last executing test programs:

3.384293515s ago: executing program 0 (id=955):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x814800, &(0x7f0000000100)=ANY=[], 0xff, 0x5f16, &(0x7f00000042c0)="$eJzs3cuOHFcZB/CvL9NzSeJYEYqMxWLiQEgI8d2GcIvDggUsQEJZY2syiQwOINsgEll4Ii8QG+ARYJMNi7wCD5BnQDwAluyssiAUqulz7JqaHvcM9nT1zPn9pHbVV6cvp/yfmuqequoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED88Ac/PdOLiMu/TQuORjwdg4h+xHJdr0Y9cynffxgRx2KzOZ6PiMFiRP34zX+ejTgfEZ8cibh3/9ZavfjsLvtx4fTN65//6Pv//MOf7xz7+ds/+6jd/pMvnPv4j7cjjv749Y8/v/1k1h0AAABKUVVV1Usf84+nz/f9rjsFAMxE3v9XSV4+s3pjxq+nVqvV3dR/6u/l/k8/1XV/1Ye0bqomu90sIvKeeqx+z+BwPAAcMBvxWdddoEPyL9owIp7quhPAXOt13QH2xb37t9Z6Kd9ec3+wOm7Pf6fckv9G78H1HTtNp2mfYzKrn687MYjndujP8oz6ME9y/v12/pfH7aN0v/3Of1Z2yn80vvSpODn/QTv/li35/yUiDmz+/Yn5lyrnP9xL/huDA7z9yx8AAAAAgMMv//3/aMfHfxcff1V25VHHf1dn1AcAAAAAAAAAeNIed/y/B4z/BwAAAHOr/qxe++uRh8t2+i62evlbvYhnWvcHCrPa+HJAAAAAAAAAAAAAAGA2hhEr6bz+hYh4ZmWlqqr61tSu9+pxH3/Qlb7+ULKuf8kDAMDYJ0da1/L3IpYi4q30XX8LKysrVbW0vFKtVMuL+f3saHGpWm58rs3TetniaBdviIejqn6ypcbjmqZ9Xp7W3n6++rVG1WAXHZuNDgMHgIgY743u2SMdMlX1bHT9LoeDwfZ/+Nj+2Y2uf04BAACA/VdVVdVLX+d9PB3z73fdKQBgJvL+v31cQK1Wq4upPx0vnJv+qNX7WDdVk91uFhGx0XxM/Z7BcPwAcMBsxGddd4EOyb9ow4g41nUngLnW67oD7It792+t9VK+veb+YHXcns8F2ZL/Rm/zcfnxk6bTtM8xmdXP150YxHM79Of5GfVhnuT8++38L4/b8xD/+53/rOyUf72eRzvoT9dy/oN2/i2HJ//+xPxLlfMf7in/gfwBAAAAAGCO5b//H3X8N68yAAAAAAAAABw49+7fWsvXvebj/1+acL9ec871n4dGzr+36/xd/3uY5Pz77fxbJ+QMGvN333yY/6f3b619dPPfX8zTuc9/YTCqX3uh1x8M0zk/1cI7cTWuxXqc3tat4Zb2M9ueb2FL+9kp7ee2tY/q9uXcfjLW4ldxLd5+0L445cSopSnt1ZT2nP/A9l+knP+wcavzX0ntvda0dvfD/rbtvjmd9DqX/v6fl07v/+pMdScGD9atqV6/Ex30Z/P/5KlR/ObG+vWTv7ty8+b1M5EmW5aejTR5wnL+C+mW83/5xXF7/r3f3F7vfjjac/7z4k4Md8z/xcZ8vb6vzLhvXcj5j9It55/3QJO3/4Oc/87b/6sd9AcAAAAAAAAAAAAAAAAepaqqzUtEL0XExXT9T1fXZgIAs5X3/1WSl6vVarVarT58dVM12RvNIiL+0XxM/Z7h95OeDACYZ/+NiH913Qk6I/+C5e/7q6df7rozwEzdeP+DX1y5dm39+o2uewIAAAAAAAAA/L/y+J+rjfGfN88Dao0bvWX81zdj9cCO/9kfDTbHOk8r9EJsGf972/1PxKPH/x5Oeb2FKe2jKe2LU9qXprRPvNCjIef/Qso45388rVhJ47++3EF/upbzP5HGes75f7V1v2b+1d8Ocv79Lfmfuvner0/deP+D166+d+Xd9XfXf3nm9MXz5y6cP3fhwql3rl5bPz3+t8Me76+cfx772nmgZcn558zlX5ac/1dSLf+y5PxfSrX8y5Lzz+/35F+WnH/+7CP/suT8X0m1/MuS8/9aquVflpz/q6mWf1ly/l9PtfzLkvN/LdXyL0vO/2Sq5V+WnP+pVMu/LDn/fIRL/mXJ+eczG+Rflpz/2VTLvyw5/3Opln9Zcv7nUy3/suT8L6Ra/mXJ+V9MtfzLkvP/RqrlX5ac/zdTLf+y5PxfT7X8y5Lz/1aq5V+WnP+3Uy3/suT8v5Nq+Zcl5//dVMu/LDn/76Va/mXJ+b+RavmX5eH3/5vZ88zKfHTDjJknP9P1byYAAAAAAAAAAAAAoG0WpxN3vY4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkau+7wB+9mavDQE33IkDtrkZWNhd38AhBpOElJJeKAlp05Iax14bJ77VuyaAUNkU2hIFqUjtA31omkRpFKmtQFWkphKNkIrUvjVPjXiJWikPfoDKQUmlVIGtzpz//++Z2dmZ9drrPXPO54Psn3fnzMx/zpyZne+i7wwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA02/jxqT8byLIs/9P4a12WXZz/e022O/9ydsdKrxAAAAA4V+81/v77S9M3di/iTE3b/Nt1//G9ubm5uewL7556/y/m5tIJG7JsaHWWNU6L/v0XP59r3iZ4PhsdGGz6erDH1Q/1OH24x+kjPU5f1eP01T1OH+1x+rwdMM+a4vcxjQu7sfHPdcUuzS7PRhqn3djhXM8PrB4cjL/LaRhonGdu5EB2KDucTWUT884z0Pgvy17fmF/Xg1m8rsGm61qfZdnpnz67L65hIOzjG7OWK2tovu/euT/b8O5Pn933nZm3r+k0e+6GeSvNss2b8nW+kGVnfl2VDWSr0z6J6xxsWuf6DuscalnnQON8+b/b13l6keuMt3s0rPOHXda5PnzvqRuyLJvNFtym3fPZYLa27VrT/h4tjoj8MvK78oPZ8FkdJxsXcZzk5/nJDa3HSfsxGff/xrBPhhdYQ/Pd8c5XVs3b70s9TvJbXYZjNb/sh/MrHR1t/tVqy7Gab/PsTQsfAx3vuw7HQDqWm46BTb2OgcFVQ41jYPDMmje1HAOT884zmA00ruvUTd2PgfGZI8fHp59+5o5DR/YenDo4dXRyYse2rdu3bd2+ffzAocNTE8XfZ7dL+8jabDAdg5vCc008Bm9p27b5kJz75vl7HIyW5HGQ3/bP3Jwv6OLBbIFjPN/mhc3n/jhIP/ebHgfDTY+Djs+pHR4Hw4t4HOTbnN68uJ+Zw01/Oq1huZ4L1zUdAyv58zC/zsduXfi5cH1Y14u3ne3Pw6F5x0C8WQPhsZd/J73eG7077Jf5x8W1+QkXrcpOTk+duPOpvTMzJyazMC6Iy5ruq/bjZW3TbcrmHS+DZ3287P67X958bYfvrwv7avT27vdVvs22se73VePZvfP+bPnuliyM8+xC789OP83y/ZmyRJf9mW/zwh3n/low5ZKm57+RXs9/QyPDxfPfUNobIy3Pf/PvmqHGyrLs9B2Le/4bCX8u9PPf5SV5/sv31WN3dj8G8m1eHD/bY2C46/PfDWEOhPXcGhLDaFPuf79x+mxxmDbdlz2Pm+HhkXDcDMdrbD1uts47T35p+XVvnljacbP5htb7quV1SwWPm3xf/eVE9+Mm3+aNyXN/7lgT/9n03LGq1zEwMrQqX+9IOgiK57u5NfEYuDPblx3LDmf703nyezm/rrEtizsGVoU/F/q54+qSHAP5vnplS/djIN/mza3n97XT5vCdtE3Ta6f23y8slPmvHT5zee277Xxn/nydn9jW/XdD+TZvbzvbnNF9P90evnNRh/3U/vhZ6Jjen12Y/XR1WOfh7d1/N5Vvc/mORR5Pu7Mse2vyrcbvu8Lvd//x5H9+r+X3vp1+p/zW5FsPjT/yo7NZPwAAS/d+4+/ZVcVrzab/Y72Y//8PAAAA9IWY+wfDTOR/AAAAqIyY+4fCTOR/AAAAqIyY+4fDTGqS/5+4e+er7z2XpXcDnAvi6XE3PHxvsV3seM+GrzfMnZF//2PfHnn1q88t7roHsyz75UMf6rj9E/fGdRWOx3V+pPX781x9/aKu//FHz2zX/P4Jp3cWlx9vz2IPg9hVfn18S+NyNzw92ZhvPJQ15iOzLz5fXH7xddz+1NZi+78Ob1qy+8BAy/k3h/XcGOaG8J4yD+8+sx/yGc/36vrr/vWyz565vni+gU2XNG7mK39UXG58j6iXLyu2j7d7ofX/y9e++2q+/VM3dV7/c4Od138qXO5PwvzFrmL75n3+1ab1/0lYf7y+eL47v/WDjut/7api+9fCcfGNMNvXf/+ff/i9TvdXvJ7d9xTni9c/8b/bGueLlxcvv339o89NtuyP9st/493icnY9+bOh5u3j9+P1RI/f03p8D4T7t6VHnmXZd/80a9nP2UeL8/1z2/rj5R2/p/P6b29b5/GB6xvnP3N71rXcrq//7ZaOtzeuZ/c/rGu5PS8/EPbfu+Nv5pd76pFwPIbT/++HxeW1v5fpaw+0Pt/E7b+xrnjcxssbb1v/y23rn70+33e91//gu8X6X7tvdcv6d38yHE8PFrPX+g/+zaUt5//md4r748SXx44emz55aH/TXm1+HK8eXbP2oos/cMml4bm0/es9x2aemDqxYWLDRJZt6MO3DFzu9X8rzP8pxuz5v4bCj35WHHcvfar4uXXLz4uvXw7ffzzcn/Hn49f/aqTleG2/32fvK+a5rv+2sI7Fuupr/339ojY89fnXT/7TH7/d/rog3p7jV4w2bt8rG69snDbwRnF6+/NVL/91Revj+sfDE435/bBf58I7M2+6sri+9suP703y0qeLx298JRfPn7W9n8i6odbbca7r/3F4HfODq1uf/+Lx8f3n2t7NeV02kC9hNjw/ZLPF6XGruL9fOn1lx+uL78OTzV5zNstc0PTT0+OHDx09+dT4zNT0zPj008/sOXLs5NGZPY33Lt3zxV7nP/P4Xtt4fO+f2rEtazzajxVjma30+o8/um//XRM37586sPfkgZlHj0+dOLhvenrf1P7pm/ceODD15V7nP7R/1+SWnVvv2jJ28ND+XXfv3Ll159iho8fyZRSL6mHHxJfGjp7Y0zjL9K5tOye3b982MXbk2P6pXXdNTIyd7HX+xs+msfzcT46dmDq8d+bQkamx6UPPTO2a3Lljx5ae7/545PiB6Q3jJ04eHT85PXVivLgtG2Ya385/9vU6P/UwfSw837UZCK/OP3f7jvT+uLlvf2XBiyo2aX15mr0T3gsq/nzr9XXM/SNhJjXJ/wAAAFAHMfeHN/4/c4L8DwAAAJURc//qMBP5HwAAACoj5v7RMJOa5H/9f/1//X/9f/1//f/lpP+v/9+N/r/+fz+vX/9f/5/eytb/j7l/TZbVMv8DAABAHcTcvzbMRP4HAACAyoi5/6IwE/kfAAAAKiPm/ovDTOqR/0fa/6n/r/+v/9/c/4/b6v9n+v/6/0uk/6//343+v/5/P6+/hP3/Nfr/lE3Z+v8x938gzKQe+R8AAABqIeb+S8JM5H8AAACojJj7Lw0zkf8BAACgMmLuXxdmUpP87/P/9f/1/33+v/6//v9y0v/X/+9G/1//v5/XX8L+v8//p3TK1v+Puf9Xwkxqkv8BAACgDmLu/2CYifwPAAAAlRFz/2VhJvI/AAAAVEbM/ZeHmdQk/+v/6//r/+v/6//r/y8n/X/9/270//X/+3n9+v/6//RWtv5/zP1XhJnUJP8DAABAHcTcf2WYifwPAAAAlRFz/1VhJvI/AAAAVEbM/VeHmdQk/+v/V63/X9xD+v/6//r/+v9lof+v/9+N/r/+fz+vX/9f/5/eytb/j7n/mjCTmuR/AAAAqIOY+68NM5H/AQAAoDJi7v9QmIn8DwAAAJURc//6MJOa5H/9/6r1/33+v/6//r/+f7n0V/9/cMFT9P8L+v+t9P/1//X/9f/prmz9/5j7PxxmUpP8DwAAAHUQc/91YSbyPwAAAFRGzP3Xh5nI/wAAAFAZMfdvCDOpSf7X/9f/1//X/9f/1/9fTv3V/1+Y/n9B/7+V/r/+v/6//j/dla3/H3P/xjCTmuR/AAAAqIOY+zeFmcj/AAAAUBkx998QZiL/AwAAQGXE3H9jmElN8r/+v/6//r/+v/6//v9y0v/X/+9G/1//v5/Xr/+/uP7/ql4XRKWVrf8fc/9NYSY1yf8AAABQBzH33xxmIv8DAABAZcTcf0uYifwPAAAAlRFz/+Ywk5rkf/1//X/9f/1//X/9/+W0sv3/4fN2PReg/79mKevS/y/o/y/NSvfn+339+v8+/5/eytb/j7n/1jCTmuR/AAAAqIOY+28LM5H/AQAAoDJi7r89zET+BwAAgMqIuX8szKQm+V//X/9f/1//X/9f/385VePz/4fm9f/T86jP/9f/1//X/9f/1/9nQWXr/8fcf0eYSU3yPwAAANRBzP13hpnI/wAAAFAZMfePh5nI/wAAAFAZMfdPhJnUJP/r/+v/6//r/+v/6/8vp2r0/y/I5/8vaf36/wX9/6VZ6f58v69f/1//n97K1v+PuX8yzKQm+R8AAADqIOb+LWEm8j8AAABURsz9W8NM5H8AAACojJj7t4WZ1CT/6//r/+v/6//r/+v/Lyf9f/3/bvT/9f/7ef36//r/tBrs8L2y9f9j7t8eZlKT/A8AAAB1EHP/jjAT+R8AAAAqI+b+u8JM5H8AAACojJj77w4zqUn+1//X/9f/1/8vb/+/9fr1//X/O9H/1//P9P+XbKX78/2+fv1//X96O7/9/0vPuf8fc//OMJOa5H8AAACog5j7PxJmIv8DAABAZcTcf0+YifwPAAAAfaXT5xBGMfd/NMykJvlf/7/q/f+51fr/+v/92/9v3Z/6//r/nej/6/9n+v9LttL9+X5fv/6//j+9nd/+/7yXp2fd/4+5f1eYSU3yPwAAANRBzP33hpnI/wAAAFAZMfffF2Yi/wMAAEBlxNy/O8ykJvlf/7/q/f/yff7/QKb/r/9f0P/X/z8f9P/1/zP9/yVban8+vGzR/y9R/z8/hvT/KaOy9f9j7r8/zKQm+R8AAADqIOb+j4WZyP8AAABQGTH3fzzMRP4HAACAyoi5/xNhJjXJ//r/+v8+/1//X/9f/3856f/r/3ej/9+f/f9I/788/X+f/09Zla3/H3P/A2EmNcn/AAAAUAcx938yzET+BwAAgMqIuf9Xw0zkfwAAAKiMmPsfDDOpSf7X/69g/7/pMNb/1//X/++9fv3/5aX/r//fjf6//n8/r1//X/+f3srW/4+5/9fCTGqS/wEAAKAOYu5/KMxE/gcAAIDKiLn/U2Em8j8AAABURsz9vx5mUpP8r/9/Yfr/g+nyff6//r/+v/6//v/5pP+v/5/p/y/ZSvfn+339+v/6//RWtv5/zP2/EWZSk/wPAAAAdRBz/2+Gmcj/AAAAUBkx9/9WmIn8DwAAAJURc//DYSY1yf/6/xX8/H/9f/3/qvT/h1v3p/6//n8n+v/6/5n+/5KtdH++39ev/6//T29l6//H3P/bYSY1yf8AAABQBzH3PxJmIv8DAABAZcTc/+kwE/kfAAAAKiPm/s+EmdQk//dH//9N/X/9f/3/JrXp/7ftT/1//f9O9P/1/zP9/yVb6f58v69f/1//n97K1v+Puf/RMJOa5H8AAACog5j7PxtmIv8DAABAZcTc/zthJvI/AAAAVEbM/b8bZlKT/N8f/X+f/6//r//ffPn6//r//UT/f37/P38OW8n+/6rFbKj/vyj6//r/+v/6/3RXtv5/zP2fCzOpSf4HAACAOoi5//fCTOR/AAAAqIyY+38/zET+BwAAgMqIuf+xMJOa5H/9f/1//X/9f/1//f/lpP/v8/+70f/X/+/n9ev/6//TW9n6/zH3fz7MpCb5HwAAAOog5v4/CDOR/wEAAKAyYu7fE2Yi/wMAAEBlxNz/eJhJTfK//r/+v/6//r/+v/7/ctL/1//vRv9f/7+f16//r/9Pb2Xr/8fcvzfMpCb5HwAAAOog5v4vhJnI/wAAAFAZMffvCzOR/wEAAKAyYu7fH2ZSk/yv/6//r/+v/6//r/+/nPT/9f+70f/X/+/n9ev/6//TW9n6/zH3T4WZ1CT/AwAAQB3E3H8gzET+BwAAgMqIuf9gmIn8DwAAAJURc/8TYSY1yf/6//r/+v/6//r/+v/LSf9f/78b/X/9/35ev/6//j+9la3/H3P/oTCTmuR/AAAAqIOY+78YZtKc/4cv9KoAAACA8ynm/i+Fmfj//wAAAFAZMfcfDjOpSf7X/9f/1/+vYP9/WP8/0/8vDf1//f9u9P/1//t5/fr/+v/0Vrb+f8z9R8JMapL/AQAAoA5i7j8aZiL/AwAAQGXE3H8szET+BwAAgMqIuf94mElN8r/+v/6//n8F+/8+/79B/78c9P/1/7vR/9f/7+f16//r/9Nb2fr/Mff/YZhJTfI/AAAA1EHM/SfCTOR/AAAAqIyY+6fDTOR/AAAAqIyY+2fCTGqS//X/9f/1//X/9f/1/5eT/r/+fzf6//r//bx+/X/9f3orW/8/5v6TYSY1yf8AAADQj147y+1j7n8yzET+h/9n7y53PTurOI7/h6a0hADXwhVwCVwDb7gF3LW4u7u7u7u7u0NhcCiEEnrWWqUje585Pbvn2c/6fN6sFGaYJzMJ5Mfkmw0AADCN3P33ilvsfwAAAJhG7v57xy1N9r/+X/+v/x+m/z/q/PT/+n/9/xXR/+v/D/r/Ezvrfn7v79f/6/9ZN1r/n7v/PnFLk/0PAAAAHeTuv2/cYv8DAADANHL33y9usf8BAABgGrn77x+3NNn/+n/9v/7/VvT/h8OU3/8/X7+S/v/U+v9zN/+y+v/Tpf/X/x/0/yd21v383t+v/9f/s260/j93/wPilib7HwAAADrI3f/AuMX+BwAAgGnk7n9Q3GL/AwAAwDRy9z84bmmy//X/+n/9/zDf/x+m//f9/yO+/3869P/6/yX6f/3/nt+v/9f/s260/j93/0Pilib7HwAAADrI3f/QuMX+BwAAgGnk7n9Y3GL/AwAAwDRy9z88bmmy//X/+n/9v/5f/6//35L+X/+/RP+v/9/z+/X/+n/Wjdb/5+5/RNzSZP8DAABAB7n7Hxm32P8AAAAwjdz9j4pb7H8AAACYRu7+R8ctTfa//l//r//X/+v/9f9b0v/r/5fo//X/e36//l//z7rN+/+7X3fTPW7/n7v/urilyf4HAACADnL3PyZusf8BAABgGrn7Hxu32P8AAAAwjdz9j4tbmuz/S/T/Vx30/037/xvP6f/1/2P2/zfEf8vo//X/F9P/6/8P+v8Tu3w/f7zfCf2//l//z5rN+/+V3v/Cf87d//i4pcn+BwAAgA5y9z8hbrH/AQAAYBq5+58Yt9j/AAAAMI3c/U+KW5rsf9//1/+f5vf/8z9X/39E/+/7//p//b/+f9mG/f898zdT/395Z93P7/39S/3/3Y7xfv0/HYzW/+fuf3Lc0mT/AwAAQAe5+58St9j/AAAAMI3c/U+NW+x/AAAAmEbu/qfFLU32v/5f/3+a/X+b7//f4ejn6/9v+R79v/7/UvT/+v8lvv+v/9/z+33/X//PutH6/9z9T49bmux/AAAA6CB3/zPiFvsfAAAAppG7/5lxi/0PAAAA08jd/6y4pcn+1//r//X/vv9/q/r/q/T/+v9l+n/9/xL9v/5/z+/X/+v/WTda/5+7/9lxS5P9DwAAAB3k7n9O3GL/AwAAwDRy9z83brH/AQAAYBq5+58XtzTZ//p//b/+X//v+//6/y3p/6fr/8/p/2+m/9f/6//1/ywbrf/P3f/8uKXJ/gcAAIAOcve/IG6x/wEAAGAauftfGLfY/wAAADCN3P0vilua7H/9v/5f/6//1//r/7ek/5+u//f9//+j/9f/6//1/ywbrf/P3f/iuKXJ/gcAAIAOcve/JG6x/wEAAGAauftfGrfY/wAAADCN3P0vi1ua7H/9/977/zvnC/T/+n/9v/5/SPp//f8S/f+l+/9rL/Pr6f/Hev8x+v//LP38o/4///T1/8xptP4/d//L45Ym+x8AAAA6yN3/irjF/gcAAIBp5O5/Zdxi/wMAAMA0cve/Km5psv8v1/+fv+PRv6//Px7f/7/0+/X/+n/9v/5f/6//X6L/9/3/Pb/f9//1/6wbrf/P3f/quKXJ/gcAAIAOcve/Jm6x/wEAAGAauftfG7fY/wAAADCN3P2vi1ua7H/f/9f/6//1//p//f+W9P/6/yU76v+vudS/qP/X/+v/9f8sG63/z93/+rilyf4HAACADnL3vyFusf8BAABgGrn73xi32P8AAAAwjdz9b4pbmux//b/+/8z7/9vp/5P+P/5c9f/6/yug/9f/H3z//8TOup/f+/v1//p/1o3W/+fuf3Pc0mT/AwAAQAe5+98St9j/AAAAMI3c/W+NW+x/AAAAmEbu/rfFLU32v/5f/3/m/b/v/xf9f/y56v/1/1dA/6//P+j/T+ys+/m9v1//r/9n3Wj9f+7+t8ctTfY/AAAAdJC7/x1xi/0PAAAA08jd/864xf4HAACAaeTuf1fc0mT/6//1//p//b/+X/+/Jf2//n+J/l//v+f3d+v/b3/BP+v/OY7R+v/c/e+OW5rsfwAAAOggd/974hb7HwAAAKaRu/+9cYv9DwAAANPI3f++uKXJ/tf/b9L/X33b9f/3uD5eoP/X/+v/9f9D0v/r/5fo//X/e35/t/7/Qvp/jmO0/j93//vjlib7HwAAADrI3f+BuMX+BwAAgGnk7v9g3GL/AwAAwDRy938obmmy/3v0/1df9MN8//+I/l//f9D/6/83pv/X/y/R/+v/9/x+/b/+n3Wj9f+5+z8ctzTZ/wAAANBB7v6PxC32PwAAAEwjd/9H4xb7HwAAAKaRu/9jcUuT/d+j/7+Y/v/Iqff/N95F/6//L/p//f9B/6//X6H/1//v+f1T9//nDvp/TsVo/X/u/o/HLU32PwAAAHSQu/8TcYv9DwAAANPI3f/JuMX+BwAAgGnk7v9U3HDXO53dk25T+n/9v+//6//1//r/Len/9f9L9P/6/z2/f+r+3/f/OSWj9f+5+z8dt/j7fwAAAJhG7v7PxC32PwAAAEwjd/9n4xb7HwAAAKaRu/9zcUuT/a//1//r//X/+n/9/5b0//r/Jfp//f+e36//1/+zbrT+P3f/5+OWJvsfAAAAOsjd/4W4xf4HAACAaeTu/2LcYv8DAADANHL3fyluabL/9f/6f/2//l//r//fkv5f/79E/6//3/P79f/6f9aN1v/n7v9y3NJk/wMAAEAHufu/ErfY/wAAADCN3P1fjVvsfwAAAJhG7v6vxS1N9r/+X/+v/9f/6//1/1vS/+v/l+j/9f97fr/+X//PutH6/9z9X49bmux/AAAA6CB3/zfiFvsfAAAAppG7/5txi/0PAAAA08jd/624pcn+n7n/X/ph+v8j+n/9/0H/r//fmP5f/79E/6//3/P79f/6f9aN1v/n7v923NJk/wMAAEAHufu/E7fY/wAAADCN3P3fjVvsfwAAAJhG7v7vxS1N9v/M/f8S/f8R/b/+/6D/1/9vTP+v/19yVv3/tfr/m5x1P7/39+v/9f+sG63/z93//bilyf4HAACADnL3/yBusf8BAABgGrn7fxi32P8AAAAwjdz9P4pbmux//b/+X/+v/9f/6/+3pP/X/y/x/X/9/57fr//X/7NutP4/d/+P45Ym+x8AAAA6yN3/k7jF/gcAAIBp5O7/adxi/wMAAMA0cvf/LG5psv/1//p//b/+X/+v/9+S/l//v0T/r//f8/v1//p/1o3W/+fu/3nc0mT/AwAAQAe5+38Rt9j/AAAAMI3c/b+MW+x/AAAAmEbu/l/FLU32v/5f/6//1//r//X/W2rb///vf1b1/6v0//r/Pb9f/6//Z91o/X/u/l/HLU32PwAAAHSQu/83cYv9DwAAANPI3f/buMX+BwAAgGnk7v9d3NJk/+v/9f/6f/2//l//v6W2/b/v/x+L/l//v+f36//1/6wbrf/P3X993NJk/wMAAEAHuft/H7fk/r/w//gGAAAAdid3/x/iFn//DwAAANPI3X8+bmmy//X/+v8p+/9r9P/6f/3/KPT/+v8l+n/9/57fr//X/7NutP4/d/8f45Ym+x8AAAA6yN3/p7jF/gcAAIBp5O7/c9xi/wMAAMA0cvf/JW5psv/1//r/Kft/3//X/+v/h6H/1/8v0f/r//f8fv2//p91o/X/ufv/Grc02f8AAADQQe7+v8Ut9j8AAABMI3f/3+MW+x8AAACmkbv/H3FLk/2v/9f/6//1//p//f+W9P/6/yX6f/3/nt+v/9f/s260/j93/z/jlib7HwAAADrI3X9D3GL/AwAAwDRy9/8rbrH/AQAAYBq5+/8dtzTZ//p//b/+X/+v/9f/b0n/r/9fov/X/+/5/fp//T/rRuv/c/f/NwAA//9ZCiuS")
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0)

