last executing test programs:

6m5.243156668s ago: executing program 4 (id=561):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000002000010027bd7000400000000a508080000000031600000014000200fc02000000000000000000004000000014000100200100000000"], 0x44}}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000001000390400000000001b2347ea000000", @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001000000000000000000000000000114000200fc02"], 0x5c}}, 0x0)

6m5.108008974s ago: executing program 4 (id=562):
syz_mount_image$jfs(&(0x7f0000000240), &(0x7f0000000040)='./file1\x00', 0x1010006, &(0x7f0000000300)={[{@iocharset={'iocharset', 0x3d, 'koi8-u'}}, {@discard_size={'discard', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@errors_continue}, {@discard_size={'discard', 0x3d, 0x8}}, {@errors_remount}, {@errors_continue}, {@noquota}, {@quota}, {@errors_continue}, {@nointegrity}]}, 0x24, 0x628f, &(0x7f00000065c0)="$eJzs3c1vHGcdB/Df7JtfStuoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyCSgwTqAXXQ2M/jjKe7XjuJd3Yzn4/kzPzmmfE+k++Od9cz4ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjhD358roiIK79KC05EfC76Eb2Ilapei4iVtRP1bV6IneZ4PiKGSxHV9jv/PBvxekR8/EzE9v0769Xi84fsx/f//I8//OSpH/39T8Mz//3Lrf4bk9a7ffu3//nr3YffXwAAAOiisizLIn3MPxkRg/TZHgB48uXX/zLJy9VzV2/OWX/UarVavYB1XTne3XoREZv1bar3DE7HA8CC2YxP2u4CLZJ/pw0i4qm2OwHMtaLtDnAstu/fWS9SvkX99WBttz1fC7Iv/81i7/6OSdNpmteYzOr5tRX9eG5Cf1Zm1Id5kvPvNfO/sts+Susdd/6zMin/0e6tT52T8+838294cvLvjc2/q3L+gyPl35c/AAAAAADMsfz7/xMtn/9devRdOZSDzv+uzagPAAAAAAAAAPC4HXX8v0Fj/L89xv8DAACAuVV9Vq/87pkHyyb9LbZq+eUi4unG+kDHpJtlVtvuBwAAAAAAAAAAAAB0yWD3Gt7LRcQwIp5eXS3Lsvqqa9ZH9ajbL7qu7z90Wds/5AEAYNfHzzTu5S8iliPicvpbf8PV1dWyXF5ZLVfLlaX8fna0tFyu1D7X5mm1bGl0iDfEg1FZfbPl2nZ10z4vT2tvfr/qsUZl/xAdm40WAweAiNh9Ndqe9Ir0P69Xi6ksn42W3+SwIA44/llQjn8Oo+3nKQAAAHD8yrIsi/TnvE+mc/69tjsFAMxEfv1vnhdQq9VqtVr95NV15Xh360VEbNa3qd4zGI4fABbMZnzSdhdokfw7bRARL7TdCWCuFW13gGOxff/OepHyLeqvB2l893wtyL78N4ud7fL246bTNK8xmdXzayv68dyE/jw/oz7Mk5x/r5n/ld32UVrv0fMv9/2asK1rjCblX+3niRb607acf7+Zf8NxH/+zshW9sfl3Vc5/cKT8+/IHAAAAAIA5ln//f2Kuzv+OHnZ3pjro/O/a2C2Ory8AAAAAAAAA8Lhs37+znu97zef/vzBmPfd/Pply/oX8Oynn32vk/9XGev3a/L23H+T/7/t31v9461+fz9PD5r+UZ4r0zCrSM6JIj1QM0vRR9u6ztob9UfVIw6LXH6Rrfsrhu3EtrsdGnN23bi/9fzxoP7evverpcKe97O+2n9/XPthrz9tf2Nc+TFcXlSu5/XSsx8/jeryz0161LU3Z/+Up7eWU9px/3/HfSdtpOnjw9WxVr6blRWNaufdR7zPHfX067nHeuvbF35w91j05nK3o7+1bXbV/L7XQn53/k6dG8cubGzdO375669aNc5Em+5aejzR5zPLxP0xfez//X95tzz/368frvY9GR85/XmzFYGL+L9fmq/19ZcZ9a0POf5S+cv7vpPbxx/8i5z/5+H+1hf4AAAAAAAAAAAAAAADAQcqy3LlF9K2IuJju/2nr3kwAYLby63+Z5OWzqvszfjy1esHrYs76M9P603K++qNWL2JdV473Zr2IiL/Vt6neM/x63DcDAObZpxHxz7Y7QWvk32H57/1V01NtdwaYqZsffPjTq9evb9y42XZPAAAAAAAAAICHlcf/XKuN/3yqLMu7jfX2jf/6dqw96vifgzyzN8DohIGq+0ffp4Ns9Ub9Xm248Rdj0vjfw725g8b/Hkx5vOGU9tGU9qUp7ctT2sfe6FGT83+xNt75qYg42Rh+vQvjvzbHvO+CnP9Ltedzlf9XGuvV8y9/v8j59/blf+bW+784c/ODD1+79v7V9zbe2/jZhXPnzl64ePHSpUtn3r12fePs7r8t9vh45fzz2NeuA+2WnH/OXP7dkvP/Uqrl3y05/y+nWv7dkvPP7/fk3y05//zZR/7dkvN/JdXy75ac/9dSLf9uyfm/murp+U/7jSaLJOf/9VQ7/rsl5/9aquXfLTn/06mWf7fk/M+k+pD5rxx3v5iNnH8+w+X475acf76yQf7dkvM/n2r5d0vO/0Kq5d8tOf/XUy3/bsn5fyPV8u+WnP/FVMu/W3L+30y1/Lsl538p1fLvlpz/t1It/27J+X871fLvlpz/G6mWf7fk/L+Tavl3S87/u6mWf7fk/L+Xavl3S87/zVTLv1se/P1/M2bMmMkzbf9kAgAAAAAAAAAAAACaZnE5cdv7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5DrLO4Cf/fTaIYmBkDqpgY1jQkg22bWd+IM2xYTPhq8SCIV+YLvetVlwbOO1S6CRbBookTAqqmgbLtoCQm1uKnLBBa0A5QK1QmoF7QXtBQKhchFVAQWkSrQCtppz3vfdmdnZmV3vePfMOb+fZD/eM2fmvHPmPWfn2fV/DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzW55zdwnhrIsa/zJ/9qeZc9r/Hvr5PZ82Ss3e4QAAADAev0i//u569OCw6u4U9M6//ySb315cXFxMXv3yJ+PfWZxMd0wmWVjW7Isvy166gfvGWpeJ3gsmxgabvp6uMfmR3rcPtrj9rEet4/3uH1Lj9snety+bAcss7X4eUz+YLvzf24vdml2QzaW37a7w70eG9oyPBx/lpMbyu+zOHYim89OZXPZTMv6xbpD+fpfvaWxrTdmcVvDTdva2ZghP3n0eBzDUNjHu1u2tfSY0Y9enU3+9CePHv/b88/e1Kn23A0tj1eM8/ZdjXF+LCwpxjqUbUn7JI5zuGmcOzu8JiMt4xzK79f4d/s4n1vlOEeWhrmh2l/ziWw4//e38/002vxjvbSfdoZlP7s1y7JLS8NuX2fZtrLhbFvLkuGl12eimJGNx2hMpRdko2uap7esYp426uzu1nnafkzE1/+WcL/RFcbQ/DL96KPjTa/7zxevZJ5GjWe90rHSPgf7fayUZQ7GefHt/Ek/3nEO7g7P/9HbVp6DHedOhzmYnnfTHNzVaw4Oj4/kY04vwlB+n6U5uKdl/ZF8S0N5fea27nNw+vzDZ6cXPvyRu+YfPnZy7uTc6X179szs27//4MGD0yfmT83NFH9f4d4uv23ZcDoGdoV9F4+Bl7et2zxVFz8/vuz8e6XH4USX43B727r9Pg5H25/c0MYckMvndHFsvLOx0ycuD2crHGP563PH+o/D9LybjsPRpuOw4/eUDsfh6CqOw8Y6Z+9Y3XuW0aY/ncaw8veC9c3B7U1zsP39SPsc7Pf7kbLMwYkwL757x8rfC3aG8T4+tdb3IyPL5mB6uuHc01iS3u9PHMxLp3l5c+OGa8azCwtz5+5+5Nj58+f2ZKFsiBc2zZX2+bqt6Tlly+br8Jrn6+H5lzx+c4fl28O+mrir8dfEiq9VY5177u7+WuXf3Trvz5ale7NQ+myj92en7+aN/TmeZZ/9xkcf/Nqjn33Nivuz0W9+bHr978VTX9p0/h1b4fwb+/5fFttLD/XYyNhocfyOpL0z1nI+bn2pRvNz11C+7eemV3c+Hgt/Nvp8fEOX8/GOtnX7fT4ea39y8Xw81OunHevT/npOhHlyaqb7+bixzo69a52To13Px7eGOhT2/ytCp5D6oqa5s9K8TdsaHR0Lz2s0bqF1nu5rWX8s9GaNbT25N7wpTKNc3Ty9/dZi/ZGm+0UbNU8n29bt9zxNP/taaZ4O9frp25Vpfz0nwry4YV/3edpY5+l71n/u3Br/2XTuHO81B8dGxhtjHkuTMD/fZ4tb4xy8OzuenclOZbP5reP5fBrKtzV17+rOlePhz0afK3d0mYO3t63b7zmYvo+tNPeGRpc/+T5ofz0nwrx44t7uc7CxzmsP9Pe96+1hSVqn6b1r+8/XVvqZ181tu+lqzZXRMM5vHOj+s9nGOqcOrrXP7L6f7gxLrumwn9qP35WOqdlsY/bTjjDOZw+uvJ8a42ms85lDq5xPh7Msu/jB+/Of94bfr1y88J0vt/zepdPvdC5+8P4fX3vin9YyfgAG3y+Lsq34Xtf0m6nV/P4fAAAAGAix7x8ONdH/AwAAQGXEvj/+r/BE/w8AAACVEfv+0VCTKvT/f9x7lR2vfXb+lxezlMxfDOLtaTc8UKwXM64z4evJxSWN5fd/ce5//vHi6oY3nGXZzx/4o47r73ggjqswGcb51Otaly/z5btWte2jD11M223Or38uPH58PqudBp0iuDNZln31+k/l25l8z+W8Pv3A0bw+eOnxxxrrPHeo+Dre/5kXFuv/VQj/Hj5xrOX+z4T98MNQZ97UeX/E+33p8it2HnjX0vbi/YZ2XZc/7SfeWzxu/JycTz9WrB/380rj/9onn/xSY/1HXtZ5/BeHO4//yfC4Xwz1f19crN/8GjS+jvf7eBh/3F68391f+HrH8T/1iWL9s68v1jsaatz+7eHr3a9/dr55fz0ydKzleWVvKNaL25/5zp/mt8fHi4/fPv6JI5db9kf7/Hj634vHmW5bPy6P24n+oW37jcdpnp9x+0/+ydGW/dxr+089+MyLG4/bvv0729Y7+8E78u0vPV7rJzb99cc/1XF7cTyH//5sy/M5/PZwHIftP/HeMB/D7f/3VPF47Z+ucPTtreefuP7ntl9seT7RG39abP+pV53M65aJrduued611116aWPfZdm3txSP12v7J//mTMv4P39jsT/i7TGj3779lcTtn/vQ1OkzCxfmZ9NeffT6/LNz3lyMJ473+nBubf/6yJnz75s7NzkzOZNlk9X9CL0r9oVQf1yUS93XXlx2Br3jofB63vyXX9122799Mi7/j3cWyy+/qfi+9fKw3qfD8u3h9Vvb9pd74pYb8+N76OkwwsXlnxe8Hjt3//fBXp/vmwvPv/19QZzvZ1/0vnw/NG7Lv2/E43qd4//ebPE4Xwn7dTF8MvOuG5e217x+/GyEy+8ojvd1779wmouv69+F1/stPyweP44rPt/vhfcxX9/Rer6L8+MrF4fbHz//FI9L4XySXSpuj2vF/X35uRs7Di9+Dkl26ab86z9Lj3PTmp7mShY+vDB9av70hUemz88tnJ9e+PBHjjx85sLp80fyz/I88v5e9186P23Lz0+zc/vvyfKz1ZmiXGWbPf6zDx2fPTBz2+zciWMXTpx/6OzcuZPHFxaOz80u3HbsxIm5D/W6//zsfXv2Htp3YO/UyfnZ+w4eOrTv0NT86TONYRSD6mH/zAemTp87kt9l4b57Du259957ZqYePjM7d9+BmZmpC73un39vmmrc+w+nzs2dOnZ+/uG5qYX5j8zdt+fQ/v17e34a4MNnTyxMTp+7cHr6wsLcueniuUyezxc3vvf1uj/VtPD94v1su6Hig/iyt925P30+a8MXP7riQxWrtH2A6LPhs2i++fyzB1fzdez7x0JNqtD/AwAAALnY94+Hmuj/AQAAoDJi378l1ET/DwAAAJUR+/6JUNN/CahJ/1+5/P+Oi6vavvy//H/z/pL/r1n+/x1ly/8X5wv5//5Yb/6+Dvn/Va0o/y//L/8v/y//Tx+ULf8f+/6tWeb3/wAAAFBRse/fFmqi/wcAAIDKiH3/NaEm+n8AAACojNj3Py/UpCb9v/y//L/8v/y//H/n7cv/Dyb5/+5Klv+faF8g/7/5+f+sXvn/S/0c/ybk/7c2fyH/TxmVLf8f+/5rQ01q0v8DAABAHcS+/7pQE/0/AAAAVEbs+68PNdH/AwAAQGXEvn97qElN+n/5/3Xl/1PmanDz/8WW5f/l/+X/5f+rQv6/u5Ll/5eR/9/8/L/r/w9U/r+F/D9lVLb8f+z7nx9qUpP+HwAAAOog9v0vCDXR/wMAAED5jF7Z3WLf/8JQk2X9/xVuAAAAANh0se+/IWsLgtfk9//y/67/X9rr/4/J/8v/F8qf/x/J5P/LQ/6/O/n/HvqR/78k/y//L/8v/09Utvx/3vdnE9mLQk1q0v8DAABAHcS+/8ZQE/0/AAAAVEbs+38l1ET/DwAAAJUR+/4doSY16f/l/yuT//9Z80tXify/6//L/wflz/+7/n+ZyP93J//fg+v/y//L/8v/01cLHTulzcv/x77/plCTmvT/AAAAUAex77851ET/DwAAAJUR+/5fDTXR/wMAAEBlxL5/Z6hJTfp/+f+S5/9jcrSO1/+X/5f/D8qc/5+Q/y8d+f/u5P97kP+X/5f/l/+nrxa+X7yfbbdZ+f/Y97841KQm/T8AAADUQez7XxJqov8HAACAyoh9/0tDTfT/AAAAUBmx758MNalJ/7+W/P/QJfn/lVzl6