464.986437][T20249] loop3: detected capacity change from 0 to 2048
[  465.046283][T20249] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  465.096463][T20258] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  465.143944][    T8] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  465.170879][T20249] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  465.189026][T20249] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  465.207576][T20249] Remounting filesystem read-only
[  465.215992][T20249] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  465.228378][T20249] NILFS error (device loop3): nilfs_bmap_last_key: broken bmap (inode number=16)
[  465.239206][T20249] NILFS (loop3): error -5 truncating bmap (ino=16)
[  465.351310][ T5773] NILFS (loop3): discard dirty page: offset=4096, ino=6
[  465.366792][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  465.385520][ T5773] NILFS (loop3): discard dirty block: blocknr=39, size=1024
[  465.393011][    T8] usb 1-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[  465.413056][ T5773] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  465.422439][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.436212][ T5773] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  465.447639][    T8] usb 1-1: config 0 descriptor??
[  465.452920][ T5773] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  465.467979][    T8] smsusb:smsusb_probe: board id=8, interface number 0
[  465.475868][ T5773] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  465.487041][    T8] smsusb:smsusb_probe: Device initialized with return code -19
[  465.709435][    T8] usb 1-1: USB disconnect, device number 35
[  465.910396][T20296] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  465.921047][T20296] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  465.989337][T20283] loop2: detected capacity change from 0 to 32768
[  466.027701][T20283] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  466.045336][T20283] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  466.126058][T20283] XFS (loop2): Ending clean mount
[  466.136619][T20283] XFS (loop2): Quotacheck needed: Please wait.
[  466.238439][T20283] XFS (loop2): Quotacheck: Done.
[  466.317626][T20320] xt_ecn: cannot match TCP bits for non-tcp packets
[  466.372533][ T5771] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  466.459391][T20326] loop0: detected capacity change from 0 to 256
[  466.580461][T20326] FAT-fs (loop0): Directory bread(block 64) failed
[  466.612060][T20326] FAT-fs (loop0): Directory bread(block 65) failed
[  466.621458][T20326] FAT-fs (loop0): Directory bread(block 66) failed
[  466.641633][T20326] FAT-fs (loop0): Directory bread(block 67) failed
[  466.645248][T20332] netlink: 'syz.1.4960': attribute type 2 has an invalid length.
[  466.653062][T20326] FAT-fs (loop0): Directory bread(block 68) failed
[  466.689453][T20326] FAT-fs (loop0): Directory bread(block 69) failed
[  466.699012][T20326] FAT-fs (loop0): Directory bread(block 70) failed
[  466.712758][T20326] FAT-fs (loop0): Directory bread(block 71) failed
[  466.744187][T20326] FAT-fs (loop0): Directory bread(block 72) failed
[  466.750802][T20326] FAT-fs (loop0): Directory bread(block 73) failed
[  467.183846][ T5846] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  467.332913][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4970'.
[  467.346294][T20371] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4970'.
[  467.398691][ T5846] usb 2-1: config 8 has an invalid interface number: 177 but max is 0
[  467.416169][ T5846] usb 2-1: config 8 has no interface number 0
[  467.445652][ T5846] usb 2-1: config 8 interface 177 altsetting 9 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  467.483950][ T5846] usb 2-1: config 8 interface 177 altsetting 9 endpoint 0x87 has invalid wMaxPacketSize 0
[  467.513982][ T5846] usb 2-1: config 8 interface 177 has no altsetting 0
[  467.533971][ T5846] usb 2-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[  467.547790][ T5846] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.560383][T20341] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  467.636865][T20388] loop2: detected capacity change from 0 to 256
[  467.672949][T20388] FAT-fs (loop2): Directory bread(block 64) failed
[  467.686966][T20388] FAT-fs (loop2): Directory bread(block 65) failed
[  467.703943][T20388] FAT-fs (loop2): Directory bread(block 66) failed
[  467.718353][T20388] FAT-fs (loop2): Directory bread(block 67) failed
[  467.728553][T20388] FAT-fs (loop2): Directory bread(block 68) failed
[  467.753881][T20388] FAT-fs (loop2): Directory bread(block 69) failed
[  467.760535][T20388] FAT-fs (loop2): Directory bread(block 70) failed
[  467.773487][ T5846] usb 2-1: string descriptor 0 read error: -71
[  467.785966][T20388] FAT-fs (loop2): Directory bread(block 71) failed
[  467.792650][T20388] FAT-fs (loop2): Directory bread(block 72) failed
[  467.801081][ T5846] ir_toy 2-1:8.177: required endpoints not found
[  467.813620][T20388] FAT-fs (loop2): Directory bread(block 73) failed
[  467.836084][ T5846] usb 2-1: USB disconnect, device number 22
[  468.040633][T20415] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4979'.
[  468.440821][T20441] loop0: detected capacity change from 0 to 1764
[  468.504908][T20441] iso9660: Corrupted directory entry in block 2 of inode 1920
[  468.763790][    T9] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  468.792077][T20474] loop0: detected capacity change from 0 to 512
[  468.800113][T20474] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  468.897499][T20474] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  468.965611][    T9] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  468.983755][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.016935][    T9] usb 2-1: config 0 descriptor??
[  469.035547][    T9] cp210x 2-1:0.0: cp210x converter detected
[  469.217833][T20502] mmap: syz.3.5006 (20502): VmData 37462016 exceed data ulimit 6. Update limits or use boot option ignore_rlimit_data.
[  469.472568][    T9] usb 2-1: cp210x converter now attached to ttyUSB0
[  469.511886][    T9] usb 2-1: USB disconnect, device number 23
[  469.536822][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  469.558204][    T9] cp210x 2-1:0.0: device disconnected
[  469.615269][T20535] xt_policy: too many policy elements
[  470.007003][T20538] loop0: detected capacity change from 0 to 32768
[  470.025329][T20538] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.5012 (20538)
[  470.040680][T20550] loop2: detected capacity change from 0 to 16
[  470.062152][T20550] erofs: (device loop2): mounted with root inode @ nid 36.
[  470.089575][T20538] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  470.145232][T20538] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  470.178289][T20538] BTRFS info (device loop0): using free space tree
[  470.186791][T20557] loop1: detected capacity change from 0 to 64
[  470.306349][T20538] BTRFS info (device loop0): enabling ssd optimizations
[  470.333764][T20538] BTRFS info (device loop0): auto enabling async discard
[  470.546500][T15330] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  470.577968][T20594] netlink: 'syz.1.5024': attribute type 2 has an invalid length.
[  470.999088][T20612] netlink: 4168 bytes leftover after parsing attributes in process `syz.0.5028'.
[  471.387380][T20636] netlink: 256 bytes leftover after parsing attributes in process `syz.1.5037'.
[  471.407645][T20636] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  471.565070][T20649] overlayfs: missing 'lowerdir'
[  471.602783][T20652] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5042'.
[  471.706450][T20658] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5051'.
[  472.051329][T20679] binder: 20678:20679 ioctl 40046210 0 returned -14
[  472.076321][T20681] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5052'.
[  472.092063][T20681] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5052'.
[  472.307701][T20694] loop0: detected capacity change from 0 to 16
[  472.345065][T20694] erofs: (device loop0): mounted with root inode @ nid 36.
[  472.463204][T20703] netlink: 'syz.3.5058': attribute type 21 has an invalid length.
[  472.657772][T20721] netlink: 'syz.3.5063': attribute type 7 has an invalid length.
[  472.753981][ T5813] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  472.892239][T20739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5069'.
[  472.953819][ T5813] usb 2-1: Using ep0 maxpacket: 16
[  472.963126][ T5813] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  472.985976][ T5813] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  473.001239][ T5813] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  473.016802][ T5813] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  473.025320][ T5813] usb 2-1: Product: syz
[  473.029521][ T5813] usb 2-1: Manufacturer: syz
[  473.038017][ T5813] usb 2-1: SerialNumber: syz
[  473.048964][ T5813] r8152-cfgselector 2-1: config 0 descriptor??
[  473.294610][ T5813] usbip-host 2-1: 2-1 is not in match_busid table... skip!
[  473.308207][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  473.308222][   T28] audit: type=1326 audit(2000000227.800:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20760 comm="syz.0.5076" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff91eb9c819 code=0x0
[  473.506460][ T5813] usb 2-1: USB disconnect, device number 24
[  473.659019][T20789] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  473.839923][T20801] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.5088'.
[  473.926964][T20812] usb usb9: usbfs: process 20812 (syz.2.5090) did not claim interface 3 before use
[  474.246871][T20838] loop1: detected capacity change from 0 to 164
[  474.344244][ T5812] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  474.533759][ T5812] usb 4-1: Using ep0 maxpacket: 16
[  474.545552][ T5812] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.569691][T20861] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  474.569691][T20861] The task syz.0.5103 (20861) triggered the difference, watch for misbehavior.
[  474.579786][ T5812] usb 4-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d
[  474.607439][ T5812] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  474.627711][ T5812] usb 4-1: Product: syz
[  474.632008][ T5812] usb 4-1: Manufacturer: syz
[  474.646693][ T5812] usb 4-1: SerialNumber: syz
[  474.653965][ T5812] usb 4-1: config 0 descriptor??
[  474.669400][ T5812] gspca_main: STV06xx-2.14.0 probing 046d:08f0
[  474.675843][ T5812] gspca_stv06xx: st6422 sensor detected
[  475.110675][T20895] xt_TCPMSS: Only works on TCP SYN packets
[  475.149875][ T5812] STV06xx: probe of 4-1:0.0 failed with error -71
[  475.158249][ T5761] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  475.168545][ T5812] usb 4-1: USB disconnect, device number 27
[  475.215298][T20905] loop1: detected capacity change from 0 to 256
[  475.244518][T20905] FAT-fs (loop1): Directory bread(block 64) failed
[  475.263541][T20905] FAT-fs (loop1): Directory bread(block 65) failed
[  475.271992][T20905] FAT-fs (loop1): Directory bread(block 66) failed
[  475.278668][T20905] FAT-fs (loop1): Directory bread(block 67) failed
[  475.285751][T20905] FAT-fs (loop1): Directory bread(block 68) failed
[  475.292320][T20905] FAT-fs (loop1): Directory bread(block 69) failed
[  475.299124][T20905] FAT-fs (loop1): Directory bread(block 70) failed
[  475.305702][T20905] FAT-fs (loop1): Directory bread(block 71) failed
[  475.312413][T20905] FAT-fs (loop1): Directory bread(block 72) failed
[  475.319010][T20905] FAT-fs (loop1): Directory bread(block 73) failed
[  475.358574][ T5761] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  475.379102][ T5761] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.400983][ T5761] usb 3-1: Product: syz
[  475.413787][ T5761] usb 3-1: Manufacturer: syz
[  475.421284][ T5761] usb 3-1: SerialNumber: syz
[  475.440809][ T5761] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  475.468300][ T5812] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  475.907060][T20919] loop1: detected capacity change from 0 to 32768
[  475.921550][ T5813] usb 3-1: USB disconnect, device number 25
[  475.933008][T20919] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.5117 (20919)
[  475.964026][T20919] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  475.981362][T20919] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  476.001427][T20919] BTRFS info (device loop1): using free space tree
[  476.114698][T20919] BTRFS info (device loop1): enabling ssd optimizations
[  476.153904][T20919] BTRFS info (device loop1): auto enabling async discard
[  476.244182][ T5774] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  476.530095][ T5812] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  476.553806][T20976] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5131'.