2.551285288s ago: executing program 0 (id=968):
socket$rds(0x15, 0x5, 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x2, 0x3b9}, &(0x7f0000000000)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x47f6, 0x0, 0x2, 0x0, 0x0)

2.116440096s ago: executing program 0 (id=966):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x141042, 0x0)
fallocate(r1, 0x0, 0xffb, 0x5)

2.029276107s ago: executing program 0 (id=969):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c)
sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, 0x0, 0x8000)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0xfc, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "07f7bbfe1438037928175b3e04cd00", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)

1.920876839s ago: executing program 2 (id=971):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x4000721)
r0 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x3, 0x1, 0x5, 0xa, 0x3, 0x1, {0x5, 0x17d, 0x8, 0x5, 0x100, 0x7cf4, 0x9, 0x7ffffffd, 0xfffffffe, 0x8000, 0x20000000, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)

1.877766409s ago: executing program 0 (id=972):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x3, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x89}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000005c0)={r2, 0x4}, &(0x7f0000000600)=0x8)

1.86499158s ago: executing program 3 (id=973):
r0 = syz_open_procfs(0x0, &(0x7f0000000340)='oom_score_adj\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
r1 = syz_io_uring_setup(0x2e3b, &(0x7f0000000080)={0x0, 0x5ba7, 0x10100, 0x1}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/9, 0x9}, {0x0}], 0x2})
io_uring_enter(r1, 0x567, 0xa1ff, 0x0, 0x0, 0x0)

1.639206683s ago: executing program 3 (id=976):
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
ppoll(&(0x7f00000000c0)=[{r0, 0x7011}], 0x1, 0x0, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
timer_create(0x3, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

1.489818796s ago: executing program 2 (id=977):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
syz_emit_ethernet(0x6e, &(0x7f0000000340)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @mcast1, @loopback={0x0, 0xffffac1414aa}, [], "1e520b4c951ee12e"}}}}}}}, 0x0)

1.489093576s ago: executing program 1 (id=978):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000190a0102"], 0x14}}, 0x0)
close(r0)

1.435774377s ago: executing program 1 (id=979):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0x0, 0x7, @empty}, @ib={0x1b, 0x0, 0x0, {"7d0300"}, 0x0, 0x0, 0x6}}}, 0x118)
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000180)={0x7, 0x8, 0xfa00, {r1, 0x9}}, 0x10)
close(r0)

710.210918ms ago: executing program 3 (id=980):
syz_mount_image$exfat(&(0x7f0000000240), &(0x7f0000000100)='./file1\x00', 0x3000cd0, &(0x7f0000000140)=ANY=[], 0x1, 0x1519, &(0x7f00000023c0)="$eJzs3Au0TuX2MPA5n+dZbHJ5k9zXfObiTS4PSRJKkkuSJCG5JyRJkiSJTUgSkpDrTnLdIfe003a/X3JP2jmSJAkJCc83tupzOqdG/3P5f8539vyNsYZnvmvN+c5ljne/a60x9v6m27AajWtWbcDM8M/Qvy7w538SASABAAYCQE4ACACgXK5yudL3Z9GY+E+9ifhf0nDGle5AXEky/4xN5p+xyfwzNpl/xibzz9hk/hmbzD9jk/kLkaEl579atoy7yfP//8+pfyVZvv8zBPyjHTL//zb6Hzpa5p+xyfwzNpl/xibzz3gu34IFV7QPceXJ5z9jk/kLkaH9258prz97pZ9py/YPbEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxP8DZ/1lBgB+XV/pvoQQQgghhBBCCPHv49+70h0IIYQQQgghhBDifx+CAg0GAsgEmSEBskBWuAqyQXbIATkhBldDLrgGcsO1kAfyQj7IDwWgIBSCEAgsMERQGIpAHK6DonA9FIPiUAJKgoNSUBpugDJwI5SFm6Ac3Azl4RaoABUvvWe626EK3AFV4U6oBtWhBtSEu6AW3A214R6oA/dCXbgP6sH9UB8egAbQEBrBg9AYHoIm0BSaQXNoAS2h1Z/kJ+X8vfznoSe8AL2gNyRCH+gLL0I/6A8D4CUYCC/DIHgFBsOrMASGwjB4DYbD6zAC3oCRMApGw5swBsbCOBgPE2AiJMFbMAnehsnwzkPZYSpMg+kwA2ZCMrwLs2A2zIH3YC7Mg/mQlGUhLILF8D4sgQ8gBT6EpfARpMIyWA4rYCWsgtWwBtbCOlgPG2AjbILNsAW2wsewDbbDDtgJu2A37IFPYC98CvvgM0jDz//B/DO/zYfuCAioUKFBg5kwEyZgAmbFrJgNs2EOzIExjGEuzIW5MTfmwTyYD/NhIhbAQlgICQkZGQtjYYxjHItiUSyGxbAElkCHDktjaSyDF7z3ZbEclsPyWB4rYEWsiLfirVgZK2MVrIJVsSpWw2pYA2vgXXgX3o21sTbWwTpYF+tiPayH9bE+NsAG2AgbYWNsjE2wCTbDZtgCW2ArbIWtsTW2wTbYDtthe2yPHbADdsSO2Ak7YWfsjF2wC3bFrtgNu2F3fA6fw+fxeXwBX8DeWE31wb7YF/thPxyAL+FL+DIOwlfwFXwVh+BQHIav4Wv4Oo7A0zgSR+FoHI2V1Vgch+OR1URMwiTMDJNwMk7GKTgVp+J0nIEzMRmTcRbOxtn4Hs7FeTgPF+ACXISLcTEuwQ8wBVNwKZ7BVFyGy3EFrsRVuBLX4Fpcg+txA67HTbgJt+AW/Bg/xu24HXfiTtyNu/ET/AQ/xU9xCKZhGu7H/XgAD+BBPIiH8BAexsN4BI/gUTyKx/AYHscTeBJP4Ck8hafxDJ4FgHN4Ds/jebyIF9M//CqdUUZlUplUgkpQWVVWlU1lUzlUDhVTMZVL5VK5VW6VR+VR+VQ+VUAVUIVUIUWKFKtIFVaFVVzFVVFVVBVTxVQJVUI55VRpVVqVUWVUWVVWlVM3q/LqFlVBVVRt3a3qVlVZtXNV1B2qqqqqqqnqqoaqqWqqWqqWqq1qqzqqjqqr6qp66n5VX/XBAdhQpU+msRqKTdQwbKaaqxaqpXodH1at1Qhso9qqdupRNQpHYgfV2nVUT6hOahx2Vk+p8fi06qomYjf1rOqunlM91POqp2rjeqneagr2UX3VdOyn+qsB6iU1C6ur9InVUK+q5zMPVcPUa2oRvq5GqDfUSDVKjVZvqjFqrBqnxqsJaqJKUm+pSeptNVm9o6aoqWqamq5mqJkqWb2rZqnZao56T81V8zSoBWqhWqQWq/fVEvWBSlEfqqXqI5WqlqnlaoVaqVap1WqNWqvWqfVqg9qoNqnNaovaqj5W29R2tUPtVLvUbrVHfaL2qk/VPvWZSlOfq/3qL+qA+kIdVF+qQ+ordVh9rY6ob9RR9a06pr5Tx9UJdVJ9r06pH9RpdUadVT+qc+ondV5dUBeVV6BRK6210YHOpDPrBJ1FZ9VX6Ww6u86hc+qYvlrn0tfo3PpanUfn1flMfl1AF9SFdKhJW8060oV1ER3X1+mi+npdTBfXJXRJ7XQpXVrfoMvoG3VZfZMup2/W5fUtuoKuqCt50Lfpyvp2XUXfoavqO3U1XV3X0DX1XbqWvlvX1vfoOvpeXVffp+vp+3V9/YBuoBvqRvpB3Vg/pJvoprqZbq5b6Ja6lX5Yt9aP6Da6rW6nH9Xt9WO6g35cd9RP6E76Sd1ZP6W76Kd1V/2M7qaf1d31c7qHvqAvaq976d46UffRffWLup/urwfol/RA/bIepF/Rg/Wreogeqofp1/Rw/boeod/QI/UoPVq/qcfosXqcHq8n6Ik6Sb+lJ+m39WT9jp6ip+pperqeoWfqAb9UmvM/yH/7d/IHX3r3LXqr/lhv09v1Dr1T79K79R69R+/Ve/U+vU+n6TS9X+/XB/QBfVAf1If0IX1YH9ZH9BF9VB/Vx/QxfVyf0D/q7/Up/YM+rc/oM/pHfU6f0+d/+T8Ag0YZbYwJTCaT2SSYLCarucpkM9lNDpPTxMzVJpe5xuQ215o8Jq/JZ/KbAqagKWRCQ8YaNpEpbIqYuLnOFDXXm2KmuClhShpnSpnS5oZ/Of/P+mtlWpnWprVpY9qYdqadaW/amw6mg+loOppOppPpbDqbLqaL6Wq6mm6mm+luupsepofpaXqaXqaXSTSJpq950fQz/c0A85IZaF42g8wgM9gMNkPMEDPMDDPDzXAzwowwI81IM9qMNmPMGDPOjDMTzAST5HOaSWaSmWwmmylmipk2MKeZYWaYZJNsZplZZo6ZY+aauWa+mW8WmoVmsVlslpglJsWkmKVmqUk1y8wys8KsMKvMKrPGrDHrzDqzwWwwm8wmk2q2mq1mm9lmdpgdZpfZZfaYPWav2Wv2mX0mzaSZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlpTppT5pQ5bU6bs+asOWfOmfPmvLloLqZf9gUqUIEJTJApyBQkBAlB1iBrkC3IFuQIcgSxIBbkCnIFuYNrgzxB3iBfkD8oEBQMCgVhQIENOIiCwkGRIB5cFxQNrg+KBcWDEkHJwAWlgtLBDUGZ4MagbHBTUC64OSgf3BJUCCoGlYJbg9uCysHtQZXgjqBqcGdQLage1AhqBncFtYK7g9rBPUGd4N6gbnBfUC+4P6gfPBA0CBoGjYIHg8bBQ0GToGnQLGgetAhaBq3+rfW9P533Edcr7B0mhn3CvuGLYb+wfzggfCkcGL4cDgpfCQeHr4ZDwqHhsPC1cHj4ejgifCMcGY4KR4dvhmPCseG4cHw4IZwYJoVvhZPCt8PJ4TvhlHBqOC2YHs4IZ4bJ4bvhrHB2OCd8L5wbzgvnhwvCheGiEH++JIaU8MNwafhRmBouC5eHK8KV4apwdbgmXBuuC9eHG8KN4aZyg34+NNwWbg93hDvDXeHucE/4Sbg3/DTcF34WpoWfh/vDv4QHwi/Cg+GX4aHwq/Bw+HV4JPwmPBp+Gx4LvwuPhyfCk+H34anwh/B0eCY8G/4Yngt/Cs+HF8KLoU+/uE//eidDhjJRJkqgBMpKWSkbZaMclINiFKNclItyU27KQ3koH+WjAlSACmUuROmYmApTYYpTnIpSUSpGxagElSBHjkpTaSpDZagslaVyVI7KU3mqQBWoElWi2+g2up1upzvoDrqT7qTqVJ1qUk2qRbWoNtWmOlSH6lJdqkf1qD7VpwbUgBpRI2pMjakJNaFm1IxaUAtqRa2oNbWmNtSG2lE7ak/tqQN1oI7UkTpRJ+pMnakLdaGu1JW6UTfqTt2pB/WgntSTelEvSqRE6kt9qR/1owE0gAbSQBpEg2gwDaYhNISG0TAaTsNpBI2gkTSKRtObNIbG0jgaTxNoIiVREk2iSTSZJtMUmkLTaBrNoBmUTMk0i2bRHJpDc2kuzaf5tJAW0mJaTEtoCaVQCi2lpZRKqbScltNKWkmraTWtpbW0ntbTRtpIm2kzbaWttI220Q7aQbtoF+2hPbSX9tI+2kdplEb7aT8doAN0kA7SITpEh+kwHaEjdJSO0jE6RsfpOJ2kk3SKTtFpOk1n6Sydo5/oPF2gi+QpwWaxWe1VNpvNbnPYnPZv43w2vy1gC9pCNrR5bN7fxGStLWaL2xK2pHW2lC1tb/i7uIKtaCvZW+1ttrK93VaxFWwW+Ou4lr3b1rb32Dr2XlvT3vWbuK69z9azD9n6tqltYJvbRralbWwfsk1sU9vMNrctbEvb3j5mO9jHbUf7REIn++RfxzY9XmI/sGvtOrvebrB77af2rP3RHrHf2HP2J9vL9rYD7ct2kH3FDrav2iF26G9jADvavmnH2LF2nB1vJ9iJfxdPs9PtDDvTJtt37Sw7++/ixfZ9O9em2Pl2gV1oF12K03tKsR/apfYjm2qX2eV2hV1pV9nVds3/7XWF3WQ32y12j/3EbrPb7Q670+6yuy/F6eexz35m0+zn9rD92h6wX9iD9qg9ZL+6FKef31H7rT1mv7PH7Yk+YL+3p+wP9rQ9c+n808/9e3vBXrTeAiMr1mw44EycmRM4C2flqzgbZ+ccnJNjfDXn4ms4N1/LeTgv5+P8XIALciEOmdgyc8SFuQjH+TouytdzMS7OJbgkOy7FpfkGLsM3clm+icvxzVyeb+EKXJEr8a18G1fm27kK38FV+U6uxtW5Btfku7gW3821+R6uw/dyXb6P6/H9XJ8f4AbckBvxg9yYH+Im3JSbcXNuwS25FT/MrfkRbsNtuR0/yu35Me7Aj3NHfoI78ZPcmZ/iLvw0d+VnuBs/y935Oe7Bz3NPfoF7cW9O5D7cl1/kftyfB/BLPJBf5kH8Cg/mV3kID+Vh/BoP59d5BL/BI3kUj+Y3eQyP5XE8nifwRE7it3gSv82T+R2ewlN5Gk/nGTyTk/ldnsWzeQ6/x3N5Hs/nBbyQF/Fifp+X8Aecwh/yUv6IU3kZL+cVvJJX8Wpew2t5Ha/nDbyRN/Fm3sJb+WPextt5B+/kXbyb9/AnvJc/5X38Gafx57yf/8IH+As+yF/yIf6KD/PXfIS/4aP8LR/j7/g4n+CT/D2f4h/4NJ/hs/wjn+Of+Dxf4IvsGSKMVKQjEwVRpihzlBBlibJGV0XZouxRjihnFIuujnJF10S5o2ujPFHeKF+UPyoQFYwKRWFEkY04iqLCUZEoHl0XFY2uj4pFxaMSUcnIRaWi0tENUZnoxqhsdFNULro5Kh/dElWIKkaVoluj26LK0e1RleiOqGp0Z1Qtqh7ViGpGd0W1oruj2tE9UZ3o3qhsdF9UL7o/qh89EDWIGkaNogejxtFDUZOoadQsah61iFpGraKHo9bRI1GbqG3ULno0ah89FnWIHo86Rk9EnaInL+8vHvz8bfo3+xOjPpH+5QnZPXphfFF8cfz9+JL4B/GU+IfxpfGP4qnxZfHl8RXxlfFV8dXxNfG18XXx9fEN8Y3xTfHN8S1x72tmBofpN8JgXOAyucwuwWVxWd1VLpvL7nK4nC7mrna53DUut7vW5XF5XT6X3xVwBV0hFzpy1rGLXGFXxMXdda6ou94Vc8VdCVfSOVfKlXYtXSvXyrV2j7g2rq1r5x51j7rH3GPu8YRfGned3VOui3vadXXPuGfcs667e871cM+7nu4F18v1doku0fV1fV0/188NcAPcQDfQDXKD3GA32A1xQ9wwN8wNd8PdCDfCjXQj3Wg32o1xY9w4N85NcBNckktyk9wkN9lNdlPcFDfNTXMz3AyX7JLdLDfLzXFz3Fw31813891Ct9AtdovdErfEpbgUt9Qtdaku1S13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtc9vcDrfD7XK73B63x+11e90+t8+luTS33+13B9wBd9B96Q65r9xh97U74r5xR9237pj7zh13J9xJ5/Up94M77c64s+5Hd8795M67C+6i8y4p9lZsUuzt2OTYO7EpsamxabHpsRmxmbHk2LuxWbHZsTmx92JzY/Ni82MLYgtji2KLY+/HlsQ+iKXEPowtjX0US40tiy2PrYitjK2KeV9wW+QL+yI+7q/zRf31vpgv7kv4kt75Ur60v8GX8Tf6sv4mX87f7Mv7W3wFX9FX8k19M9/ct/AtfSv/sG/tH/FtfFvfzj/q2/vHfAf/uO/on/Cd/JO+s3/Kd/FP+67+Gd/NPzvvlyn7nv4F38v39om+j+/rX/T9fH8/wAd+oH/ZD/Kv+MH+VT/ED/XD/Gt+uH/dj/Bv+JF+lB/t3/Rj/Fg/zo/3E/xEn+Tf8pP8236yf8dP8VP9ND/dz/AzfbJ/18/ys/0c/56f6+f5+X6BX+gX+cX+fb/Ef+BT/Id+qf/Ip/plfrlf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6j/02v93v8Dv9Lr/b7/Gf+L3+U7/Pf+bT/Od+v/+LP+C/8Af9l/6Q/8of9l/7I/4bf9R/64/57/xxf8Kf9N/7U/4Hf9qf8Wf9j/6c/8mf9xf8RfmdNSGEEEKI/xH9J/v7/M5r6pctXV8AyL49/6G/rbkxz8/r/mpvpxgAPNG7W8NftkzQMDEx8ZdjUzUERRYAQOxyfia4HC+DdvAYdIS2UOZ3++uvKl267vur+g0b/k39+M0AWQGy/JqTfnv0a3y5/o1/UL/p+/yH9ZdBqkaILwAoVuRyTnrhX+PL9cv+Qf3d7f+4/qX+s3yRBNDmr3KyweX4cv3S8Ag8CR1/c6QQQgghhBBCCPGz/upc9z+5/7x0f17A/Dbv1/jP7s//RJV/tX8hhBBCCCGEEEL8uaef6/H4wx07tu3y37zI/J/Rxn/AAgHgP6CN31tk+U9tLIMurvRPJiGEEEIIIcS/2+WL/ivdiRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkXH9838hTP32lQQA+IODr/Q5CiGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEFfa/wkAAP//LqFRhw==")
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x280449c, 0x0)
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83)
fchown(r0, 0xffffffffffffffff, 0xee01)