/+Pr+L6/y3k/zcl/z8q/1+oU/4/k/8vHfn/7uT/e5D/l/+X/5f/p6/Klv+Pff8toSY16f8BAACgDmLfvyvURP8PAAAAlRH7/ltDTfT/AAAAUBmx798dalKT/t/1/wci/5/J/w9E/t/1/wP5/87k/zeG/H938v89yP/L/8v/y//TV2XL/8e+/2WhJjXp/wEAAKAOYt9/W6iJ/h8AAAAqI/b9Lw810f8DAABAZcS+//ZQk5r0//L/8v/y//L/8v+dt7/h+f9L8v/9IP/fnfx/D/L/8v/y//L/9FXZ8v+x739FqElN+n8AAACog9j33xFqov8HAACAyoh9/52hJvp/AAAAqIzY90+FmtSk/5f/l/+vZv7/P+X/u2xf/r+k+X/X/+8L+f/u5P97kP+X/+9H/n8sLJD/l/9n0/P/8f1a/Dr2/XeFmtSk/wcAAIA6iH3/3aEm+n8AAACojNj3T4ea6P8BAACgMmLfPxNqUpP+X/5f/r+a+X/X/++2/XXl/1+69Ljy/wX5/3KR/+9O/r+Hfub/t8j/1zb/v67r/4/J/1Mpm53/b/869v17Qk1q0v8DAABAHcS+f2+oif4fAAAAKiP2/ftCTfT/AAAAUBmx778n1KQm/b/8v/y//L/8v+v/d96+/P9gkv/vrv/5//gU5f9d/1/+vz/5f9f/p1rKlv+Pff+9oSY16f8BAACgDmLfvz/URP8PAAAAlRH7/gOhJvp/AAAAqIzY9x8MNalJ/y//L/8v/y//L//fefvy/4NJ/r871//vQf5f/n+A8/+NuSX/T9mULf8f+/5DoSY16f8BAACgDmLf/8pQE/0/AAAAVEbs+38t1ET/DwAAAJUR+/5fDzWpSf8v/y//L/8v/7/J+f+xXvn/cfl/+f81kP/vTv6/B/l/+f8Bzv+vcP3/a8PN8v9sirLl/2Pff1+oSU36fwAAAKiD2Pf/RqiJ/h8AAAAqI/b9rwo10f8DAABAZcS+/3CoSU36f/n/Dcr/x4Xy//L/8v+u/y//f1XJ/3cn/9+D/L/8f/Xy//2+/n/7t+lE/p9Oypb/j33/q0NNatL/AwAAQB3Evv/+UBP9PwAAAFRG7PtfE2qi/wcAAIDKiH3/a0NNatL/y/+7/v/m5//HWsYu/790P/n/gvy//P9ayP93J//fg/y//L/8v+v/01dly//Hvv91oSY16f8BAACgDmLf//pQE/0/AAAAVEbs+98QaqL/BwAAgMqIff8bQ01q0v/L/8v/b37+3/X/5f8L8v/y//0g/9+d/H8P8v/y//L/8v/0Vdny/7Hv/81Qk5r0/wAAAFAHse9/INRE/w8AAACVEfv+N4Wa6P8BAACgMmLf/+ZQk5r0//L/8v/y//L/8v+dty//P5jk/7sbsPz/L64Ly+X/C/L/5R7/WvP/o21fX5X8/w9Wyv8vbmm/v/w/V0PZ8v+x739LqElN+n8AAACog9j3vzXURP8PAAAAlRH7/reFmuj/AQAAoDJi3/9boSY16f/l/xvjWEovy//L/+cL5P/l/+X/B5b8f3cDlv93/f828v/lHr/r/8v/s1zZ8v+x7397qElN+n8AAACog9j3Pxhqov8HAACAyoh9/ztCTfT/AAAAUBmx739nqElN+n/5f9f/l/+X/5f/77x9+f/BJP/fnfx/D/L/8v9ly///l/w/g61s+f/Y9z8UalKT/h8AAADqIPb97wo10f8DAABAZcS+/7dDTfT/AAAAUBmx7393qElN+n/5/0HJ/0/K/68x/z8elsn/y//L/9eL/H938v89yP/L/5ct/+/6/wy4suX/Y9//nlCT1ff/E6teEwAAALia2n+dlMS+/3dCTWry+38AAACog9j3/26oif4fAAAAKiP2/b8XalKT/l/+f1Dy/67/n7n+v/x/2/OR/5f/72Tj8v/xzLOm/P+WXtuX/5f/l/8f3PHL/8v/s1zZ8v+x7//9UJOa9P8AAABQB7Hvf2+oif4fAAAABkKn/5PdLvb9R0JN9P8AAABQGbHvPxpqUpP+X/5f/l/+v6T5/7/Y9S/f/dZbj+6R/5f/l/9fkw29/n/j4Hf9f/l/+f9E/l/+X/6fdmXL/8e+/1ioyVLj92YX+AcAAIDBFvv+Pwg1qcnv/wEAAKAOYt9/PNRE/w8AAACVEfv+2VCTmvT/8v+bmP8fzbJM/l/+v4LX/4/7Y5Dy/1NbBij/H0+68v8dbWj+/11LOXH5/7Xm/8c7Lm3P/w/J/7eQ/1/z+L+ZZdmGjf/iv8r/y//Trmz5/9j3z4Wa1KT/BwAAgDoIff/wiaIu3aD/BwAAgMqIff/JUBP9PwAAAFRG7PvfF2pSk/5f/t/1/+X/5f9d/7/z9kub/3f9/67k/7srT/6/M9f/l/8f5PG7/r/8P8uVLf8f+/75UJOa9P8AAABQB7Hvf3+oif4fAAAAKiP2/R8INdH/AwAA/8/efTxZXpd7HD8NTc1MUbfq7u7iLu7du3LNQlYu9A9wwYaFlqEUVMyJwRwx54CWihgwgCImzAlMKGJExSxiwoSojMX08zzTPf3r3+meOd3nd77f12vhIy3jaS0EPoxvvkAzcvc/PG7pZP/r//X/Tfb/h/T/Y5+v/9f/t0z/P07/P4f+X/+v/9f/s1BT6/9z9z8ibulk/wMAAEAPcvdfELfY/wAAANCM3P0Xxi32PwAAADQjd/8j45ZO9r/+X//fZP9/39sfevd99P87fb7+X//fMv3/OP3/HPp//b/+X//PQk2t/8/d/6i4pZP9DwAAAD3I3f/ouMX+BwAAgGbk7r8obrH/AQAAoBm5+x8Tt3Sy/0/q/9dmffb/mfHq/1vq/73/v+Pn6//1/y072P7/knt+z6f/1//r/4P+X/+v/+dkU+v/c/c/Nm7pZP8DAABAD3L3Py5usf8BAACgGbn7Hx+32P8AAADQjNz9T4hbOtn/3v/3/r/+X/+v/x/+fP3/avL+/7ie+v+Lbjr7gjuu+d9r9/L5+n/9v/5f/89iTa3/z93/xLilk/0PAAAAPcjd/6S4xf4HAACAZuTuf3LcYv8DAADACjoy+NXc/U+JWzrZ//p//b/+P/r/w/p//b/+vwX6/3E99f+n8vn6f/2//l//z2JNrf/P3f/UuKWT/Q8AAAA9yN3/tLjF/gcAAIDpGvo/Yo/I3X9x3GL/AwAAQDNy9x+NWzrZ//r//e///63/X43+3/v/+n/9fxP0/+P0/3Po//X/+n/9Pws1tf4/d/8lcUsn+x8AAAB6kLv/6XGL/Q8AAADNyN3/jLjF/gcAAIBm5O5/ZtzSyf7X/3v/X/+v/z/4/n/jd7b6/xP/rer/F0f/P07/P4f+/3T7+bP0//p//T+b7bH/v2vkd9sL6f9z9z8rbulk/wMAAEAPcvc/O26x/wEAAKAZufufE7fY/wAAANCM3P3PjVs62f/6f/2//l//f8r9//bf9I7z/v8w/f/B0P+Pm0z/v7Y++GX9/8r3/97/1//r/9liau//5+5/XtzSyf4HAACAHuTuf37cMrL/9/wX8wEAAIClyt3/grjFz/8DAADAysvqLHf/C+OWTva//l//r//X/x/8+/+r3/9fu+n70/9Pi/5/3GT6/x3o//X/q/z96//1/2w3tf4/d/+L4pZO9j8AAAD0IHf/pXGL/Q8AAADNyN3/4rjF/gcAAIBm5O5/SdzSyf4f7v9P/OuT7v9PjoRn+v+k/2+7/89/R/3/aP9/rvf/+6T/H6f/n0P/r//X/+/U/x+Z9+P1/wyZWv+fu/+lcUsn+x8AAAB6kLv/ZXGL/Q8AAADNyN3/8rjF/gcAAIBm5O5/RdzSyf73/r/+X/+/ev2/9/83LPP9/9mB9//r+v9dWm7/v3Z3/hFU/39q37/+X/+/yt9/k/3/WbOt7/+P/F0A9P8MmVr/n7v/lXFLJ/sfAAAAepC7/1Vxi/0PAAAAq2Hz/3dg6K242ax2/6vjFvsfAAAAmpG7/zVxSzv7f/StTv2//l//r//X/w9//oMvW59Np//3/v9uef9/nP5/Dv3/fvTz6431/5ft9OOn0P9fvH/v/9973o/X/zNkS/9/3YmvL6v/z93/2rilnf0PAAAA3cvd/7q4xf4HAACAZuTuf33cYv8DAABAM3L3vyFu6WT/73v/P/J3H9D/6//1//r/aff/U3r/X/+/W/r/cfr/OfT/3v/3/r/+n9O36U8Zt/T/myyr/8/d/8a4pZP9DwAAAD3I3f+muMX+BwAAgGbk7r8sbrH/AQAAoBm5+98ct3Sy/73/r//X/+v/9f/Dn6//X02n1d+fof8v+n/9v/5f/6//ZwGm1v9v3f397X8AAADowVuO/+Ph+Ov19j8AAAC0KHf/W+MW+x8AAACakbv/bXFLJ/tf/7+//X9+Xf+v/5/p//X/+v8D0e37/2tDfyTabof+/4aHHL3/1q/o//X/+n/9v/6fXfrvkX9tEv3/sRN/dpm7/+1xSyf7HwAAAHqQu//yuMX+BwAAgGbk7n9H3GL/AwAAQDNy918Rt+xx/481D1Om//f+v/5f/6//H/58/f9q6rb/3yXv/8+h/9f/6//1/yzUJPr/Tb+cu/+dcYuf/wcAAIBm5O5/V9xi/wMAAEAzcve/O26x/wEAAKAZufvfE7d0sv/1//p//b/+X/8//Pn6/9Wk/x+n/59jlfr/K06j/18f/vKy+/nTtezvX/+v/2e7qfX/ufuvjFs62f8AAADQg9z9741b7H8AAABoRu7+98Ut9j8AAAA0I3f/++OWTva//l//r//X/+v/hz9f/7+a9P/j9P+z2eyqkW9gqP8/dmia/b/3/yf3/ev/9f9sN7X+P3f/B+KWTvY/AAAA9CB3/1Vxi/0PAAAAzcjdf3XcYv8DAABAM3L3fzBu6WT/6//1//p//b/+f/jz9f+rSf8/Tv8/xyq9/6//n9z3r//X/7Pd1Pr/3P0fils62f8AAADQg9z918Qt9j8AAAA0I3f/h+MW+x8AAACakbv/2rilk/2v/9f/6//1/wP9//H/qev/9f+raP/6/5n+X/+v/59D/6//1/9zsqn1/7n7PxK3dLL/AQAAoAe5+z8at9j/AAAA0Izc/R+LW+x/AAAAaEbu/o/HLZ3sf/2//l//r//3/v/w5+v/V5P3/8fp/+fQ/+v/9f/6fxZquP+/eGn9f+7+T8Qtnex/AAAA6EHu/uviFvsfAAAAmpG7/5Nxi/0PAAAAzcjd/6m4pZP9r//X/2/t/2cz/b/+X/+/YaD/v/nOy/+rfnkB/f/hmf5/4fT/4/T/c+j/2+z/z5g11P8f2fHH6/+Zoqm9/5+7/9NxSyf7HwAAAHqQu/8zcYv9DwAAAM3I3f/ZuMX+BwAAgGbk7v9c3NLJ/tf/6/8X/P7/becPfB/6/w36/5Xv/73/vwL0/+P0/3Po/9vs/73/r/9naabW/+fu/3zc0sn+BwAAgB7k7v9C3GL/AwAAQDNy938xbrH/AQAAoBm5+78Ut3Sy//X/+v8F9//e/9f/6/93oP8/GPr/cfr/OfT/zfX/+Wf3+n/9P8sxtf4/d/+X45ZO9j8AAAD0IHf/9XGL/Q8AAADNyN1/Q9xi/wMAAEAzcvd/JW7pZP/r//X/+v/V7P8Pb+n/z5zp/0/8+vr/vk2l/z/nnPvdqP/X/+v/l9//e/9f/89yTa3/z93/1bilk/0PAAAAPcjd/7W4xf4HAACAZuTu/3rcYv8DAABAM3L3fyNu6WT/b+//z5ptFKobhvr/aNT0/5vo/7d+//r/4d8+vP+v/9f/77+p9P/e/z+171//r/9f5e9/T/3//2//8fp/WjS1/j93/41xSyf7HwAAAHqQu/+bcYv9DwAAAM3I3f+tuMX+BwAAgGbk7r8pbulk/3v/X/+v/9f/6/+HP1//v5r0/+P0/3Po//X/3v+/8IFn6v9ZnKn1/7n7vx23dLL/AQAAoAe5+2+OW+x/AAAAaEbu/u/ELfY/AAAANCN3/3fjlk72v/5f/6//1//r/4c/X/+/mvT/4/T/5eT/aBv66f8PD31x2f386Vr2999M/+/9fxZoav1/7v7vxS2d7H8AAADoQe7+78ct9j8AAAA0I3f/D+IW+x8AAACakbv/h3FLJ/tf/6//b7//P1//f9Ln6//1/y3T/+cf0Yfp/+fop/8ftOx+ftW/f/2//p/tptb/5+6/JW7pZP8DAABAD3L3/yhusf8BAACgGbn7fxy32P8AAADQjNz9P4lbOtn/+v+++v+1WY/9v/f/9f/6/57o/8fp/+fQ/+v/9f/6fxZqav1/7v5b19a73P8AAACwqh5wr4fdsttf99bj/3h49tO45dzZsV3+NDYAAAAwcffs/rX12exnx3/Jz/8DAABAi3L3/zxu6WT/6//76v/7fP9f/6//1//3RP8/Tv8/h/5f/6//1/+zUFPr/3P3/yJu2TT81vf8nxIAAACYktz9v4xbOvn5fwAAAOhB7v5fxS3b9r+/HSAAAACsqtz9v45bOvn5f/3/xPv/2T71//Hr6f836P/1/0Ofr/9fTfr/cafZ/x9b0//r/0fo//X/+n9ONrX+P3f/b+KWTvY/AAAANGrLX1HI3X9b3GL/AwAAQDNy9/82brH/AQAAoBm5+2+PWzrZ//r/A+//M1Xfx/f/j9Q/8/5/5/3/pYcHP1//r/9vmf5/nPf/59D/t9L/H9L/6/+Zhqn1/7n7fxe3dLL/AQAAoAe5+38ft9j/AAAA0Izc/X+IW+x/AAAAaEbu/j/GLZ3sf/3/xN//P6X+fxfv/+v/++j/d/j8dvr//zn76PXnPejqK/X/nHCQ/X/+tnDA/f+hvf57bqb/n0P/30r/7/1//T8Tsfj+f33LF/fa/+fu/1Pc0sn+BwAAgB7k7r8jbrH/AQAAoBm5+/8ct9j/AAAA0Izc/X+JWzrZ//p//f9U+v/873oJ/f/RU+7/j8xms6X0/9kU997/e/9f/7+d9//H6f/n0P/r//X/+n8WavH9/9Yv7rX/z93/17ilk/0PAAAAPcjd/7e4Jff/2p7/0j0AAAAwMbn7/x63+Pl/AAAAaEbu/jvjlk72v/5f/z+V/j95///Ej2vr/f/zKk7ts///v/pn+v/9pf8fp/+fQ/+v/9f/6/9ZqKn1/7n7/xG3dLL/AQAAoAe5+++KW+x/AAAAaEbu/n/GLfY/AAAANCN3/7/ilk72v/6/1f4/i3j9v/5/Kv2/9/+9/38w9P/j9P9z6P/1//p//T8LNbX+P3f/fwIAAP//krZdRQ==")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r0, r0, 0x0, 0x800000009)