[  476.554073][ T5812] ath9k_htc: Failed to initialize the device
[  476.618675][ T5813] usb 3-1: ath9k_htc: USB layer deinitialized
[  476.632190][T20976] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5131'.
[  476.693925][T20976] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5131'.
[  477.036869][T21011] netlink: 'syz.2.5138': attribute type 5 has an invalid length.
[  477.265050][T21032] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5145'.
[  477.303871][   T23] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  477.508982][T21048] netlink: 52 bytes leftover after parsing attributes in process `syz.3.5150'.
[  477.510333][   T23] usb 2-1: config 160 has an invalid interface number: 200 but max is 0
[  477.543677][   T23] usb 2-1: config 160 has an invalid descriptor of length 0, skipping remainder of the config
[  477.561349][T21050] autofs4:pid:21050:autofs_fill_super: called with bogus options
[  477.565434][   T23] usb 2-1: config 160 has no interface number 0
[  477.604227][   T23] usb 2-1: config 160 interface 200 has no altsetting 0
[  477.626242][   T23] usb 2-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b
[  477.639601][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.653986][   T23] usb 2-1: Product: syz
[  477.658218][   T23] usb 2-1: Manufacturer: syz
[  477.662853][   T23] usb 2-1: SerialNumber: syz
[  477.847163][T21068] loop3: detected capacity change from 0 to 256
[  477.917696][   T23] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  477.927747][T21068] FAT-fs (loop3): Directory bread(block 64) failed
[  477.937426][T21068] FAT-fs (loop3): Directory bread(block 65) failed
[  477.944531][   T23] usb 2-1: MIDIStreaming interface descriptor not found
[  477.963969][T21068] FAT-fs (loop3): Directory bread(block 66) failed
[  477.970550][T21068] FAT-fs (loop3): Directory bread(block 67) failed
[  477.974750][    T9] usb 3-1: new low-speed USB device number 26 using dummy_hcd
[  478.001750][T21068] FAT-fs (loop3): Directory bread(block 68) failed
[  478.009792][T21068] FAT-fs (loop3): Directory bread(block 69) failed
[  478.017894][T21068] FAT-fs (loop3): Directory bread(block 70) failed
[  478.026346][T21068] FAT-fs (loop3): Directory bread(block 71) failed
[  478.032992][T21068] FAT-fs (loop3): Directory bread(block 72) failed
[  478.041132][T21068] FAT-fs (loop3): Directory bread(block 73) failed
[  478.055038][   T23] usb 2-1: USB disconnect, device number 25
[  478.145863][ T6276] udevd[6276]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  478.211117][    T9] usb 3-1: config index 0 descriptor too short (expected 6427, got 27)
[  478.227433][    T9] usb 3-1: config 0 has an invalid interface number: 21 but max is 0
[  478.246437][    T9] usb 3-1: config 0 has no interface number 0
[  478.263835][    T9] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[  478.285988][    T9] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  478.308627][    T9] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  478.328545][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.347057][    T9] usb 3-1: config 0 descriptor??
[  478.368563][T21053] loop0: detected capacity change from 0 to 32768
[  478.397027][T21053] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  478.444809][T21053] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  478.614135][T21053] (syz.0.5152,21053,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=970662608961, rec_len=0, name_len=0
[  478.642097][T21053] (syz.0.5152,21053,1):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2
[  478.653296][T21053] (syz.0.5152,21053,1):ocfs2_symlink:1867 ERROR: status = -2
[  478.661869][T21053] (syz.0.5152,21053,1):ocfs2_symlink:2068 ERROR: status = -2
[  478.780173][    T9] usb 3-1: USB disconnect, device number 26
[  478.802391][T15330] ocfs2: Unmounting device (7,0) on (node local)
[  479.045006][T21144] cgroup: none used incorrectly
[  479.380519][T21165] loop1: detected capacity change from 0 to 1764
[  479.540085][T21178] loop3: detected capacity change from 0 to 2048
[  479.585146][T21178] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  479.875102][T21205] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.5183'.
[  480.009329][T21217] loop2: detected capacity change from 0 to 512
[  480.039978][T21217] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  480.056297][T21217] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  480.086795][T21217] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.5187: Corrupt directory, running e2fsck is recommended
[  480.124687][T21217] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  480.165502][T21217] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.5187: corrupted in-inode xattr: e_name out of bounds
[  480.232157][T21217] EXT4-fs error (device loop2): ext4_orphan_get:1409: comm syz.2.5187: couldn't read orphan inode 15 (err -117)
[  480.259059][T21217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.304632][T21217] EXT4-fs error (device loop2): ext4_xattr_set_entry:1670: inode #2: comm syz.2.5187: corrupted xattr entries
[  480.400297][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.656703][T21259] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.5198'.
[  480.757065][T21269] netlink: 84 bytes leftover after parsing attributes in process `syz.0.5201'.
[  480.977741][T21282] loop2: detected capacity change from 0 to 1764
[  480.985736][T21284] netlink: 'syz.3.5204': attribute type 32 has an invalid length.
[  481.157938][T21286] loop1: detected capacity change from 0 to 4096
[  481.165977][T21286] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  481.196747][T21286] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  481.218054][T21286] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing.
[  481.237951][T21286] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  481.252354][T21286] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  481.280938][T21286] ntfs: volume version 3.1.
[  481.322118][T21286] ntfs: (device loop1): map_mft_record_page(): Mft record 0x44 is corrupt.  Run chkdsk.
[  481.351299][T21286] ntfs: (device loop1): map_mft_record(): Failed with error code 5.
[  481.365286][T21286] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0x44 as bad.  Run chkdsk.
[  481.611265][T21294] loop0: detected capacity change from 0 to 32768
[  481.639539][T21294] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  481.718575][T21322] tmpfs: Bad value for 'mpol'
[  481.774754][T21294] XFS (loop0): Ending clean mount
[  481.795505][T21294] XFS (loop0): Quotacheck needed: Please wait.
[  481.841476][T21294] XFS (loop0): Quotacheck: Done.
[  481.955589][T15330] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  482.151312][T21345] snd_dummy snd_dummy.0: control 0:7841:0:syz0:0 is already present
[  482.593735][    T9] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  482.644585][T21354] loop2: detected capacity change from 0 to 32768
[  482.655279][T21354] (syz.2.5222,21354,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  482.696951][T21354] (syz.2.5222,21354,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  482.742068][T21354] JBD2: Ignoring recovery information on journal
[  482.774583][    T9] usb 4-1: Using ep0 maxpacket: 8
[  482.782372][    T9] usb 4-1: config 0 has an invalid interface number: 88 but max is 3
[  482.795624][    T9] usb 4-1: config 0 has an invalid interface number: 250 but max is 3
[  482.804017][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  482.814231][    T9] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 4
[  482.823903][    T9] usb 4-1: config 0 has no interface number 0
[  482.830104][    T9] usb 4-1: config 0 has no interface number 1
[  482.837720][    T9] usb 4-1: config 0 interface 88 has no altsetting 0
[  482.850040][    T9] usb 4-1: config 0 interface 250 has no altsetting 0
[  482.857104][    T9] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=12.b3
[  482.866348][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.876769][    T9] usb 4-1: config 0 descriptor??
[  482.888690][T21354] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  483.013269][ T5771] ocfs2: Unmounting device (7,2) on (node local)
[  483.098259][    T9] usb 4-1: string descriptor 0 read error: -71
[  483.138983][    T9] usb 4-1: USB disconnect, device number 28
[  483.596945][T21426] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5234'.
[  483.606591][T21426] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5234'.
[  483.616240][T21426] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5234'.
[  484.070506][T21450] loop3: detected capacity change from 0 to 16
[  484.094380][T21450] erofs: (device loop3): mounted with root inode @ nid 36.
[  484.102563][T21429] loop2: detected capacity change from 0 to 32768
[  484.114266][T21429] (syz.2.5237,21429,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  484.130674][T21429] (syz.2.5237,21429,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  484.155660][T21450] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 32768
[  484.166707][T21450] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 32768
[  484.177950][T21450] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 32811 of nid 36
[  484.195685][T21429] JBD2: Ignoring recovery information on journal
[  484.234324][T21457] netlink: 'syz.0.5244': attribute type 32 has an invalid length.
[  484.282301][T21429] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  484.457316][ T5771] ocfs2: Unmounting device (7,2) on (node local)
[  484.784085][T21482] QAT: failed to copy from user cfg_data.
[  485.015443][T21495] loop1: detected capacity change from 0 to 1024
[  485.037255][T21495] EXT4-fs: Ignoring removed mblk_io_submit option
[  485.054511][T21495] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  485.085820][T21495] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  485.104007][T21464] loop3: detected capacity change from 0 to 32768
[  485.157721][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.175115][T21464] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  485.276792][T21464] XFS (loop3): Ending clean mount
[  485.287480][T21520] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5260'.
[  485.303569][T21464] XFS (loop3): Quotacheck needed: Please wait.
[  485.408647][T21464] XFS (loop3): Quotacheck: Done.
[  485.420407][T21529] loop1: detected capacity change from 0 to 512
[  485.435502][T21529] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  485.447240][T21529] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  485.458174][T21529] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.5258: Corrupt directory, running e2fsck is recommended
[  485.482705][T21529] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  485.501495][T21529] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.5258: corrupted in-inode xattr: e_name out of bounds
[  485.519773][T21529] EXT4-fs error (device loop1): ext4_orphan_get:1409: comm syz.1.5258: couldn't read orphan inode 15 (err -117)
[  485.561328][T21529] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  485.587186][ T5773] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  485.647255][T21529] EXT4-fs error (device loop1): ext4_xattr_set_entry:1670: inode #2: comm syz.1.5258: corrupted xattr entries
[  485.696756][   T28] audit: type=1326 audit(2000000240.170:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21538 comm="syz.3.5263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21d739c819 code=0x7ffc0000
[  485.755678][T21541] x_tables: unsorted underflow at hook 4
[  485.834157][   T28] audit: type=1326 audit(2000000240.170:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21538 comm="syz.3.5263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21d739c819 code=0x7ffc0000
[  485.877264][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.904277][T21546] ip6t_srh: unknown srh invflags 4449
[  486.022930][T21553] loop1: detected capacity change from 0 to 1024
[  486.463956][   T23] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  486.614947][    T9] usb 4-1: new low-speed USB device number 29 using dummy_hcd
[  486.673753][   T23] usb 2-1: Using ep0 maxpacket: 32
[  486.685883][   T23] usb 2-1: config 0 has an invalid interface number: 132 but max is 0
[  486.694488][   T23] usb 2-1: config 0 has no interface number 0
[  486.700673][   T23] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid maxpacket 65519, setting to 1024
[  486.715628][   T23] usb 2-1: config 0 interface 132 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  486.730076][   T23] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  486.740052][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  486.761150][   T23] usb 2-1: Product: syz
[  486.772353][   T23] usb 2-1: Manufacturer: syz
[  486.777694][   T23] usb 2-1: SerialNumber: syz
[  486.788017][   T23] usb 2-1: config 0 descriptor??