706.210968ms ago: executing program 0 (id=988):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4000, &(0x7f00000000c0)=ANY=[], 0x1, 0x6014, &(0x7f000000a280)="$eJzs3U9vHGcdB/Df/vHacdo0qlAVIg5uyp+W0vxPoPxrygEJOICEeiaR61YpKaAkIFpFxJUPiAvwEuDSC4e+BV5AXwPiBRAp6akHyqCxn8cZb9Zeu4ln1n4+H2kz85tnx/tMvjueWc/MTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8eMf/vxcLyKu/i5NOB7xVAwi+hFH6nop6pEr+fnDiDgR683xXEQM5iPq+df/eSbiYkR8fCzi/oM7y/Xk87vsx6Wzt29+9pMf/OuPf1k78c6bv/hwvP1nX7jw0Z/uRhz/6asffXb3ySw7AAAAlKKqqqqXPuafTJ/v+113CgBoRd7+V0merla3Vv9oxvqjVu9P/ef+Xp7/1NGu+6s+pHVTNdndZhERq8156n0Gh+MB4IBZjU+77gIdkn/RhhFxtOtOADOt13UH2Bf3H9xZ7qV8e83twdJGe/475Zb8V3ub13dsN5xm/ByTtt5fazGIZ7fpz5GW+jBLcv798fyvbrSP0vP2O/+2bJf/aOPSp+Lk/Afj+Y/Zkv9fI+LA5t+fmH+pcv7DveS/OjjA67/8AQAAAAA4/PLf/493fPx3/vEXZVd2Ov671FIfAAAAAAAAAOBJe9z7/21y/z8AAACYWfVn9drfjj2ctt13sdXT3+hFPD32fKAwS40vBwQAAAAAAAAAAAAA2jGMWEzn9c9FxNOLi1VV1Y+m8XqvHnf+g6705YeSdf1LHgAANnx8bOxa/l7EQkS8kb7rb25xcbGq5iJisToyn/dnR/ML1ZHG59o8rKfNj3axQzwcVfUPW2jM1zTt8/K09vGfV7/WqBrsomPt6DBwAIiIja3RfVukQ6aqnomu93I4GKz/h4/1n93o+n0KAAAA7L+qqqpe+jrvk+mYf7/rTgEArcjb//HjAmq1Wl1M/cnGxJnpj1q9j3VTNdndZhERq8156n0Gt+MHgANmNT7tugt0SP5FG0bEia47Acy0XtcdYF/cf3BnuZfy7TW3B0sb7flckC35r/bW58vzTxpOM36OSVvvr7UYxLPb9Oe5lvowS3L+/fH8r26051v8b+azsD/5t2W7/OvlPN5Bf7qW8x+M5z9mv9f/tqxFf2L+pcr5D/eU/0D+AAAAAAAww/Lf/487/psXGQAAAAAAAAAOnPsP7izn617z8f8vTXherznm+s9DI+ff23X+rv89THL+/fH8x07IGTTG773+MP9PHtxZ/vD2f76YhzOf/9xgVL/2XK8/GKZzfqq5t+J63IiVOPvI84db2s890j63pf38lPYLj7SP6vYjuf10LMev40a8udk+P+XEqIUp7dWU9pz/wPpfpJz/sPGo819M7b2xYe3eB/1H1vvmcNLrXPnHf7/66NrVhuGWai0Gm8vWcKz+51RrfXpo/f/k6Ch+e2vl5unfX7t9++a5SIMtU89HGjxhOf+59Mj5v/jCRnv+vd9cX+99MNpz/rNiLYaT8l9/f7/QGK+X96WW+9aFnP8oPXL+eQs0ef0/yPlPXP/Xl+/lDvoDAAAAAAAAAAAAAAAAO6mqav0S0SsRcTld/9PVtZkAQLvy9r9K8nS1Wq1Wq9WHr26qJnutWUTEP5vz1PsMf5j0wwCAWfa/iPh3152gM/IvWP6+v3r45a47A7Tq1nvv//LajRsrN2913RMAAAAAAAAA4PPK9/9catz/ef08oLH7Rm+5/+vrsXRg7//ZHw3W73WeFuj52Pn+36di5/t/D6e83tyU9tGU9vkp7QtT2ide6NGQ838+ZZzzP5kWrKT7v77YQX+6lvM/le71nPP/2tjzmvlXfz/I+fe35H/m9ru/OXPrvfdfuf7utbdX3l751bmzly9euHTxwqVLZ966fmPl7Ma/HfZ4f+X8872vnQdalpx/zlz+Zcn5fyXV8i9Lyn9zN1T+Zcnrf97fk39Zcv75s4/8y5LzfynV8i9Lzv/rqZZ/WXL+L6da/mXJ+X8j1fIvS87/lVTLvyw5/9Opln9Zcv5nUi3/suT88xEu+Zcl55/PbJB/WXL+51Mt/7Lk/C+kWv5lyflfTLX8y5Lzv5Rq+Zcl53851fIvS87/m6mWf1ly/t9KtfzLkvN/NdXyL0vO/9upln9Zcv7fSbX8y5Lz/26qd8r/nRb7RTty/t9LtfW/LDn/76da/mXJ+b+WavmX5eH3/xvZ88jibHTDiJEnP9L1byYAAAAAAAAAAAAAYFwbpxN3vYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPB/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuNkau87wd+9uq1IcH/cCcO2OZmYGF3fQOHGEwS8qekF0pC2rSkxrHXZhPf6l0ngFDZFNoSBalI7Qv6omkSJVGktgJVkZpKNEIqUvumal41QpWiVopUV4LKQUmlVIGtzpzneXZmdnZm195dz5zz+SD75505M/PMmTOz+130nQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB6Wz4y+Ud9WZblf2p/bcyyi/N/r8/25V/O7r7QKwQAAADO1zu1v//qknTCviVcqG6bf7z2X747Nzc3l3327TPv/sncXDpjc5YNrMuy2nnRP/38Z3P12wTPZiN9/XVf93e4+YEO5w92OH+ow/nDHc5f1+H8kQ7nL9gBC6wvfh9Tu7Ibav/cWOzS7LJsqHbeDS0u9Wzfuv7++Lucmr7aZeaGDmdT2dFsMhtfcJm+2n9Z9uqW/LYeyOJt9dfd1qYsy87+5OmDcQ19YR/fkDXcWE39Y/fWfdnmt3/y9MFvz7x5davZcTcsWGmWbduar/O5LJv/dVXWl61L+ySus79unZtarHOgYZ19tcvl/25e59klrjPe75Gwzh+0WeemcNoT12dZNpstuk2zZ7P+bEPTrab9PVIcEfl15A/l+7LBZR0nW5ZwnOSX+fH1jcdJ8zEZ9/+WsE8GF1lD/cPx1peGF+z3cz1O8nvdDcdqft0P5Tc6MlL/q9WGYzXf5ukbFz8GWj52LY6BdCzXHQNbOx0D/cMDtWOgf37NWxuOgYkFl+nP+mq3debG9sfA2Myxk2PTTz51+9SxA0cmj0wenxjfvXPHrp07du0aOzx1dHK8+Ht5u7SHbMj60zG4NbzWxGPw5qZt6w/Jua+v3PNgpEueB/l9/+RN+YIu7s8WOcbzbZ7bdv7Pg/R9v+55MFj3PGj5mtrieTC4hOdBvs3ZbUv7njlY96fVGlbrtXBj3TFwIb8f5rf56C2LvxZuCut6/tblfj8cWHAMxLvVF557+Snp572Ru8J+WXhcXJOfcdFwdnp68tQdTxyYmTk1kYWxJi6te6yaj5cNdfcpW3C89C/7eNn3l7+46ZoWp28M+2rktvnHarjF45Bvs3O0/WNVe3VvvT8bTt2ehbHC1np/tvpulu/PlCXaHPv5Ns/dfv4/C6ZcUvf6N9Tp9W9gaLB4/RtIe2Oo4fVv4UMzUFtZlp29fWmvf0Phz1q//l3WJa9/+b569I72x0C+zfNjyz0GBtu+/l0fZl9Yzy0hMYzU5f53a+fPFodp3WPZ8bgZHBwKx81gvMXG42bHgsvk15bf9rbxcztutl3f+Fg1/NxSwuMm31d/Ot7+uMm3eW3i/F871sd/1r12DHc6BoYGhvP1DqWDoHi9m1sfj4E7soPZiexodihdJn+U89sa3b60Y2A4/Fnr146ruuQYyPfVS9vbHwP5Nq/vWNmfnbaFU9I2dT87Nf9+YbHMf83g/PU177aVzvz5Oj+6s/3vhvJt3ty53JzRfj/dFk65qMV+an7+LHZMH8rWZj9dFdZ5dFf7303l21y2e4nH074sy96YeKP2+67w+92/Of2v3234vW+r3ym/MfHGg2MP/3A56wcA4Ny9W/t7drj4WbPu/1gv5f//AwAAAD0h5v7+MBP5HwAAAEoj5v6BMBP5HwAAAEoj5v7BMJOK5P/H79rz8jvPZOndAOeCeH7cDQ/dU2wXO96z4evNc/Py0z/8zaGXv/zM0m67P8uyXzz4/pbbP35PXFfhZFznBxtPX+Cq65Z0+489Mr9d/fsnnN1TXH+8P0s9DGJX+dWx7bXr3fzkRG2+9mBWmw/PPv9scf3F13H7MzuK7f88vGnJvsN9DZffFtZzQ5ibw3vKPLRvfj/kM17u5U3X/sOln5q/vXi5vq3vrd3Nl36vuN74HlEvXlpsH+/3Yuv/+6985+V8+ydubL3+Z/pbr/9MuN4fh/nzvcX29fv8y3Xr/4Ow/nh78XJ3fOP7Ldf/ypXF9q+E4+JrYTav/74//sA7rR6veDv77i4uF29//H921i4Xry9ef/P6R56ZaNgfzdf/2tvF9ez9wk8H6rePp8fbiR67u/H47guPb0OPPMuy7/xh1rCfsw8Vl/u7pvXH6zt5d+v139a0zpN919UuP39/Njbcr69+a3vL+xvXs++vNzbcnxfvD/vv7bHX8+s983A4HsP5//uD4vqa38v0lfsbX2/i9l/bWDxv4/WNNa3/xab1z16X77vO63/g7WL9r9y7rmH9+z4WjqcHitlp/Uf+4pKGy3/928XjceqLo8dPTJ+eOhTuzMam5/G6kfUbLrr4Pe+9JLyWNn+9/8TM45OnNo9vHs+yzT34loGrvf5vhPnfxZhd+Vso/PCnxXH3wseL71s3/6z4+sVw+mPh8YzfH7/6Z0MNx2vz4z57bzHPd/23hnUs1ZVf+Y/rWpz8nwve8/fMZ149/be//2bzzwXx/py8fKR2/17ackXtvL7XivObX69am0tP+3+/vPF5/aPB8dr8Xtivc+GdmbdeUdxe8/XH9yZ54RPF8zf+JBcvnzW9n8jGgcb7cW7rn/ej8HPM969qfP2Lx8f3nml6N+eNWV++hNnw+pDNFufHreL+fuHsFS1vL74PTzZ79XKWuajpJ6fHjk4dP/3E2Mzk9MzY9JNP7T924vTxmf219y7d/7lOl59/fm+oPb8PTe7emdWe7SeKscou9PpPPnLw0J3jNx2aPHzg9OGZR05OnjpycHr64OSh6ZsOHD48+cVOl586tHdi+54dd24fPTJ1aO9de/bs2DM6dfxEvoxiUR3sHv/86PFT+2sXmd67c8/Erl07x0ePnTg0uffO8fHR050uX/veNJpf+gujpyaPHpiZOjY5Oj311OTeiT27d2/v+O6Px04ent48dur08bHT05Onxor7snmmdnL+va/T5amG6RPh9a5JX/jp/NO37U7vj5v75pcWvapik8YfT7O3wntBxe9vnb6OuX8ozKQi+R8AAACqIOb+8Mb/82fI/wAAAFAaMfevCzOR/wEAAKA0Yu4fCTOpSP7X/9f/1//X/9f/X8P+f6b/v9L0/1ek/7/Qqvb/5+n/6//38vr1//X/6azb+v8x96/PskrmfwAAAKiCmPs3hJnI/wAAAFAaMfdfFGYi/wMAAEBpxNx/cZhJNfL/UPM/9f/1//X/6/v/cVv9/0z/X///HOn/6/+3o/+v/9/L6+/C/v96/X+6Tbf1/2Puf0+YSTXyPwAAAFRCzP3vDTNZTv7vX+lVAQAAACsp5v5Lwkz8/38AAAAojZj7N4aZVCT/+/x//X/9f5//r/+v/7+a9P/1/9vR/9f/7+X1d2H/3+f/03W6rf8fc///CzOpSP4HAACAKoi5/31hJvI/AAAAlEbM/ZeGmcj/AAAAUBox918WZlKR/K//r/+v/6//r/+v/7+a9P/1/9vR/9f/7+X16//r/9NZt/X/Y+6/PMykIvkfAAAAqiDm/ivCTOR/AAAAKI2Y+68MM5H/AQAAoDRi7r8qzKQi+V//X/9f/1//X/9f/3816f/r/7ej/6//38vr1//X/6ezbuv/x9x/dZhJRfI/AAAAVEHM/deEmcj/AAAAUBox978/zET+BwAAgNKIuX9TmElF8r/+v/5/1/f/+/X/9f8L+v/6/62sbP+/f9Fz9P8L+v+N9P/1//X/9f9pr9v6/zH3fyDMpCL5HwAAAKog5v5rw0zkfwAAACiNmPuvCzOR/wEAAKA0Yu7fHGZSkfyv/6//3/X9f5//r/8fZuX6/zN9+v9L4PP/9f8z/f9zdqH7872+fv1//X+arV9wSrf1/2Pu3xJmUpH8DwAAAFUQc//WMBP5HwAAAEoj5v7rw0zkfwAAACiNmPtvCDOpSP7X/z/H/n9TtUX/v/X69f/1//X/ff6//r/+fzv6//r/vbx+/f+l9f+HO10RpdZt/f+Y+28MM6lI/gcAAIAqiLn/pjAT+R8AAABKI+b+m8NM5H8AAAAojZj7t4WZVCT/6//7/H/9f/1//X/9/9Wk/7/k/v/CD01eAv3/gv7/ubnQ/fleX38v9f9HWlze5/+zFrqt/x9z/y1hJhXJ/wAAAFAFMfffGmYi/wMAAEBpxNx/W5iJ/A8AAAClEXP/aJhJRfK//r/+v/5/tfv/6/T/9f9XWVn7/+l11Of/6//r/+v/r3L//1uLXL5XPv+fauu2/n/M/beHmVQk/wMAAEAVxNx/R5iJ/A8AAAClEXP/WJiJ/A8AAAClEXP/eJhJRfK//r/+v/5/tfv/mf6//v8qK2v/v/nz/7Ms0//X/0/0//X/u+3z/1vR/2ctdFv/P+b+iTCTiuR/AAAAqIKY+7eHmcj/AAAAUBox9+8IM5H/AQAAoDRi7t8ZZlKR/K//r/+v/6//r/+v/7+aqtL/9/n/xfn6/wX9f/1//X/9/yrqb3Fat/X/Y+7fFWZSkfwPAAAAVRBz/+4wE/kfAAAASiPm/jvDTOR/AAAAKI2Y++8KM6lI/tf/1//X/9f/797+f+Ptr17//7/0/1eR/v/Y64MtHnf9/4L+v/5/L69f/1//n85Wtv9/yXn3/2Pu3xNmUpH8DwAAAFUQc/8Hw0zkfwAAACiNmPvvDjOR/wEAAKCntPocwijm/g+FmVQk/+v/l73/P7dO/1//v3f7/4370+f/6/+3El4+u7r/7/P/F7e6/f/1C25P/7/Rhe7P9/r69f/1/+lsZfv/C348XXb/P+b+vWEmFcn/AAAAUAUx998TZiL/AwAAQGnE3H9vmIn8DwAAAKURc/++MJOK5H/9/7L3/7vv8//7Mv1//f+C/r/+/0rohc//1/9fnM//783+f3zfDf3/7un/58eQ/j/dqNv6/zH33xdmUpH8DwAAAFUQc/+Hw0zkfwAAACiNmPs/EmYi/wMAAEBpxNz/0TCTiuR//X/9f5//r/+v/6//v5r0//X/29H/783+f6T/3z39f5//T7fqtv5/zP33h5lUJP8DAABAFcTc/7EwE/kfAAAASiPm/v8fZiL/AwAAQGnE3P9AmElF8r/+v/6//r/+v/6//v9q0v/X/29nbfv/w1nz/dD/1//X/9f/Z3WtRf9/3TL6/zH3/1KYSUXyPwAAAFRBzP0PhpnI/wAAAFAaMfd/PMxE/gcAAIDSiLn/l8NMKpL/9f/Xpv/fn65f/1//X/9f/1//fyX1aP9/RP+/4PP/9f97ef36//r/dLYW/f9sGf3/mPt/JcykIvkfAAAAqiDm/l8NM5H/AQAAoDRi7v+1MBP5HwAAAEoj5v6Hwkwqkv/1/33+v/6//n/X9v8HG/en/r/+fys92v/3+f+B/r/+fy+vX/9f/5/Ouq3/H3P/r4eZVCT/AwAAQBXE3P9wmIn8DwAAAKURc/8nwkzkfwAAACiNmPs/GWZSkfyv/6//r/+v/9+1/f+m/an/3639/39re67+v/5/O/r/+v+9vH79f/1/Ouu2/n/M/Y+EmVQk/wMAAEAVxNz/qTAT+R8AAABKI+b+3wgzkf8BAACgNGLu/80wk97M//3LvYD+v/6//r/+v/6//v9q0v9f2P/PX8MuZP9/eCkb6v8vif6//r/+v/4/7XVb/z/m/k+HmfRm/gcAAABaiLn/t8JM5H8AAAAojZj7fzvMRP4HAACA0oi5/9Ewk4rkf/1//X/9f/1//X/9/9Wk/+/z/9vR/9f/7+X16//r/9NZt/X/Y+7/TJhJRfI/AAAAVEHM/b8TZiL/AwAAQGnE3L8/zET+BwAAgNKIuf+xMJOK5H/9f/1//X/9/5Xp/8/p/+v/t6T/r//fjv6//n8vr1//X/+fzrqt/x9z/4Ewk4rkfwAAAKiCmPs/G2Yi/wMAAEBpxNx/MMxE/gcAAIDSiLn/UJhJRfK//r/+v/6//r/P/9f/X036//r/7ej/6//38vr1//X/6azb+v8x90+GmVQk/wMAAEAVxNx/OMxE/gcAAIDSiLn/SJiJ/A8AAAClEXP/42EmFcn/+v/6//r/+v/6//r/q0n/X/+/Hf1//f9eXr/+v/4/na1c//+fV6T/H3P/VJhJRfI/AAAAVEHM/Z8LM5H/AQAAoDRi7v98mIn8DwAAAKURc//RMJOK5H/9f/1//f8S9v8H9f8z/f+uof+v/9+O/r/+fy+vX/9f/5/OVq7/n61I/z/m/mNhJhXJ/wAAAFAFMfcfDzOR/wEAAKA0Yu4/EWYi/wMAAEBpxNx/MsykIvlf/1//X/+/hP1/n/9fo//fHfT/9f/b0f/X/+/l9ev/6//TWbf1/2Pu/90wk4rkfwAAAKiCmPtPhZnI/wAAAFAaMfdPh5nI/wAAAPwfe/fRo9ddxXH8MYljWxFixZ63wI4dvIO8BjZsERK9dwgQeu+9915D772X0HsLhA4BKSiZc05i5/G94/E8fu79n89nkZNxJvaNR3L00+iryzBy9983bmmy//X/+n/9v/5f/6//3yX9v/5/iv5/Pf3/yS3/vv5f/6//Z87S+v/c/feLW5rsfwAAAOggd//94xb7HwAAAIaRu/8BcYv9DwAAAMPI3f/AuKXJ/tf/6//1/4vp/w86P/2//l//f0H0//r/zb77/zPxweD9/zb6f/2//p85S+v/c/c/KG5psv8BAACgg9z9D45b7H8AAAAYRu7+h8Qt9j8AAAAMI3f/Q+OWJvtf/6//H7f/P7W2/t/7//PrOmL/f+LWX1b/f7z0//r/zb77/ybv/99G/6//1/8zZ2n9f+7+h8UtTfY/AAAAdJC7/+Fxi/0PAAAAw8jd/4i4xf4HAACAYeTuf2Tc0mT/6//1/+P2/6t7/7/+P7+uQ/T/Z+rn8f5//b/+//z0//r/NT+//l//z7yl9f+5+x8VtzTZ/wAAANBB7v5Hxy32PwAAAAwjd/9j4hb7HwAAAIaRu/+xcUuT/a//1//r//X/+v9L8P5//b/+X/+/lf5f/7/m59f/6/+Zt7T+P3f/4+KWJvsfAAAAOsjd//i4xf4HAACAYeTuf0LcYv8DAADAMHL3PzFuabL/9f/6f/2//l//r//fJf2//n+K/l//v+bn1//r/5m38/7/qqtvuYft/3P3Xx23NNn/AAAA0EHu/ifFLfY/AAAADCN3/5PjFvsfAAAAhpG7/ylxS5P9v6X/v2yj/2/a/990Qv+v/19m/39j/Cmj/9f/3966+//T+n/9/y0/vLz+/3C/E/p//b/+nzk77/9nev9zP87df03c0mT/AwAAQAe5+58at9j/AAAAMIzc/U+LW+x/AAAAGEbu/qfHLU32v/f/6/+P8/3/+fPq/w/o/73/X/+v/z/u9/+fOedj/f+BLf3/vfI3U/9/fvvu59f+/FP9/90P8fz6fzpYWv+fu/8ZcUuT/Q8AAAAd5O5/Ztxi/wMAAMAwcvc/K26x/wEAAGAYufufHbc02P+X6//rOZL+3/v/D9X/R4Cr/z/7efT/+v9t9P/H2/+fS/9/wPv/j2bf/fzan9/7/+f7/yvnfhKGt7T+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVP9/mf5f/z9N/6//n6L/1/+v+fn1/97/z7yl9f+5+18Qt9Twu/wI/5UAAADAkuTuf2Hc0uT7/wAAANBB7v4XxS32PwAAAAwjd/+L45Ym+1//r//X/+v/vf9f/79L+v/h+v8T+v9b6f/1//p//T/Tltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/9f+7pP8frv/3/v/b0P/r//X/+n+mLa3/z93/irilyf4HAACADnL3vzJusf8BAABgGLn7XxW32P8AAAAwjNz9r45bmux//b/+X/+v/9f/6/93afn9/8lDfZb+/4D+/2y76v9Pn+fX0/8v6/mPp//Pr77+nzEtoP+/x20/zt3/mrilyf4HAACADnL3vzZusf8BAABgGLn7Xxe32P8AAAAwjNz9r49bmuz/8/X/N1x58M9n+v/8DZvo/8+c99fW/+v/N/p//b/+X/9/kbz/X/+/GbD/9/7/dTy/9//r/5m3gP7/rI9z978hbmmy/wEAAKCD3P1vjFvsfwAAABhG7v43xS32PwAAAAwjd/+b45Ym+9/7//X/+n/9v/5f/79L+n/9/5QV9f+ntv2g/l//r//X/zNtaf1/7v63xC1N9j8AAAB0kLv/rXGL/Q8AAADDyN3/trjF/gcAAIBh5O5/e9zSZP/r//X/e+//76D/T/r/+Lrq//X/F0D/r//feP//ke27n1/78+v/9f/MW1r/n7v/HXFLk/0PAAAAHeTuf2fcYv8DAADAMHL3vytusf8BAABgGLn73x23NNn/+n/9/977f+//L/r/+Lrq//X/F0D/r//f6P+PbN/9/NqfX/+v/2fe0vr/3P3viVua7H8AAADoIHf/e+MW+x8AAACGkbv/fXGL/Q8AAADDyN3//rilyf7X/+v/9f/6f/2//n+X9P/6/ymXtv+/5gb9/9n23c+v/fn1//p/5i2t/8/d/4G4pcn+BwAAgA5y938wbrH/AQAAYBi5+z8Ut9j/AAAAMIzc/R+OW5rsf/3/2vv/e14fT7C0/j8/Rf+v/9f/6//1//r/81ru+//P/ZNiO/2//l//r/9n2iXr/+991X3udvPfzPT/ufs/Erc02f8AAADQQe7+a+MW+x8AAACGkbv/o3GL/Q8AAADDyN3/sbilyf7v0f+fvN2njdP/e/+//n/R/X/+oar/1//r//X/Wy23/z8c/b/+X/+v/2fa0t7/n7v/43FLk/0PAAAAHeTu/0TcYv8DAADAMHL3fzJusf8BAABgGLn7PxW3NNn/Pfr/29P/Hzj2/v+mO+n/9f/F+//1/xv9v/5/hv5f/7/m5x+6/z+x0f9zLJbW/+fu/3Tc0mT/AwAAQAe5+z8Tt9j/AAAAMIzc/Z+NW+x/AAAAGEbu/s/FDXe94/4e6ZLS/+v/vf9f/6//1//vkv7/CP3/icsP/Vz6/wP6/6PZdz+/9ucfuv/3/n+OydL6/9z9n49bfP8fAAAAhpG7/wtxi/0PAAAAw8jd/8W4xf4HAACAARz07rn7vxS3NNn/+n/9v/5f/6//1//vkv7f+/+n6P/1/2t+fv2//p95S+v/c/d/OW5psv8BAACgg9z9X4lb7H8AAAAYRu7+r8Yt9j8AAAAMI3f/1+KWJvtf/6//1//r/5fd/5/S/+v/J+n/9f8b/f+R7bufX/vz6//1/8xbWv+fu//rcUuT/Q8AAAAd5O7/Rtxi/wMAAMAwcvd/M26x/wEAAGAYufu/Fbc02f/6f/2//l//v+z+v8X7/09u9P9Hpv/X/2/0/0e2735+7c+v/9f/M29p/X/u/m/HLU32PwAAAHSQu/87cYv9DwAAAMPI3f/duMX+BwAAgGHk7v9e3NJk/4/c/099mv7/gP5f/7/R/y+h//f+/4ug/9f/b/T/R7bvfn7tz6//1/8zb2n9f+7+78ctTfY/AAAAdJC7/wdxi/0PAAAAw8jdf91mc639DwAAAGO67pa/nt78MG5psv9H7v+n6P8P6P/1/xv9v/5/x/T/+v8p+n/9/5qfX/+v/2fe0vr/3P0/ilua7H8AAADoIHf/j+MW+x8AAACGkbv/J3GL/Q8AAADDyN3/07ilyf7X/+v/9f/6f/2//n+X9P/6/yn6f/3/mp9f/6//Z97S+v/c/T+LW5rsfwAAAOggd//P4xb7HwAAAIaRu/8XcYv9DwAAAMPI3f/LuKXJ/tf/6//1//p//b/+f5f0//r/Kfp//f+an1//r/9n3tL6/9z9v4pbmux/AAAA6CB3/6/jFvsfAAAAhpG7/zdxi/0PAAAAw8jd/9u4pcn+1//r//X/+n/9v/5/l9r2/zf/b1X/P0v/r/9f8/Pr//X/zFta/5+7/3dxS5P9DwAAAB3k7v993GL/AwAAwDBy9/8hbrH/AQAAYBi5+/8YtzTZ//p//b/+X/+/jv7/Cv2//n+rxfb/3v9/KPp//f+an1//r/9n3tL6/9z918ctTfY/AAAAdJC7/09xi/0PAAAAw8jd/+e4xf4HAACAYeTuvyFuabL/9f/6/yH7/1P6//H6f+//X2X/fxf9v/5/mv5f/7/m59f/6/+Zt7T+P3f/X+KWJvsfAAAAOsjd/9e4xf4HAACAYeTu/1vcYv8DAADAMHL3/z1uabL/9f/6/yH7f+//1//r/xdD/6//n6L/1/+v+fn1//p/5i2t/8/d/4+4pcn+BwAAgA5y9/8zbrH/AQAAYBi5+/8Vt9j/AAAAMIzc/f+OW5rsf/2//l//r//X/+v/d0n/v97+/4qN/n+O/l//r//X/zNtaf1/7v7/xC1N9j8AAAB0kLv/xrhl6/6/8yV6KgAAAOA45e7/b9zi+/8AAAAwjNz9/4tbmux//b/+X/9/Qf3/af2//l//f2H0/+vt/73/f57+X/+v/9f/M21p/X/u/v8HAAD//8+aFhM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xfffe82)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)