6m4.285300791s ago: executing program 4 (id=566):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100008e88052086800095d8b601020301090212000100000000090401"], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000280)={&(0x7f0000000600), 0xc})

6m1.370796261s ago: executing program 4 (id=578):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./file2\x00', 0x402, &(0x7f00000001c0)=ANY=[], 0x1, 0x242, &(0x7f0000000380)="$eJzsmL+LE0EUx7+zu5kkIqLNFTYKHhjRSy57KNeE8wTBysYTtdLgrceZvYskK5iA4mFjo52FYGPhP2BxxdV2/gOCFioIFqawEEQOVt7O7GbiJpdltfN9iuE7M2/m/ZjNKwKGYf5bPn/68fHJucWVUwD2YxZFvf7VBoRQ2jLsPzy/e/JZ4/yL1+9fvdk8cH/nz/voSBjuhuZCaQ//DoDKso0g8RTGZ3+RmNWTFRQTfRkWTmh9BQJVrW/AKsT3evgZKoDbELim19tkX63eWve96s22v0pinoY6DS4NI/lSfIMtgVU9pxuFsd/t9VtN3/c6hnD03pitXCJx1ppJ1a8AicGyhYaOluKj+K8+frRFK3Ft5mEl9avDQl0nsbCblAmLKMa1USUx8j/sDPO3i4l7etpW0x+brb4V05Is+b5nd3uN7/+kWKY4NJfveIXSOatXHgDQWweRJwwMTy3B6xQw3LLpSx0xPpr55jKADJ9OJBzjdTDeeEm/aI4EL6aymCCeZor570WuLGIxM9h5m976op9SMeZ4KKa7ECPfj9zLuJQ15jik/BUro9+yclZMTv51A++2Vf8IXwocB2TcPxyjf9WCjTu1bq8/t77RXPPWvE3XXTgjgIen3VrUiNSY6nvD/lyO+tM+oz8XJthKS+JeMwg6dTVKIVFGEHTcaO4aP5tL2+1v1/WxABcAHFMTapsyudFO+RBS2ViRLalK2ohhGIZhGIZhGIZhGIZhGCYrI394HoFAOB1XWf8OAAD//5X0aKk=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0x189000, 0x1)

6m0.370735259s ago: executing program 4 (id=579):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000240), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100040000002c00048005000300010000000500030080ffffff05000300016900000500030080ffffff0500030004e300000800020003"], 0x50}}, 0x0)

5m58.825866386s ago: executing program 4 (id=586):
r0 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x78)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$kcm(0x29, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "08004e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000300))
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7e)
close_range(r3, 0xffffffffffffffff, 0x0)

5m58.198932641s ago: executing program 32 (id=586):
r0 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x78)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$kcm(0x29, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "08004e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000300))
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7e)
close_range(r3, 0xffffffffffffffff, 0x0)

3m15.720267966s ago: executing program 1 (id=1269):
r0 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x78)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$kcm(0x29, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "08004e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000300))
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7e)
close_range(r3, 0xffffffffffffffff, 0x0)