[  486.793856][T21553] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  486.805623][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  486.814573][   T23] em28xx 2-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  486.826645][   T23] em28xx 2-1:0.132: Video interface 132 found: bulk
[  486.835851][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  486.849149][    T9] usb 4-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  486.858758][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.870352][    T9] usb 4-1: config 0 descriptor??
[  486.889436][    T9] qmi_wwan: probe of 4-1:0.0 failed with error -22
[  487.074122][   T23] em28xx 2-1:0.132: unknown em28xx chip ID (0)
[  487.110253][    T9] usb 4-1: USB disconnect, device number 29
[  487.172196][   T23] em28xx 2-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  487.184761][   T23] em28xx 2-1:0.132: board has no eeprom
[  487.206847][T21637] Scaler: =================  START STATUS  =================
[  487.214797][T21637] Scaler: ==================  END STATUS  ==================
[  487.253936][   T23] em28xx 2-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  487.261844][   T23] em28xx 2-1:0.132: analog set to bulk mode.
[  487.269798][ T5846] em28xx 2-1:0.132: Registering V4L2 extension
[  487.291649][   T23] usb 2-1: USB disconnect, device number 26
[  487.302310][   T23] em28xx 2-1:0.132: Disconnecting em28xx
[  487.441926][ T5846] em28xx 2-1:0.132: Config register raw data: 0xffffffed
[  487.450234][ T5846] em28xx 2-1:0.132: AC97 chip type couldn't be determined
[  487.457492][ T5846] em28xx 2-1:0.132: No AC97 audio processor
[  487.471207][ T5846] usb 2-1: Decoder not found
[  487.476005][ T5846] em28xx 2-1:0.132: failed to create media graph
[  487.482384][ T5846] em28xx 2-1:0.132: V4L2 device video103 deregistered
[  487.495849][ T5846] em28xx 2-1:0.132: Remote control support is not available for this card.
[  487.505078][   T23] em28xx 2-1:0.132: Closing input extension
[  487.526191][   T23] em28xx 2-1:0.132: Freeing device
[  487.722952][T21666] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5292'.
[  487.738409][T21666] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5292'.
[  487.763790][T21666] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5292'.
[  487.816121][T21672] netlink: 'syz.2.5296': attribute type 1 has an invalid length.
[  487.850528][T21672] netlink: 244 bytes leftover after parsing attributes in process `syz.2.5296'.
[  487.977010][T21686] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5300'.
[  487.993130][T21686] gtp0: entered promiscuous mode
[  487.999646][T21686] gtp0: entered allmulticast mode
[  488.076628][T21694] netlink: 'syz.1.5303': attribute type 5 has an invalid length.
[  488.085000][T21694] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.5303'.
[  488.123912][ T5761] usb 4-1: new low-speed USB device number 30 using dummy_hcd
[  488.227926][T21704] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma?
[  488.316560][ T5761] usb 4-1: config index 0 descriptor too short (expected 6427, got 27)
[  488.328309][ T5761] usb 4-1: config 0 has an invalid interface number: 21 but max is 0
[  488.344270][ T5761] usb 4-1: config 0 has no interface number 0
[  488.355492][ T5761] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[  488.375780][ T5761] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  488.401141][ T5761] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  488.423984][ T5761] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  488.457690][ T5761] usb 4-1: config 0 descriptor??
[  488.477849][T21720] netlink: 'syz.2.5311': attribute type 2 has an invalid length.
[  488.680109][T21733] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5316'.
[  488.690765][T21733] netlink: 'syz.2.5316': attribute type 1 has an invalid length.
[  488.694609][ T5846] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  488.841204][T21742] loop0: detected capacity change from 0 to 4096
[  488.854582][T21742] __ntfs_warning: 3 callbacks suppressed
[  488.854595][T21742] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  488.898889][ T5761] usb 4-1: USB disconnect, device number 30
[  488.913765][ T5846] usb 2-1: Using ep0 maxpacket: 16
[  488.921882][T21742] ntfs: (device loop0): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  488.927907][ T5846] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.945486][ T5846] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  488.957667][ T5846] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  488.970923][ T5846] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  488.981195][ T5846] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  488.995292][ T5846] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  489.004614][ T5846] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.013752][T21742] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing.
[  489.024496][ T5846] usb 2-1: config 0 descriptor??
[  489.041939][T21742] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  489.084095][T21742] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  489.136059][T21742] ntfs: volume version 3.1.
[  489.185835][ T5846] rc_core: IR keymap rc-hauppauge not found
[  489.195291][ T5846] Registered IR keymap rc-empty
[  489.196026][T21742] ntfs: (device loop0): map_mft_record_page(): Mft record 0x44 is corrupt.  Run chkdsk.
[  489.202620][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.220918][T21742] ntfs: (device loop0): map_mft_record(): Failed with error code 5.
[  489.243801][T21742] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0x44 as bad.  Run chkdsk.
[  489.250636][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.304805][ T5846] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  489.332616][ T5846] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input34
[  489.382878][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.443863][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.484527][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.513795][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.564289][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.584973][T21774] loop0: detected capacity change from 0 to 1764
[  489.601155][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.634053][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.650348][T21774] iso9660: Corrupted directory entry in block 2 of inode 1920
[  489.663865][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.723752][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.760662][ T5846] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  489.806354][ T5846] mceusb 2-1:0.0: Registered  with mce emulator interface version 1
[  489.816584][ T5846] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  489.871024][ T5846] usb 2-1: USB disconnect, device number 27
[  489.884771][T21794] usb usb9: usbfs: process 21794 (syz.3.5329) did not claim interface 0 before use
[  489.959776][T21804] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5330'.
[  490.195546][T21817] loop0: detected capacity change from 0 to 1764
[  490.301831][T21830] vivid-000: =================  START STATUS  =================
[  490.310373][T21830] vivid-000: RDS Tx I/O Mode: Controls
[  490.317984][T21830] vivid-000: RDS Program ID: 32904
[  490.323248][T21830] vivid-000: RDS Program Type: 0
[  490.329324][T21830] vivid-000: RDS PS Name: VIVID-TX
[  490.347123][T21830] vivid-000: RDS Radio Text: This is a VIVID default Radio Text template text, change at will
[  490.362482][T21830] vivid-000: RDS Stereo: true
[  490.402928][T21830] vivid-000: RDS Artificial Head: false
[  490.433844][T21830] vivid-000: RDS Compressed: false
[  490.439118][T21830] vivid-000: RDS Dynamic PTY: false
[  490.456744][T21830] vivid-000: RDS Traffic Announcement: false
[  490.468789][T21830] vivid-000: RDS Traffic Program: true
[  490.487483][T21830] vivid-000: RDS Music: true
[  490.496166][T21830] vivid-000: ==================  END STATUS  ==================
[  490.676746][T21852] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5346'.
[  490.694582][T21852] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5346'.
[  490.709160][T21849] loop0: detected capacity change from 0 to 2048
[  490.752935][T21846] loop3: detected capacity change from 0 to 4096
[  490.771830][T21857] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  490.794934][T21846] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  491.009615][T21863] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5349'.
[  491.114282][T21872] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5351'.
[  491.165463][T21872] gtp0: entered promiscuous mode
[  491.170473][T21872] gtp0: entered allmulticast mode
[  491.250459][T21874] loop1: detected capacity change from 0 to 4096
[  491.279441][T21874] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  491.362360][T21874] ntfs3: loop1: failed to convert "c46c" to cp950
[  492.292465][T21903] loop1: detected capacity change from 0 to 32768
[  492.308816][T21903] (syz.1.5361,21903,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  492.353369][T21903] (syz.1.5361,21903,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  492.437422][T21903] JBD2: Ignoring recovery information on journal
[  492.546745][T21908] loop0: detected capacity change from 0 to 32768
[  492.565255][T21903] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  492.581868][T21908] (syz.0.5363,21908,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  492.643742][T21908] (syz.0.5363,21908,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  492.735763][T21908] debugfs: Directory '9357E9D751824C228242B9B0D0FB6750' with parent 'ocfs2' already present!
[  492.798385][T21908] JBD2: Ignoring recovery information on journal
[  492.829790][T21940] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5374'.
[  492.898288][ T5774] ocfs2: Unmounting device (7,1) on (node local)
[  492.906184][T21908] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  492.999720][T21945] syz.3.5376 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  493.168768][T15330] ocfs2: Unmounting device (7,0) on (node local)
[  493.605061][T21969] erspan0: entered promiscuous mode
[  493.620671][T21969] erspan0: entered allmulticast mode
[  493.676597][T21949] loop2: detected capacity change from 0 to 32768
[  493.689169][   T28] audit: type=1326 audit(2000000248.180:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21971 comm="syz.1.5381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  493.713930][ T5761] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  493.742176][   T28] audit: type=1326 audit(2000000248.180:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21971 comm="syz.1.5381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  493.785382][T21949] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  493.851331][T21949] XFS (loop2): Ending clean mount
[  493.891440][T21949] XFS (loop2): Quotacheck needed: Please wait.
[  493.903775][ T5761] usb 4-1: Using ep0 maxpacket: 32
[  493.915490][ T5761] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  493.944189][ T5761] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  493.965015][ T5761] usb 4-1: config 0 descriptor??
[  493.979586][ T5761] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  494.025192][T21949] XFS (loop2): Quotacheck: Done.
[  494.165728][T21998] netlink: 'syz.1.5385': attribute type 2 has an invalid length.
[  494.172914][ T5771] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  494.207091][ T5761] gspca_vc032x: reg_r err -71
[  494.211902][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.249809][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.275985][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.281360][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.344178][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.349564][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.380216][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.397658][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.403035][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.438851][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.462618][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.482906][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.493037][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.513344][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.527251][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.532599][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.558467][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.573685][ T5761] gspca_vc032x: I2c Bus Busy Wait 00
[  494.584051][ T5761] gspca_vc032x: Unknown sensor...
[  494.589203][ T5761] vc032x: probe of 4-1:0.0 failed with error -22
[  494.617247][ T5761] usb 4-1: USB disconnect, device number 31
[  494.752100][T21987] loop0: detected capacity change from 0 to 32768
[  494.780056][T21987] (syz.0.5383,21987,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  494.813962][T21987] (syz.0.5383,21987,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  494.918219][T21987] JBD2: Ignoring recovery information on journal
[  495.026102][T21987] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  495.236373][T22006] loop1: detected capacity change from 0 to 32768
[  495.277645][T22006] (syz.1.5387,22006,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  495.309617][T22006] (syz.1.5387,22006,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  495.350352][T15330] ocfs2: Unmounting device (7,0) on (node local)
[  495.404444][T22006] JBD2: Ignoring recovery information on journal
[  495.516312][T22006] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  495.787523][ T5774] ocfs2: Unmounting device (7,1) on (node local)
[  495.941887][T22045] loop2: detected capacity change from 0 to 32768
[  496.027404][T22060] loop3: detected capacity change from 0 to 4096
[  496.037045][T22045] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  496.050345][T22060] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  496.198284][T22045] XFS (loop2): Ending clean mount
[  496.264561][T22055] loop0: detected capacity change from 0 to 32768
[  496.306019][T22060] ntfs3: loop3: failed to convert "c46c" to cp950
[  496.347046][T22055] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  496.492691][T22055] XFS (loop0): Ending clean mount
[  496.528596][ T5771] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  496.551096][T22055] XFS (loop0): Quotacheck needed: Please wait.