705.380218ms ago: executing program 1 (id=981):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000400), 0xffffffffffffffff)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000015}, 0x800)

704.991589ms ago: executing program 2 (id=982):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000002140)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(michael_mic-generic,xchacha20-generic)\x00'}, 0x58)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x7, &(0x7f00000000c0)="fdffffff", 0x4)

545.815461ms ago: executing program 1 (id=983):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000440)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000080)='$', 0x1)

545.075391ms ago: executing program 2 (id=984):
r0 = syz_open_procfs(0x0, &(0x7f0000000340)='oom_score_adj\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
r1 = syz_io_uring_setup(0x2e3b, &(0x7f0000000080)={0x0, 0x5ba7, 0x10100, 0x1}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/9, 0x9}, {0x0}], 0x2})
io_uring_enter(r1, 0x567, 0xa1ff, 0x0, 0x0, 0x0)

470.108592ms ago: executing program 3 (id=985):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r1 = accept(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000740)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000dc0)=ANY=[@ANYBLOB="18000000000000001701000003000000010000000000000030000000000000001701000002000000eb"], 0x340, 0x80}], 0x1, 0x4000000)

410.387433ms ago: executing program 1 (id=986):
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
openat$cgroup_subtree(r0, 0x0, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
fadvise64(r1, 0xe0ffff, 0x4101, 0x3)

401.514114ms ago: executing program 2 (id=987):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$IOMMU_GET_HW_INFO(r0, 0x3b8a, &(0x7f0000000300)={0x28, 0x0, r2, 0x1000, &(0x7f00000003c0)=""/4096})

324.151895ms ago: executing program 3 (id=989):
r0 = socket$caif_seqpacket(0x25, 0x5, 0x1)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xb6e7, 0x0, 0x3}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x40, 0x1})
io_uring_enter(r1, 0x47f9, 0x0, 0x0, 0x0, 0x0)

197.634197ms ago: executing program 3 (id=990):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000380)={@val={0x2000, 0x1}, @void, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @val={@void, {0x8100, 0x3, 0x1, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x29, 0x0, @loopback, @multicast1}, {0x0, 0x8, 0x64, 0x0, @wg=@response={0x2, 0x2, 0x1, "a4178cb15c5937d164e9202ec07e57ac1fcd77521ea0743277c2419c770de9ec", "9dcf3942b6111e00", {"cf7f940545f199ccaab5ffc6e964c0ac", "9b8c8de9d74d76cfe6155d1c1b3aaee5"}}}}}}}}, 0x8e)

118.865948ms ago: executing program 2 (id=991):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000880)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x0, {0x2, 0x0, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)="81b641f1f3843704b6", 0x9}], 0x1}, 0x48005)

0s ago: executing program 1 (id=992):
r0 = syz_open_dev$usbfs(&(0x7f0000000340), 0x74, 0x101341)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0), 0xed)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0x8008551c, &(0x7f0000000040)=@usbdevfs_driver={0xfff, 0x8, 0x0})

kernel console output (not intermixed with test programs):