3m14.38191674s ago: executing program 1 (id=1276):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000001000)=ANY=[], 0xfc, 0x6194, &(0x7f0000004a40)="$eJzs3c9vHGf9B/DP/vSPfJtaPVT9Rgi5aflRSpM4KSFQoO0BDlx6QDmCErluFZECSgJKK4u48oUDJ/4CEBJHhDgiDvwBPXDlxokTkWwkUE8MWvt54tnNbu3U9s7az+slOTOfeWbtZ/a9sz8yM/sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDf/c73VloRceNnacFSxP9FJ6IdsTColyNiYXkpr9+NiOdipzmejYjeXMTg9jv/PB3xakR8dDZia3t9dbD48gH78e0//O23Pzjz1l9/37v4nz/e67w2ab3793/57z89ONw2AwAAQGmqqqpa6WP+ufT5vt10pwCAqciv/1WSl5/6+lf/eOvPs9QftVqtVqunUNdV4z2oFxGxUb/N4D2Dw/EAcMJsxMdNd4EGyb9o3Yg403QngJnWaroDHIut7fXVVsq3VX89WN5tz+eCDOW/0Xp0fcek6X5GzzGZ1uNrMzrxzIT+LEypD7Mk598ezf/Gbns/rXfc+U/LpPz7u5c+FSfn3xnNf8Tpyb89Nv9S5fy7T5R/R/4AAAAAADDD8v//LzV8/Hfu8JtyIJ90/Hd5Sn0AAAAAAAAAgKN22PH/HjH+HwAAAMyswWf1gV+f3Vs26bvYBsuvtyKeGlkfKEy6WGax6X4AAAAAAAAAAAAAQEm6u+fwXm9F9CLiqcXFqqoGP3Wj9ZM67O1PutK3H0rW9JM8AADs+ujsyLX8rYj5iLievuuvt7i4WFXzC4vVYrUwl9/P9ufmq4Xa59o8HSyb6x/gDXG3Xw1+2XztdnX7fV7er3309w3+Vr/qHKBjR6SX7s0JzQ2FDQDJ7qvRllekU6aqnp705gOG2P9PoaVYavpxxexr+mEKAAAAHL+qqqpW+jrvc+mYf7vpTgEAU5Ff/0ePCxyqbk9ojzia369Wq9VqtfpT1XXVeA/qRURs1G8zeM9gOH4AOGE24uOmu0CD5F+0bkQ813QngJnWaroDHIut7fXVVsq3VX89SOO753NBhvLfaO3cLt9+3HQ/o+eYTOvxtRmdeGZCf56dUh9mSc6/PZr/jd32flrvuPOflkn593cumStPzr8zmv+I05N/e2z+pcr5d58o/478AQAAAABghuX//19y/DdvMgAAAAAAAACcOFvb66v5utd8/P8zY9Zz/efplPNvPWn+C2le/idazr89kv8XR9br1OYfvrm3//9re331d/f++f95etD85/JMKz2yWukR0Up/qdVN08Ns3eM2e53+4C/1Wu1ON53zU/XeiVtxO9bi0tC67XR/7LWvDLUPetobar881N59rP3KUHsvfe9AtZDbL8Rq/Dhux9s77f3hu32s+X3un2qf9px/x/N/kXL+3drPIP/F1N4amQ48/LD92H5fn477O2/c+uwvLh3/5uxrMzqPtq1usH3nG+jPzn1yph8/vbt258L9m/fu3VmJNBlaejnS5Ijl/Hs7P3N7z/8v7LbnJ6D6/vrww/4T5z8rNqM7Mf8XavOD7X1pyn1rQs6/n35y/m+n9vH7/0nOf/L+/3ID/QEAAAAAAAAAAAAAAIBPUlXVziWib0TE1XT9T1PXZgIA05Vf/6skL1cfef39MxGz1B+1Wq1WF1jXVeO9Xi8i4i/12wzeM/x83C8DAGbZfyPi7013gsbIv2D5+/4G0xeb7gwwVXff/+CHN2/fXrtzt+meAAAAAAAAAACfVh7/c7k2/vOLEbE0st7Q+K9vxvJhx//s5plHA4we8UDfE2y2+512bbjx52NnfO4Lk8b/Ph+Pj/+dx8Tt1Ldjgt4+7f192uf2aZ8fu3QvrbEXetTk/J+vjXc+yP/cyPDrJYz/OjrmfQly/udrj+dB/l8YWa+ef/Wbmct/46ArbkZ7KP+L9977ycW773/wyq33br679u7aj66srFy6cvXqtWvXLr5z6/bapd1/j6fXMyDnn8e+dh5oWXL+OXP5lyXn/7lUy78sOf/Pp1r+Zcn55/d78i9Lzj9/9pF/WXL+L6Va/mXJ+X8p1fIvy9b2+twg/5dTLf+y5P3/y6mWf1ly/q+kWv5lyflfSLX8y5Lzv5jqA+Tv6+FPkZx/PsJl/y9Lzn8l1fIvS87/cqrlX5ac/5VUy78sOf9XUy3/suT8v5Jq+Zcl53811fIvS87/q6mWf1ly/tdSLf+y5Py/lmr5lyXn//VUy78sOf/XUi3/suT8v5Fq+Zcl5//NVMu/LDn/b6Va/mXJ+b+eavmXZe/7/82YMWMmzzT9zAQAAAAAAAAAAAAAjJrG6cRNbyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuNUaus74f+Jm9ee0QYiAEJ38Da8cY4yzZ9SW+8K8bE5IQEijNtaSX2K537Sz4Fq9dkjSSTQMlEo6KKqqmL9oCitpIVYVV8YJWKc2LqpdXTfuCvqmoKiE1qkIUUJHaimarmfM8j2dmZ2dmveP17Dmfj2T/dmfOzDlz5szsftf+7gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqLfhY9NfrmRZVv1T+2ttlr2t+vHqsbW1yz5ytbcQAAAAWKr/rf395nXpgv1d3Khumb993z98e25ubi77zODvDH9tbi5dMZZlw6uyrHZddPHfHq3ULxM8m41WBuo+H+iw+sEO1w91uH64w/UjHa5f1eH60Q7Xz9sB86zOfx5Tu7NNtQ/X5rs0uz4brl23qcWtnq2sGhiIP8upqdRuMzd8JJvJjmXT2WTD8vmyldryL2+oruueLK5roG5d66tHyI+eORy3oRL28aaGdV26z+iHH83GfvyjZw7/0ZnXb2w1O+6GhvvLt3PLxup2fjFckm9rJVuV9knczoG67Vzf4jkZbNjOSu121Y+bt/PNLrdz8NJmLqvm53w0G6h9/GptPw3V/1gv7af14bL/ujnLsvOXNrt5mXnrygayNQ2XDFx6fkbzI7J6H9VD6Z3Z0KKO0w1dHKfVObWp8Thtfk3E539DuN3QAttQ/zT98Asj8573xR6nUfVRL/RaaT4Ge/1a6ZdjMB4Xr9Ye9HMtj8FN4fE/s3nhY7DlsdPiGEyPu+4Y3NjpGBwYGaxtc3oSKrXbXDoGtzUsP1hbU6U2X9vc/hicOHP81MTsU09/eOb4oaPTR6dP7Ni2bXLHrl179uyZODJzbHoy//sy93b/W5MNpNfAxrDv4mvgg03L1h+qc9/o3etwtM3rcG3Tsr1+HQ41P7jK8rwg5x/T+WvjoepOH70wkC3wGqs9P1uX/jpMj7vudThU9zps+TWlxetwqIvXYXWZU1u7+55lqO5Pq224Ul8L1tYdg83fjzQfg73+fqRfjsHRcFz8y9aFvxasD9v73Phivx8ZnHcMpocb3nuql6Tv90f31Ear4/Km6hXXjGRnZ6dP3/rkoTNnTm/LwlgW76o7VpqP1zV1jymbd7wOLPp43T/zvuduanH52rCvRj9c/Wt0weequszOW9s/V7Wvbq33Z8Ol27Mwemy592err+bV/ZmyZJv9WV3mixNL/1485dK699/hBd5/Y+5/K19fuqtnB4eH8tfvYNo7ww3vx41P1VDtvatSW/ebE929Hw+HP8v9fnx9m/fjdU3L9vr9eLj5wcX340qnn3YsTfPzORqOk2OT7d+Pq8us277YY3Ko7fvxzWFWwv7/UEgKKRfVHTsLHbdpXUNDw+FxDcU1NB6nOxqWHw7ZrLqul7Zf3nG65eb8vgbTo7tkuY7TsaZle32cpverhY7TSqefvl2e5udzNBwX1+9of5xWl3ll59LfO1fHD+veO0c6HYPDgyPVbR5OB2H+fj+3Oh6Dt2aHs5PZsWyqdu1I7Xiq1NY1flt3x+BI+LPc75Xr2hyDW5qW7fUxmL6OLXTsVYbmP/geaH4+R8Nx8cJt7Y/B6jJ37u7t965bwiVpmbrvXZt/vrbQz7xuatpNV/JnXtXt/Ovd7X82W13m2J7F5sz2++mWcMk1+UUj9fup+fW70GtqKlue/bQubOfrexbeT9XtqS7ztb1dHk/7syw798QdtZ/3hn9f+bOz3/t2w7+7tPo3nXNP3PHGtUf+ZjHbD8DK91Y+1uRf6+r+Zaqbf/8HAAAAVoSY+wfCTOR/AAAAKIyY++P/Ck/kfwAAACiMmPuHwkxKkv/X3fn6zFvnstTMnwvi9Wk33JsvFzuuk+HzsblLqpff8eL0T/7iXHfrHsiy7Kf3/nrL5dfdG7crNxa28+JdjZfPv+G5rtZ/8OFLy9X3178e7j8+nm4Pg1YV3Mksy16+7vnaesYevVCbr9x7sDYfOP/cs9Vl3tybfx5v/9q78uV/P5R/9x851HD718J++EGYk/e13h/xdt+68KH1ux+5tL54u8rGt9ce9guP5fcbf0/OV5/Nl4/7eaHt/8uvvPSt6vJPfqD19p8baL39L4X7fTHM/35vvnz9c1D9PN7uS2H74/ri7W795ndbbv/FL+fLn7o7X+5gmHH9W8Lnm+5+faZ+fz1ZOdTwuLKP58vF9U9+77dq18f7i/ffvP2jBy407I/m4+OVf8rvZ6Jp+Xh5XE/0503rr95P/fEZ1//Sbx5s2M+d1n/xgdfeW73f5vXf0rTcYNPtm39j0x986fmW64vbs/9PTzU8nv33h9dxWP8Lj4XjMVz/Pxefb1hvdPD+xvefuPzX155reDzRPT/O13/x9qO1+e9jP/m9a9527dvPv7+677Ls1Qfz++u0/qN/eLJh+79xw9ba8xGvjx395vUvJK7/9OfHT5ycPTszVbdXa78755P59qwaXb2mur3XhffW5s8PnDzz+PTpscmxySwbK+6v0Lts3wzzjXycX+zttz4cns+bfvflNZv/8Svx8n9+KL/8wn35160PhuW+Gi5fmz9/c5Ulrv+FDTfUXt+VV/LPG3rsPbB+03/s6WrB8Pibvy+Ix/updz9e2w/V62pfN+Lreonb//2p/H6+E/brXPjNzBtvuLS++uXj70a48GD+el/y/gtvc/F5/ePwfH/qB/n9x+2Kj/f74fuY765rfL+Lx8d3zg0033/tt3icD+8n2fn8+rhU3N8X3ryh5ebF30OSnb+x9vlvp/u5cVEPcyGzT81OHJs5cfbJiTPTs2cmZp96+sDxk2dPnDlQ+12eBz7b6faX3p/W1N6fpqZ37cwmV2dZdjKbXIY3rCuz/dWPutv+Uw8fnto9uXlq+sihs0fOPHxq+vTRw7Ozh6enZjcfOnJk+vOdbj8ztW/b9r07dm8fPzoztW/P3r079o7PnDhZ3Yx8ozrYNfm58ROnD9RuMrtv595tt922c3L8+Mmp6X27JyfHz3a6fe1r03j11r82fnr62KEzM8enx2dnnp7et23vrl3bO/42wOOnjsyOTZw+e2Li7Oz06Yn8sYydqV1c/drX6fYU0+y/5t/PNqvkv4gv+/Qtu9LvZ6168QsL3lW+SNMvEH09/C6av3/HqT3dfB5z/3CYSUnyPwAAAJRBzP0jYSbyPwAAABRGzP2rwkzkfwAAACiMmPtHw0xKkv/1//X/u+v/59fr/5er/3/qibxXutL7/7E/r/9fDle5/7/k9ev/6/8Xr//ffX9+pW+//r/+P/P1W/8/5v7VWVbK/A8AAABlEHP/mjAT+R8AAAAKI+b+a8JM5H8AAAAojJj73xZmUpL8r//fVf9/e6fCVfH7/87/r/+frcz+f3xy9P9LY9H9+0ceavhU/z/Q/9f/1//X/9f/Z8mGF7zmavX/Y+6/NsykJPkfAAAAyiDm/reHmcj/AAAAUBgx918XZiL/AwAAQGHE3L82zKQk+V//3/n/9f/1/wvd/1/q+f/rNkb/f2Vw/v/2Ft3/X6X/313/f1T/fyX2/4d7u/393f/vuPn6/1wR/Xb+/5j73xFmUpL8DwAAAGUQc/87w0zkfwAAACiMmPvfFWYi/wMAAEBhxNx/fZhJSfK//r/+v/6//r/+f+v1dz7/f/6R/n9/0f9vz/n/O3D+/3L1/3u8/f3d/+/1+f+H72q+vf4/rfRb/z/m/neHmZQk/wMAAEAZxNx/Q5iJ/A8AAACFEXP/e8JM5H8AAAAojJj714WZlCT/6//r/+v/6//r/7def+f+f07/v7/o/7en/9+B/r/+v/5/d/3/Ft/86v/TSr/1/2PuvzHMpCT5HwAAAMog5v6bwkzkfwAAACiMmPv/X5iJ/A8AAACFEXP/+jCTkuR//X/9f/3/cvX/bxnR/9f/L7Zi9v97902J/n8H+v/6//r/XZ7/f77F9P9XdbozCqPf+v8x9783zKQk+R8AAADKIOb+94WZyP8AAABQGDH3vz/MRP4HAACAwoi5fyzMpCT5X/+/WP3/P/mrF96f6f/r/3dYf0H7//Ew0P8vuWL2/3tH/78D/X/9f/3/Zen/Ux791v+PuX9DmElJ8j8AAACUQcz9G8NM5H8AAAAojJj7bw4zkf8BAACgMGLu3xRmUpL8r/9frP5/pP+v/99u/QXt/yf6/+Wm/99C3YtU/78D/X/9/9L3/+N3v/r/9Ea/9f9j7v9AmElJ8j8AAACUQcz9m8NM5H8AAAAojJj7PxhmIv8DAABAYcTcvyXMpCT5X/9f/1//X/9f/7/1+vX/Vyb9//YW2/8f0f/X/9f/L1n/3/n/6a1+6//H3P+hMJOS5H8AAAAog5j7t4aZyP8AAABQGPH/b+b/71X+BwAAgCKKuX88zKQk+V//X/+/TP3/iv6//r/+f+Hp/7fn/P8d6P/r/+v/6//TU/3W/4+5/8NhJiXJ/wAAAFAGMfffGmYi/wMAAEBhxNw/EWYi/wMAAEBhxNw/GWZSkvyv/6//X6b+v/P/6//r/xef/n97+v8d6P/r/xet/59l+v9cVf3W/4+5f1uYSUnyPwAAAJRBzP3bw0zkfwAAACiMmPt3hJnI/wAAAFAYMffvDDMpSf7X/y9q/38u0//X/19o/fr/+v9Fpv/fnv5/B/r/+v9F6/87/z9XWb/1/2Puvy3MpCT5HwAAAMog5v5dYSbyPwAAABRGzP27w0xC/m/1/7oBAACAlSXm/j1hJiX593/9/4L0/3/j7xrW7fz/+v/t1t+b/v9q/f8w9f/7S0H7/80vi8um/9+B/r/+v/6//j891W/9/5j794aZlCT/AwAAQBnE3P+RMBP5HwAAAAoj5v7/H2Yi/wMAAEBhxNz/M2EmJcn/+v8F6f830f/X/2+3fuf/1/8vsoL2/3umUP3/Af1//f/+2n79f/1/5rvy/f/4UXf9/5j794WZlCT/AwAAQBnE3P+zYSbyPwAAABRGzP23h5nI/wAAAFAYMffvDzMpSf7X/9f/1//X/78y/f/bs2b92P+vHjz6/8Wi/99eofr/zv+v/99n26//r//PfP12/v+Y+z8aZlKS/A8AAABlEHP/HWEm8j8AAAAURsz9Hwszkf8BAACgMGLuvzPMpCT5X/9f/1//X//f+f9br1//f2XS/29P/78D/X/9f/1//X96qt/6/zH33xVmUpL8DwAAAGUQc//dYSbyPwAAABRGzP0fDzOR/wEAAKAwYu6/J8ykJPlf/1//X/9f/1//v/X69f9XJv3/9vT/O9D/1//X/9f/p6f6rf8fc/8nwkxKkv8BAACgDGLuvzfMRP4HAACAwoi5/74wE/kfAAAACiPm/k+GmZQk/+v/6//r/+v/6/+3Xr/+/8qk/9+e/n8H+v/6//r/+v/0VL/1/2Pu/1SYSUnyPwAAAJRBzP0/F2Yi/wMAAEBhxNz/6TAT+R8AAAAKI+b+nw8zKUn+1//X/++v/v/cufrb6f/r/2e96v9Xb9Rd/38k3o/+/8qk/9+e/n8HLfr/q/T/9f/1//X/uWz91v+Puf/+MJOS5H8AAAAog5j7Hwgzkf8BAACgMGLufzDMRP4HAACAwoi5/6Ewk5Lkf/3/Uvb/00Puv/6/8//r/zv/v/7/0uj/t6f/34Hz/+v/6//r/9NT/db/j7n/4TCTkuR/AAAAKIOY+x8JM5H/AQAAoDBi7v+FMBP5HwAAAAoj5v7PhJmUJP9fVv8/ll71/5MV1v/v4/P/F63/P9RwfJSp/z9a93ym41L/X/9/Gej/t6f/34H+v/5/P/f/w9G8eoHb6//Tj/qt/x9z/6NhJiXJ/wAAAFAGMff/YpiJ/A8AAACFEXP/L4WZyP8AAABQGDH3/3KYSUnyv/P/6//r/9f3/z/h/P/O/6//v8Lp/7en/9+B/r/+fz/3/zvQ/6cf9Vv/P+b+XwkzWTD4vfGfXTxMAAAAoI/E3P9YmElJ/v0fAAAAyiDm/gNhJvI/AAAAFEbM/QfDTEqS//X/m/v/8Yyq+v/l7P/3+vz/jceH/r/+v/7/lde7/v97rs0y/X/9f/1//f/l7P8P6P9TOP3W/4+5/1CYSUnyPwAAAJRBzP2/GmYi/wMAAEBhxNx/OMxE/gcAAIDCiLl/KsykiPm/uVR7dfv/w/3Z/3f+/8vt//9U/1//P9D/b03/f3k4/397+v8d6P/r/zv/v/4/PdVv/f+Y+6fDTIqY/wEAAKBc0o+DY+4/EmYi/wMAAEBhxNx/NMxE/gcAAIDCiLn/8TCTkuR/5//X/3f+/6vR/x9qWF7/P6f/r//fC/r/7en/d6D/r/+v/6//T0/1W/8/5v6ZMJOS5H8AAAAog5j7PxtmIv8DAABAYcTc/7kwE/kfAAAACiPm/mNhJiXJ//r/+v9l7/9Xsuy88//r/7dav/7/yqT/357+fwf6//r/+v/6//RUv/X/Y+4/HmZSkvwPAAAAZRBz/4kwE/kfgP9j7z6a7DqrPQ4f+9oKo8tHYMyIIYzMR2DKjCrGFMnkYJucweQcTM45J5NzztnkHE00VImStNaSWn20j8LpPnu/63km60pl3e62W771v6qfXwAAhpG7/15xi/0PAAAAw8jdf++4pcn+1//r/7v3/6udvP+/96/X/5+m/9f/b8O+/v6q9X/d+aLw8/b/d7zTtXfX/+v/9f+T9P/6f/0/55pb/5+7/z5xS5P9DwAAAB3k7r9v3GL/AwAAwDBy998vbrH/AQAAYBi5+6+NW5rsf/2//l//r//f0//frP/X/y+b9/+n6f830P/r//X/+n+2am79f+7++8ctTfY/AAAAdJC7/wFxi/0PAAAAw8jd/8C4xf4HAACAYeTuf1Dc0mT/6//1//r/pfT/R7z/f87Xo//X/6+j/5+m/99A/6//1//r/9mqufX/ufsfHLc02f8AAADQQe7+h8Qt9j8AAAAMI3f/Q+MW+x8AAACGkbv/YXFLk/2v/9f/6/+X0v8f0vv/+n/9/8LdtDrz74TD7v+PbOG/P6D/n3f/v1rp/6dccD+//stbzud/Hvp//T/7za3/z93/8LjlLqvVkUv9IgEAAIBZyd3/iLilyZ//AwAAQAe5+6+LW+x/AAAAGEbu/uvjlib7X/+v/9f/6//1/+s/vv5/mbz/P+3y+/873O6e9+jb/3v/f5r3/7fd/5/8ztD/s2xz6/9z998QtzTZ/wAAANBB7v5Hxi32PwAAAAwjd/+j4hb7HwAAAIaRu//RcUuT/a//H63//789v+6s/v9U7aL/1//r//X/o9P/T/P+/wan/jV3vH6o/9f/e/9f/8/lmVv/n7v/MXFLk/0PAAAAHeTuf2zcYv8DAADAMHL3Py5usf8BAABgGLn7Hx+3NNn/+v/R+v+9v877//r/dR9f/6//H5n+f5r+f4NR3v+/xO+aXffzl2vXn7/+X//PfnPr/3P3PyFuabL/AQAAoIPc/U+MW+x/AAAAGEbu/ifFLfY/AAAADCN3/5Pjlib7X/+v/19G/58fQf+v/z/4/j/p/5dJ/z9N/7/BKP3/Jdp1P7/0z1//r/9nv7n1/7n7nxK3NNn/AAAA0EHu/qfGLfY/AAAADCN3/9PiFvsfAAAAhpG7/+lxS5P9r//X/y+j//f+v/7f+//6/wuj/5+m/99A/6//1//r/9mqufX/uftvjFua7H8AAADoIHf/M+IW+x8AAACGkbv/mXGL/Q8AAADDyN3/rLilyf7X/+v/9f/6f/3/+o+v/18m/f80/f8G+n/9v/5f/89Wzaj/P+tXHVs9O25psv8BAACgg9z9z4lb7H8AAAAYRu7+58Yt9j8AAAAMI3f/8+KWJvtf/z+b/v9UzjdW/398tVrp/1dN+//jZ/3zrO9L/b/+/xDo/6fp/zc4+RvyxBX6f/2//l//z5Ycbv9/8t/50/89gNz9z49bmux/AAAA6CB3/wviFvsfAAAAhpG7/4Vxi/0PAAAAw8jd/6K4pcn+1//Ppv8/Zaz+3/v/535/dOr/vf+/n/7/cOj/p+n/N/D+v/5f/6//Z6sOt//f/OPc/S+Om45cfclfIgAAADAzuftfErc0+fN/AAAA6CB3/0vjFvsfAAAAFurGfT+Tu/9lcUuT/a//327/f+Ssn9P/6//P/f7Q/+v/9f8HT/8/Tf+/gf5f/6//1/+zVXPr/3P3vzxuabL/AQAAoIPc/TfFLfY/AAAADCN3/yviFvsfAAAAhpG7/5VxS5P9r//3/r/+X/+v/1//8fX/y6T/n6b/30D/r//fbf9/9Mz/eLD9//E1v17/z0G4iP7/xIkT1x14/5+7/1VxS5P9DwAAAB3k7n913GL/AwAAwDBy978mbrH/AQAAYBi5+18btzTZ//r/pv1/fqsvq/+/frXS/+v/9f/6/2n6/2n6/w30//p/7//r/9mqub3/n7v/dXFLk/0PAAAAHeTuf33cYv8DAADAMHL3vyFusf8BAABgGLn73xi3NNn/+v+m/b/3//X/+v/D7v9vW+n/D8Ui+v91D2+Huff/N+j/9f8T2vX/d73znh/q//X/7De3/j93/5vilib7HwAAADrI3f/muMX+BwAAgGHk7n9L3GL/AwAAwDBy9781brqqyf7X/+v/9f/6f/3/+o9/yO//H1mtVvr/LVhE/z9h7v3/dt7/P/d3+Rn6f/3/kj9//b/+n/3m1v/n7n9b3NJk/wMAAEAHufvfHrfY/wAAADCM3P3viFvsfwAAABhG7v53xi1N9r/+X/+v/9f/D9//37CI/t/7/1ui/582j/7//PT/+v8lf/76f/0/F25X/X/u/nfFLU32PwAAAHSQu//dcYv9DwAAAMPI3f+euMX+BwAAgGHk7n9v3NJk/+v/9f8X0//n56n/H6v/Pzq7/v/Ynv99Td7/1/9vif5/mv5/A/2//l//f6P+n22a2/v/ufvfF7c02f8AAADQQe7+98et/9et/Q8AAADDyN3/gbjF/gcAAIBh5O7/YNzSZP/r//X/3v/X/w///r/+vxX9/zT9/wb6f/2//t/7/2zV3Pr/3P0filua7H8AAADoIHf/h+MW+x8AAACGkbv/I3GL/Q8AAADDyN1/c9zSZP/r//X/+n/9v/7/9D9D/f8Y9P/TDqf/P67/1/9XP39F/C7Q/+v/N/16xjS3/j93/0fjlib7HwAAADrI3f+xuMX+BwAAgGHk7v943GL/AwAAwCJdtebncvd/Im5psv/1//p//b/+X/+//uPr/5dpJ/1/flPo/73/H/r0/7ff86Olvf9/7v/90v/r/9m+ufX/ufs/Gbc02f8AAADQQe7+T8Ut9j8AAAAMI3f/p+MW+x8AAACGkbv/M3FLk/2v/9f/6//1//r/9R9f/79M3v+fpv/fQP+/0/fzl/756//1/+w3t/4/d/9n45Ym+x8AAAA6yN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwTu3+jMsa7n/9v/5f/6//1/+v//j6/2XS/0/T/2+g/9f/6//1/2zV3Pr/L5z6VcdWX4xbmux/AAAA6CB3/5fiFvsfAAAAhpG7/8txi/0PAAAAw8jd/5W4pcn+1//r/5fR/584ceI6/b/+f+/Xc6b/v0X/T9H/T9P/b6D/1//r//X/bNXc+v/c/V+NW5rsfwAAAOggd//X4hb7HwAAAIaRu//rcYv9DwAAAMPI3f+NuKXJ/tf/z6D/P6b/9/6//n/l/X/9/5bo/6fp/zcYsf8/duFf/q77+cu1689f/6//Z7+59f+5+78ZtzTZ/wAAANBB7v5vxS32PwAAAAwjd/+34xb7HwAAAIaRu/87cUuT/a//P7z+/+Tfuy7v/x9frf/89f/6f/2//v+g6f+n6f83GLH/vwi77ueX/vnr//X/7De3/j93/3fjlr3D7+qL+yoBAACAOcnd/724pcmf/wMAAEAHufu/H7fY/wAAADCM3P0/iFua7H/9/wze/x+w//f+//rvD/3/rPv/K/X/Y9D/T9P/b6D/1//r/7fU/+d3s/6/u7n1/7n7fxi3NNn/AAAA0EHu/h/FLfY/AAAADCN3/4/jFvsfAAAAhpG7/5a45az9v67tHoX+X/+v/9f/6//Xf3z9/zLp/6ddaP9/dHV5/X/S/+v/9f9d+3/v/3Pa3Pr/3P0/iVv8+T8AAAAsztXn+fnc/T+NW+x/AAAAGEbu/p/FLfY/AAAADCN3/8/jlluv3NWndKj0//p//b/+X/+//uPr/5dJ/z/N+/8b6P+30c9fo/8fo/9frfT/XL659f+5+38Rt/jzfwAAABhG7v5fxi32PwAAAAwjd/+v4hb7HwAAAIaRu//XcUuT/a//1/9fZv9/Ks3U/5+m/z9N/7+e/v9w6P+n6f830P97/1//7/1/tmpu/X/u/t/ELU32PwAAAHSQu/+3cYv9DwAAAMPI3f+7uMX+BwAAgGHk7v993NJk/++s/4+/1fr/xff/3v8/8P7/5Fen/9f/6/8vlP5/mv5/A/2//l//r/9nq+bW/+fu/0Pc0mT/AwAAQAe5+/8Yt9j/AAAAMIzc/X+KW+x/AAAAGEbu/j/HLU32v/f/9f/6/7n3/0O//79a6f/1/1um/5+m/1+v/kHp//X/+n/9P1s1t/4/d/9f4pYm+x8AAAA6yN3/17jF/gcAAIBh5O6/NW6x/wEAAGAYufv/Frc02f/6f/2//l//7/3/9R9f/79M+v9pu+z/7/b/mz+s9/933v/np6D/1//r/9mKufX/ufv/Hrc02f8AAADQQe7+f8Qt9j8AAAAMI3f/P+MW+x8AAACGkbv/X3FLk/2/of8/Wn+h/n+S/n/v56//X//9of/X/+v/D57+f9p0/3/W7+Zm7/8X/b/3//X/+n+2am79f+7+f8ctTfY/AAAAdJC7/7a4xf4HAACAYeTu/0/cYv8DAADAMHL3/zduabL/vf+/pP7/Gv2//l//r//X/2+g/5+2y/f/L4T+X/+/5M9f/6//Z7+59f+5+/8XAAD//1wjSv8=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
ioctl$SG_GET_COMMAND_Q(r0, 0x2270, 0x0)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x5)