[  496.619291][T22055] XFS (loop0): Quotacheck: Done.
[  496.821121][T22098] netlink: 'syz.1.5403': attribute type 1 has an invalid length.
[  496.849094][T22098] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5403'.
[  496.861470][T15330] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  496.873834][T22100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5404'.
[  497.121452][T22114] xt_TPROXY: Can be used only with -p tcp or -p udp
[  497.653186][T22146] tipc: Trying to set illegal importance in message
[  497.852959][T22158] erspan0: entered promiscuous mode
[  497.858508][T22158] erspan0: entered allmulticast mode
[  497.957580][T22166] loop0: detected capacity change from 0 to 1024
[  497.971927][T22168] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5423'.
[  498.011639][T22166] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  498.208212][T15330] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  498.435650][T22171] loop3: detected capacity change from 0 to 32768
[  498.455767][T22171] (syz.3.5422,22171,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  498.469929][ T5812] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  498.491415][   T28] kauditd_printk_skb: 7 callbacks suppressed
[  498.491428][   T28] audit: type=1326 audit(2000000252.980:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22198 comm="syz.1.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  498.523061][T22171] (syz.3.5422,22171,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  498.544521][   T28] audit: type=1326 audit(2000000252.980:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22198 comm="syz.1.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  498.575319][T22171] JBD2: Ignoring recovery information on journal
[  498.626940][   T28] audit: type=1326 audit(2000000252.990:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22198 comm="syz.1.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  498.674220][   T28] audit: type=1326 audit(2000000252.990:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22198 comm="syz.1.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  498.696618][    C1] vkms_vblank_simulate: vblank timer overrun
[  498.696636][ T5812] usb 3-1: Using ep0 maxpacket: 16
[  498.704781][ T5812] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.711068][   T28] audit: type=1326 audit(2000000252.990:543): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=22198 comm="syz.1.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  498.728018][T22171] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  498.750901][   T28] audit: type=1326 audit(2000000252.990:544): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=22198 comm="syz.1.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  498.773523][ T5812] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  498.773597][ T5812] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  498.773659][ T5812] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  498.773680][ T5812] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  498.773721][ T5812] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  498.773743][ T5812] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.786881][ T5812] usb 3-1: config 0 descriptor??
[  498.953853][   T28] audit: type=1326 audit(2000000253.020:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22198 comm="syz.1.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  498.976309][    C1] vkms_vblank_simulate: vblank timer overrun
[  499.005613][T22215] IPVS: set_ctl: invalid protocol: 59 0.0.0.0:20000
[  499.012995][   T28] audit: type=1326 audit(2000000253.020:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22198 comm="syz.1.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  499.082492][   T28] audit: type=1326 audit(2000000253.020:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22198 comm="syz.1.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  499.094024][ T5812] rc_core: IR keymap rc-hauppauge not found
[  499.117251][ T5773] ocfs2: Unmounting device (7,3) on (node local)
[  499.133904][ T5812] Registered IR keymap rc-empty
[  499.174401][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.205236][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.244709][ T5812] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  499.261944][ T5812] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input35
[  499.303161][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.353792][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.407046][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.444024][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.463769][    T9] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  499.503899][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.553788][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.584571][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.634486][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.654410][    T9] usb 4-1: Using ep0 maxpacket: 16
[  499.669643][    T9] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  499.681142][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.703781][    T9] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  499.723955][    T9] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 6
[  499.733945][ T5812] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  499.749810][    T9] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  499.787513][ T5812] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  499.804455][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  499.824001][ T5812] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  499.832440][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.854007][ T5812] usb 3-1: USB disconnect, device number 27
[  499.861640][T22221] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  499.876369][T22221] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  499.900491][    T9] cdc_acm 4-1:1.0: Control and data interfaces are not separated!
[  500.000507][T22256] loop1: detected capacity change from 0 to 8192
[  500.034201][T22256] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  500.147742][    T9] cdc_acm 4-1:1.0: ttyACM0: USB ACM device
[  500.156659][T22256] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[  500.198396][    T9] usb 4-1: USB disconnect, device number 32
[  500.231890][T22256] REISERFS (device loop1): using ordered data mode
[  500.243388][T22256] reiserfs: using flush barriers
[  500.266457][T22256] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  500.329582][T22256] REISERFS (device loop1): checking transaction log (loop1)
[  500.496186][T22256] REISERFS (device loop1): Using tea hash to sort names
[  500.503545][T22256] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  500.834453][T22323] sctp: [Deprecated]: syz.2.5458 (pid 22323) Use of struct sctp_assoc_value in delayed_ack socket option.
[  500.834453][T22323] Use struct sctp_sack_info instead
[  501.225659][T22357] loop2: detected capacity change from 0 to 512
[  501.309433][T22364] netlink: 'syz.0.5471': attribute type 12 has an invalid length.
[  501.341355][T22357] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.381318][T22357] ext4 filesystem being mounted at /1408/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  501.544722][T22357] EXT4-fs error (device loop2): ext4_xattr_block_find:1879: inode #15: comm syz.2.5468: corrupted xattr block 33: invalid ea_ino
[  501.581392][T22357] EXT4-fs (loop2): Remounting filesystem read-only
[  501.654961][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.664599][ T1081] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  501.703877][ T1081] Quota error (device loop2): write_blk: dquota write failed
[  501.711303][ T1081] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  501.747972][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  501.754797][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  501.775976][ T1081] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  501.928685][T22388] netdevsim netdevsim2: Firmware load for './file0/file0/..' refused, path contains '..' component
[  501.995636][T22362] loop3: detected capacity change from 0 to 32768
[  502.046091][T22362] (syz.3.5469,22362,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  502.092069][T22362] (syz.3.5469,22362,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  502.176867][T22362] JBD2: Ignoring recovery information on journal
[  502.254854][T22362] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  502.455387][ T5773] ocfs2: Unmounting device (7,3) on (node local)
[  502.594026][ T5846] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  502.773867][ T5846] usb 3-1: Using ep0 maxpacket: 8
[  502.795591][ T5846] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[  502.835737][ T5846] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  502.846409][ T5846] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  502.854687][ T5846] usb 3-1: Product: syz
[  502.859008][ T5846] usb 3-1: Manufacturer: syz
[  502.863836][ T5846] usb 3-1: SerialNumber: syz
[  502.981069][T22443] netlink: 180 bytes leftover after parsing attributes in process `syz.0.5490'.
[  503.133790][ T5846] usb 3-1: Handspring Visor / Palm OS: No valid connect info available
[  503.142772][ T5846] usb 3-1: Handspring Visor / Palm OS: port 0, is for HotSync use
[  503.177515][ T5846] usb 3-1: Handspring Visor / Palm OS: port 211, is for unknown use
[  503.193714][ T5846] usb 3-1: Handspring Visor / Palm OS: Number of ports: 2
[  503.336351][ T5846] usb 3-1: palm_os_3_probe - error -71 getting bytes available request
[  503.355398][ T5846] visor 3-1:1.0: Handspring Visor / Palm OS converter detected
[  503.388257][ T5846] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  503.416639][ T5846] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  503.444446][ T5846] usb 3-1: USB disconnect, device number 28
[  503.469426][ T5846] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  503.517063][ T5846] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  503.555646][ T5846] visor 3-1:1.0: device disconnected
[  503.658432][T22504] comedi comedi1: pcl711: I/O port conflict (0x10000,16)
[  503.808600][ T5785] Bluetooth: hci1: command 0x0406 tx timeout
[  504.236631][T22544] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5515'.
[  504.260540][T22548] ubi8: attaching mtd0
[  504.266179][T22544] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5515'.
[  504.279182][T22548] ubi8: scanning is finished
[  504.284026][T22548] ubi8: empty MTD device detected
[  504.289212][T22548] ubi8 error: ubi_read_volume_table: LEB size too small for a volume record
[  504.298201][T22544] netlink: 31 bytes leftover after parsing attributes in process `syz.3.5515'.
[  504.307917][T22544] netlink: 'syz.3.5515': attribute type 2 has an invalid length.
[  504.324688][T22544] netlink: 31 bytes leftover after parsing attributes in process `syz.3.5515'.
[  504.374459][T22548] ubi8 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  504.463866][T22557] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5519'.
[  504.481336][T22557] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5519'.
[  504.585160][T22568] syz.1.5522: attempt to access beyond end of device
[  504.585160][T22568] loop1: rw=4096, sector=0, nr_sectors = 1 limit=0
[  504.763730][ T5813] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  504.953763][ T5813] usb 1-1: Using ep0 maxpacket: 8
[  504.960792][ T5813] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[  504.982799][ T5813] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  504.998783][ T5813] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  505.017281][ T5813] usb 1-1: Product: syz
[  505.023804][ T5813] usb 1-1: Manufacturer: syz
[  505.033674][ T5813] usb 1-1: SerialNumber: syz
[  505.265094][ T5813] usb 1-1: Handspring Visor / Palm OS: No valid connect info available
[  505.287000][ T5813] usb 1-1: Handspring Visor / Palm OS: port 0, is for HotSync use
[  505.311121][ T5813] usb 1-1: Handspring Visor / Palm OS: port 211, is for unknown use
[  505.320469][ T5813] usb 1-1: Handspring Visor / Palm OS: Number of ports: 2
[  505.455257][T22594] loop2: detected capacity change from 0 to 40427
[  505.475308][ T5813] usb 1-1: palm_os_3_probe - error -71 getting bytes available request
[  505.484723][T22594] F2FS-fs (loop2): Corrupted extension count (33554469 + 1 > 64)
[  505.501565][ T5813] visor 1-1:1.0: Handspring Visor / Palm OS converter detected
[  505.509536][T22594] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  505.529214][ T5813] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  505.545193][T22594] F2FS-fs (loop2): invalid crc value
[  505.561675][ T5813] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  505.581779][ T5813] usb 1-1: USB disconnect, device number 36
[  505.600867][ T5813] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  505.631341][ T5813] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  505.661324][T22587] loop1: detected capacity change from 0 to 40427
[  505.662429][ T5813] visor 1-1:1.0: device disconnected
[  505.733432][T22587] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  505.769853][T22587] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  505.794169][T22587] F2FS-fs (loop1): heap/no_heap options were deprecated
[  505.812411][T22587] F2FS-fs (loop1): invalid crc value
[  505.817802][T22594] F2FS-fs (loop2): Try to recover 2th superblock, ret: -30
[  505.817879][T22594] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  505.865872][T22587] F2FS-fs (loop1): Found nat_bits in checkpoint
[  505.929287][T22594] F2FS-fs (loop2): Try to recover all the superblocks, ret: 0
[  505.947549][T22587] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  505.963750][T22587] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  505.988631][T22647] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  506.600557][T22679] netlink: 'syz.1.5539': attribute type 3 has an invalid length.
[  506.612935][T22679] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5539'.
[  506.777714][T22691] xt_hashlimit: invalid interval
[  506.881544][T22699] netlink: 196 bytes leftover after parsing attributes in process `syz.3.5550'.
[  506.919094][T22699] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5550'.
[  506.953792][T22699] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check.