tem c9fe44da-de57-406a-8241-57ec7d4412cf
[  108.127899][ T5762] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  108.150436][ T6156] loop2: detected capacity change from 0 to 32768
[  108.347306][ T5762] usb 4-1: Using ep0 maxpacket: 32
[  108.377515][ T5762] usb 4-1: config index 0 descriptor too short (expected 156, got 27)
[  108.386231][ T5762] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  108.434424][ T5762] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  108.457584][ T5762] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  108.507281][ T5762] usb 4-1: config 0 interface 0 has no altsetting 0
[  108.511382][ T6160] loop2: detected capacity change from 0 to 4096
[  108.528473][ T5762] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  108.541482][ T6160] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  108.552022][ T5762] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  108.577644][ T5762] usb 4-1: Product: syz
[  108.581891][ T5762] usb 4-1: Manufacturer: syz
[  108.586523][ T5762] usb 4-1: SerialNumber: syz
[  108.622538][ T6160] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  108.658780][ T5762] usb 4-1: config 0 descriptor??
[  108.704038][ T5762] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  108.760436][ T5762] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  109.040169][    C0] ldusb 4-1:0.0: usb_submit_urb failed (-19)
[  109.046815][    T9] usb 4-1: USB disconnect, device number 2
[  109.080808][    T9] ldusb 4-1:0.0: LD USB Device #0 now disconnected
[  109.734046][ T6181] loop0: detected capacity change from 0 to 1024
[  110.055090][ T6183] Zero length message leads to an empty skb
[  110.562271][ T5845] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  110.702014][ T6188] loop3: detected capacity change from 0 to 32768
[  110.738011][ T6188] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  110.747745][ T5845] usb 1-1: Using ep0 maxpacket: 16
[  110.756116][ T5845] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  110.768208][ T5845] usb 1-1: config 0 has no interface number 0
[  110.785967][ T5845] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  110.797521][ T5845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.806186][ T5845] usb 1-1: Product: syz
[  110.811216][ T5845] usb 1-1: Manufacturer: syz
[  110.816124][ T5845] usb 1-1: SerialNumber: syz
[  110.828518][ T5845] usb 1-1: config 0 descriptor??
[  110.849210][ T5845] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  110.851357][ T6188] XFS (loop3): Ending clean mount
[  110.886780][ T6188] XFS (loop3): Quotacheck needed: Please wait.
[  110.973256][ T6188] XFS (loop3): Quotacheck: Done.
[  111.049225][ T6191] loop2: detected capacity change from 0 to 32768
[  111.169710][ T5768] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  111.210406][ T6191] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  111.619030][ T5769] (syz-executor,5769,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[  111.685890][ T5769] ocfs2: Unmounting device (7,2) on (node local)
[  111.697518][ T5784] Bluetooth: hci3: command 0x0c1a tx timeout
[  111.875297][ T5845] gspca_spca1528: reg_w err -71
[  111.887526][ T5845] spca1528: probe of 1-1:0.1 failed with error -71
[  111.927100][ T5845] usb 1-1: USB disconnect, device number 2
[  111.988462][  T786] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  112.185294][ T6216] loop2: detected capacity change from 0 to 1024
[  112.194140][  T786] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  112.220210][  T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.261528][  T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.274895][  T786] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  112.294227][  T786] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  112.305518][  T786] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  112.346321][  T786] usb 4-1: Manufacturer: syz
[  112.371373][  T786] usb 4-1: config 0 descriptor??
[  112.832997][  T786] appleir 0003:05AC:8243.0001: unknown main item tag 0x0
[  112.849163][  T786] appleir 0003:05AC:8243.0001: No inputs registered, leaving
[  112.877848][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  112.894318][  T786] appleir 0003:05AC:8243.0001: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  113.052803][ T6234] loop2: detected capacity change from 0 to 4096
[  113.081621][    T9] usb 1-1: Using ep0 maxpacket: 16
[  113.098773][ T6234] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  113.142469][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  113.155823][    T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  113.172352][    T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  113.182127][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.197320][    T9] usb 1-1: Product: syz
[  113.207882][    T9] usb 1-1: Manufacturer: syz
[  113.222874][    T9] usb 1-1: SerialNumber: syz
[  113.245553][ T5862] usb 4-1: USB disconnect, device number 3
[  113.487726][    T9] usb 1-1: 0:2 : does not exist
[  113.520935][    T9] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  113.652254][    T9] usb 1-1: USB disconnect, device number 3
[  113.789593][ T5786] udevd[5786]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  113.962529][ T6243] loop1: detected capacity change from 0 to 4096
[  114.000801][ T6243] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  114.027561][ T6247] loop2: detected capacity change from 0 to 512
[  114.069077][ T6247] [EXT4 FS bs=4096, gc=1, bpg=95, ipg=32, mo=e00ee118, mo2=0000]
[  114.076972][ T6247] System zones: 0-2, 34-35
[  114.090167][ T6247] EXT4-fs (loop2): orphan cleanup on readonly fs
[  114.099304][ T6243] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  114.108117][ T6247] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #4: comm syz.2.134: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  114.183679][ T6247] EXT4-fs error (device loop2): ext4_quota_enable:7132: comm syz.2.134: Bad quota inode: 4, type: 1
[  114.217353][   T27] kauditd_printk_skb: 9 callbacks suppressed
[  114.217369][   T27] audit: type=1800 audit(1750793605.583:26): pid=6243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.132" name="file0" dev="loop1" ino=0 res=0 errno=0
[  114.227811][ T6247] EXT4-fs warning (device loop2): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  114.322848][ T6247] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  114.345572][ T6247] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.403442][   T27] audit: type=1804 audit(1750793605.773:27): pid=6243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.132" name="/newroot/46/file0/file0" dev="loop1" ino=0 res=1 errno=0
[  114.958982][ T6260] EXT4-fs (loop2): shut down requested (0)
[  115.156464][ T6253] loop0: detected capacity change from 0 to 32768
[  115.198431][ T6253] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  115.336010][ T6253] XFS (loop0): Ending clean mount
[  115.352117][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.380460][ T6253] XFS (loop0): Quotacheck needed: Please wait.
[  115.430151][ T6275] loop2: detected capacity change from 0 to 256
[  115.477427][ T6275] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  115.489505][ T6275] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  115.524389][ T6253] XFS (loop0): Quotacheck: Done.
[  115.570624][ T6275] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xddfd5d26, utbl_chksum : 0xe619d30d)
[  115.762221][ T6275] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  115.807300][ T6275] exFAT-fs (loop2): Filesystem has been set read-only
[  115.814203][ T6275] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  115.899063][ T5779] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  116.523691][ T6293] sctp: [Deprecated]: syz.3.148 (pid 6293) Use of struct sctp_assoc_value in delayed_ack socket option.
[  116.523691][ T6293] Use struct sctp_sack_info instead
[  116.557765][ T6295] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  117.512376][ T6323] netlink: 404 bytes leftover after parsing attributes in process `syz.2.162'.
[  117.637923][    T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  117.837349][    T9] usb 4-1: Using ep0 maxpacket: 32
[  117.859448][    T9] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.1f
[  117.879088][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.899443][ T6321] loop0: detected capacity change from 0 to 32768
[  117.905436][    T9] usb 4-1: config 0 descriptor??
[  117.909572][ T6321] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.163 (6321)
[  117.996230][ T6321] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  118.008438][    C0] vcan0: j1939_tp_rxtimer: 0xffff888020f19400: rx timeout, send abort
[  118.019327][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888020f19400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  118.037118][ T6321] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  118.072693][ T6321] BTRFS info (device loop0): setting nodatasum
[  118.082795][ T6321] BTRFS info (device loop0): doing ref verification
[  118.111784][ T6321] BTRFS info (device loop0): use zlib compression, level 3
[  118.127510][ T6321] BTRFS info (device loop0): force clearing of disk cache
[  118.134718][ T6321] BTRFS info (device loop0): doing ref verification
[  118.148173][    T9] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  118.167511][ T6321] BTRFS info (device loop0): using free space tree
[  118.185532][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  118.224897][    T9] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  118.247729][    T9] usb 4-1: media controller created
[  118.314222][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  118.373783][ T6321] BTRFS info (device loop0): enabling ssd optimizations
[  118.406045][ T6321] BTRFS info (device loop0): auto enabling async discard
[  118.412380][ T6327] loop2: detected capacity change from 0 to 32768
[  118.445456][ T6321] BTRFS info (device loop0): rebuilding free space tree
[  118.482200][ T6327] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  118.513292][    T9] az6027: usb out operation failed. (-71)
[  118.545543][    T9] az6027: usb out operation failed. (-71)
[  118.570122][    T9] stb0899_attach: Driver disabled by Kconfig
[  118.608344][    T9] az6027: no front-end attached
[  118.608344][    T9] 
[  118.639258][    T9] az6027: usb out operation failed. (-71)
[  118.661917][    T9] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  118.698086][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input5
[  118.719194][ T6327] XFS (loop2): Ending clean mount
[  118.786774][    T9] dvb-usb: schedule remote query interval to 400 msecs.
[  118.813757][    T9] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  118.867684][ T5779] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  118.887601][    T9] usb 4-1: USB disconnect, device number 4
[  119.085895][ T5769] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  119.100203][    T9] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  119.301347][    C0] vcan0: j1939_tp_rxtimer: 0xffff88801c326800: rx timeout, send abort
[  119.310124][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88801c326800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  119.539042][ T6367] netlink: 8 bytes leftover after parsing attributes in process `syz.3.170'.
[  119.606145][ T6362] loop0: detected capacity change from 0 to 2048
[  119.690539][ T6362] hpfs: filesystem error: dir band size mismatch: dir_band_start==7b318cc2, dir_band_end==7b318cc3, n_dir_band==00000000; already mounted read-only
[  120.037310][ T5762] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  120.216638][ T6362] loop0: detected capacity change from 0 to 40427
[  120.239568][ T5762] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  120.272784][ T5762] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  120.282145][ T6362] F2FS-fs (loop0): invalid crc value
[  120.300744][ T5762] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  120.316635][ T6373] loop1: detected capacity change from 0 to 32768
[  120.323521][ T5762] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  120.332516][ T5762] usb 4-1: SerialNumber: syz
[  120.376670][ T6362] F2FS-fs (loop0): Found nat_bits in checkpoint
[  120.470083][ T6373] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  120.528999][ T6362] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  120.573417][ T5762] usb 4-1: 0:2 : does not exist
[  120.658004][ T5762] usb 4-1: 5:0: failed to get current value for ch 1 (-22)
[  120.680909][ T6373] XFS (loop1): Ending clean mount
[  120.711988][ T6373] XFS (loop1): Quotacheck needed: Please wait.
[  120.722634][ T5762] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  120.818180][ T5762] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[  120.839330][ T6373] XFS (loop1): Quotacheck: Done.
[  120.920874][ T5762] usb 4-1: USB disconnect, device number 5
[  120.985497][ T5786] udevd[5786]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  121.054319][ T6390] loop2: detected capacity change from 0 to 1024
[  121.163595][ T5767] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  121.221458][ T6390] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  122.198179][ T5762] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  122.380946][ T5762] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  122.392396][ T5762] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.417321][ T5762] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.437302][ T5762] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  122.473282][ T5762] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  122.517504][ T5762] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  122.530172][ T5762] usb 1-1: Manufacturer: syz
[  122.551336][ T5762] usb 1-1: config 0 descriptor??
[  122.575814][ T6419] netlink: 'syz.3.188': attribute type 4 has an invalid length.
[  122.838932][ T6424] netlink: 24 bytes leftover after parsing attributes in process `syz.1.191'.
[  123.002746][ T5762] appleir 0003:05AC:8243.0002: unknown main item tag 0x0
[  123.023861][ T5762] appleir 0003:05AC:8243.0002: No inputs registered, leaving
[  123.074516][ T5762] appleir 0003:05AC:8243.0002: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  123.364298][ T5762] usb 1-1: USB disconnect, device number 4
[  124.035600][ T6449] loop1: detected capacity change from 0 to 1024
[  124.047565][    T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  124.235319][ T6449] EXT4-fs: Ignoring removed i_version option
[  124.251497][    T9] usb 4-1: Using ep0 maxpacket: 8
[  124.251487][ T6449] EXT4-fs: inline encryption not supported
[  124.262792][ T6449] EXT4-fs (loop1): Test dummy encryption mode enabled
[  124.273280][    T9] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.293155][ T6449] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.305735][    T9] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  124.305793][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[  124.305833][    T9] usb 4-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  124.305856][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.329140][    T9] usb 4-1: config 0 descriptor??
[  124.419076][ T6407] loop2: detected capacity change from 0 to 131072
[  124.438844][ T6407] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  124.447112][ T6407] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  124.503146][ T6407] F2FS-fs (loop2): Found nat_bits in checkpoint
[  124.635199][ T6407] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  124.650897][ T6407] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  124.668043][ T6449] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  124.781070][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.810377][    T9] steelseries 0003:1038:1410.0003: unknown main item tag 0x1
[  124.829949][    T9] steelseries 0003:1038:1410.0003: item fetching failed at offset 3/5
[  124.868220][    T9] steelseries 0003:1038:1410.0003: parse failed
[  124.895070][    T9] steelseries: probe of 0003:1038:1410.0003 failed with error -22
[  125.027777][    T9] usb 4-1: USB disconnect, device number 6
[  125.774798][ T6480] process 'syz.1.211' launched './file1' with NULL argv: empty string added
[  126.071690][ T6490] netlink: 8 bytes leftover after parsing attributes in process `syz.0.215'.
[  126.252333][ T6494] loop0: detected capacity change from 0 to 512
[  126.311108][ T6494] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.386467][ T6498] vlan2: entered promiscuous mode
[  126.396640][   T27] audit: type=1800 audit(1750793617.763:28): pid=6494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.217" name="file1" dev="loop0" ino=15 res=0 errno=0
[  126.416978][    C1] vkms_vblank_simulate: vblank timer overrun
[  126.437379][ T6498] dummy0: entered promiscuous mode
[  126.458471][   T27] audit: type=1800 audit(1750793617.793:29): pid=6494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.217" name="file1" dev="loop0" ino=15 res=0 errno=0
[  126.466471][ T6498] vlan2: entered allmulticast mode
[  126.487560][ T6498] dummy0: entered allmulticast mode
[  126.520373][ T6501] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.217: bg 0: block 264: padding at end of block bitmap is not set
[  126.809230][ T6509] loop2: detected capacity change from 0 to 64
[  126.913279][   T27] audit: type=1800 audit(1750793618.283:30): pid=6509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.222" name="file1" dev="loop2" ino=18 res=0 errno=0
[  127.216247][ T5779] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.230949][ T6520] loop3: detected capacity change from 0 to 128
[  127.231573][ T6516] loop2: detected capacity change from 0 to 2048
[  127.279958][ T6520] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  127.309348][ T6516] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  127.348470][ T6520] ext4 filesystem being mounted at /50/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  127.411602][ T6520] EXT4-fs warning (device loop3): __ext4_ioctl:1259: Setting inode version is not supported with metadata_csum enabled.
[  127.481448][ T5768] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  127.937502][ T5762] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  128.015973][ T6542] syz.1.235[6542] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.016117][ T6542] syz.1.235[6542] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.144381][ T5762] usb 4-1: unable to get BOS descriptor or descriptor too short
[  128.198437][ T5762] usb 4-1: not running at top speed; connect to a high speed hub
[  128.211529][ T5762] usb 4-1: config 1 interface 0 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  128.223516][ T5762] usb 4-1: config 1 interface 0 has no altsetting 0
[  128.232724][ T6548] vlan2: entered allmulticast mode
[  128.238741][ T6548] vlan1: entered allmulticast mode
[  128.244243][ T6548] veth0_vlan: entered allmulticast mode
[  128.252478][ T5762] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  128.267527][ T5762] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.275793][ T5762] usb 4-1: Product: syz
[  128.282010][ T6548] bridge0: port 3(vlan2) entered blocking state
[  128.298307][ T5762] usb 4-1: Manufacturer: syz
[  128.302991][ T5762] usb 4-1: SerialNumber: syz
[  128.309483][ T6548] bridge0: port 3(vlan2) entered disabled state
[  128.320853][ T6529] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  128.335302][ T6548] vlan2: entered promiscuous mode
[  128.341396][ T6548] vlan1: entered promiscuous mode
[  128.348571][ T6548] bridge0: port 3(vlan2) entered blocking state
[  128.356058][ T6548] bridge0: port 3(vlan2) entered forwarding state
[  128.429939][ T6554] batadv0: entered promiscuous mode
[  128.436218][ T6554] batadv_slave_1: entered promiscuous mode
[  128.442765][ T6553] batadv_slave_1: left promiscuous mode
[  128.450545][ T6553] batadv0: left promiscuous mode
[  128.450561][   T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  128.563661][ T5762] usb 4-1: bad CDC descriptors
[  128.580835][ T5762] usb 4-1: USB disconnect, device number 7
[  128.651369][   T23] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  128.666110][   T23] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  128.676286][   T23] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  128.685554][   T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.700339][ T6545] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  128.716558][   T23] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[  128.802538][  T786] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  128.927945][ T5762] usb 3-1: USB disconnect, device number 2
[  128.988033][  T786] usb 1-1: Using ep0 maxpacket: 16
[  129.005837][  T786] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.016933][  T786] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.027098][  T786] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  129.040228][  T786] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  129.049450][  T786] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.061191][  T786] usb 1-1: config 0 descriptor??
[  129.286234][ T6560] warning: `syz.3.244' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  129.507811][  T786] microsoft 0003:045E:07DA.0004: unknown main item tag 0x3
[  129.528468][  T786] microsoft 0003:045E:07DA.0004: No inputs registered, leaving
[  129.551041][  T786] microsoft 0003:045E:07DA.0004: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  129.580644][  T786] microsoft 0003:045E:07DA.0004: no inputs found
[  129.587063][  T786] microsoft 0003:045E:07DA.0004: could not initialize ff, continuing anyway
[  129.709560][   T23] usb 1-1: USB disconnect, device number 5
[  130.026595][ T6564] loop1: detected capacity change from 0 to 32768
[  130.073774][   T27] audit: type=1800 audit(1750793621.443:31): pid=6564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.246" name="file1" dev="loop1" ino=4 res=0 errno=0
[  130.198811][ T5762] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  130.397355][ T5762] usb 3-1: Using ep0 maxpacket: 16
[  130.408630][ T5762] usb 3-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  130.434917][ T5762] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.474547][ T5762] usb 3-1: config 0 descriptor??
[  130.492761][ T5762] gspca_main: sonixj-2.14.0 probing 0471:0327
[  130.677691][  T786] IPVS: starting estimator thread 0...
[  130.772018][ T6594] IPVS: using max 17 ests per chain, 40800 per kthread
[  130.896253][ T6601] loop2: detected capacity change from 0 to 7
[  130.905410][ T6601] Dev loop2: unable to read RDB block 7
[  130.911726][ T6601]  loop2: unable to read partition table
[  130.918665][ T6601] loop2: partition table beyond EOD, truncated
[  130.926116][ T6601] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  131.509012][ T5762] usb 3-1: USB disconnect, device number 3
[  131.778898][ T6606] loop1: detected capacity change from 0 to 40427
[  131.803271][ T6606] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  131.812792][ T6606] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  131.841674][ T6606] F2FS-fs (loop1): invalid crc value
[  131.862850][ T6606] F2FS-fs (loop1): Found nat_bits in checkpoint
[  132.009132][ T6606] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  132.016329][ T6606] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  132.268700][ T6625] loop2: detected capacity change from 0 to 1024
[  132.277100][ T6625] EXT4-fs: Ignoring removed nobh option
[  132.293659][ T6625] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  132.308133][ T5767] syz-executor: attempt to access beyond end of device
[  132.308133][ T5767] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  132.334621][ T5767] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  132.346148][ T6625] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #11: comm syz.2.270: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  132.391391][ T6625] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.270: couldn't read orphan inode 11 (err -117)
[  132.435597][ T6625] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.510571][ T6625] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:478: comm syz.2.270: Invalid block bitmap block 0 in block_group 0
[  132.542992][ T6625] Quota error (device loop2): write_blk: dquota write failed
[  132.558957][ T6625] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  132.597966][ T6625] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.270: Failed to acquire dquot type 0
[  132.718547][ T6631] fuse: Bad value for 'fd'
[  132.739005][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.776513][ T6632] loop3: detected capacity change from 0 to 128
[  132.830131][ T6632] ADFS-fs (loop3): unrecognised mount option "uid=0x0000000000000000ÿ0x0000000000000000" or missing value
[  132.995309][ T6635] loop2: detected capacity change from 0 to 2048
[  133.038184][ T6635] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  133.054206][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  133.061814][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  133.424672][ T6626] loop3: detected capacity change from 0 to 128
[  133.468538][ T6626] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  133.524702][ T6626] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  134.597482][ T5762] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  134.817335][ T5762] usb 1-1: Using ep0 maxpacket: 8
[  134.833495][ T5762] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  134.872149][ T5762] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.892178][ T6674] netlink: 'syz.2.292': attribute type 39 has an invalid length.
[  134.911905][ T5762] pvrusb2: Hardware description: Terratec Grabster AV400
[  134.944594][ T5762] pvrusb2: **********
[  134.951842][ T5762] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  134.967694][ T5762] pvrusb2: Important functionality might not be entirely working.
[  134.975778][ T5762] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  134.993247][ T5762] pvrusb2: **********
[  135.133618][ T2319] pvrusb2: Invalid write control endpoint
[  135.320810][ T6664] pvrusb2: Invalid write control endpoint
[  135.351297][   T23] usb 1-1: USB disconnect, device number 6
[  135.424065][ T6680] kernel read not supported for file /!sel (pid: 6680 comm: syz.3.294)
[  135.466094][ T2319] pvrusb2: Invalid write control endpoint
[  135.487500][   T27] audit: type=1800 audit(1750793626.853:32): pid=6680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.294" name="!sel" dev="mqueue" ino=10490 res=0 errno=0
[  135.530427][ T2319] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  135.583929][ T2319] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  135.626688][ T2319] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  135.686490][ T2319] pvrusb2: Device being rendered inoperable
[  135.731869][ T2319] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  135.773147][ T2319] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  135.823704][ T2319] pvrusb2: Attached sub-driver cx25840
[  135.842486][ T2319] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  135.878191][ T2319] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  136.352463][ T6657] loop1: detected capacity change from 0 to 262144
[  136.370658][ T6657] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop1 scanned by syz.1.283 (6657)
[  136.408319][ T6657] BTRFS info (device loop1): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  136.418597][ T6657] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  136.428018][ T6657] BTRFS info (device loop1): using free space tree
[  136.530689][ T6657] BTRFS info (device loop1): enabling ssd optimizations
[  136.744675][ T5767] BTRFS info (device loop1): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  136.816400][ T6721] netlink: 20 bytes leftover after parsing attributes in process `syz.3.306'.
[  136.855451][ T6721] netlink: 20 bytes leftover after parsing attributes in process `syz.3.306'.
[  136.890649][ T5862] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  137.107430][ T5862] usb 3-1: Using ep0 maxpacket: 8
[  137.127852][ T6723] netlink: 232 bytes leftover after parsing attributes in process `syz.1.305'.