3m12.126267879s ago: executing program 1 (id=1292):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$sndseq(0xffffffffffffff9c, 0x0, 0x8040)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b702000000000000850000008600000095000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
open(&(0x7f0000000200)='./file0\x00', 0xc0, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000004500)={0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x4000)
setresuid(r5, 0xffffffffffffffff, 0x0)
capset(0x0, 0x0)
request_key(&(0x7f0000000300)='logon\x00', &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0xa}, 0x1c)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x110}, 0x0)
sendmmsg$unix(r0, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24040841}}], 0x1, 0x4c054)

3m9.694626444s ago: executing program 1 (id=1300):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000400)='./file0\x00', 0x2000002, &(0x7f0000000240)={[{@iocharset={'iocharset', 0x3d, 'cp857'}}, {@mode={'mode', 0x3d, 0x8}}, {@gid}, {@rootdir={'rootdir', 0x3d, 0x4}}, {@gid}, {@uid}, {@nostrict}, {@anchor={'anchor', 0x3d, 0xf87a}}, {@umask={'umask', 0x3d, 0x70f0}}]}, 0x1, 0xc46, &(0x7f0000000580)="$eJzs3U9sHNd9B/DfG5LiSm4iJnYUJ42LTVuksmK5+hdTsQp3VdNsA8iyEIq5BeCKXKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcjIYzOxbcUmTEi2K+mN9Pgn13Z15b/a9easZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cv7EyfSgWwEA3E8Xx75+4pT7PwA8Vi77738AAAAAAAAAAAAAAHjYpSjiyUgxd3EtTVTvO2oX2gM3bo6PjG5f7WCqavZV5cuf2slTp8985YXhs9280J65Tf177fPx2tjl8/WXZ6/PzbcWFlpT9fGZ9uTsVGvXR9hr/a2OVSegfv31G1NXry7UTz1/etPum0PvDz5xZOjc8LPHn+mWHR8ZHR3bKFLrLd9/1w3p2GmGx4Eo4nikeO4HP0/NiChi7+eidn/HfquDVSeOVZ0YHxmtOjLdbs4sljsvdU9EEVHvqdTonqPtxyL6B+5rH3bWiFgqm182+FjZvbG55nzzynSrfqk5v9hebM/OXEqd1pb9qUcRZ1PEckSsDn74cANRRH+k+N7htXQlIvq65+HL1cTgndtR7GMfd6FsZ30gYrl4BMbsITYYRbwaKX7xztGYzNeZ6lrzpYhXy/xRxFtlvhSRyi/GmYj3tvke8WjqjyL+shz/c2tpqroedK8rF75R/9rM1dmest3ryke8P3zoSvGA7g8Ht+T98ZBfm2pRRLO64q+lu//DDgAAAAAAAAAAAAAAAAD32sEo4nOR4pX/+JNqXnFU89IPnxv+w6FP9M4Zf/oOxynLPh8RS8Xu5uQeyBMDL6VLKT3gucSPs1oU8ad5/t93HnRjAAAAAAAAAAAAAAAAAAAAHmtF/CxSvPju0bQcvWuKt2eu1S83r0x3VoXtrv3bXTN9fX19vZ462cg5kaqlo9eX8vvlnCs5V3NGkevnbOScyLmUcznnSs7VnNGX6+ds5JzIuZRzOedKztWcZSur+jkbOSdyLuVczrmSczVnPCRr9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfJwUUcQHkeK731pLkSKiETERnVwZfNCtAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKg6mIH0aK+h81bm3rj4hU/b/jaPnLmWgcKPPT0Rgu86VonM/ZrLK/8Z0H0H72ZiAV8dNIMVh7+9aA5/Ef6Ly79TWIt7698e7z/Z3s6+4cen/wiSOHzw2P/sbTO71O2zXg2IX2zI2b9fGR0dGxns39+dM/3bNtKH9ucW+6TkQsvPHm683p6db83b8ovwJ7qP4IvUj9j0tPvaheRP8ej1NexR54L+6y7zwGyvv/e5Hid9/9z+4Nv3P/r8Wvdd7dusPHL/9s4/7/4tYD7fL+37+1Xr7/l/f07e7/T/ZsezH/aWSgP6K2eH1u4EhEbeGNN4+3rzevta61Zs6cOPHV4eGvnj4xcCCidrU93ep5dU9OFwAAAAAAAAAAAAAAAMD9k4r4/UjR/OlaqkfEzWq+1tC54WePP9MXfdV8q03ztl8bu3y+/vLs9bn51sJCa6o+PtOenJ1q7fbjatV0r/GR0X3pzB0d3Of2H6y9PDv3xnz72h8vbrv/UO38lYXF+ebk9rvjYBQRjd4tx6oGj4+MVo2ebjdnqqqXtp1M/9ENpCL+K1JMnqmnL+Ztef7/1hn+m+b/L2090D7N//9Uz7byM1Mq4peR4nf+6un4YtXOQ/Ghc5bL/V2kOHb2C7lcHCjLddvQea5AZ2ZgWfb/IsU/fbC5bHc+5JMbZU/u+sQ+IsrxPxwpfvgX34/fzNs2P/9h+/E/tPVA+zT+T/VsO7TpeQV77jp5/I9HipeefDt+K2+73fM/us/eOJoL33o+xz6N/2d6tg3lz/3te9N1AAAAAAAAAACAR9pAKuLvI8WPR/vTC3nbbv7939TWA+3Tv//6bM+2qXuzXtEdX+z5pAIAAADAQ2IgFfGzSHFt8e1bc6g3z//umf/5exvzP0fSlr3V3/N9snpuwL38+79eQ/lzJ/bebQAAAAAAAAAAAAAAAAAAAHiopFTEC3k99YlqPv/Ujuupr0SKV/7nuVwuHSnLddeBH6p+rV2cnTl+fnp6drK52Lwy3aqPzTUnW2XdpyLF2t9+IdctqvXVu+vNd9Z431iLfT5SjP5Dt2xnLfbu2uRPdcsutU6WZT8VKf77HzeX7a5j/ZmN454qy/5NpPjmv2xf9shG2dNl2e9Hip98s94te6gs230+6mc3yj4/OVvs5jR/8qOPDAAAAAAAAAAAAAAAAAAAAI+TgVTEn0eK/72+fGsuf17/f6DnbeWtb/es97/FzWqd/6Fq/f+dXt/N+v/VcwWWdvpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4eEpRxJuRYu7iWloZLN931C60Z27cHB8Z3b7awVTV7KvKlz+1k6dOn/nKC8Nnu3n7+vfa5+K1scvn6y/PXp+bby0stKbq4zPtydmp1q6PsNf6Wx2rTkD9+us3pq5eXaifev70pt03h94ffOLI0LnhZ48/0yn7ifr4yOjoWE+Z/oGP8HmDt9+ddth+IIr460jx3A9+nn48GFHE3s/FHb47++1g1YljVSfGR0arjky3mzOL5c5L3RNRRNR7KjW65yiP257GYj81IpbK5pcNPlZ2b2yuOd+8Mt2qX2rOL7YX27Mzl1KntWV/6lHE2RSxHBGr23xHBqKI1yPF9w6vpX/N41+dhy9fHPv6iVM7t6PYxz7uQl/Zt4GI5eJ2Y3aH3xTEYBTxz5HiF+8cjX8bjOiPzk98KeLVMn8U8VZ0xjuVX4wzEe85rR8b/VHE/5fjf24tvTNYXg+615UL36h/bebqbE/Z7nXlkb8/xH28mD/k95NaFPGT6oq/lv7d72sAAAAAAAAAAAAAAACAh0gRvx4pXnz3aKrmB9+aU9yeuVa/3Lwy3ZnW1537150zvb6+vl5PnWzknMi5lHM550rO1ZxR5Po5G2XW1tcn8vulnMs5V3Ku5oy+XD9nI+dEzqWcyzlXcq7mjP5cP2cj50TOpZzLOVdyrua8n9MHAQAAAAAAAAAAAAAAAACAx0dR/S/Fd7+1ltYHq/Wl+7r7VqwH+rH3qwAAAP//3v/zCw==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0/../file0'}}]})