[  507.264764][T22727] loop2: detected capacity change from 0 to 1024
[  507.380746][T22727] hfsplus: extend alloc file! (8192,512,17039360)
[  507.507285][T22742] tmpfs: Bad value for 'mpol'
[  507.791149][T22759] loop3: detected capacity change from 0 to 4096
[  507.838074][T22774] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  507.993757][ T5812] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  508.197662][T22793] loop2: detected capacity change from 0 to 64
[  508.205875][ T5812] usb 1-1: Using ep0 maxpacket: 16
[  508.232717][ T5812] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  508.256744][ T5812] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  508.289155][ T5812] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 6
[  508.309726][ T5812] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  508.333712][ T5812] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  508.359816][ T5812] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.385811][T22761] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  508.401425][T22761] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  508.431094][ T5812] cdc_acm 1-1:1.0: Control and data interfaces are not separated!
[  508.640409][ T5812] cdc_acm 1-1:1.0: ttyACM0: USB ACM device
[  508.646023][T22820] netlink: 'syz.3.5585': attribute type 25 has an invalid length.
[  508.695027][ T5812] usb 1-1: USB disconnect, device number 37
[  508.899133][T22845] __nla_validate_parse: 1 callbacks suppressed
[  508.899149][T22845] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.5589'.
[  509.373851][T22882] vlan0: left promiscuous mode
[  509.629060][T22905] netlink: 'syz.1.5608': attribute type 41 has an invalid length.
[  509.679320][T22910] loop3: detected capacity change from 0 to 256
[  509.707049][T22910] exfat: Deprecated parameter 'utf8'
[  509.712629][T22910] exfat: Deprecated parameter 'utf8'
[  509.803311][T22910] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe5fd08b, utbl_chksum : 0xe619d30d)
[  510.051838][T22939] netlink: 'syz.3.5616': attribute type 1 has an invalid length.
[  510.174396][T22948] netlink: 108 bytes leftover after parsing attributes in process `syz.3.5621'.
[  510.202524][T22948] netlink: 108 bytes leftover after parsing attributes in process `syz.3.5621'.
[  510.413742][    T9] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  510.531096][T22979] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5631'.
[  510.542065][T22979] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5631'.
[  510.606537][    T9] usb 2-1: Using ep0 maxpacket: 32
[  510.628196][    T9] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  510.651901][    T9] usb 2-1: config 0 has no interface number 0
[  510.667280][    T9] usb 2-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  510.678211][    T9] usb 2-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  510.713830][    T9] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  510.723365][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.743966][    T9] usb 2-1: Product: syz
[  510.748197][    T9] usb 2-1: Manufacturer: syz
[  510.752832][    T9] usb 2-1: SerialNumber: syz
[  510.774807][    T9] usb 2-1: config 0 descriptor??
[  510.792767][    T9] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  510.866556][T22994] loop2: detected capacity change from 0 to 764
[  510.903860][T22994] Symlink component flag not implemented
[  510.909751][T22994] Symlink component flag not implemented
[  510.920831][T22994] Symlink component flag not implemented (129)
[  510.929750][T22994] Symlink component flag not implemented (6)
[  511.003274][    T9] usb 2-1: qt2_setup_urbs - submit read urb failed -90
[  511.021488][    T9] quatech2: probe of 2-1:0.51 failed with error -90
[  511.060416][T23013] loop2: detected capacity change from 0 to 256
[  511.119840][T23013] FAT-fs (loop2): Directory bread(block 64) failed
[  511.128062][T23013] FAT-fs (loop2): Directory bread(block 65) failed
[  511.135189][T23013] FAT-fs (loop2): Directory bread(block 66) failed
[  511.141932][T23013] FAT-fs (loop2): Directory bread(block 67) failed
[  511.150140][T23013] FAT-fs (loop2): Directory bread(block 68) failed
[  511.157683][T23013] FAT-fs (loop2): Directory bread(block 69) failed
[  511.164474][ T5846] usb 1-1: new full-speed USB device number 38 using dummy_hcd
[  511.173781][T23013] FAT-fs (loop2): Directory bread(block 70) failed
[  511.181415][T23013] FAT-fs (loop2): Directory bread(block 71) failed
[  511.188687][T23013] FAT-fs (loop2): Directory bread(block 72) failed
[  511.195494][T23013] FAT-fs (loop2): Directory bread(block 73) failed
[  511.232755][    T9] usb 2-1: USB disconnect, device number 28
[  511.319335][T23027] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5640'.
[  511.324069][ T5813] usb 4-1: new full-speed USB device number 33 using dummy_hcd
[  511.328943][T23027] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5640'.
[  511.346078][T23027] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5640'.
[  511.366705][ T5846] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[  511.375025][ T5846] usb 1-1: config 1 has no interface number 0
[  511.381213][ T5846] usb 1-1: config 1 interface 105 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  511.394052][ T5846] usb 1-1: config 1 interface 105 has no altsetting 0
[  511.403481][ T5846] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  511.413668][ T5846] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.421720][ T5846] usb 1-1: Product: syz
[  511.426285][ T5846] usb 1-1: Manufacturer: syz
[  511.430924][ T5846] usb 1-1: SerialNumber: syz
[  511.546061][ T5813] usb 4-1: not running at top speed; connect to a high speed hub
[  511.565034][ T5813] usb 4-1: config 11 has an invalid interface number: 95 but max is 0
[  511.584307][ T5813] usb 4-1: config 11 has no interface number 0
[  511.596616][ T5813] usb 4-1: config 11 interface 95 altsetting 64 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  511.608317][ T5813] usb 4-1: config 11 interface 95 altsetting 64 endpoint 0xE has an invalid bInterval 0, changing to 10
[  511.620188][ T5813] usb 4-1: config 11 interface 95 has no altsetting 0
[  511.628889][ T5813] usb 4-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=b1.4d
[  511.639249][ T5813] usb 4-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  511.671110][ T5846] aqc111: probe of 1-1:1.105 failed with error -22
[  511.677750][ T5813] usb 4-1: Manufacturer: syz
[  511.693541][T23007] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  511.861786][T23052] netlink: 'syz.2.5647': attribute type 7 has an invalid length.
[  511.869955][T23052] netlink: 'syz.2.5647': attribute type 8 has an invalid length.
[  511.883188][    T9] usb 1-1: USB disconnect, device number 38
[  511.955838][ T5813] usb 4-1: USB disconnect, device number 33
[  512.229963][T23084] loop1: detected capacity change from 0 to 256
[  512.264637][T23084] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  512.348403][ T1081] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  512.900646][T23113] 8021q: adding VLAN 0 to HW filter on device bond5
[  513.021065][T23156] loop0: detected capacity change from 0 to 2048
[  513.094741][T23156] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  513.158495][T23168] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  513.254641][T23156] NILFS error (device loop0): nilfs_check_page: bad entry in directory #2: directory entry across blocks - offset=32, inode=11, rec_len=4096, name_len=0
[  513.310909][T23156] Remounting filesystem read-only
[  513.534337][T23191] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5675'.
[  514.008014][T23226] xt_TCPMSS: Only works on TCP SYN packets
[  514.050432][T23232] netlink: 'syz.3.5687': attribute type 7 has an invalid length.
[  514.418475][T23262] loop0: detected capacity change from 0 to 128
[  514.486408][    T9] usb 2-1: new full-speed USB device number 29 using dummy_hcd
[  514.694776][T23282] kernel read not supported for file / 
œÏüÔ¢W)ëS“§Ç-ë (pid: 23282 comm: syz.3.5700)
[  514.706105][    T9] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  514.723980][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  514.723993][   T28] audit: type=1800 audit(2000000269.200:548): pid=23282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5700" name=20019CCFFCD4A25729EB5393A7C72DEB dev="mqueue" ino=46836 res=0 errno=0
[  514.752677][    T9] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  514.762638][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  514.772602][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.787623][    T9] hub 2-1:4.0: USB hub found
[  514.820913][T23278] loop2: detected capacity change from 0 to 4096
[  514.893569][T23278] ntfs: (device loop2): ntfs_is_extended_system_file(): Inode hard link count doesn't match number of name attributes. You should run chkdsk.
[  514.943844][T23278] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing.
[  514.957076][T23278] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  514.991939][    T9] hub 2-1:4.0: 9 ports detected
[  515.000256][    T9] usb 2-1: selecting invalid altsetting 1
[  515.006291][T23278] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  515.028534][T23278] ntfs: volume version 3.1.
[  515.061975][T23278] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Invalid LCN < -1 in mapping pairs array.
[  515.074185][    T9] hub 2-1:4.0: Using single TT (err -22)
[  515.077703][T23278] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x5, attribute type 0xa0, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  515.119495][    T9] hub 2-1:4.0: insufficient power available to use all downstream ports
[  515.140048][T23278] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Invalid LCN < -1 in mapping pairs array.
[  515.163857][T23278] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x5, attribute type 0xa0, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  515.191737][T23298] loop3: detected capacity change from 0 to 1024
[  515.200874][    T9] hub 2-1:4.0: hub_hub_status failed (err = -71)
[  515.215296][    T9] hub 2-1:4.0: config failed, can't get hub status (err -71)
[  515.228263][T23278] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Failed to map directory index page, error 5.
[  515.238205][T23298] EXT4-fs: Ignoring removed bh option
[  515.254718][    T9] usb 2-1: USB disconnect, device number 29
[  515.299101][T23298] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  515.384215][T23298] EXT4-fs error (device loop3): __ext4_new_inode:1081: comm syz.3.5703: reserved inode found cleared - inode=18
[  515.414174][T23298] EXT4-fs (loop3): Remounting filesystem read-only
[  515.473169][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  516.054094][T23364] netlink: 'syz.2.5720': attribute type 13 has an invalid length.
[  516.089753][T23366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5721'.
[  516.447428][T23388] netlink: 209820 bytes leftover after parsing attributes in process `syz.0.5728'.
[  516.870319][T23375] loop2: detected capacity change from 0 to 32768
[  516.903379][T23375] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  516.923205][T23375] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  516.980977][T23403] loop3: detected capacity change from 0 to 8192
[  517.037241][T23375] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  517.078462][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  517.090013][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  517.127449][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 37ms
[  517.157663][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[  517.179161][T23375] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  517.331397][T23426] loop1: detected capacity change from 0 to 1024
[  517.366972][T23426] hfsplus: Filesystem is marked locked, mounting read-only.
[  517.433594][T23426] hfsplus: invalid catalog entry type in lookup
[  517.719669][T23449] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5743'.
[  517.747495][T23449] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5743'.
[  517.772636][T23449] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5743'.
[  517.912296][T23455] 8021q: adding VLAN 0 to HW filter on device bond6
[  518.472433][T23453] loop0: detected capacity change from 0 to 32768
[  518.504227][T23453] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.5744 (23453)
[  518.530173][T23453] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  518.562001][T23453] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  518.603266][T23453] BTRFS info (device loop0): force zlib compression, level 3
[  518.639276][T23453] BTRFS info (device loop0): force clearing of disk cache
[  518.653850][T23453] BTRFS info (device loop0): setting nodatasum
[  518.680335][T23453] BTRFS info (device loop0): use zlib compression, level 3
[  518.721160][T23453] BTRFS info (device loop0): allowing degraded mounts
[  518.753749][T23453] BTRFS info (device loop0): enabling disk space caching
[  518.778863][T23453] BTRFS info (device loop0): disk space caching is enabled
[  518.899756][T23557] netlink: 'syz.3.5762': attribute type 10 has an invalid length.