[  137.138429][ T5862] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 17
[  137.142661][ T6723] netlink: 4 bytes leftover after parsing attributes in process `syz.1.305'.
[  137.169784][ T5862] usb 3-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=c8.07
[  137.179459][ T5862] usb 3-1: New USB device strings: Mfr=209, Product=185, SerialNumber=60
[  137.207700][ T5862] usb 3-1: Product: syz
[  137.226108][ T6725] loop3: detected capacity change from 0 to 1024
[  137.227370][ T5862] usb 3-1: Manufacturer: syz
[  137.247650][ T5862] usb 3-1: SerialNumber: syz
[  137.288573][ T5862] usb 3-1: config 0 descriptor??
[  137.331319][ T6725] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.516130][ T5862] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  137.765763][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.947447][  T786] usb 2-1: new low-speed USB device number 2 using dummy_hcd
[  138.169948][  T786] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  138.197725][  T786] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  138.225822][  T786] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 28528, setting to 8
[  138.257580][  T786] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  138.267580][  T786] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.293606][ T6731] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  138.330357][  T786] hub 2-1:1.0: bad descriptor, ignoring hub
[  138.345834][ T5862] gspca_sunplus: reg_w_riv err -71
[  138.357685][ T5862] sunplus: probe of 3-1:0.0 failed with error -71
[  138.364226][  T786] hub: probe of 2-1:1.0 failed with error -5
[  138.390943][ T5862] usb 3-1: USB disconnect, device number 4
[  138.411029][  T786] cdc_wdm 2-1:1.0: skipping garbage
[  138.416325][  T786] cdc_wdm 2-1:1.0: skipping garbage
[  138.428572][ T6740] capability: warning: `syz.0.312' uses deprecated v2 capabilities in a way that may be insecure
[  138.469021][  T786] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  138.475007][  T786] cdc_wdm 2-1:1.0: Unknown control protocol
[  138.698212][ T6748] loop3: detected capacity change from 0 to 512
[  138.727456][ T6748] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  138.763039][ T6748] EXT4-fs (loop3): orphan cleanup on readonly fs
[  138.784152][ T6748] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:512: comm syz.3.315: Block bitmap for bg 0 marked uninitialized
[  138.822059][ T6748] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6642: Corrupt filesystem
[  138.859960][ T6748] EXT4-fs (loop3): 1 orphan inode deleted
[  138.867099][ T6748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  138.920725][ T6748] vxcan0: tx address claim with different name
[  138.999173][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.168566][  T786] usb 2-1: USB disconnect, device number 2
[  139.176427][ T6731] cdc_wdm 2-1:1.0: Error autopm - -16
[  139.191580][ T6755] macvlan1: entered promiscuous mode
[  139.228150][ T6755] ipvlan0: entered promiscuous mode
[  139.234879][ T6755] ipvlan0: left promiscuous mode
[  139.251183][ T6755] macvlan1: left promiscuous mode
[  139.387585][  T786] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  139.541779][ T6764] loop2: detected capacity change from 0 to 2048
[  139.585296][ T6764] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.587582][  T786] usb 2-1: Using ep0 maxpacket: 8
[  139.604901][  T786] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  139.615497][  T786] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  139.625317][  T786] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 119, changing to 10
[  139.636891][  T786] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26480, setting to 1024
[  139.648267][  T786] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  139.661176][  T786] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.674143][ T6745] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  139.683567][  T786] hub 2-1:1.0: bad descriptor, ignoring hub
[  139.694075][ T6764] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  139.712357][  T786] hub: probe of 2-1:1.0 failed with error -5
[  139.721998][  T786] cdc_wdm 2-1:1.0: skipping garbage
[  139.727936][  T786] cdc_wdm 2-1:1.0: skipping garbage
[  139.736234][  T786] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  139.742825][  T786] cdc_wdm 2-1:1.0: Unknown control protocol
[  139.790045][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.049253][   T23] usb 2-1: USB disconnect, device number 3
[  140.222704][ T6776] loop3: detected capacity change from 0 to 2048
[  140.254010][ T6776] UDF-fs: bad mount option "mode&00000000000000000000777" or missing value
[  140.324651][ T6776] Bluetooth: MGMT ver 1.22
[  140.684622][ T6785] loop2: detected capacity change from 0 to 512
[  140.728177][ T6785] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  140.794905][ T6785] EXT4-fs (loop2): 1 truncate cleaned up
[  140.828722][ T6785] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.978691][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.137158][   T27] audit: type=1326 audit(1750793632.503:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1a3d8e929 code=0x7ffc0000
[  141.243094][   T27] audit: type=1326 audit(1750793632.533:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa1a3d2ab19 code=0x7ffc0000
[  141.317395][   T27] audit: type=1326 audit(1750793632.533:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1a3d8e929 code=0x7ffc0000
[  141.405957][   T27] audit: type=1326 audit(1750793632.533:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa1a3d2ab19 code=0x7ffc0000
[  141.470166][ T6810] loop1: detected capacity change from 0 to 1024
[  141.486864][   T27] audit: type=1326 audit(1750793632.533:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1a3d8e929 code=0x7ffc0000
[  141.511913][ T6811] netlink: 'syz.0.340': attribute type 16 has an invalid length.
[  141.533582][ T6811] netlink: 'syz.0.340': attribute type 3 has an invalid length.
[  141.545858][   T27] audit: type=1326 audit(1750793632.533:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa1a3d2ab19 code=0x7ffc0000
[  141.597389][ T6811] netlink: 64066 bytes leftover after parsing attributes in process `syz.0.340'.
[  141.657780][   T27] audit: type=1326 audit(1750793632.533:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1a3d8e929 code=0x7ffc0000
[  141.735195][   T27] audit: type=1326 audit(1750793632.543:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1a3d8e929 code=0x7ffc0000
[  141.858241][   T27] audit: type=1326 audit(1750793632.543:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa1a3d2ab19 code=0x7ffc0000
[  141.942466][   T27] audit: type=1326 audit(1750793632.543:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1a3d8e929 code=0x7ffc0000
[  142.324542][ T6805] loop2: detected capacity change from 0 to 32768
[  142.434378][ T6805] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  142.515585][ T6815] loop1: detected capacity change from 0 to 40427
[  142.536287][ T6815] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  142.564707][ T6815] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  142.605311][ T6815] F2FS-fs (loop1): invalid crc value
[  142.696925][ T6815] F2FS-fs (loop1): Found nat_bits in checkpoint
[  142.767653][ T5769] ocfs2: Unmounting device (7,2) on (node local)
[  142.927651][ T6815] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  142.957824][ T6815] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  143.888639][ T6852] use of bytesused == 0 is deprecated and will be removed in the future,
[  143.917366][ T6852] use the actual size instead.
[  144.470603][ T5762] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  144.592994][ T6849] loop2: detected capacity change from 0 to 32768
[  144.659485][ T6849] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  144.699306][ T5762] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  144.724523][ T5762] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.768069][ T5762] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  144.780305][ T5762] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.794544][ T5762] usb 4-1: config 0 descriptor??
[  144.820333][ T6849] XFS (loop2): Ending clean mount
[  145.084329][ T5769] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  145.224274][ T5762] savu 0003:1E7D:2D5A.0005: unknown main item tag 0x0
[  145.247885][ T5762] savu 0003:1E7D:2D5A.0005: collection stack underflow
[  145.266579][ T5762] savu 0003:1E7D:2D5A.0005: item 0 4 0 12 parsing failed
[  145.286441][ T5762] savu 0003:1E7D:2D5A.0005: parse failed
[  145.303590][ T5762] savu: probe of 0003:1E7D:2D5A.0005 failed with error -22
[  145.419369][ T5762] usb 4-1: USB disconnect, device number 8
[  145.474780][ T6873] loop2: detected capacity change from 0 to 64
[  145.921296][ T6884] netlink: 16 bytes leftover after parsing attributes in process `syz.2.365'.
[  146.352315][ T6899] loop1: detected capacity change from 0 to 1024
[  146.836072][ T6896] loop3: detected capacity change from 0 to 32768
[  147.228389][ T6921] netlink: 8 bytes leftover after parsing attributes in process `syz.1.382'.
[  147.716852][ T6929] loop2: detected capacity change from 0 to 4096
[  147.782256][ T6929] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  147.841759][ T6929] ntfs3: loop2: Failed to load $Extend (-22).
[  147.891573][ T6929] ntfs3: loop2: Failed to initialize $Extend.
[  148.404122][ T6933] loop1: detected capacity change from 0 to 32768
[  148.997544][   T23] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  149.220314][   T23] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  149.230453][   T23] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  149.252782][   T23] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  149.267369][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.344649][ T6971] loop1: detected capacity change from 0 to 1024
[  149.491790][   T23] usb 4-1: usb_control_msg returned -32
[  149.498890][   T23] usbtmc 4-1:16.0: can't read capabilities
[  149.512570][ T6973] loop2: detected capacity change from 0 to 512
[  149.520381][ T6973] EXT4-fs: Ignoring removed mblk_io_submit option
[  149.527088][ T6973] EXT4-fs: inline encryption not supported
[  149.540501][ T6973] EXT4-fs (loop2): Test dummy encryption mode enabled
[  149.550016][ T6973] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  149.568924][ T6973] EXT4-fs (loop2): 1 truncate cleaned up
[  149.577969][ T6973] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.645847][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.496407][ T6999] loop1: detected capacity change from 0 to 512
[  150.592686][ T6999] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  150.655227][ T6999] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.121185][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  151.244739][ T5762] kernel write not supported for file /213/oom_score_adj (pid: 5762 comm: kworker/1:3)
[  151.659605][ T7063] loop2: detected capacity change from 0 to 512
[  151.684129][ T7063] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  151.874818][    T8] usb 4-1: USB disconnect, device number 9
[  151.901970][ T7063] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  151.911037][ T7063] System zones: 0-2, 18-18, 34-34
[  152.008780][ T7063] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.077484][ T7063] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.167032][ T7063] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  152.227549][ T7087] netlink: 16 bytes leftover after parsing attributes in process `syz.3.431'.
[  152.276687][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.707732][ T5862] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  152.900057][ T5862] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  152.905081][ T7109] loop1: detected capacity change from 0 to 2048
[  152.927500][ T5862] usb 3-1: config 1 has no interface number 0
[  152.937124][ T5862] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.975409][ T5862] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  152.992081][ T5862] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  153.016759][ T5862] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  153.019119][ T7109] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.034446][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.081724][ T5862] usb 3-1: Product: syz
[  153.085976][ T5862] usb 3-1: Manufacturer: syz
[  153.123635][ T5862] usb 3-1: SerialNumber: syz
[  153.140374][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.418298][ T7127] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  153.977929][ T5862] cdc_ncm 3-1:1.1: bind() failure
[  154.196489][   T23] usb 3-1: USB disconnect, device number 5
[  154.681031][ T7151] program syz.1.456 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  154.826358][ T7156] loop3: detected capacity change from 0 to 8
[  154.880239][ T7156] SQUASHFS error: zlib decompression failed, data probably corrupt
[  154.897609][ T7156] SQUASHFS error: Failed to read block 0x9b: -5
[  154.921292][ T7156] SQUASHFS error: Unable to read metadata cache entry [99]
[  154.945763][ T7156] SQUASHFS error: Unable to read inode 0x127
[  155.862822][ T7190] input: syz1 as /devices/virtual/input/input6
[  155.962027][ T7194] loop1: detected capacity change from 0 to 128
[  155.997368][   T23] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  156.012481][ T7194] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  156.038581][ T7194] ext4 filesystem being mounted at /134/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  156.129041][ T5767] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  156.195194][   T23] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  156.221074][   T23] usb 1-1: config 0 interface 0 has no altsetting 0
[  156.233782][   T23] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  156.264304][   T23] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  156.297461][   T23] usb 1-1: Product: syz
[  156.301920][   T23] usb 1-1: Manufacturer: syz
[  156.306627][   T23] usb 1-1: SerialNumber: syz
[  156.315257][   T23] usb 1-1: config 0 descriptor??
[  156.355601][   T23] usb 1-1: selecting invalid altsetting 0
[  156.382805][ T7205] loop1: detected capacity change from 0 to 64
[  156.496724][ T7207] netlink: 36 bytes leftover after parsing attributes in process `syz.2.482'.
[  156.591724][  T786] usb 1-1: USB disconnect, device number 7
[  156.832215][ T7216] loop2: detected capacity change from 0 to 2048
[  156.844011][ T7218] loop3: detected capacity change from 0 to 256
[  156.875578][ T7216] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.979445][ T7216] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  157.029180][ T7216] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  157.052321][ T7216] EXT4-fs (loop2): This should not happen!! Data will be lost
[  157.052321][ T7216] 
[  157.064735][ T7216] EXT4-fs (loop2): Total free blocks count 0
[  157.078806][ T7223] loop3: detected capacity change from 0 to 2048
[  157.087640][ T7216] EXT4-fs (loop2): Free/Dirty block details
[  157.114483][ T7216] EXT4-fs (loop2): free_blocks=2415919504
[  157.122110][ T7223] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  157.133734][ T7216] EXT4-fs (loop2): dirty_blocks=16
[  157.139651][ T7216] EXT4-fs (loop2): Block reservation details
[  157.146327][ T7216] EXT4-fs (loop2): i_reserved_data_blocks=1
[  157.176589][ T7221] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 28
[  158.980343][ T7259] loop1: detected capacity change from 0 to 32768
[  159.010067][ T7262] loop3: detected capacity change from 0 to 32768
[  159.023590][ T7259] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.505 (7259)
[  159.052604][ T7256] loop2: detected capacity change from 0 to 32768
[  159.069038][ T7262] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  159.078397][ T7256] XFS: attr2 mount option is deprecated.
[  159.100557][ T7259] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  159.157476][ T7259] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  159.168837][ T7262] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  159.189544][ T7259] BTRFS info (device loop1): force clearing of disk cache
[  159.203855][ T7256] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  159.218397][ T7259] BTRFS info (device loop1): enabling auto defrag
[  159.253430][ T7256] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  159.263287][ T7259] BTRFS info (device loop1): max_inline at 0
[  159.283499][ T7259] BTRFS info (device loop1): enabling disk space caching
[  159.297491][ T7259] BTRFS info (device loop1): disk space caching is enabled
[  159.381104][ T7256] XFS (loop2): Ending clean mount
[  159.402812][ T5768] ocfs2: Unmounting device (7,3) on (node local)
[  159.517386][ T7259] BTRFS info (device loop1): enabling ssd optimizations
[  159.585027][ T7259] BTRFS info (device loop1): rebuilding free space tree
[  159.587482][ T7270] syz.0.510 (7270) used greatest stack depth: 17960 bytes left
[  159.651543][ T7259] BTRFS info (device loop1): disabling free space tree
[  159.673004][ T7259] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  159.705301][ T7259] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  159.742960][ T5769] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  159.976936][ T5767] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  160.665192][ T7314] loop2: detected capacity change from 0 to 4096
[  160.665483][ T7315] input: syz1 as /devices/virtual/input/input7
[  160.694638][ T7314] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  160.716461][ T7314] EXT4-fs (loop2): Test dummy encryption mode enabled
[  160.798886][ T7314] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.886076][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.057461][   T23] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  161.273338][   T23] usb 1-1: Using ep0 maxpacket: 8
[  161.341180][   T23] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 233, changing to 11
[  161.369122][   T23] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  161.420439][   T23] usb 1-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40
[  161.437771][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.456195][   T23] usb 1-1: Product: syz
[  161.466474][   T23] usb 1-1: Manufacturer: syz
[  161.486498][   T23] usb 1-1: SerialNumber: syz
[  161.739968][   T23] usbhid 1-1:1.0: can't add hid device: -71
[  161.762218][   T23] usbhid: probe of 1-1:1.0 failed with error -71
[  161.762614][   T27] kauditd_printk_skb: 31 callbacks suppressed
[  161.762630][   T27] audit: type=1326 audit(1750793653.133:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7340 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d4678e929 code=0x7ffc0000
[  161.799929][   T23] usb 1-1: USB disconnect, device number 8
[  161.838862][ T5786] udevd[5786]: failed to send result of seq 12066 to main daemon: Connection refused
[  161.847552][   T27] audit: type=1326 audit(1750793653.173:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7340 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d4678e929 code=0x7ffc0000
[  161.915086][   T27] audit: type=1326 audit(1750793653.183:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7340 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f5d4678e929 code=0x7ffc0000
[  161.942679][   T27] audit: type=1326 audit(1750793653.183:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7340 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d4678e929 code=0x7ffc0000
[  162.138455][ T5762] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  162.337449][ T5762] usb 2-1: Using ep0 maxpacket: 8
[  162.345553][ T5762] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  162.366838][ T5762] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  162.385005][ T5762] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  162.405162][ T5762] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  162.425430][ T5762] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  162.445676][ T5762] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  162.465206][ T5762] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.486962][ T5762] usb 2-1: config 0 descriptor??
[  162.522236][ T5784] Bluetooth: hci4: urb ffff88802fc91f00 submission failed (90)
[  162.647414][   T23] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  162.709271][ T5762] usb 2-1: USB disconnect, device number 4
[  162.857291][   T23] usb 1-1: Using ep0 maxpacket: 32
[  162.864996][   T23] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  162.877476][   T23] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  162.907311][   T23] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  162.927960][   T23] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  162.947540][   T23] usb 1-1: config 0 interface 0 has no altsetting 0
[  162.958911][   T23] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  162.978132][   T23] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  162.986634][   T23] usb 1-1: Product: syz
[  163.007289][   T23] usb 1-1: Manufacturer: syz
[  163.011955][   T23] usb 1-1: SerialNumber: syz
[  163.030386][   T23] usb 1-1: config 0 descriptor??
[  163.049134][   T23] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  163.068606][   T23] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  163.086365][ T7373] loop3: detected capacity change from 0 to 128
[  163.106146][ T7373] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  163.124490][ T7373] ext4 filesystem being mounted at /146/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  163.201661][ T5768] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  163.323030][   T23] usb 1-1: USB disconnect, device number 9
[  163.338400][   T23] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  164.095686][ T7382] loop3: detected capacity change from 0 to 32768
[  164.167911][ T7382] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  164.204981][ T7382] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  164.218386][ T7357] loop2: detected capacity change from 0 to 131072
[  164.240930][ T7357] F2FS-fs (loop2): invalid crc value
[  164.286967][ T7382] XFS (loop3): Ending clean mount
[  164.293371][ T7357] F2FS-fs (loop2): Found nat_bits in checkpoint
[  164.301848][ T7405] loop1: detected capacity change from 0 to 2048
[  164.308644][ T7382] XFS (loop3): Quotacheck needed: Please wait.
[  164.345232][ T7405] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  164.373549][ T7382] XFS (loop3): Quotacheck: Done.
[  164.456024][ T7357] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  164.472744][ T5768] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  164.560607][   T27] audit: type=1800 audit(1750793655.913:78): pid=7357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.535" name="file1" dev="loop2" ino=7 res=0 errno=0
[  165.300393][ T7427] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.564'.
[  165.977138][ T7425] loop1: detected capacity change from 0 to 40427
[  166.005980][ T7425] F2FS-fs (loop1): invalid crc value
[  166.036825][ T7425] F2FS-fs (loop1): Found nat_bits in checkpoint
[  166.167547][ T7425] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  166.251748][ T7425] syz.1.563: attempt to access beyond end of device
[  166.251748][ T7425] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  166.290105][ T7425] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  166.712293][ T7451] syzkaller1: entered promiscuous mode
[  166.727038][ T7451] syzkaller1: entered allmulticast mode
[  166.909201][ T7443] loop3: detected capacity change from 0 to 32768
[  166.925413][ T7443] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.570 (7443)
[  166.958310][ T7443] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  166.973094][ T7443] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  166.997319][ T7443] BTRFS info (device loop3): setting nodatacow, compression disabled
[  167.017298][ T7443] BTRFS info (device loop3): max_inline at 0
[  167.027366][ T7443] BTRFS info (device loop3): enabling disk space caching
[  167.034483][ T7443] BTRFS info (device loop3): turning off barriers
[  167.067286][ T7443] BTRFS info (device loop3): turning on flush-on-commit
[  167.074333][ T7443] BTRFS info (device loop3): doing ref verification
[  167.097268][ T7443] BTRFS info (device loop3): force clearing of disk cache
[  167.104572][ T7443] BTRFS info (device loop3): enabling ssd optimizations
[  167.137633][ T7443] BTRFS info (device loop3): max_inline at 4096
[  167.143968][ T7443] BTRFS info (device loop3): disk space caching is enabled
[  167.245697][ T7443] BTRFS info (device loop3): auto enabling async discard
[  167.267428][ T7443] BTRFS info (device loop3): rebuilding free space tree
[  167.314168][ T7443] BTRFS info (device loop3): disabling free space tree
[  167.334440][ T7443] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  167.355565][ T7443] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  167.699706][ T5768] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  168.439367][ T7477] loop1: detected capacity change from 0 to 32768
[  168.777336][ T5862] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  168.958822][ T5862] usb 3-1: Using ep0 maxpacket: 16
[  168.968222][ T5862] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  168.984382][ T5862] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  168.992341][ T7500] loop1: detected capacity change from 0 to 32768
[  168.999621][ T5862] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  169.013689][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.018161][ T7500] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  169.021993][ T5862] usb 3-1: Product: syz
[  169.035155][ T5862] usb 3-1: Manufacturer: syz
[  169.040786][ T5862] usb 3-1: SerialNumber: syz
[  169.100519][ T7500] XFS (loop1): Ending clean mount
[  169.112210][ T7500] XFS (loop1): Quotacheck needed: Please wait.
[  169.155801][ T7500] XFS (loop1): Quotacheck: Done.
[  169.211368][   T27] audit: type=1804 audit(1750793660.583:79): pid=7500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.586" name="/newroot/160/file0/bus" dev="loop1" ino=9291 res=1 errno=0
[  169.258811][ T5767] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  169.278798][ T5862] usb 3-1: 0:2 : does not exist
[  169.292911][ T5862] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  169.362945][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805d553400: rx timeout, send abort
[  169.371504][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805d553400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  169.397432][ T5862] usb 3-1: USB disconnect, device number 6
[  169.940187][ T7510] loop1: detected capacity change from 0 to 32768
[  169.963288][ T7510] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.587 (7510)
[  169.996740][ T7510] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  170.009255][ T7510] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  170.018276][ T7510] BTRFS info (device loop1): setting nodatacow, compression disabled
[  170.026559][ T7510] BTRFS info (device loop1): max_inline at 0
[  170.042934][ T7510] BTRFS info (device loop1): enabling disk space caching
[  170.057285][ T7510] BTRFS info (device loop1): turning off barriers
[  170.074534][ T7516] loop2: detected capacity change from 0 to 2048
[  170.081194][ T7510] BTRFS info (device loop1): turning on flush-on-commit
[  170.088824][ T7510] BTRFS info (device loop1): doing ref verification
[  170.096139][ T7510] BTRFS info (device loop1): force clearing of disk cache
[  170.105576][ T7510] BTRFS info (device loop1): enabling ssd optimizations
[  170.113787][ T7516] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=4096, location=4096
[  170.124230][ T7516] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  170.134772][ T7510] BTRFS info (device loop1): max_inline at 4096
[  170.141234][ T7510] BTRFS info (device loop1): disk space caching is enabled
[  170.149029][ T7516] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  170.159921][ T7516] UDF-fs: Scanning with blocksize 512 failed
[  170.187311][ T7516] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  170.201313][ T7516] UDF-fs: Scanning with blocksize 1024 failed