3m7.642365746s ago: executing program 1 (id=1307):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="2072dc"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000002580)={&(0x7f0000000180)=[{0xc0, 0x0, 0x0, 0x0}], 0x1})

3m6.529326384s ago: executing program 1 (id=1313):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000), 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

3m6.01952081s ago: executing program 33 (id=1313):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000), 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

7.05116156s ago: executing program 3 (id=2186):
openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)={0x8000203d})

6.806788231s ago: executing program 3 (id=2187):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00'})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

6.641189095s ago: executing program 3 (id=2189):
socket$inet_smc(0x2b, 0x1, 0x0)
futex(0x0, 0x9, 0x0, 0x0, 0x0, 0x1)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd37fc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9"], 0x4, 0x619d, &(0x7f0000000780)="$eJzs3cuOHFcZB/Cv+jaXEMfKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgCYsmKB8iCLTseAEs2EiirFKqZc8Y1nW732M509cz5/aRx1denavqU/119marqEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/PAHPz5bRcTlX6Ubjkd8LvoRvYiVpl6LiJW143n5QUQ8H9vN8VxEDJciqtz4TMRrEfHRsYh792+vNzed22c/vv+Xf/7hJ0/96B9/Gp7+319v9l+fttytW7/979/uPP72AgAAQInquq6r9DH/RPp83+u6UwDAXOTX/zrJt6sXrt5csP6o1Wq1+hDWbfVkd9pFRGy212neMzgcDwCHzGZ83HUX6JD8izaIiKe67gSw0KquO8CBuHf/9nqV8q3arwdrO+35XJA9+W9Wu9d3TJvOMn6OybweX1vRj2en9GdlTn1YJDn/3nj+l3faR2m5g85/XqblP9q59Kk4Of/+eP5jjk7+vYn5lyrnP3ik/PvyBwAAAACABZb//n+84+O/S0++KfvysOO/a3PqAwAAAAAAAAB81p50/L9dlfH/AAAAYFE1n9Ubvzv24LZp38XW3H6pinh6bHmgMOlimdWu+wEAAAAAAAAAAAAAJRnsnMN7qYoYRsTTq6t1XTc/beP1o3rS9Q+70rcfStb1kzwAAOz46NjYtfxVxHJEXErf9TdcXV2t6+WV1Xq1XlnK72dHS8v1SutzbZ42ty2N9vGGeDCqm1+23Fqvbdbn5Vnt47+vua9R3d9Hx+ajw8ABICJ2Xo3ueUU6Yur6mej6XQ6Hg/3/6LH/sx9dP04BAACAg1fXdV2lr/M+kY7597ruFAAwF/n1f/y4gFqtVqvV6qNXt9WT3WkXEbHZXqd5z2A4fgA4ZDbj4667QIfkX7RBRDzfdSeAhVZ13QEOxL37t9erlG/Vfj1I47vnc0H25L9Zba+X1580nWX8HJN5Pb62oh/PTunPc3PqwyLJ+ffG87+80z5Kyx10/vMyLf9mO4930J+u5fz74/mPOTr59ybmX6qc/+CR8u/LHwAAAAAAFlj++//xhTr+O3rczZnpYcd/1w7sXgEAAAAAAADgYN27f3s9X/eaj/9/YcJyrv88mnL+lfyLlPPvjeX/1bHl+q35u289yP8/92+v//Hmvz+fp/vNfynPVOmRVaVHRJXuqRqk6ZNs3adtDfuj5p6GVa8/SOf81MN34mpci404s2fZXvr/eNB+dk9709Phdnvd32k/t6d9sNue1z+/p32YznSqV3L7qViPn8e1eHu7vWlbmrH9yzPa6xntOf++/b9IOf9B66fJfzW1V2PTxt0Pe5/a79vTSffz5tUv/ubMwW/OTFvR3922tmb7XuygP9v/J0+N4pc3Nq6funXl5s3rZyNN9tx6LtLkM5bzH6af3ef/l3ba8/N+e3+9++HokfNfFFsxmJr/S635ZntfnnPfupDzH6WfnP/bqX3y/n+Y85++/7/SQX8AAAAAAAAAAAAAAADgYeq63r5E9M2IuJCu/+nq2kwAYL7y63+d5NvnVfcfd/0/792OrvqvVs+5rhasP3OtP6kXqz9q9WGs2+rJ3mgXEfH39jrNe4ZfT/plAMAi+yQi/tV1J+iM/AuWv++vmZ7sujPAXN14/4OfXrl2beP6ja57AgAAAAAAAAA8rjz+51pr/OeTdV3fGVtuz/ivb8Xak47/OcgzuwOMThmouv/o2/QwW71Rv9cabvyFmDb+93B37mHjfw9m3N9wRvtoRvvSjPblGe0TL/Royfm/0Brv/GREnBgbfr2E8V/Hx7wvQc7/xdbjucn/K2PLtfOvf3+Y8+/tyf/0zfd+cfrG+x+8evW9K+9uvLvxs/Nnz545f+HCxYsXT79z9drGmZ1/O+zxwcr557GvnQdalpx/zlz+Zcn5fynV8i9Lzv/LqZZ/WXL++f2e/MuS88+ffeRflpz/y6mWf1ly/l9LtfzLkvN/JdXyL0vO/+upln9Zcv6vplr+Zcn5n0q1/MuS8z+d6n3mv3LQ/WI+cv75CJf9vyw5/3xmg/zLkvM/l2r5lyXnfz7V8i9Lzv+1VMu/LDn/b6Ra/mXJ+V9ItfzLkvP/ZqrlX5ac/8VUy78sOf9vpVr+Zcn5fzvV8i9Lzv/1VMu/LDn/76Ra/mXJ+X831fIvS87/e6mWf1ly/m+kWv5lefD9/2bMmDGTZ7p+ZgIAAAAAAAAAAAAAxs3jdOKutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe3cXI9dZ3w/8zL557UBiIOTv5G/C2jHGOJvs+iV+oXUx4bXhrSSEQl+wXe/aLPgNr10CjWpHgRIJo6KKtuGiLSDU5qbCqrigFaBcoFaVKpH2gt4gKlQuoiqggFSJVpCtZs7zPDszOzuz6x07Z875fKTkl505M+fMmWdm92vnuwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBsy5tmP1PLsqxWq+UXbMyyl9Tn+omNjUte/+IeHwAAALB2v2z8+/lb0gWHV3Cjpm3+6c7vfn1hYWEh+8Dwn45+YWEhXTGRZaPrsqxxXXT1hx+sNW8TPJ6N14aavh7qsfvhHteP9Lh+tMf1Yz2uX9fj+vEe1y85AUusz2rpzrY1/nNjfkqzW7PRxnXbOtzq8dq6ofq5S7fNao3bLIyeyOayU9lsNt2yfb5trbH9N7fU9/X2LO5rqGlfm+sr5KePHo/HUAvneFvLvhbvM/rxG7OJn/300eN/feG52zvNnqeh5f7y49yxtX6cnwqX5Mday9alcxKPc6jpODd3eE6GW46z1rhd/b/bj/P5FR7n8OJh3lDtz/l4NtT472ca52mklnU4T5vDZT+/K8uyy4uH3b7Nkn1lQ9mGlkuGFp+f8XxF1u+jvpReno2sap1uWcE6rc+Zba3rtP01EZ//LeF2I8scQ/PT9OPHxpqe918sXMs6jeqPernXSvsa7PdrpShrMK6LZxoP+omOa3BbePyPbl9+DXZcOx3WYHrcTWtwa681ODQ23Djm9CTUGrdZXIO7WrYfbuyp1pjPbu++BqcunD43Nf+JT94zd/rYydmTs2f27No1vWffvgMHDkydmDs1O53/+xrPdvFtyIbSa2BrOHfxNfDatm2bl+rCl8eWvP9e6+twvMvrcGPbtv1+HY60P7jajXlBLl3T+WvjffWTPn5lKFvmNdZ4fnau/XWYHnfT63Ck6XXY8XtKh9fhyApeh/Vtzu1c2c8sI03/dDqG5b8XrG0Nbmxag+0/j7SvwX7/PFKUNTge1sX3dy7/vWBzON4nJlf788jwkjWYHm5476lfkn7eHz/QGJ3W5R31K24ayy7Oz56/95FjFy6c35WFcUO8ommttK/XDU2PKVuyXodWvV4Pz935xB0dLt8YztX4PfV/jS/7XNW32Xtv9+eq8d2t8/lsuXR3Fkaf3ejz2em7ef18jmXZF7/z2IPfevSLb1r2fNbz5qem1v6zeMqlTe+/o8u8/8bc/0K+v3RXjw+PjuSv3+F0dkZb3o9bn6qRxntXrbHv56dW9n48Gv650e/Ht3Z5P97Utm2/349H2x9cfD+u9frTjrVpfz7Hwzo5Nd39/bi+zabdq12TI13fj+8KsxbO/+tCUki5qGntLLdu075GRkbD4xqJe2hdp3tath8N2ay+r6d2X9s63XFXfl/D6dEtulHrdKJt236v0/RnX8ut01qvP327Nu3P53hYF7fu6b5O69s8vXft753r4382vXeO9VqDo8Nj9WMeTYuw8X6fLayPa/De7Hh2NjuVzTSuHWusp1pjX5P3rWwNjoV/bvR75aYua3BH27b9XoPp+9hya682svTB90H78zke1sWT93Vfg/Vt3ry/vz+77giXpG2afnZt//O15f7M646203S91spIOM7v7O/+Z7P1bU4dWG3O7H6e7g6X3NThPLW/fpd7Tc1kN+Y8bQrH+dyB5c9T/Xjq23zh4ArX0+Esyy597P7Gn/eGv1/5u4vf+3rL37t0+judSx+7/ycvPfGPqzl+AAbfC/nYkH+va/qbqZX8/T8AAAAwEGLuHwozkf8BAACgNGLuj/9XeCL/AwAAQGnE3D8SZlKR/L/pzc/NvXApS838hSBen07DA/l2seM6Hb6eWFhUv/z+r87+9z9cWtm+h7Is+8UDf9Bx+00PxOPKTYTjvPqW1suX+Po9K9r30Ycvpf0299e/FO4/Pp6VLoNOFdzpLMu+ecvnGvuZ+OCVxnz6gaON+eDlJx6vb/P8wfzrePtnX5Fv/xeh/Hv4xLGW2z8bzsOPwpx+R+fzEW/3tSuv27z//Yv7i7erbb258bCf/FB+v/H35Hz+8Xz7eJ6XO/5vffapr9W3f+Q1nY//0lDn438q3O9Xw/yfV+XbNz8H9a/j7T4djj/uL97u3q98u+PxX/1Mvv25t+bbHQ0z7n9H+HrbW5+baz5fj9SOtTyu7G35dnH/09/748b18f7i/bcf//iRKy3no319PP1v+f1MtW0fL4/7if6+bf/1+2len3H/T/3R0Zbz3Gv/Vx989lX1+23f/91t25372M7G/hfvr/U3Nv3lpz/XcX/xeA7/7bmWx3P4veF1HPb/5IfCegzX/+/V/P7af7vC0fe2vv/E7b+08VLL44ne/rN8/1ffcLIx142v33DTS1568+VX189dlj2zLr+/Xvs/+VdnW47/y7fl5yNeHzv67ftfTtz/+Y9Pnjk7f3FuJp3VR29p/O6cd+bHE4/3lvDe2v71kbMXPjx7fmJ6YjrLJsr7K/Su2VfC/Ek+LnffemHJO+jOh8Pzeceff3PD9n/9bLz839+XX37lHfn3rdeG7T4fLt8Ynr/V7X+pJ7fc1nh9154OR7iw9PcFr8Xmbf91YEUbhsff/nNBXO/nXvnhxnmoX9f4vhFf12s8/h/M5PfzjXBeF8JvZt562+L+mrePvxvhykP5633N5y+8zcXn9W/C8/2uH+X3H48rPt4fhJ9jvr2p9f0uro9vXBpqv//Gb/G4HN5Pssv59XGreL6vPH9bx8OLv4cku3x74+s/Sfdz+6oe5nLmPzE/dWruzMVHpi7Mzl+Ymv/EJ4+cPnvxzIUjjd/leeQjvW6/+P60ofH+NDO7b2/WeLc6m4/r7MU+/nMPH5/ZP719ZvbEsYsnLjx8bvb8yePz88dnZ+a3HztxYvbjvW4/N3No1+6De/bvnjw5N3PowMGDew5Ozp05Wz+M/KB62Df90ckz5480bjJ/aO/BXffdt3d68vTZmdlD+6enJy/2un3je9Nk/da/P3l+9tSxC3OnZyfn5z45e2jXwX37dvf8bYCnz52Yn5g6f/HM1MX52fNT+WOZuNC4uP69r9ftKaf5/8h/nm1Xy38RX/aeu/el389a99XHlr2rfJO2XyD6XPhdNP/8snMHVvJ1zP2jYSYVyf8AAABQBTH3j4WZyP8AAABQGjH3rwszkf8BAACgNGLuHw8zqUj+L13/f9OlFe1f/1//v/l86f9XrP//UNH6//n7hf5/f6y1f6//H+j/6//r/+v/6//TB0Xr/8fcvz7LKpn/AQAAoApi7t8QZiL/AwAAQGnE3H9TmIn8DwAAAKURc/9Lwkwqkv/1//X/9f/1//X/O+9f/38w6f93p//fg/7/VFat/v/lfh6//r/+P0sVrf8fc/9Lw0wqkv8BAACgCmLuvznMRP4HAACA0oi5/5YwE/kfAAAASiPm/o1hJhXJ//r/+v/6//r/+v+d96//P5j0/7vT/+9B/9/n/+v/6//TV0Xr/8fc/7Iwk4rkfwAAAKiCmPtfHmYi/wMAAEDxjFzbzWLuf0WYyZL8f407AAAAAF50MfffmrUVwSvy9//6//r/xe//r0vX6f/r/2eF7P8PZ/r/xaH/353+fw/6//r/+v/6//RV0fr/jdyfjWevDDOpSP4HAACAKoi5/7YwE/kfAAAASiPm/v8XZiL/AwAAQGnE3L8pzKQi+V//X/+/+P1/n/+v/1/0/r/P/y8S/f/u9P970P/X/9f/1/+nr4rW/4+5//Ywk4rkfwAAAKiCmPvvCDOR/wEAAKA0Yu7//2Em8j8AAACURsz9m8NMKpL/