[  518.918130][T23557] netlink: 156 bytes leftover after parsing attributes in process `syz.3.5762'.
[  518.928450][T23453] BTRFS info (device loop0): enabling ssd optimizations
[  518.955609][T23453] BTRFS info (device loop0): auto enabling async discard
[  519.002669][T23453] BTRFS info (device loop0): rebuilding free space tree
[  519.077672][T23453] BTRFS info (device loop0): disabling free space tree
[  519.103899][T23453] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  519.130796][T23453] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  519.310172][T23575] veth1_to_bridge: entered allmulticast mode
[  519.317229][T23574] binder: 23573:23574 ioctl c00c6211 ffffffffffffffff returned -14
[  519.367332][T23453] BTRFS info (device loop0): balance: start -sprofiles=data|system|metadata|single|raid0|raid1|dup|raid10|raid5|raid6|raid1c3|raid1c4|0xfffefffffffff800,usage=129..6,drange=9223372036854776315..7,limit=7..0,stripes=1..73
[  519.414435][T23453] BTRFS info (device loop0): balance: ended with status: 0
[  519.573413][T15330] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  519.635008][T23588] ieee802154 phy0 wpan0: encryption failed: -22
[  519.646201][T23589] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  520.044856][ T5813] usb 4-1: new full-speed USB device number 34 using dummy_hcd
[  520.261225][ T5813] usb 4-1: not running at top speed; connect to a high speed hub
[  520.271694][ T5813] usb 4-1: config 129 has an invalid interface number: 35 but max is 0
[  520.286222][ T5813] usb 4-1: config 129 has no interface number 0
[  520.292544][ T5813] usb 4-1: config 129 interface 35 has no altsetting 0
[  520.327660][ T5813] usb 4-1: New USB device found, idVendor=1a0a, idProduct=0102, bcdDevice=26.99
[  520.338214][ T5813] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.347767][ T5813] usb 4-1: Product: syz
[  520.352002][ T5813] usb 4-1: Manufacturer: syz
[  520.357748][ T5813] usb 4-1: SerialNumber: syz
[  520.516628][T23639] loop1: detected capacity change from 0 to 4096
[  520.535434][T23639] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  520.577248][T23639] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  520.636484][ T5813] usb_ehset_test: probe of 4-1:129.35 failed with error -32
[  520.679472][ T5813] usb 4-1: USB disconnect, device number 34
[  520.723573][T23639] ntfs3: loop1: failed to convert "c46c" to maccyrillic
[  521.053749][ T5846] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  521.088903][T23690] netlink: 'syz.2.5799': attribute type 10 has an invalid length.
[  521.097473][T23690] netlink: 156 bytes leftover after parsing attributes in process `syz.2.5799'.
[  521.266114][ T5846] usb 1-1: Using ep0 maxpacket: 16
[  521.285862][ T5846] usb 1-1: config 0 has an invalid interface number: 223 but max is 0
[  521.303696][ T5846] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  521.316752][ T5846] usb 1-1: config 0 has no interface number 0
[  521.324210][ T5846] usb 1-1: config 0 interface 223 altsetting 1 endpoint 0x7 has an invalid bInterval 0, changing to 7
[  521.335895][ T5846] usb 1-1: config 0 interface 223 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  521.346887][ T5846] usb 1-1: config 0 interface 223 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  521.374010][ T5846] usb 1-1: config 0 interface 223 has no altsetting 0
[  521.385358][ T5846] usb 1-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  521.394703][ T5846] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.415517][ T5846] usb 1-1: Product: syz
[  521.421187][ T5846] usb 1-1: Manufacturer: syz
[  521.430578][ T5846] usb 1-1: SerialNumber: syz
[  521.439765][ T5846] usb 1-1: config 0 descriptor??
[  521.776904][T23728] kAFS: unable to lookup cell ''
[  521.804268][    T9] usb 4-1: new full-speed USB device number 35 using dummy_hcd
[  521.941896][ T5846] usb 1-1: USB disconnect, device number 39
[  521.952819][T23735] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5812'.
[  521.998339][    T9] usb 4-1: unable to get BOS descriptor or descriptor too short
[  522.017886][    T9] usb 4-1: not running at top speed; connect to a high speed hub
[  522.045663][    T9] usb 4-1: New USB device found, idVendor=09e8, idProduct=0021, bcdDevice= 0.40
[  522.064127][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.072155][    T9] usb 4-1: Product: syz
[  522.093550][    T9] usb 4-1: Manufacturer: syz
[  522.098370][    T9] usb 4-1: SerialNumber: syz
[  522.234337][T23757] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5816'.
[  522.345137][    T9] usb 4-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  522.355516][    T9] usb 4-1: MIDIStreaming interface descriptor not found
[  522.414041][    T9] usb 4-1: USB disconnect, device number 35
[  522.500876][ T6276] udevd[6276]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  522.647170][T23805] loop0: detected capacity change from 0 to 512
[  522.678963][T23805] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  522.714171][T23805] EXT4-fs (loop0): Errors on filesystem, clearing orphan list.
[  522.723171][T23805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  522.836179][T15330] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.972623][T23826] loop1: detected capacity change from 0 to 16
[  523.021332][T23826] erofs: (device loop1): mounted with root inode @ nid 36.
[  523.627285][T23870] loop3: detected capacity change from 0 to 16
[  523.633198][T23870] erofs: (device loop3): mounted with root inode @ nid 36.
[  523.873931][T23885] netlink: 'syz.0.5843': attribute type 21 has an invalid length.
[  523.874006][T23885] netlink: 144 bytes leftover after parsing attributes in process `syz.0.5843'.
[  524.184181][T23898] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5846'.
[  524.205615][T23898] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5846'.
[  524.425468][T23882] loop3: detected capacity change from 0 to 32768
[  524.487762][T23882] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  524.664588][T23882] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  524.749396][T23882] XFS (loop3): Starting recovery (logdev: internal)
[  524.821058][T23882] XFS (loop3): Ending recovery (logdev: internal)
[  524.945519][ T5773] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  525.331982][T23929] loop1: detected capacity change from 0 to 32768
[  525.371988][T23929] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  525.468743][T23929] XFS (loop1): Ending clean mount
[  525.567520][T23970] ax25_connect(): syz.3.5862 uses autobind, please contact jreuter@yaina.de
[  525.587613][ T5774] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  526.120301][T23949] loop2: detected capacity change from 0 to 40427
[  526.146190][T23949] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[  526.157988][   T28] kauditd_printk_skb: 13 callbacks suppressed
[  526.158000][   T28] audit: type=1326 audit(2000000280.650:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23991 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  526.186510][    C1] vkms_vblank_simulate: vblank timer overrun
[  526.193195][T23949] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  526.220021][   T28] audit: type=1326 audit(2000000280.650:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23991 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  526.244395][   T28] audit: type=1326 audit(2000000280.680:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23991 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  526.268112][   T28] audit: type=1326 audit(2000000280.680:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23991 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  526.290454][    C1] vkms_vblank_simulate: vblank timer overrun
[  526.303696][T23949] F2FS-fs (loop2): Found nat_bits in checkpoint
[  526.361056][   T28] audit: type=1326 audit(2000000280.700:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23991 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  526.383953][ T5846] usb 4-1: new full-speed USB device number 36 using dummy_hcd
[  526.409410][   T28] audit: type=1326 audit(2000000280.700:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23991 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  526.456716][T23955] loop0: detected capacity change from 0 to 32768
[  526.473131][   T28] audit: type=1326 audit(2000000280.700:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23991 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  526.479343][T23949] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  526.516126][   T28] audit: type=1326 audit(2000000280.700:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23991 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  526.538478][    C1] vkms_vblank_simulate: vblank timer overrun
[  526.547153][T23955] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  526.562620][T23949] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  526.570176][T23955] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  526.592258][T23955] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  526.608176][ T5813] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  526.617825][ T5846] usb 4-1: config 129 has an invalid interface number: 4 but max is 0
[  526.627844][ T5813] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  526.653824][ T5846] usb 4-1: config 129 has no interface number 0
[  526.656044][T23949] syz.2.5859: attempt to access beyond end of device
[  526.656044][T23949] loop2: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  526.670769][   T28] audit: type=1326 audit(2000000280.700:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23991 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f6d9659c819 code=0x7ffc0000
[  526.714476][ T5846] usb 4-1: config 129 interface 4 has no altsetting 0
[  526.731754][ T5846] usb 4-1: New USB device found, idVendor=0403, idProduct=f458, bcdDevice= 0.7c
[  526.759867][ T5846] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  526.788934][ T5846] usb 4-1: Product: syz
[  526.813535][ T5813] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 185ms
[  526.824868][ T5846] usb 4-1: Manufacturer: syz
[  526.829013][ T5771] syz-executor: attempt to access beyond end of device
[  526.829013][ T5771] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  526.834545][ T5846] usb 4-1: SerialNumber: syz
[  526.851316][ T5813] gfs2: fsid=syz:syz.0: jid=0: Done
[  526.884236][T23955] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  526.900373][ T5771] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  527.106625][ T5846] ftdi_sio 4-1:129.4: FTDI USB Serial Device converter detected
[  527.115961][ T5846] usb 4-1: Detected SIO
[  527.121960][ T5846] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  527.136849][ T5846] usb 4-1: USB disconnect, device number 36
[  527.158460][ T5846] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  527.169693][ T5846] ftdi_sio 4-1:129.4: device disconnected
[  528.123468][T24092] ./file0: Can't open blockdev
[  528.494406][T24121] netlink: 'syz.1.5900': attribute type 6 has an invalid length.
[  529.253868][T24170] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5914'.
[  529.262948][T24170] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5914'.
[  529.302550][T24142] loop3: detected capacity change from 0 to 32768
[  529.343964][T24142] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.5906 (24142)
[  529.383408][T24142] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  529.406160][T24142] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  529.444833][T24142] BTRFS info (device loop3): using free space tree
[  529.507805][T24142] BTRFS info (device loop3): enabling ssd optimizations
[  529.534858][T24142] BTRFS info (device loop3): auto enabling async discard
[  529.674062][ T5773] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  529.847318][T24161] loop1: detected capacity change from 0 to 40427
[  529.871774][T24161] F2FS-fs (loop1): Small segment_count (9 < 1 * 24)
[  529.914413][T24161] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  529.981327][T24161] F2FS-fs (loop1): Found nat_bits in checkpoint
[  530.164109][T24161] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  530.190089][T24161] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  530.320610][T24161] syz.1.5913: attempt to access beyond end of device
[  530.320610][T24161] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  530.484070][ T5774] syz-executor: attempt to access beyond end of device
[  530.484070][ T5774] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  530.513668][ T5774] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  530.770057][T24260] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5936'.
[  530.954136][ T5813] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  530.995827][T24270] ip6gretap2: default qdisc (pfifo_fast) fail, fallback to noqueue
[  531.164327][ T5813] usb 3-1: Using ep0 maxpacket: 16
[  531.188073][ T5813] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  531.203815][ T5813] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  531.220879][ T5813] usb 3-1: Product: syz
[  531.234014][ T5813] usb 3-1: Manufacturer: syz
[  531.243719][ T5813] usb 3-1: SerialNumber: syz
[  531.261585][ T5813] r8152-cfgselector 3-1: config 0 descriptor??