[  170.213615][ T7516] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  170.229813][ T7516] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  170.243011][ T7516] UDF-fs: Scanning with blocksize 2048 failed
[  170.254360][ T7516] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  170.274038][ T7510] BTRFS info (device loop1): auto enabling async discard
[  170.274470][ T7516] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  170.298790][ T7510] BTRFS info (device loop1): rebuilding free space tree
[  170.300895][ T7516] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  170.320277][ T7516] UDF-fs: Scanning with blocksize 4096 failed
[  170.333256][ T7516] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[  170.343402][ T7510] BTRFS info (device loop1): disabling free space tree
[  170.355675][ T7510] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  170.367103][ T7510] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  170.593735][ T5767] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  170.657092][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805d553000: rx timeout, send abort
[  170.665650][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805d553000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  170.862881][ T7543] input: syz1 as /devices/virtual/input/input8
[  171.234822][ T7548] loop1: detected capacity change from 0 to 4096
[  171.284773][ T7548] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  171.300383][ T7548] EXT4-fs (loop1): Test dummy encryption mode enabled
[  171.333334][ T7548] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.519469][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.713816][   T27] audit: type=1326 audit(1750793663.083:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb65d38e929 code=0x7ffc0000
[  171.787400][   T27] audit: type=1326 audit(1750793663.083:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb65d38e929 code=0x7ffc0000
[  171.857307][   T27] audit: type=1326 audit(1750793663.083:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fb65d38e929 code=0x7ffc0000
[  171.908339][   T27] audit: type=1326 audit(1750793663.083:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb65d38e929 code=0x7ffc0000
[  172.262195][ T7559] loop2: detected capacity change from 0 to 32768
[  172.277612][ T7559] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.603 (7559)
[  172.313448][ T7559] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  172.328009][ T7559] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  172.328112][ T7559] BTRFS info (device loop2): force clearing of disk cache
[  172.328142][ T7559] BTRFS info (device loop2): enabling auto defrag
[  172.328209][ T7559] BTRFS info (device loop2): max_inline at 0
[  172.328230][ T7559] BTRFS info (device loop2): enabling disk space caching
[  172.328246][ T7559] BTRFS info (device loop2): disk space caching is enabled
[  172.445641][ T7559] BTRFS info (device loop2): enabling ssd optimizations
[  172.481111][ T7559] BTRFS info (device loop2): rebuilding free space tree
[  172.551843][ T7559] BTRFS info (device loop2): disabling free space tree
[  172.571347][ T7559] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  172.585892][ T7559] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  172.712528][ T5769] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  173.120195][ T7600] loop3: detected capacity change from 0 to 32768
[  173.143652][ T7600] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.195494][ T7600] XFS (loop3): Ending clean mount
[  173.332161][ T5768] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.387551][ T5862] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  173.587314][ T5862] usb 3-1: Using ep0 maxpacket: 8
[  173.596391][ T5862] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 233, changing to 11
[  173.607913][ T5862] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  173.623220][ T5862] usb 3-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40
[  173.632599][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.640751][ T5862] usb 3-1: Product: syz
[  173.644933][ T5862] usb 3-1: Manufacturer: syz
[  173.650552][ T5862] usb 3-1: SerialNumber: syz
[  173.870904][ T5862] usbhid 3-1:1.0: can't add hid device: -71
[  173.876932][ T5862] usbhid: probe of 3-1:1.0 failed with error -71
[  173.886278][ T5862] usb 3-1: USB disconnect, device number 7
[  175.295095][ T7667] loop1: detected capacity change from 0 to 1024
[  175.303843][ T7667] EXT4-fs (loop1): Test dummy encryption mode enabled
[  175.324150][ T7667] EXT4-fs (loop1): stripe (32767) is not aligned with cluster size (16), stripe is disabled
[  175.342853][ T7669] loop2: detected capacity change from 0 to 2048
[  175.355967][ T7669] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  175.381193][ T7667] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000c01d, mo2=0002]
[  175.416401][ T7667] System zones: 0-1, 3-36
[  175.448201][ T7667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.572438][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.634000][   T27] audit: type=1326 audit(1750793667.003:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  175.687468][   T27] audit: type=1326 audit(1750793667.003:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d05b2ab19 code=0x7ffc0000
[  175.741010][   T27] audit: type=1326 audit(1750793667.003:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  175.763304][    C1] vkms_vblank_simulate: vblank timer overrun
[  175.833497][   T27] audit: type=1326 audit(1750793667.003:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  175.879247][   T27] audit: type=1326 audit(1750793667.003:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d05b2ab19 code=0x7ffc0000
[  175.950611][   T27] audit: type=1326 audit(1750793667.003:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  175.974942][ T7679] program syz.0.647 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  175.987911][   T27] audit: type=1326 audit(1750793667.033:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  176.012635][   T27] audit: type=1326 audit(1750793667.033:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d05b2ab19 code=0x7ffc0000
[  176.038414][   T27] audit: type=1326 audit(1750793667.033:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d05b2ab19 code=0x7ffc0000
[  176.061009][   T27] audit: type=1326 audit(1750793667.033:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7674 comm="syz.2.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  176.083964][    C1] vkms_vblank_simulate: vblank timer overrun
[  176.326099][ T7688] netlink: 24 bytes leftover after parsing attributes in process `syz.0.651'.
[  176.451042][ T7692] netlink: 404 bytes leftover after parsing attributes in process `syz.0.655'.
[  176.477381][ T5762] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  176.586417][ T7698] vlan3: entered promiscuous mode
[  176.591842][ T7698] dummy0: entered promiscuous mode
[  176.597133][ T7698] vlan3: entered allmulticast mode
[  176.602399][ T7698] dummy0: entered allmulticast mode
[  176.669607][ T5762] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  176.687569][ T5762] usb 2-1: config 1 has no interface number 0
[  176.699775][ T5762] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.712486][ T5762] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  176.723240][ T5762] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  176.736995][ T5762] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  176.757431][ T5762] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.765511][ T5762] usb 2-1: Product: syz
[  176.777302][ T5762] usb 2-1: Manufacturer: syz
[  176.782820][ T5762] usb 2-1: SerialNumber: syz
[  177.469398][ T7710] syz.2.670[7710] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  177.470130][ T7710] syz.2.670[7710] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  177.615208][ T5762] cdc_ncm 2-1:1.1: bind() failure
[  177.662489][ T7714] loop3: detected capacity change from 0 to 1024
[  177.670472][ T7715] netlink: 'syz.2.663': attribute type 4 has an invalid length.
[  177.711243][ T7714] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  177.861326][ T5762] usb 2-1: USB disconnect, device number 5
[  178.033807][ T7726] netlink: 404 bytes leftover after parsing attributes in process `syz.3.669'.
[  178.139915][ T7730] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  178.295135][ T7739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.675'.
[  178.407467][  T786] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  178.505828][ T7746] program syz.3.677 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  178.525778][ T7748] netlink: 8 bytes leftover after parsing attributes in process `syz.1.687'.
[  178.604671][  T786] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  178.627326][  T786] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  178.668886][  T786] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  178.685305][  T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  178.706313][  T786] usb 3-1: SerialNumber: syz
[  178.863164][ T7756] loop1: detected capacity change from 0 to 1024
[  178.908289][ T7760] loop3: detected capacity change from 0 to 2048
[  178.919748][ T7760] hpfs: filesystem error: dir band size mismatch: dir_band_start==7b318cc2, dir_band_end==7b318cc3, n_dir_band==00000000; already mounted read-only
[  178.943473][  T786] usb 3-1: 0:2 : does not exist
[  178.949720][ T7756] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  178.973539][  T786] usb 3-1: 5:0: failed to get current value for ch 1 (-22)
[  179.002788][  T786] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  179.034352][  T786] usb 3-1: 5:0: cannot get min/max values for control 2 (id 5)
[  179.075845][  T786] usb 3-1: USB disconnect, device number 8
[  179.117097][ T7762] loop1: detected capacity change from 0 to 2048
[  179.136790][ T7762] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  179.527502][ T7760] loop3: detected capacity change from 0 to 40427
[  179.536720][ T7760] F2FS-fs (loop3): invalid crc value
[  179.547275][ T7760] F2FS-fs (loop3): Found nat_bits in checkpoint
[  179.620681][ T7760] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  179.647450][   T35] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  179.664155][ T7775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.691'.
[  179.839459][   T35] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  179.856446][   T35] usb 1-1: config 1 has no interface number 0
[  179.867344][   T35] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.878750][   T35] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  179.888372][   T35] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  179.912186][   T35] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  179.926908][   T35] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.938746][   T35] usb 1-1: Product: syz
[  179.942981][   T35] usb 1-1: Manufacturer: syz
[  179.948565][   T35] usb 1-1: SerialNumber: syz
[  180.207412][ T5762] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  180.325263][ T7791] loop3: detected capacity change from 0 to 2048
[  180.345962][ T7791] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  180.387404][ T5762] usb 2-1: Using ep0 maxpacket: 8
[  180.394760][ T5762] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.411745][ T5762] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.422204][ T5762] usb 2-1: config 0 interface 0 has no altsetting 0
[  180.430191][ T5762] usb 2-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  180.439545][ T5762] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.450968][ T5762] usb 2-1: config 0 descriptor??
[  180.617319][ T5862] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  180.793497][   T35] cdc_ncm 1-1:1.1: bind() failure
[  180.810776][ T5862] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  180.825002][ T5862] usb 3-1: config 0 interface 0 has no altsetting 0
[  180.847395][ T5862] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  180.856515][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  180.864816][ T5862] usb 3-1: Product: syz
[  180.870370][ T5862] usb 3-1: Manufacturer: syz
[  180.875116][ T5862] usb 3-1: SerialNumber: syz
[  180.882814][ T5862] usb 3-1: config 0 descriptor??
[  180.889053][ T5762] steelseries 0003:1038:1410.0006: unknown main item tag 0x1
[  180.896545][ T5762] steelseries 0003:1038:1410.0006: item fetching failed at offset 3/5
[  180.912378][ T5862] usb 3-1: selecting invalid altsetting 0
[  180.914976][ T5762] steelseries 0003:1038:1410.0006: parse failed
[  180.926670][ T5762] steelseries: probe of 0003:1038:1410.0006 failed with error -22
[  180.995083][ T7797] loop3: detected capacity change from 0 to 32768
[  181.002822][ T7797] XFS: attr2 mount option is deprecated.
[  181.015892][ T7797] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  181.030370][ T7797] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  181.037979][ T5762] usb 1-1: USB disconnect, device number 10
[  181.069632][ T7797] XFS (loop3): Ending clean mount
[  181.113778][   T35] usb 2-1: USB disconnect, device number 6
[  181.176874][ T5862] usb 3-1: USB disconnect, device number 9
[  181.220238][ T5768] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  182.072147][ T7828] batadv0: entered promiscuous mode
[  182.086122][ T7828] batadv_slave_1: entered promiscuous mode
[  182.103675][ T7826] batadv_slave_1: left promiscuous mode
[  182.109660][ T7826] batadv0: left promiscuous mode
[  182.266133][ T7835] loop1: detected capacity change from 0 to 512
[  182.305984][ T7835] EXT4-fs: Ignoring removed mblk_io_submit option
[  182.313148][ T7835] EXT4-fs: inline encryption not supported
[  182.343776][ T7835] EXT4-fs (loop1): Test dummy encryption mode enabled
[  182.354264][ T7835] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  182.372286][ T7835] EXT4-fs (loop1): 1 truncate cleaned up
[  182.385781][ T7835] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.552636][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.660088][ T7847] loop3: detected capacity change from 0 to 1024
[  182.737790][ T7836] loop2: detected capacity change from 0 to 32768
[  182.771569][ T7851] input: syz1 as /devices/virtual/input/input9
[  183.149795][   T23] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  183.369118][   T23] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  183.389560][   T23] usb 2-1: config 0 interface 0 has no altsetting 0
[  183.407438][   T23] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  183.420758][   T23] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  183.439405][   T23] usb 2-1: Product: syz
[  183.443641][   T23] usb 2-1: Manufacturer: syz
[  183.466951][   T23] usb 2-1: SerialNumber: syz
[  183.483869][   T23] usb 2-1: config 0 descriptor??
[  183.504762][   T23] usb 2-1: selecting invalid altsetting 0
[  183.853375][ T5762] usb 2-1: USB disconnect, device number 7
[  186.486177][ T7895] loop3: detected capacity change from 0 to 131072
[  186.494716][ T7895] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0)
[  186.503042][ T7895] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  186.516811][ T7895] F2FS-fs (loop3): Found nat_bits in checkpoint
[  186.517335][ T5762] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  186.562470][ T7895] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  186.577371][ T7895] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  186.743568][ T7936] loop1: detected capacity change from 0 to 2048
[  186.750255][ T5762] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  186.751624][ T7936] UDF-fs: bad mount option "mode&00000000000000000000777" or missing value
[  186.765148][ T5762] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  186.786870][ T5762] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  186.797101][ T5762] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.828623][ T7926] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  186.850307][ T5762] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  187.109586][ T5762] usb 1-1: USB disconnect, device number 11
[  187.756329][ T7944] loop2: detected capacity change from 0 to 1024
[  187.779177][ T7944] EXT4-fs: Ignoring removed i_version option
[  187.785463][ T7944] EXT4-fs: inline encryption not supported
[  187.814982][ T7944] EXT4-fs (loop2): Test dummy encryption mode enabled
[  187.837147][ T7944] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.995432][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.387373][  T786] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  188.589300][  T786] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  188.607340][  T786] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  188.627643][  T786] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  188.636758][  T786] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.671365][ T7961] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  188.682544][  T786] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  188.919922][ T7969] loop2: detected capacity change from 0 to 40427
[  188.925874][ T7974] netlink: 'syz.3.774': attribute type 16 has an invalid length.
[  188.956136][ T7969] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  188.965599][ T7974] netlink: 'syz.3.774': attribute type 3 has an invalid length.
[  188.973404][ T7969] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  188.976686][  T786] usb 2-1: USB disconnect, device number 8
[  188.994444][ T7969] F2FS-fs (loop2): invalid crc value
[  189.002702][ T7974] netlink: 64066 bytes leftover after parsing attributes in process `syz.3.774'.
[  189.034278][ T7969] F2FS-fs (loop2): Found nat_bits in checkpoint
[  189.131961][ T7969] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  189.142418][ T7969] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  189.449278][ T7994] netlink: 'syz.3.780': attribute type 39 has an invalid length.
[  189.976694][ T8006] loop1: detected capacity change from 0 to 2048
[  189.996016][ T8006] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  190.193587][ T8011] netlink: 'syz.2.787': attribute type 16 has an invalid length.
[  190.217419][ T8011] netlink: 'syz.2.787': attribute type 3 has an invalid length.
[  190.244526][ T8011] netlink: 64066 bytes leftover after parsing attributes in process `syz.2.787'.
[  190.303583][ T8013] netlink: 16 bytes leftover after parsing attributes in process `syz.1.788'.
[  190.515856][ T8020] netlink: 'syz.1.790': attribute type 39 has an invalid length.
[  190.787328][  T786] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  190.887372][ T5862] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  191.010215][  T786] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  191.024188][  T786] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  191.035416][  T786] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  191.052004][  T786] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.069481][ T8021] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  191.080961][  T786] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  191.097068][ T5862] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  191.109157][ T5862] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  191.136239][ T5862] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  191.147991][ T5862] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.317541][   T35] usb 4-1: USB disconnect, device number 10
[  191.370984][ T5862] usb 3-1: usb_control_msg returned -32
[  191.376668][ T5862] usbtmc 3-1:16.0: can't read capabilities
[  192.086368][ T8041] netlink: 20 bytes leftover after parsing attributes in process `syz.0.796'.
[  192.110325][ T8041] netlink: 20 bytes leftover after parsing attributes in process `syz.0.796'.
[  192.188536][ T8045] netlink: 16 bytes leftover after parsing attributes in process `syz.0.799'.
[  192.232767][ T8046] netlink: 'syz.1.798': attribute type 16 has an invalid length.
[  192.261706][ T8046] netlink: 'syz.1.798': attribute type 3 has an invalid length.
[  192.273026][ T8046] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.798'.
[  192.357433][  T786] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  192.515194][ T8055] netlink: 'syz.0.802': attribute type 39 has an invalid length.
[  192.563417][  T786] usb 4-1: Using ep0 maxpacket: 8
[  192.573301][  T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  192.584918][  T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  192.596002][  T786] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  192.612427][  T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  192.622608][  T786] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  192.636202][  T786] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  192.651849][  T786] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.664005][  T786] usb 4-1: config 0 descriptor??
[  192.690181][ T5784] Bluetooth: hci4: urb ffff88807d043600 submission failed (90)
[  192.918843][ T5762] usb 4-1: USB disconnect, device number 11
[  193.686658][ T5762] usb 3-1: USB disconnect, device number 10
[  194.328954][ T8086] loop1: detected capacity change from 0 to 512
[  194.406091][ T8086] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.481815][ T8086] ext4 filesystem being mounted at /218/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  194.507792][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  194.514170][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  194.595391][ T8086] EXT4-fs error (device loop1): ext4_get_first_dir_block:3592: inode #12: block 32: comm syz.1.818: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  194.664174][ T8086] EXT4-fs (loop1): Remounting filesystem read-only
[  194.767071][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.947392][  T786] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  195.131208][  T786] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.153229][  T786] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  195.177495][  T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.198436][  T786] usb 3-1: config 0 descriptor??
[  195.414148][  T786] usbhid 3-1:0.0: can't add hid device: -71
[  195.427364][  T786] usbhid: probe of 3-1:0.0 failed with error -71
[  195.448336][  T786] usb 3-1: USB disconnect, device number 11
[  195.815146][ T8071] loop3: detected capacity change from 0 to 131072
[  195.833618][ T8071] F2FS-fs (loop3): invalid crc value
[  195.859540][ T8071] F2FS-fs (loop3): Found nat_bits in checkpoint
[  195.962477][ T8071] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  195.967329][  T786] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  196.011604][   T27] kauditd_printk_skb: 161 callbacks suppressed
[  196.011621][   T27] audit: type=1800 audit(1750793687.383:255): pid=8071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.810" name="file1" dev="loop3" ino=7 res=0 errno=0
[  196.167553][  T786] usb 3-1: Using ep0 maxpacket: 32
[  196.179008][  T786] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.207319][  T786] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  196.223147][  T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.241979][  T786] usb 3-1: config 0 descriptor??
[  196.251933][  T786] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  196.279523][  T786] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  196.656776][   T35] usb 3-1: USB disconnect, device number 12
[  196.668274][   T35] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[  196.697517][ T5762] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  196.717425][   T23] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  196.900273][ T5762] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  196.910355][ T5762] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  196.923540][   T23] usb 1-1: Using ep0 maxpacket: 8
[  196.928821][ T5762] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  196.939692][ T5762] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.949450][   T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  196.960519][   T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  196.981497][   T23] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  196.991325][   T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  197.002255][   T23] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  197.012414][   T23] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  197.021940][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.032378][   T23] usb 1-1: config 0 descriptor??
[  197.046366][ T5784] Bluetooth: hci4: urb ffff888142bae500 submission failed (90)
[  197.189727][ T5762] usb 2-1: usb_control_msg returned -32
[  197.195412][ T5762] usbtmc 2-1:16.0: can't read capabilities
[  197.260496][ T5762] usb 1-1: USB disconnect, device number 12
[  198.117422][    T8] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  198.327586][    T8] usb 4-1: Using ep0 maxpacket: 8
[  198.341827][    T8] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  198.354454][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.368281][    T8] pvrusb2: Hardware description: Terratec Grabster AV400
[  198.375392][    T8] pvrusb2: **********
[  198.379845][    T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  198.390022][    T8] pvrusb2: Important functionality might not be entirely working.
[  198.398132][    T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  198.409873][    T8] pvrusb2: **********
[  198.571772][ T2319] pvrusb2: Invalid write control endpoint
[  198.623853][ T2319] pvrusb2: Invalid write control endpoint
[  198.629748][ T2319] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  198.642115][ T2319] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  198.650154][ T2319] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  198.660336][ T2319] pvrusb2: Device being rendered inoperable
[  198.666531][ T2319] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  198.673767][ T2319] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  198.682225][ T2319] pvrusb2: Attached sub-driver cx25840
[  198.687857][ T2319] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  198.698313][ T2319] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  198.785085][ T8107] pvrusb2: Attempted to execute control transfer when device not ok
[  198.794585][    T8] usb 4-1: USB disconnect, device number 12
[  199.448476][ T8115] syzkaller1: entered promiscuous mode
[  199.454860][ T8115] syzkaller1: entered allmulticast mode
[  199.476599][  T786] usb 2-1: USB disconnect, device number 9
[  199.504368][ T8120] loop3: detected capacity change from 0 to 64
[  199.575119][   T27] audit: type=1800 audit(1750793690.943:256): pid=8120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.829" name="file1" dev="loop3" ino=18 res=0 errno=0
[  200.076831][ T8128] kvm: user requested TSC rate below hardware speed
[  200.667372][    T8] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  200.869945][    T8] usb 3-1: Using ep0 maxpacket: 8
[  200.895411][    T8] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  200.915598][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.943614][ T5862] kernel write not supported for file [eventfd] (pid: 5862 comm: kworker/0:6)
[  201.005921][    T8] pvrusb2: Hardware description: Terratec Grabster AV400
[  201.023457][    T8] pvrusb2: **********
[  201.034650][    T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  201.065691][    T8] pvrusb2: Important functionality might not be entirely working.
[  201.092172][    T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  201.111652][ T5862] usb 1-1: new full-speed USB device number 13 using dummy_hcd
[  201.137559][    T8] pvrusb2: **********
[  201.218547][ T2319] pvrusb2: Invalid write control endpoint
[  201.311645][ T5862] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  201.342304][ T5862] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  201.388427][ T5862] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  201.408224][ T2319] pvrusb2: Invalid write control endpoint