9f8L3v+PzVH9f/1//X/9f/3/FdH/707/vwf9f/1//X/9f/qqaP3/mPtfFWZSkfwPAAAAVRBz/51hJvI/AAAAlEbM/a8OM5H/AQAAoDRi7p8IM6lI/tf/L3j/P+/Bj/n8f/1//X/9f/3/ldH/707/vwf9f/3/vvT/Fy7p/+v/kyta/z/m/i1hJhXJ/wAAAFAFMfdvDTOR/wEAAKA0Yu6/K8xE/gcAAIDSiLl/W5hJRfK//v9A9P8z/X/9f/1//X/9/5XR/+9O/78H/X/9f5//r/9PXxWt/x9z/2vCTCqS/wEAAKAKYu7fHmYi/wMAAEBpxNz/2jAT+R8AAABKI+b+HWEmFcn/+v/6//r/+v/6/533r/8/mPT/u9P/70H/X/9f/1//n74qWv8/5v7XhZlUJP8DAABAFcTcvzPMRP4HAACA0oi5/+4wE/kfAAAASiPm/skwk4rkf/1//X/9f/1//f/O+9f/H0z6/93p//eg/6//r/+v/09fFa3/H3P/PWEmFcn/AAAAUAUx998bZiL/AwAAQGnE3D8VZiL/AwAAQGnE3D8dZlKR/K//r/+v/6//v6r+/6sX71f/P6f/Xyz6/93p//eg/6///6L3/0f1/ymVovX/Y+7fFWZSkfwPAAAAVRBz/+4wE/kfAAAASiPm/j1hJvI/AAAAlEbM/XvDTCqS//X/9f/1//X/ff5/5/3r/w8m/f/u+t//jw9R/1//X//f5//r/7NU0fr/MfffF2ZSkfwPAAAAVRBz/74wE/kfAAAASiPm/v1hJvI/AAAAlEbM/QfCTCqS//X/9f/1//X/9f8771//fzDp/3fn8/970P/X/9f/1/9njR76w+avitb/j7n/YJhJRfI/AAAAVEHM/a8PM5H/AQAAoDRi7v+VMBP5HwAAAEoj5v5fDTOpSP7X/9f/1//X/9f/77x//f/BpP/fnf5/D/r/+v/6//r/9FXR+v8x9x8KM6lI/gcAAIAqiLn/18JM5H8AAAAojZj73xBmIv8DAABAacTcfzjMpCL5X/9f/1//X/9f/7/z/m90/38s3q/+/5ro/3en/9+D/r/+v/6//j99VbT+f8z9bwwzqUj+BwAAgCqIuf/+MBP5HwAAAEoj5v43hZnI/wAAAFAaMfe/OcykIvlf/1//X/9f/1//v/P+ff7/YNL/707/vwf9f/1//X/9f/qqaP3/mPvfEmZSkfwPAAAAVRBz/1vDTOR/AAAAKI2Y+98WZiL/AwAAQGnE3P/2MJOK5H/9f/1//X/9f/3/zvvX/x9M+v/d6f/3oP+v/6//r/9PXxWt/x9z/6+HmVQk/wMAAEAVxNz/QJiJ/A8AAAClEXP/O8JM5H8AAAAojZj73xlmUpH8r/+v/6//r/+v/995//r/g0n/v7sB6///8uZwuf5/Tv+/2Me/2v7/SNvX16X//8Pl+v8L69pvr//P9VC0/n/M/e8KM6lI/gcAAIAqiLn/3WEm8j8AAACURsz97wkzkf8BAACgNGLu/40wk4rkf/3/+nEstpf1/8va/x/S/9f/1/+vCP3/7gas/+/z/9vo/xf7+H3+v/4/SxWt/x9z/3vDTCqS/wEAAKAKYu5/MMxE/gcAAIDSiLn/oTAT+R8AAABKI+b+94WZVCT/6//7/P9q9P99/n+m/6//XxH6/93p//eg/6//X7T+/3/q/zPYitb/j7n/4TCTiuR/AAAAqIKY+98fZiL/AwAAQGnE3P+bYSbyPwAAAJRGzP0fCDOpSP7X/x+U/v/EgPb/H9P/v479/ztvzrfT/9f/Z5H+f3f6/z3o/+v/F63/7/P/GXBF6//H3P/BMJOV5//xFW8JAAAAvChi7v+tMJOK/P0/AAAAVEHM/b8dZiL/AwAAQGnE3P87YSYVyf/6/4PS//f5/5n+v8//b3s8+v/6/53cuP5/fOfR/9f/1/+P9P/1//X/aVe0/n/M/b8bZlKR/A8AAABVEHP/h8JM5H8AAAAYCJ3+n+x2MfcfCTOR/wEAAKA0Yu4/GmZSkfyv/6//r/9f0P7/n239l+9/991Hd+n/6//r/6/KDf38//qL3+f/6//r/yf6//r/+v+0K1r/P+b+Y2EmFcn/AAAAUAUx9/9emIn8DwAAAKURc//xMBP5HwAAAEoj5v6ZMJOK5H/9f/1//f+C9v8H+PP/4/nQ/2/Vt/5/fNPV/+8o79+nVXR9+//vX+yJ6/+vtv8/1vFS/X/9/0E+fv1//X+WKlr/P+b+2TCTiuR/AAAAqIKQ+4dO5HPxCvkfAAAASiPm/pNhJvI/AAAAlEbM/R8OM6lI/tf/1//X/9f/9/n/nfffrf9fG/H5/0WV+vc/b7xQ9P/bFKf/35n+v/7/IB+//r/+P0sVrf8fc/9cmElF8j8AAABUQcz9Hwkzkf8BAACgNGLu/2iYifwPAAAApRFz/6kwk4rkf/1//X/9f/1//f/O+y/s5//r/3e11v69/n+g/6//r/+v/6//Tx8Urf8fc//pMJOK5H8AAACogpj7z4SZyP8AAABQGjH3/x97d9JkWVntcfjkvUVUVnAHd3YHd2KEQz8CAx3rB3DgxIFGGA5ERcWewr5FUbFXBPsGGxBEVLBvwA7FHlTs+wY7RIkyyFprVWXmzn0yq05m7v2+zzNgyZHkHIkK4F9ZP/f5cYv9DwAAAM3I3f/YuKWT/a//1/832/8/UP+/0/vr//X/LdP/j9P/L6H/1//r//X/rNTU+v/c/Y+LWzrZ/wAAANCD3P2Pj1vsfwAAAGhG7v4L4hb7HwAAAJqRu/8JcUsn+39L/7+26LP/z4xX/99S/+/5/zu+v/5f/9+yg+3/L77v73z6f/2//j/o/3fV/x/d6ev1/7Roav1/7v4nxi2d7H8AAADoQe7+J8Ut9j8AAAA0I3f/hXGL/Q8AAADNyN3/5Lilk/2/uuf/H9t4fab9f9H/6/83XtD/6//1/7Pl+f/jeur/L7jt3Mfcdd3/X7+X99f/6/89/1//z2pNrf/P3f+UuKWT/Q8AAAA9yN3/1LjF/gcAAIBm5O5/Wtxi/wMAAEAzcvc/PW7pZP+vrv+f9fP/i/5f/7/xgv5f/6//ny39/7ie+v8zeX/9v/5f/6//Z7Wm1v/n7n9G3NLJ/gcAAIAe5O5/Ztxi/wMAAEAzcvdfFLfY/wAAANCM3P3H45ZO9r/+f//7/3v1//r/uPp//b/+f//p/8fp/5fQ/+v/9f/6f1Zqav1/7v6L45ZO9j8AAAD0IHf/s+IW+x8AAACakbv/2XGL/Q8AAADNyN3/nLilk/2v//f8f/2//l//P/z++v950v+P0/8vof8/237+HP2//l//z+n22P/fM/K37ZX0/7n7nxu3dLL/AQAAoAe5+58Xt9j/AAAA0Izc/c+PW+x/AAAAaEbu/hfELZ3sf/2//l//r/8/4/5/+w+9Dfr/Yfr/g6H/HzeZ/n/tyODL+v/Z9/+e/6//1/+zydSe/5+7/4VxSyf7HwAAAHqQu/9FccvI/t/zT+YDAAAAhyp3/4vjFt//BwAAgNnL6ix3/0vilk72v/5f/6//1/97/v/w+4/1/9ef9vn0/9Oi/x83mf5/B/p//f+cP7/+X//PdlPr/3P3vzRu6WT/AwAAQA9y918St9j/AAAA0Izc/S+LW+x/AAAAaEbu/pfHLZ3s/+H+/9R/r//fHf3/5s+v/x/+8bGq/j//jPr/0f7/QZ7/3yf9/7iD7/+P6v83//n1//vosD9/4/3/sWVfr/9nyNT6/9z9l8Ytnex/AAAA6EHu/lfELfY/AAAANCN3/yvjFvsfAAAAmpG7/1VxSyf73/P/9f/6//n1/57/f9JhPv9/ceD9/xH9/y7p/8d5/v8S+n/9v/7f8/9Zqan1/7n7L4tbOtn/AAAA0IPL7l5s7P5XLxb2PwAAAMzR6b92YOsvKA25+18Tt9j/AAAA0Izc/a+NWzrZ//p//b/+X/+v/x9+/2n1/57/v1v6/3H6/yX0//vRzx9prP+/fKevn0L/f5H+n4nZ1P/feOr1w+r/c/e/Lm7pZP8DAABAD3L3vz5usf8BAACgGbn73xC32P8AAADQjNz9b4xbOtn/+97/H9v5vfX/+n/9v/5f/6//XzX9/zj9/xL6f8//9/x//T8rtan/P81h9f+5+98Ut3Sy/wEAAKAHufvfHLfY/wAAANCM3P2Xxy32PwAAADQjd/9b4pZO9r/n/+v/9f/6f/3/8Pvr/+dJ/z9O/7+E/l//r//X/7NSU+v/c/dfEbd0sv8BAACgB7n7r4xb7H8AAABoRu7+t8Yt9j8AAAA0I3f/2+KWTva//n9/+/98Xf+v/1/o//X/+v8D0W3/vzb0T6Ltduj/b3nU8YdsfkX/r//X/+v/9f+swCT6/xOn/u0yd//b45ZO9j8AAAD0IHf/O+IW+x8AAACakbv/nXGL/Q8AAADNyN3/rrhlj/v/f1f6qQ6O/t/z//X/+n/9//D76//nqdv+f5c8/38J/b/+X/+v/2elJtH/n/b7ufvfHbf4/j8AAAA0I3f/e+IW+x8AAACakbv/vXGL/Q8AAADNyN3/vrilk/2v/9f/6//1//r/4fc/0/5/fTFM/38w9P/j9P9L6P/1//p//T8rNbX+P3f/VXFLJ/sfAAAAepC7//1xi/0PAAAAzcjd/4G4xf4HAACAZuTu/2Dc0sn+1//r//X/+n/9//D7e/7/POn/x+n/F4vF1SMfYKj/P3FU/6//1//r/zlDU+v/c/d/KG7pZP8DAABAD3L3Xx232P8AAADQjNz918Qt9j8AAAA0I3f/h+OWTva//l//r//X/+v/h99f/z9P+v9x+v8lPP9f/6//1/+zUlPr/3P3Xxu3dLL/AQAAoAe5+6+LW+x/AAAAaEbu/o/ELfY/AAAANCN3//VxSyf7X/+v/9f/6//3pf8/rv/fSv9/MPav/1/o//X/+v8l9P/6f/0/Wx1U/39P/P1+Wf+fu/+jcUsn+x8AAAB6kLv/hrjF/gcAAIBm5O7/WNxi/wMAAEAzcvd/PG7pZP/r//X/+n/9v+f/D7+//n+ePP9/nP5/Cf2//l//r/9npQ6q/9+p99/6+7n7PxG3dLL/AQAAoAe5+2+MW+x/AAAAaEbu/pviFvsfAAAAmpG7/5NxSyf7X/+v/9/c/y8W+n/9v/7/pAPo/9cX+v+V0/+P0/8vof9vs///r0VD/f+xHb9e/88UTa3/z93/qbilk/0PAAAAPcjd/+m4xf4HAACAZuTu/0zcYv8DAABAM3L3fzZuaWn/37tz+jb//v/oli/U/y8Wi9sv9Px//f/I++v/J9P/119V/f/q6P/H6f+X0P+32f97/r/+n0Mztf4/d//n4paW9j8AAAB0Lnf/5+MW+x8AAACakbv/C3GL/Q8AAADNyN3/xbilk/0///5/6xfq/xdn9fx//f/GC/p//b/+f7bOtr+/Yj3+mab/1//r/wf7+bUd/r1nof/X/+v/GTC1/j93/5filk72PwAAAPQgd//NcYv9DwAAAM3I3X9L3GL/AwAAQDNy9385bulk/+v/9f/6/3n2/+v6f/2//n/QVJ7/f955D75V/6//b7H/H6P/1//r/9lqav1/7v6vxC2d7H8AAADoQe7+r8Yt9j8AAAA0I3f/1+IW+x8AAACakbv/63FLJ/t/e/9/zuJkoXrSUP8fjZr+/zT6/82fX/8//OPD8//1//r//TeV/t/z/8/s8+v/9f9z/vx76v/vt/3r9f+0aGr9f+7+W+OWTvY/AAAA9CB3/zfiFvsfAAAAmpG7/5txi/0PAAAAzcjdf1vc0sn+9/x//b/+X/+v/x9+f/3/POn/x+n/l9D/6/89///8R/y3/p/VmVr/n7v/W3HLxvC7//+c4f9MAAAAYEJy9387bunk+/8AAADQg9z934lb7H8AAABoRu7+78Ytnex//b/+X/+v/9f/D7+//n+e9P/j9P9L9NP/rw+9eNj9/Nk67M/fTP/v+f+s0NT6/9z934tbOtn/AAAA0IPc/d+PW+x/AAAAaEbu/h/ELfY/AAAANCN3/+1xSyf7X/+v/2+//3+4/n/L++v/9f8t0//nP9GH6f+X6Kf/H3TY/fzcP7/+X//PdlPr/3P33xG3dLL/AQAAoAe5+38Yt9j/AAAA0Izc/T+KW+x/AAAAaEbu/h/HLZ3sf/1/X/3/2qLH/t/z//X/+v+ezKf/v/LI0Kue/6//1//P9/Pr//X/bDe1/j93/51rR7rc/wAAADBXD33Ao+/Y7R9758Zv1xc/iVvsfwAAAGhG7v6fxi32PwAAADQjd//P4pZO9r/+v6/+v8/n/+v/9f/6/57Mp/8fpv/X/+v/5/v59f/6f7abWv+fu//ncctpw2/w/6AHAAAAmI3c/b+IWzr5/j8AAAD0IHf/L+OWbfv/xC5/VTsAAAAwNbn7fxW3dPL9f/3/xPv/xT71//HH6f9P0v/r/4feX/8/T/r/cWfZ/59Y0//r/0fo//X/+n+2mlr/n7v/hmsXXe5/AAAAaNSmn1H49cZv1xe/iVvsfwAAAGhG7v7fxi32PwAAADQjd//v4pZO9r/+f+L9/xk9//9Y/SfP/++8/79kffD99f/6/5bp/8d5/v8S+n/9v/5f/89K7aH/3xik+93/5+7/fdzSyf4HAACAHuTu/0PcYv8DAABAM3L3/zFusf8BAACgGbn7/xS3dLL/9f+H0P9fenSx2Nf+fxfP/9f/99H/7/D+7fT//3fu8Zsf9shrrtL/c8pB9v/5Y0H/r//X/5+k/9f/6//ZamrP/8/d/+e4pZP9DwAAAD3I3X9X3GL/AwAAQDNy9/8lbrlv/990WJ8KAAAAWKXc/X+NWzr5/r/+v8Xn/8+z/8+/1ofQ/x+fX/+fTXHv/b/n/+v/t/P8/3H6/yX0//p//b/+n5WaWv+fu/9vcUsn+x8AAAB6kLv/73FL7v+1Pf/UPQAAADAxufv/Ebf4/j8AAAA0I3f/3XFLJ/tf/6//n0r/nzz//9TXef7/Sfp//f9e6P/H6f+X0P/r//X/+n9Wamr9f+7+f8Ytnex/AAAA6EHu/nviFvsfAAAAmpG7/19xi/0PAAAAzcjd/++4pZP9r//X/+v/9f/6/+H31//Pk/5/nP5/Cf2//l//r/9npabW/+fu/08AAAD//zekcr0=")
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000300)={{}, {0x1, 0x4}, [], {0x4, 0x5}, [], {}, {0x20, 0x1}}, 0x24, 0x0)