[  531.487451][ T5813] usbip-host 3-1: 3-1 is not in match_busid table... skip!
[  531.691428][ T5813] usb 3-1: USB disconnect, device number 29
[  531.744587][T24283] loop3: detected capacity change from 0 to 40427
[  531.771186][T24283] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  531.782322][T24283] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  531.803449][T24283] F2FS-fs (loop3): Found nat_bits in checkpoint
[  531.859169][T24331] loop0: detected capacity change from 0 to 4096
[  531.880366][T24331] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Missing length entry in mapping pairs array.
[  531.896299][T24331] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Invalid length in mapping pairs array.
[  531.908439][T24331] ntfs: (device loop0): ntfs_read_locked_inode(): Mapping pairs decompression failed.
[  531.932703][T24331] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  531.957013][T24283] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  531.967858][T24331] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  531.974536][T24283] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  532.001098][T24331] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  532.023747][    T9] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  532.052737][T24331] ntfs: volume version 3.1.
[  532.057834][T24331] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0x2, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  532.080283][T24331] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0x2, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5).
[  532.100798][T24331] ntfs: (device loop0): ntfs_check_logfile(): Error mapping $LogFile page (index 0).
[  532.110700][T24331] ntfs: (device loop0): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  532.139760][T24283] syz.3.5940: attempt to access beyond end of device
[  532.139760][T24283] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  532.169414][ T5773] syz-executor: attempt to access beyond end of device
[  532.169414][ T5773] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  532.194922][ T5773] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.206386][    T9] usb 2-1: Using ep0 maxpacket: 8
[  532.222657][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  532.232263][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  532.243450][    T9] usb 2-1: Product: syz
[  532.247903][    T9] usb 2-1: Manufacturer: syz
[  532.252534][    T9] usb 2-1: SerialNumber: syz
[  532.264493][    T9] usb 2-1: config 0 descriptor??
[  532.489271][    T9] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  532.699921][    T9] usb write operation failed. (-71)
[  532.725344][    T9] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  532.736039][ T5761] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  532.762116][    T9] dvbdev: DVB: registering new adapter (Terratec H7)
[  532.780652][    T9] usb 2-1: media controller created
[  532.796783][    T9] usb read operation failed. (-71)
[  532.811245][    T9] usb write operation failed. (-71)
[  532.827065][    T9] dvb_usb_az6007: probe of 2-1:0.0 failed with error -5
[  532.865345][    T9] usb 2-1: USB disconnect, device number 30
[  532.933840][ T5761] usb 1-1: Using ep0 maxpacket: 16
[  532.945959][ T5761] usb 1-1: config index 0 descriptor too short (expected 16456, got 72)
[  532.955246][ T5761] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  532.963647][ T5761] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  533.000478][ T5761] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  533.012004][ T5761] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  533.021709][ T5761] usb 1-1: config 0 has no interface number 0
[  533.029317][ T5761] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  533.041033][ T5761] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  533.054157][ T5761] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  533.064303][ T5761] usb 1-1: too many endpoints for config 0 interface 125 altsetting 48: 120, using maximum allowed: 30
[  533.075984][ T5761] usb 1-1: config 0 interface 125 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 120
[  533.089814][ T5761] usb 1-1: config 0 interface 125 has no altsetting 0
[  533.097812][ T5761] usb 1-1: config 0 interface 125 has no altsetting 1
[  533.108164][ T5761] usb 1-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  533.117776][ T5761] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  533.134679][ T5761] usb 1-1: Product: syz
[  533.143662][ T5761] usb 1-1: Manufacturer: syz
[  533.153692][ T5761] usb 1-1: SerialNumber: syz
[  533.164834][ T5761] usb 1-1: config 0 descriptor??
[  533.433214][T24405] loop2: detected capacity change from 0 to 64
[  533.640266][ T5761] usb 1-1: USB disconnect, device number 40
[  533.760079][T24429] loop1: detected capacity change from 0 to 4096
[  533.793466][T24429] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  533.802110][T24429] ntfs3: loop1: Failed to load $Extend (-22).
[  533.808789][T24429] ntfs3: loop1: Failed to initialize $Extend.
[  533.998087][T24445] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.5976'.
[  534.355231][T24478] loop3: detected capacity change from 0 to 164
[  534.412776][T24478] iso9660: Corrupted directory entry in block 2 of inode 1920
[  535.571731][T24513] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  535.595531][T24513] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  535.635135][T24513] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  535.641355][T24513] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  535.670927][T24513] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  535.679841][T24513] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  536.044858][T24562] loop1: detected capacity change from 0 to 32768
[  536.135432][T24602] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.6021'.
[  536.545742][    T9] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  536.745519][    T9] usb 1-1: config 0 has an invalid descriptor of length 97, skipping remainder of the config
[  536.764036][    T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  536.780536][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  536.836187][    T9] usb 1-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[  536.853395][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  536.873846][    T9] usb 1-1: Product: syz
[  536.878054][    T9] usb 1-1: Manufacturer: syz
[  536.894102][    T9] usb 1-1: SerialNumber: syz
[  536.901840][T24645] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6032'.
[  536.919390][T24645] (unnamed net_device) (uninitialized): option ad_actor_system: mode dependency failed, not supported in mode balance-rr(0)
[  536.933949][ T5783] Bluetooth: hci3: command 0x0406 tx timeout
[  536.935651][    T9] usb 1-1: config 0 descriptor??
[  537.156737][    T9] usb 1-1: Found UVC 34.00 device syz (8086:0b5b)
[  537.163334][    T9] usb 1-1: No valid video chain found.
[  537.205150][    T9] usb 1-1: USB disconnect, device number 41
[  537.427449][T24688] loop1: detected capacity change from 0 to 8
[  537.475014][T24688] SQUASHFS error: Unable to read inode 0xa7
[  537.644009][ T5783] Bluetooth: hci2: command 0x0406 tx timeout
[  537.724537][ T5783] Bluetooth: hci1: command 0x0406 tx timeout
[  537.874430][T24719] tmpfs: Bad value for 'mpol'
[  538.118571][T24691] loop2: detected capacity change from 0 to 32768
[  538.150450][T24691] (syz.2.6044,24691,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  538.183945][T24691] (syz.2.6044,24691,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  538.222757][T24691] JBD2: Ignoring recovery information on journal
[  538.300401][T24691] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  538.568380][T24691] 
[  538.570788][T24691] ======================================================
[  538.577828][T24691] WARNING: possible circular locking dependency detected
[  538.584872][T24691] syzkaller #0 Not tainted
[  538.589301][T24691] ------------------------------------------------------
[  538.596339][T24691] syz.2.6044/24691 is trying to acquire lock:
[  538.602429][T24691] ffff88805f3a5c78 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_init_acl+0x30a/0x770
[  538.611803][T24691] 
[  538.611803][T24691] but task is already holding lock:
[  538.619188][T24691] ffff88807dc9b0e8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3a8/0x6f0
[  538.629500][T24691] 
[  538.629500][T24691] which lock already depends on the new lock.
[  538.629500][T24691] 
[  538.639941][T24691] 
[  538.639941][T24691] the existing dependency chain (in reverse order) is:
[  538.648978][T24691] 
[  538.648978][T24691] -> #5 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  538.657548][T24691]        down_read+0x46/0x2e0
[  538.662282][T24691]        ocfs2_start_trans+0x3a8/0x6f0
[  538.667777][T24691]        ocfs2_shutdown_local_alloc+0x1fc/0xaa0
[  538.674054][T24691]        ocfs2_dismount_volume+0x1e5/0x8a0
[  538.679915][T24691]        generic_shutdown_super+0x134/0x2b0
[  538.685884][T24691]        kill_block_super+0x44/0x90
[  538.691121][T24691]        deactivate_locked_super+0x97/0x100
[  538.697043][T24691]        cleanup_mnt+0x43b/0x4d0
[  538.702022][T24691]        task_work_run+0x1d4/0x260
[  538.707168][T24691]        exit_to_user_mode_loop+0xe6/0x110
[  538.713019][T24691]        exit_to_user_mode_prepare+0xee/0x180
[  538.719222][T24691]        syscall_exit_to_user_mode+0x1a/0x50
[  538.725243][T24691]        do_syscall_64+0x61/0xa0
[  538.730221][T24691]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  538.736679][T24691] 
[  538.736679][T24691] -> #4 (sb_internal#3){.+.+}-{0:0}:
[  538.744228][T24691]        ocfs2_start_trans+0x2a9/0x6f0
[  538.749715][T24691]        ocfs2_mknod+0xf1d/0x2300
[  538.754772][T24691]        ocfs2_create+0x196/0x430
[  538.759917][T24691]        path_openat+0x12a0/0x3230
[  538.765059][T24691]        do_filp_open+0x1f5/0x430
[  538.770112][T24691]        do_sys_openat2+0x134/0x1d0
[  538.775349][T24691]        __x64_sys_openat+0x139/0x160
[  538.780755][T24691]        do_syscall_64+0x55/0xa0
[  538.785718][T24691]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  538.792254][T24691] 
[  538.792254][T24691] -> #3 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8){+.+.}-{3:3}:
[  538.802821][T24691]        down_write+0x97/0x200
[  538.807612][T24691]        ocfs2_reserve_local_alloc_bits+0x120/0x2600
[  538.814309][T24691]        ocfs2_reserve_clusters_with_limit+0x1ba/0xc20
[  538.821184][T24691]        ocfs2_mknod+0xebb/0x2300
[  538.826240][T24691]        ocfs2_create+0x196/0x430
[  538.831306][T24691]        path_openat+0x12a0/0x3230
[  538.836454][T24691]        do_filp_open+0x1f5/0x430
[  538.841508][T24691]        do_sys_openat2+0x134/0x1d0
[  538.846733][T24691]        __x64_sys_openat+0x139/0x160
[  538.852164][T24691]        do_syscall_64+0x55/0xa0
[  538.857150][T24691]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  538.863608][T24691] 
[  538.863608][T24691] -> #2 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7){+.+.}-{3:3}:
[  538.874153][T24691]        down_write+0x97/0x200
[  538.878971][T24691]        ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  538.885509][T24691]        ocfs2_reserve_new_metadata_blocks+0x416/0x9a0
[  538.892394][T24691]        ocfs2_extend_dir+0xcca/0x48b0
[  538.897914][T24691]        ocfs2_prepare_dir_for_insert+0x315b/0x56b0
[  538.904554][T24691]        ocfs2_mknod+0x81b/0x2300
[  538.909619][T24691]        ocfs2_mkdir+0x196/0x430
[  538.914591][T24691]        vfs_mkdir+0x296/0x440
[  538.919382][T24691]        do_mkdirat+0x1dc/0x450
[  538.924260][T24691]        __x64_sys_mkdirat+0x89/0xa0
[  538.929570][T24691]        do_syscall_64+0x55/0xa0
[  538.934539][T24691]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  538.940983][T24691] 
[  538.940983][T24691] -> #1 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}:
[  538.949800][T24691]        down_write+0x97/0x200
[  538.954599][T24691]        ocfs2_try_remove_refcount_tree+0xb7/0x340
[  538.961126][T24691]        ocfs2_xattr_set+0x61b/0x13e0
[  538.966543][T24691]        ocfs2_set_acl+0x4e1/0x590
[  538.971689][T24691]        ocfs2_iop_set_acl+0x1b2/0x2b0
[  538.977203][T24691]        vfs_set_acl+0x803/0xa60
[  538.982228][T24691]        path_setxattr+0x41d/0x5d0
[  538.987394][T24691]        __x64_sys_setxattr+0xbb/0xd0
[  538.992803][T24691]        do_syscall_64+0x55/0xa0
[  538.997789][T24691]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  539.004233][T24691] 
[  539.004233][T24691] -> #0 (&oi->ip_xattr_sem){++++}-{3:3}:
[  539.012083][T24691]        __lock_acquire+0x2df1/0x7d40
[  539.017491][T24691]        lock_acquire+0x19e/0x420
[  539.022562][T24691]        down_read+0x46/0x2e0
[  539.025518][ T5783] Bluetooth: hci3: command 0x0406 tx timeout
[  539.027255][T24691]        ocfs2_init_acl+0x30a/0x770
[  539.038496][T24691]        ocfs2_mknod+0x140f/0x2300
[  539.043663][T24691]        ocfs2_mkdir+0x196/0x430
[  539.048660][T24691]        vfs_mkdir+0x296/0x440
[  539.053462][T24691]        do_mkdirat+0x1dc/0x450
[  539.058341][T24691]        __x64_sys_mkdirat+0x89/0xa0
[  539.063653][T24691]        do_syscall_64+0x55/0xa0
[  539.068620][T24691]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  539.075076][T24691] 
[  539.075076][T24691] other info that might help us debug this:
[  539.075076][T24691] 
[  539.085341][T24691] Chain exists of:
[  539.085341][T24691]   &oi->ip_xattr_sem --> sb_internal#3 --> &journal->j_trans_barrier
[  539.085341][T24691] 
[  539.099365][T24691]  Possible unsafe locking scenario:
[  539.099365][T24691] 
[  539.106840][T24691]        CPU0                    CPU1
[  539.112226][T24691]        ----                    ----
[  539.117619][T24691]   rlock(&journal->j_trans_barrier);
[  539.123028][T24691]                                lock(sb_internal#3);
[  539.129838][T24691]                                lock(&journal->j_trans_barrier);
[  539.137678][T24691]   rlock(&oi->ip_xattr_sem);
[  539.142428][T24691] 
[  539.142428][T24691]  *** DEADLOCK ***
[  539.142428][T24691] 
[  539.150654][T24691] 8 locks held by syz.2.6044/24691:
[  539.156020][T24691]  #0: ffff88805a7de418 (sb_writers#23){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  539.165323][T24691]  #1: ffff88805f3a5f58 (&type->i_mutex_dir_key#17/1){+.+.}-{3:3}, at: filename_create+0x20c/0x480
[  539.176100][T24691]  #2: ffff88805cabed98 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  539.189844][T24691]  #3: ffff88805cabb498 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  539.203551][T24691]  #4: ffff88805cabd118 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8){+.+.}-{3:3}, at: ocfs2_reserve_local_alloc_bits+0x120/0x2600
[  539.213074][T24765] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6064'.