[  201.434453][ T2319] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  201.454054][ T5862] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.488915][ T2319] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  201.526082][ T2319] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  201.565713][ T2319] pvrusb2: Device being rendered inoperable
[  201.581367][ T8135] pvrusb2: Attempted to execute control transfer when device not ok
[  201.604388][ T2319] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  201.615635][  T786] usb 3-1: USB disconnect, device number 13
[  201.645716][ T2319] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  201.675028][ T2319] pvrusb2: Attached sub-driver cx25840
[  201.691377][ T2319] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  201.711721][ T2319] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  201.742040][ T5862] usb 1-1: usb_control_msg returned -32
[  201.761625][ T5862] usbtmc 1-1:16.0: can't read capabilities
[  202.040028][ T8145] loop1: detected capacity change from 0 to 32768
[  202.063136][ T8145] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  202.076073][ T8145] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  202.155109][ T8145] XFS (loop1): Ending clean mount
[  202.178980][ T8145] XFS (loop1): Quotacheck needed: Please wait.
[  202.188641][ T8124] loop3: detected capacity change from 0 to 262144
[  202.203214][ T8124] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 scanned by syz.3.830 (8124)
[  202.225827][ T8124] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  202.239020][ T8124] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  202.248558][ T8124] BTRFS info (device loop3): using free space tree
[  202.276031][ T8145] XFS (loop1): Quotacheck: Done.
[  202.310040][ T8124] BTRFS info (device loop3): enabling ssd optimizations
[  202.386802][ T5767] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  202.419580][ T5768] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  202.510567][ T8172] netlink: 232 bytes leftover after parsing attributes in process `syz.2.844'.
[  202.539273][ T8172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.844'.
[  202.849068][ T8176] syzkaller1: entered promiscuous mode
[  202.854611][ T8176] syzkaller1: entered allmulticast mode
[  202.883832][ T8178] loop2: detected capacity change from 0 to 24
[  203.143491][ T5862] hid-generic 0000:0000:0000.0007: unknown main item tag 0x7
[  203.156707][ T5862] hid-generic 0000:0000:0000.0007: ignoring exceeding usage max
[  203.167146][ T5862] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  203.177876][ T5862] hid-generic 0000:0000:0000.0007: unknown main item tag 0x6
[  203.185330][ T5862] hid-generic 0000:0000:0000.0007: unknown main item tag 0xd
[  203.202591][ T5862] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  203.456999][ T8184] loop2: detected capacity change from 0 to 8192
[  203.592986][ T8188] loop1: detected capacity change from 0 to 2048
[  203.626536][ T8188] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.710049][ T8188] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  203.862044][ T5862] usb 1-1: USB disconnect, device number 13
[  203.873430][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.313330][ T8205] netlink: 232 bytes leftover after parsing attributes in process `syz.0.857'.
[  204.323179][ T8205] netlink: 4 bytes leftover after parsing attributes in process `syz.0.857'.
[  205.943367][ T8215] loop3: detected capacity change from 0 to 8192
[  205.985961][ T8215] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  206.031278][ T8215] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  206.053494][ T8215] REISERFS (device loop3): using ordered data mode
[  206.070654][ T8215] reiserfs: using flush barriers
[  206.104654][ T8215] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  206.145355][ T8215] REISERFS (device loop3): checking transaction log (loop3)
[  206.347276][ T5762] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  206.391665][ T8215] REISERFS (device loop3): Using tea hash to sort names
[  206.394742][ T8215] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  206.724927][ T8225] macvlan1: entered promiscuous mode
[  206.762622][ T8225] ipvlan0: entered promiscuous mode
[  206.781100][ T8225] ipvlan0: left promiscuous mode
[  206.817394][ T8225] macvlan1: left promiscuous mode
[  206.822006][ T8207] loop2: detected capacity change from 0 to 262144
[  206.832900][ T8207] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop2 scanned by syz.2.856 (8207)
[  206.869201][ T8207] BTRFS info (device loop2): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  206.879666][ T8207] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  206.888994][ T8207] BTRFS info (device loop2): using free space tree
[  206.937743][ T5762] usb 2-1: Using ep0 maxpacket: 8
[  206.945597][ T5762] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  206.955388][ T5762] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.982178][ T5762] pvrusb2: Hardware description: Terratec Grabster AV400
[  207.004314][ T5762] pvrusb2: **********
[  207.008458][ T5762] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  207.035358][ T8207] BTRFS info (device loop2): enabling ssd optimizations
[  207.044202][ T5762] pvrusb2: Important functionality might not be entirely working.
[  207.069642][ T5762] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  207.097240][ T5762] pvrusb2: **********
[  207.183918][ T2319] pvrusb2: Invalid write control endpoint
[  207.320429][ T5769] BTRFS info (device loop2): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  207.394795][ T2319] pvrusb2: Invalid write control endpoint
[  207.433430][ T2319] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  207.472502][ T2319] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  207.481019][ T8249] loop3: detected capacity change from 0 to 2048
[  207.487443][ T2319] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  207.487496][ T2319] pvrusb2: Device being rendered inoperable
[  207.489048][ T8202] pvrusb2: Attempted to execute control transfer when device not ok
[  207.538794][ T2319] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  207.546858][ T2319] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b)
[  207.568345][ T5762] usb 2-1: USB disconnect, device number 10
[  207.575096][ T2319] pvrusb2: Attached sub-driver cx25840
[  207.586438][ T8249] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  207.598155][ T2319] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  207.618760][ T2319] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  208.199588][ T8262] netlink: 60 bytes leftover after parsing attributes in process `syz.1.875'.
[  208.367090][ T8266] loop3: detected capacity change from 0 to 1024
[  208.957356][ T5762] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  209.170294][ T5762] usb 1-1: unable to get BOS descriptor or descriptor too short
[  209.198218][ T5762] usb 1-1: not running at top speed; connect to a high speed hub
[  209.216973][ T5762] usb 1-1: config 1 interface 0 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  209.228353][   T35] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  209.237867][ T5762] usb 1-1: config 1 interface 0 has no altsetting 0
[  209.248354][ T5762] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  209.267352][ T5762] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.286168][ T5762] usb 1-1: Product: syz
[  209.296320][ T5762] usb 1-1: Manufacturer: syz
[  209.306464][ T5762] usb 1-1: SerialNumber: syz
[  209.316812][ T8274] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  209.357740][ T8289] vlan2: entered allmulticast mode
[  209.362970][ T8289] vlan1: entered allmulticast mode
[  209.368969][ T8289] veth0_vlan: entered allmulticast mode
[  209.376811][ T8289] bridge0: port 3(vlan2) entered blocking state
[  209.384160][ T8289] bridge0: port 3(vlan2) entered disabled state
[  209.395238][ T8289] vlan2: entered promiscuous mode
[  209.400874][ T8289] vlan1: entered promiscuous mode
[  209.410809][ T8289] bridge0: port 3(vlan2) entered blocking state
[  209.418555][ T8289] bridge0: port 3(vlan2) entered forwarding state
[  209.425875][   T35] usb 2-1: Using ep0 maxpacket: 16
[  209.442189][   T35] usb 2-1: unable to get BOS descriptor or descriptor too short
[  209.455294][   T35] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  209.475869][   T35] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  209.510107][   T35] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  209.525170][ T8284] loop3: detected capacity change from 0 to 40427
[  209.551509][ T8291] loop2: detected capacity change from 0 to 1024
[  209.557344][   T35] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.569351][ T8291] EXT4-fs: Ignoring removed oldalloc option
[  209.569710][   T35] usb 2-1: Product: syz
[  209.580396][ T5762] usb 1-1: bad CDC descriptors
[  209.584495][ T8284] F2FS-fs (loop3): invalid crc value
[  209.594562][ T5762] usb 1-1: USB disconnect, device number 14
[  209.598154][ T8284] F2FS-fs (loop3): Found nat_bits in checkpoint
[  209.604632][   T35] usb 2-1: Manufacturer: syz
[  209.622446][ T8291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.624171][   T35] usb 2-1: SerialNumber: syz
[  209.700853][ T8284] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  209.723547][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.822473][ T8300] loop2: detected capacity change from 0 to 64
[  209.865857][ T8300] hfs: hfs: Invalid key length: 94
[  209.882254][   T35] usb 2-1: invalid UAC_HEADER (v1)
[  209.923466][   T35] snd-usb-audio: probe of 2-1:1.0 failed with error -22
[  209.947655][   T35] usb 2-1: USB disconnect, device number 11
[  210.283671][ T8312] loop3: detected capacity change from 0 to 512
[  210.303071][ T8312] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.485888][ T8312] fs-verity: sha512 using implementation "sha512-avx2"
[  210.497991][ T8312] EXT4-fs warning (device loop3): ext4_begin_enable_verity:135: inode #13: comm syz.3.889: verity is only allowed on extent-based files
[  210.545342][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.717272][  T786] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  210.909448][  T786] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  210.930484][ T8323] loop2: detected capacity change from 0 to 32768
[  210.937086][  T786] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  210.948674][  T786] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  210.958400][ T8323] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.899 (8323)
[  210.970807][  T786] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.986005][ T8323] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  211.004574][  T786] usb 2-1: config 0 descriptor??
[  211.009850][ T8323] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  211.026231][ T8323] BTRFS info (device loop2): using free space tree
[  211.093743][ T8323] BTRFS info (device loop2): enabling ssd optimizations
[  211.101228][ T8323] BTRFS info (device loop2): auto enabling async discard
[  211.224379][ T5769] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  211.442572][  T786] savu 0003:1E7D:2D5A.0008: unknown main item tag 0x0
[  211.473349][  T786] savu 0003:1E7D:2D5A.0008: collection stack underflow
[  211.497263][  T786] savu 0003:1E7D:2D5A.0008: item 0 4 0 12 parsing failed
[  211.505186][  T786] savu 0003:1E7D:2D5A.0008: parse failed
[  211.512871][  T786] savu: probe of 0003:1E7D:2D5A.0008 failed with error -22
[  211.578881][ T8355] loop2: detected capacity change from 0 to 512
[  211.596698][ T8355] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.621181][   T27] audit: type=1800 audit(1750793702.993:257): pid=8355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.907" name="file1" dev="loop2" ino=15 res=0 errno=0
[  211.677540][   T27] audit: type=1800 audit(1750793703.013:258): pid=8355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.907" name="file1" dev="loop2" ino=15 res=0 errno=0
[  211.701257][  T786] usb 2-1: USB disconnect, device number 12
[  211.701267][ T8360] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.907: bg 0: block 264: padding at end of block bitmap is not set
[  212.823218][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.525844][ T8367] loop1: detected capacity change from 0 to 131072
[  213.545613][ T8367] F2FS-fs (loop1): Invalid segment/section count (31, 24 x 150994945)
[  213.554162][ T8367] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  213.564637][ T8367] F2FS-fs (loop1): invalid crc value
[  213.590106][ T8367] F2FS-fs (loop1): Found nat_bits in checkpoint
[  213.665103][ T8367] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  213.672351][ T8367] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  213.703885][ T8367] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=8000000, run fsck to fix.
[  213.722904][ T8367] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=8000000, run fsck to fix.
[  214.067290][  T786] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  214.257312][  T786] usb 3-1: Using ep0 maxpacket: 16
[  214.269749][  T786] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[  214.278628][  T786] usb 3-1: config 0 has no interface number 0
[  214.284793][  T786] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  214.295191][  T786] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  214.319348][  T786] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  214.330884][  T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.347255][  T786] usb 3-1: Product: syz
[  214.351489][  T786] usb 3-1: Manufacturer: syz
[  214.356089][  T786] usb 3-1: SerialNumber: syz
[  214.379588][  T786] usb 3-1: config 0 descriptor??
[  214.385433][ T8387] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  214.397434][ T8387] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  214.626504][ T8387] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  214.634579][ T8387] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  214.636326][ T8399] loop1: detected capacity change from 0 to 512
[  214.658079][ T8399] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.680665][   T27] audit: type=1800 audit(1750793706.053:259): pid=8399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.924" name="file1" dev="loop1" ino=15 res=0 errno=0
[  214.722713][   T27] audit: type=1800 audit(1750793706.053:260): pid=8399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.924" name="file1" dev="loop1" ino=15 res=0 errno=0
[  214.747534][ T5778] Bluetooth: hci4: command 0x1003 tx timeout
[  214.755217][ T5784] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  214.764612][ T8401] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.924: bg 0: block 264: padding at end of block bitmap is not set
[  215.053590][  T786] asix 3-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver
[  215.080471][  T786] asix: probe of 3-1:0.251 failed with error -524
[  215.227273][    T8] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  215.259292][ T5862] usb 3-1: USB disconnect, device number 14
[  215.427454][    T8] usb 1-1: Using ep0 maxpacket: 16
[  215.439434][    T8] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  215.457331][    T8] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  215.468494][ T8403] loop3: detected capacity change from 0 to 32768
[  215.481622][    T8] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  215.491499][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.500175][    T8] usb 1-1: Product: syz
[  215.504844][    T8] usb 1-1: Manufacturer: syz
[  215.510629][    T8] usb 1-1: SerialNumber: syz
[  215.654007][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.743525][    T8] usb 1-1: cannot find UAC_HEADER
[  215.781198][    T8] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  215.809482][    T8] usb 1-1: USB disconnect, device number 15
[  215.912993][ T8411] loop2: detected capacity change from 0 to 1764
[  215.922755][ T8411] ISOFS: Unable to identify CD-ROM format.
[  216.028949][ T8416] loop2: detected capacity change from 0 to 7
[  216.037006][ T8416] Dev loop2: unable to read RDB block 7
[  216.046334][ T8416]  loop2: unable to read partition table
[  216.063810][ T8416] loop2: partition table beyond EOD, truncated
[  216.077017][ T8416] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  216.258287][ T8425] capability: warning: `syz.2.934' uses 32-bit capabilities (legacy support in use)
[  216.384382][ T8429] loop3: detected capacity change from 0 to 512
[  216.421960][ T8431] netlink: 'syz.1.945': attribute type 34 has an invalid length.
[  216.427020][ T8429] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  216.485376][   T27] audit: type=1800 audit(1750793707.853:261): pid=8429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.936" name="file1" dev="loop3" ino=15 res=0 errno=0
[  216.547517][   T27] audit: type=1800 audit(1750793707.853:262): pid=8429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.936" name="file1" dev="loop3" ino=15 res=0 errno=0
[  216.623413][ T8439] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.936: bg 0: block 264: padding at end of block bitmap is not set
[  217.092145][ T8437] loop2: detected capacity change from 0 to 32768
[  217.342491][    T8] kernel write not supported for file /546/oom_score_adj (pid: 8 comm: kworker/0:0)
[  217.486338][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.578717][ T8459] loop1: detected capacity change from 0 to 256
[  217.647124][ T8459] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x09066d1f, utbl_chksum : 0xe619d30d)
[  217.895984][   T27] audit: type=1326 audit(1750793709.263:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8474 comm="syz.2.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  217.927479][   T35] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  217.967500][   T27] audit: type=1326 audit(1750793709.293:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8474 comm="syz.2.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  218.002903][   T27] audit: type=1326 audit(1750793709.293:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8474 comm="syz.2.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  218.047298][   T27] audit: type=1326 audit(1750793709.293:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8474 comm="syz.2.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  218.087563][   T27] audit: type=1326 audit(1750793709.293:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8474 comm="syz.2.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  218.137285][   T27] audit: type=1326 audit(1750793709.293:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8474 comm="syz.2.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  218.168150][   T35] usb 4-1: Using ep0 maxpacket: 32
[  218.184085][   T35] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  218.194603][   T27] audit: type=1326 audit(1750793709.293:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8474 comm="syz.2.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  218.217607][   T35] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.229954][   T35] usb 4-1: config 0 descriptor??
[  218.235095][   T27] audit: type=1326 audit(1750793709.293:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8474 comm="syz.2.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  218.270256][   T27] audit: type=1326 audit(1750793709.313:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8474 comm="syz.2.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  218.300849][   T27] audit: type=1326 audit(1750793709.313:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8474 comm="syz.2.957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f1d05b8e929 code=0x7ffc0000
[  218.470958][   T35] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  218.488352][   T35] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  218.505133][   T35] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  218.512998][   T35] usb 4-1: media controller created
[  218.552077][   T35] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  218.680231][   T23] kernel write not supported for file /565/oom_score_adj (pid: 23 comm: kworker/1:0)
[  218.697222][   T35] az6027: usb out operation failed. (-71)
[  218.709917][   T35] az6027: usb out operation failed. (-71)
[  218.715709][   T35] stb0899_attach: Driver disabled by Kconfig
[  218.721941][   T35] az6027: no front-end attached
[  218.721941][   T35] 
[  218.739485][   T35] az6027: usb out operation failed. (-71)
[  218.748359][   T35] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  218.779083][   T35] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input10
[  218.809896][   T35] dvb-usb: schedule remote query interval to 400 msecs.
[  218.825143][   T35] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  218.862211][   T35] usb 4-1: USB disconnect, device number 13
[  218.952211][   T35] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  219.102444][ T8497] loop2: detected capacity change from 0 to 256
[  219.134321][ T8497] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x09066d1f, utbl_chksum : 0xe619d30d)
[  219.331107][ T8505] loop2: detected capacity change from 0 to 512
[  219.341172][ T8505] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  219.359347][ T8505] EXT4-fs (loop2): orphan cleanup on readonly fs
[  219.371541][ T8505] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:512: comm syz.2.971: Block bitmap for bg 0 marked uninitialized
[  219.393261][ T8505] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6642: Corrupt filesystem
[  219.394828][   T23] kernel write not supported for file /534/oom_score_adj (pid: 23 comm: kworker/1:0)
[  219.404166][ T8505] EXT4-fs (loop2): 1 orphan inode deleted
[  219.428733][ T8505] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  219.454418][ T8505] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  219.467887][ T8505] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  219.490657][ T8505] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:512: comm syz.2.971: Block bitmap for bg 0 marked uninitialized
[  219.520618][ T8505] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:512: comm syz.2.971: Block bitmap for bg 0 marked uninitialized
[  219.546735][ T8505] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:512: comm syz.2.971: Block bitmap for bg 0 marked uninitialized
[  219.566289][ T8505] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:512: comm syz.2.971: Block bitmap for bg 0 marked uninitialized
[  219.631870][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.715575][ T8522] lo: entered allmulticast mode
[  220.542596][ T8532] loop3: detected capacity change from 0 to 256
[  220.591478][ T8532] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x09066d1f, utbl_chksum : 0xe619d30d)
[  220.692868][ T5862] kernel write not supported for file /484/oom_score_adj (pid: 5862 comm: kworker/0:6)
[  220.879328][ T8544] loop1: detected capacity change from 0 to 16
[  220.933325][ T8544] erofs: (device loop1): mounted with root inode @ nid 36.
[  220.943839][ T8546] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  221.013263][ T8544] syz.1.986: attempt to access beyond end of device
[  221.013263][ T8544] loop1: rw=0, sector=8, nr_sectors = 16 limit=16
[  221.063953][ T8549] syz.1.986: attempt to access beyond end of device
[  221.063953][ T8549] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[  221.164807][ T5767] BUG: Bad page state in process syz-executor  pfn:7e323
[  221.172880][ T5767] page:ffffea0001f8c8c0 refcount:0 mapcount:0 mapping:ffff8880524b07c8 index:0x2 pfn:0x7e323
[  221.183560][ T5767] aops:z_erofs_cache_aops ino:0
[  221.188875][ T5767] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff)
[  221.196660][ T5767] page_type: 0xffffffff()
[  221.201419][ T5767] raw: 00fff00000000001 dead000000000100 dead000000000122 ffff8880524b07c8
[  221.210580][ T5767] raw: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[  221.219805][ T5767] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  221.227147][ T5767] page_owner tracks the page as allocated
[  221.234057][ T5767] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192840(GFP_NOWAIT|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 8544, tgid 8543 (syz.1.986), ts 221013104564, free_ts 219047624097
[  221.256398][ T5767]  post_alloc_hook+0x1cd/0x210
[  221.261604][ T5767]  get_page_from_freelist+0x195c/0x19f0
[  221.268207][ T5767]  __alloc_pages+0x1e3/0x460
[  221.272874][ T5767]  z_erofs_do_read_page+0x20c0/0x3680
[  221.278800][ T5767]  z_erofs_pcluster_readmore+0x2cf/0x450
[  221.284497][ T5767]  z_erofs_read_folio+0x208/0x540
[  221.289815][ T5767]  filemap_read_folio+0x167/0x760
[  221.294906][ T5767]  do_read_cache_folio+0x470/0x7e0
[  221.300146][ T5767]  erofs_bread+0x16f/0x630
[  221.304618][ T5767]  erofs_namei+0x28c/0xf00
[  221.309253][ T5767]  erofs_lookup+0x135/0x310
[  221.313815][ T5767]  path_openat+0x10b8/0x3190
[  221.318510][ T5767]  do_filp_open+0x1c5/0x3d0
[  221.323077][ T5767]  do_sys_openat2+0x12c/0x1c0
[  221.327905][ T5767]  __x64_sys_openat+0x139/0x160
[  221.332808][ T5767]  do_syscall_64+0x55/0xb0
[  221.337333][ T5767] page last free stack trace:
[  221.342047][ T5767]  free_unref_page_prepare+0x7ce/0x8e0
[  221.347641][ T5767]  free_unref_page+0x32/0x2e0
[  221.352380][ T5767]  rcu_core+0xcc4/0x1720
[  221.356682][ T5767]  handle_softirqs+0x280/0x820
[  221.361597][ T5767]  __irq_exit_rcu+0xc7/0x190
[  221.367098][ T5767]  irq_exit_rcu+0x9/0x20
[  221.371873][ T5767]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  221.377618][ T5767]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  221.383688][ T5767] Modules linked in:
[  221.387731][ T5767] CPU: 1 PID: 5767 Comm: syz-executor Not tainted 6.6.94-syzkaller #0
[  221.395925][ T5767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  221.406016][ T5767] Call Trace:
[  221.409309][ T5767]  <TASK>
[  221.412256][ T5767]  dump_stack_lvl+0x16c/0x230
[  221.416961][ T5767]  ? show_regs_print_info+0x20/0x20
[  221.422197][ T5767]  ? swiotlb_print_info+0x70/0x70
[  221.427271][ T5767]  bad_page+0x14b/0x170
[  221.431450][ T5767]  free_unref_page_prepare+0x887/0x8e0
[  221.436932][ T5767]  free_unref_page+0x32/0x2e0
[  221.441626][ T5767]  ? __folio_put+0xef/0x210
[  221.446242][ T5767]  erofs_try_to_free_all_cached_pages+0x295/0x600
[  221.452693][ T5767]  erofs_shrink_workstation+0x118/0x290
[  221.458261][ T5767]  ? erofs_shrinker_unregister+0x170/0x170
[  221.464209][ T5767]  ? io_schedule+0xd0/0xd0
[  221.468657][ T5767]  ? kobject_put+0x43c/0x470
[  221.473268][ T5767]  erofs_shrinker_unregister+0x5d/0x170
[  221.478844][ T5767]  erofs_put_super+0x4e/0x150
[  221.483538][ T5767]  ? erofs_free_inode+0xb0/0xb0
[  221.488423][ T5767]  generic_shutdown_super+0x134/0x2b0
[  221.493820][ T5767]  kill_block_super+0x44/0x90
[  221.498530][ T5767]  erofs_kill_sb+0x4c/0x140
[  221.503056][ T5767]  deactivate_locked_super+0x97/0x100
[  221.508802][ T5767]  cleanup_mnt+0x429/0x4c0
[  221.513347][ T5767]  task_work_run+0x1ce/0x250
[  221.517972][ T5767]  ? task_work_cancel+0x240/0x240
[  221.523227][ T5767]  ? exit_to_user_mode_loop+0x3b/0x110
[  221.528806][ T5767]  exit_to_user_mode_loop+0xe6/0x110
[  221.534142][ T5767]  exit_to_user_mode_prepare+0xb1/0x140
[  221.539801][ T5767]  syscall_exit_to_user_mode+0x1a/0x50
[  221.545305][ T5767]  do_syscall_64+0x61/0xb0
[  221.549754][ T5767]  ? clear_bhb_loop+0x40/0x90
[  221.554445][ T5767]  ? clear_bhb_loop+0x40/0x90
[  221.559145][ T5767]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  221.565065][ T5767] RIP: 0033:0x7fb65d38fc57
[  221.569506][ T5767] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  221.589150][ T5767] RSP: 002b:00007ffdb92d9698 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  221.597685][ T5767] RAX: 0000000000000000 RBX: 00007fb65d410925 RCX: 00007fb65d38fc57
[  221.605679][ T5767] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdb92d9750
[  221.614016][ T5767] RBP: 00007ffdb92d9750 R08: 0000000000000000 R09: 0000000000000000
[  221.622007][ T5767] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdb92da7e0
[  221.630002][ T5767] R13: 00007fb65d410925 R14: 0000000000035f9f R15: 00007ffdb92da820
[  221.638008][ T5767]  </TASK>
[  221.642733][ T5767] Disabling lock debugging due to kernel taint