[  539.217512][T24691]  #5: ffff88805a7de608 (sb_internal#3){.+.+}-{0:0}, at: ocfs2_mknod+0xf1d/0x2300
[  539.235723][T24691]  #6: ffff88807dc9b0e8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3a8/0x6f0
[  539.246475][T24691]  #7: ffff88807fe14990 (jbd2_handle#2){.+.+}-{0:0}, at: start_this_handle+0x1f7a/0x21c0
[  539.254123][T24738] loop3: detected capacity change from 0 to 32768
[  539.256344][T24691] 
[  539.256344][T24691] stack backtrace:
[  539.256385][T24691] CPU: 0 PID: 24691 Comm: syz.2.6044 Not tainted syzkaller #0
[  539.276150][T24691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  539.286272][T24691] Call Trace:
[  539.289647][T24691]  <TASK>
[  539.292608][T24691]  dump_stack_lvl+0x18c/0x250
[  539.297340][T24691]  ? load_image+0x420/0x420
[  539.301934][T24691]  ? show_regs_print_info+0x20/0x20
[  539.307194][T24691]  ? print_circular_bug+0x12b/0x1a0
[  539.312437][T24691]  check_noncircular+0x2fc/0x400
[  539.317420][T24691]  ? print_deadlock_bug+0x5d0/0x5d0
[  539.322669][T24691]  ? _find_first_zero_bit+0xd3/0x100
[  539.327996][T24691]  ? add_lock_to_list+0x191/0x280
[  539.333062][T24691]  __lock_acquire+0x2df1/0x7d40
[  539.337964][T24691]  ? verify_lock_unused+0x140/0x140
[  539.343221][T24691]  ? __ocfs2_journal_access+0x648/0x840
[  539.348811][T24691]  lock_acquire+0x19e/0x420
[  539.353358][T24691]  ? ocfs2_init_acl+0x30a/0x770
[  539.358258][T24691]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  539.363947][T24691]  ? __might_sleep+0xe0/0xe0
[  539.368605][T24691]  ? read_lock_is_recursive+0x20/0x20
[  539.374018][T24691]  ? do_raw_spin_lock+0x11f/0x2c0
[  539.379093][T24691]  down_read+0x46/0x2e0
[  539.383304][T24691]  ? ocfs2_init_acl+0x30a/0x770
[  539.388238][T24691]  ocfs2_init_acl+0x30a/0x770
[  539.392953][T24691]  ? ocfs2_acl_chmod+0x330/0x330
[  539.397930][T24691]  ? dquot_alloc_inode+0x8ac/0xa40
[  539.403090][T24691]  ? ocfs2_journal_access+0x40/0x40
[  539.408327][T24691]  ? ocfs2_block_signals+0x9b/0xe0
[  539.413489][T24691]  ? ocfs2_metadata_cache_get_super+0x46/0x90
[  539.419595][T24691]  ? ocfs2_inode_cache_get_super+0xd/0x40
[  539.425352][T24691]  ocfs2_mknod+0x140f/0x2300
[  539.429987][T24691]  ? ocfs2_mkdir+0x430/0x430
[  539.434604][T24691]  ? verify_lock_unused+0x140/0x140
[  539.439873][T24691]  ? ocfs2_inode_lock_tracker+0x437/0x700
[  539.445641][T24691]  ? __lock_acquire+0x7d40/0x7d40
[  539.450716][T24691]  ? do_raw_spin_lock+0x11f/0x2c0
[  539.455784][T24691]  ? ocfs2_inode_unlock_tracker+0x270/0x2e0
[  539.461712][T24691]  ? __lock_acquire+0x7d40/0x7d40
[  539.466766][T24691]  ? __rwlock_init+0x150/0x150
[  539.471566][T24691]  ? do_raw_spin_unlock+0x121/0x230
[  539.476799][T24691]  ? put_pid+0xde/0x120
[  539.480982][T24691]  ocfs2_mkdir+0x196/0x430
[  539.485460][T24691]  ? make_kgid+0x660/0x660
[  539.489915][T24691]  ? apparmor_path_mkdir+0x1b0/0x230
[  539.495237][T24691]  ? ocfs2_symlink+0x2700/0x2700
[  539.500216][T24691]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  539.505200][T24691]  ? inode_permission+0xf3/0x480
[  539.510173][T24691]  ? bpf_lsm_inode_mkdir+0x9/0x10
[  539.515228][T24691]  ? security_inode_mkdir+0xb7/0x100
[  539.520559][T24691]  vfs_mkdir+0x296/0x440
[  539.524836][T24691]  do_mkdirat+0x1dc/0x450
[  539.529212][T24691]  ? vfs_mkdir+0x440/0x440
[  539.533676][T24691]  __x64_sys_mkdirat+0x89/0xa0
[  539.538494][T24691]  do_syscall_64+0x55/0xa0
[  539.542943][T24691]  ? clear_bhb_loop+0x40/0x90
[  539.547662][T24691]  ? clear_bhb_loop+0x40/0x90
[  539.552406][T24691]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  539.558341][T24691] RIP: 0033:0x7f34fef9b687
[  539.562795][T24691] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  539.582444][T24691] RSP: 002b:00007f34ffe0de58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  539.590899][T24691] RAX: ffffffffffffffda RBX: 00007f34ffe0dee0 RCX: 00007f34fef9b687
[  539.598901][T24691] RDX: 00000000000001ff RSI: 00002000000005c0 RDI: 00000000ffffff9c
[  539.606915][T24691] RBP: 0000200000000080 R08: 0000200000000140 R09: 0000000000000000
[  539.614920][T24691] R10: 0000200000000080 R11: 0000000000000246 R12: 00002000000005c0
[  539.622922][T24691] R13: 00007f34ffe0dea0 R14: 0000000000000000 R15: 0000000000000000
[  539.629794][T24771] loop0: detected capacity change from 0 to 1024
[  539.630921][T24691]  </TASK>
[  539.664254][T24691] syz.2.6044 (24691) used greatest stack depth: 18768 bytes left
[  539.684149][T24771] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  539.691884][T24738] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  539.695267][T24771] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29254!=20869)
[  539.716216][T24771] EXT4-fs (loop0): journal inode is deleted
[  539.726493][T24768] loop1: detected capacity change from 0 to 4096
[  539.734955][ T5783] Bluetooth: hci2: command 0x0406 tx timeout
[  539.760664][T24768] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  539.804425][ T5783] Bluetooth: hci1: command 0x0406 tx timeout
[  539.815805][ T5771] ocfs2: Unmounting device (7,2) on (node local)
[  539.856874][T24768] ntfs3: loop1: failed to convert "c46c" to cp1251
[  539.899974][T24738] XFS (loop3): Ending clean mount
[  540.021499][ T5773] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  540.054136][ T5812] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  540.245179][ T5812] usb 1-1: config 0 interface 0 altsetting 12 endpoint 0x87 has an invalid bInterval 44, changing to 9
[  540.256384][ T5812] usb 1-1: config 0 interface 0 altsetting 12 endpoint 0x87 has invalid maxpacket 8240, setting to 1024
[  540.268010][ T5812] usb 1-1: config 0 interface 0 has no altsetting 0
[  540.276753][ T5812] usb 1-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3
[  540.285877][ T5812] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.294122][ T5812] usb 1-1: Product: syz
[  540.298325][ T5812] usb 1-1: Manufacturer: syz
[  540.302944][ T5812] usb 1-1: SerialNumber: syz
[  540.309282][ T5812] usb 1-1: config 0 descriptor??
[  540.316779][ T5812] keyspan 1-1:0.0: Keyspan 2 port adapter converter detected
[  540.324705][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 7
[  540.333739][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 81
[  540.341450][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 1
[  540.349242][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 2
[  540.357010][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 85
[  540.365641][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 5
[  540.374825][ T5812] usb 1-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  540.384941][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 83
[  540.392728][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 3
[  540.400407][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 4
[  540.408183][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 86
[  540.415932][ T5812] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 6
[  540.425271][ T5812] usb 1-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  540.550310][ T5813] usb 1-1: USB disconnect, device number 42
[  540.557962][ T5813] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  540.572541][ T5813] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  540.586990][ T5813] keyspan 1-1:0.0: device disconnected