4.985683509s ago: executing program 6 (id=2196):
r0 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a00030100000009040000000101"], 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, 0x0, 0x0)

4.169474268s ago: executing program 5 (id=2201):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x22, 0xf, {[@global=@item_4={0x3, 0x1, 0xd0f785e2fc518d55, "00004fbe"}, @local=@item_4={0x3, 0x2, 0x0, "45501821"}, @main=@item_4={0x3, 0x0, 0x8, "b775e7cd"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGVERSION(r1, 0x80044801, &(0x7f0000000040))

4.154345303s ago: executing program 3 (id=2202):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x18)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000001c0)={'syzkaller1\x00', @broadcast})

3.829322057s ago: executing program 2 (id=2204):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800004, &(0x7f0000000380)=ANY=[@ANYBLOB="646973636172642c756d61736b3d3030303030303030303030303030303025460913c535853eb6dddf303030303030322c6769643d97a4f9f32534bfbd41ef6fe78d2468e147eb7312fd2854bb7a752d0921bd8c118258b2c3d3e2ff27df77119705198219a9e8143ba65f9c943eedd5412de290", @ANYRESHEX=0x0, @ANYBLOB=',namecase=1,iocharset=cp949,iocharset=cp865,fmask=00000000000000000000406,fmask=00000000000000000000012,namecase=1,keep_last_dots,\x00'], 0x1, 0x1524, &(0x7f0000001f80)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO")
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x2, @local}, {0xa, 0xfffd, 0x0, @empty}, 0x1, {[0x0, 0x1]}}, 0x5c)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000b80)={{0x12, 0x1, 0x0, 0x69, 0xdd, 0x34, 0x40, 0xccd, 0x93, 0x235a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x6c, 0xe0, 0x8d, 0x0, [], [{{0x9, 0x5, 0x2}}]}}]}}]}}, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}, 0x1, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xe3]}}, 0x5c)

3.555109241s ago: executing program 3 (id=2206):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000100)={@val={0x2000}, @void, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x8, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x0, 0x2a, @void}}}}}}}}, 0x32)

3.046621852s ago: executing program 6 (id=2207):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9}, 0x48)
r2 = socket(0x1, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r1, &(0x7f0000000100), &(0x7f00000001c0)=@tcp=r2}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r1, &(0x7f0000000100), &(0x7f0000000140)=@udp6=r0, 0x1}, 0x20)

2.958258231s ago: executing program 6 (id=2208):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x7d, &(0x7f0000004400)={0x3, 0x8002, 0x5, 0x8000}, &(0x7f0000004440)=0x10)

2.801893696s ago: executing program 3 (id=2209):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x8)

2.759227596s ago: executing program 6 (id=2211):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f00000002c0)=0xfffffffd, 0x4)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x402, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
read(r0, &(0x7f0000000080)=""/195, 0xc3)

2.689188573s ago: executing program 6 (id=2212):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x24, r2, 0x1, 0x4, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004014}, 0x4004000)

2.55824376s ago: executing program 6 (id=2214):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x800)
ioctl$FS_IOC_GETVERSION(r1, 0x5b01, 0x0)

2.557903761s ago: executing program 0 (id=2215):
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x6a)
close(r0)
r1 = socket$tipc(0x1e, 0x4, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x43}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0), 0x200480, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

2.352045005s ago: executing program 2 (id=2216):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000380)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f00000004c0)=[{&(0x7f00000000c0)="9d10", 0x2}], 0x1}}], 0x1, 0x2000c000)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0xc, &(0x7f0000000040)=@gcm_128={{0x304}, "b5e469349f9ca5b7", "cb5ea0eafc6b3bfcd28f92a781fa8b22", "ff0d0800", "12239c7a9f421a43"}, 0x28)

1.73304771s ago: executing program 5 (id=2217):
r0 = syz_io_uring_setup(0x98b, &(0x7f0000000280)={0x0, 0x9bee, 0x8, 0xfffffffd, 0x25d}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x68, 0x3, r3, 0x0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0, 0x40000020, 0x1, {0x2}})
io_uring_enter(r0, 0x52de, 0xf62e, 0x8, 0x0, 0x0)

1.648539931s ago: executing program 0 (id=2218):
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$dsp(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
recvmsg$unix(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x12)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1.349892464s ago: executing program 2 (id=2219):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)={0x44, r2, 0x223, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @disassoc={{{0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x2}, @device_b, @broadcast, @random="3928f2087b0e", {0x2, 0x8}, @value=@ver_80211n={0x0, 0x7f, 0x3, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}}, 0x9, @void}}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000004}, 0x804)

873.598295ms ago: executing program 5 (id=2220):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x4)
r2 = openat$cgroup_pressure(r1, &(0x7f0000000080)='cpu.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r2, &(0x7f0000000600)={'full', 0x20, 0x800, 0x20, 0x7}, 0x2f)

830.59623ms ago: executing program 2 (id=2221):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
prctl$PR_MCE_KILL(0x23, 0x9, 0x7fffffffeffe)
statx(0xffffffffffffff9c, &(0x7f0000000340)='./bus\x00', 0x1000, 0x800, &(0x7f0000000440))
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x0, 0x0}, 0x10)

660.397152ms ago: executing program 0 (id=2222):
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000005c0)={r1, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
r2 = syz_open_dev$loop(&(0x7f00000001c0), 0x5, 0x88000)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000001280)={r0, 0x0, {0x2a12, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x4, 0x3, 0x4, "fee8a2ab78fcaca7bd64c6a4b4e00d968309000000000000000000000000000000deff00000016000000e7ff00000000f5ff0700", "2809e8dbe108038948224ad54afac11d875397bdb22d0000b420a1a93c7540f4767f9e01177d3dd40600000061ac00", "90be8b1c55f96400", [0x4800]}})

561.856583ms ago: executing program 5 (id=2223):
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x2004889c)
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
recvmmsg(r0, &(0x7f00000040c0)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000540)=""/74, 0x4a}], 0x1}, 0x2}], 0x1, 0x0, 0x0)
syz_emit_ethernet(0x74, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0xfffffe9a, 0x0, @gue={{0x2}}}}}}}, 0x0)

481.316465ms ago: executing program 0 (id=2224):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e23, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x1}}, 0x0, 0x0, 0x1, 0x0, "537f83735b4bb1eadc74dde27798c835eec04c38eeec7ff3d3137a508003d2d5c89ab0220ceeebd468f23c6a4caeaf04000048c29f065d000000000000000000000000000000009600"}, 0xd8)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, '\x00', "5171bb67296559cd3660dab9e2086e246728d7a04000", "05e2e505", "12000700"}, 0x38)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)

458.222631ms ago: executing program 2 (id=2225):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000840)={0x54, r2, 0x1, 0x470bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_SSID={0x4}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x5}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @key_params=[@NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}, @NL80211_ATTR_KEY_SEQ={0x4}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x2}, @NL80211_ATTR_KEY_DEFAULT={0x4}]]}, 0x54}}, 0x20000880)

385.834479ms ago: executing program 0 (id=2226):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000980)={0x38, r2, 0x1, 0x4, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x1c, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x39d}, {0x18, 0x0, 0x3}, {0x8}]}]}, 0x38}}, 0x0)

381.640225ms ago: executing program 5 (id=2227):
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r4}, 0x20)
recvmsg$unix(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x12)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESOCT=r0])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

360.669239ms ago: executing program 2 (id=2228):
r0 = socket(0x2a, 0x803, 0x6)
getsockname$packet(r0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="040e04141a0c"], 0x7)

57.752942ms ago: executing program 0 (id=2229):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='maps\x00')
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x3000)
io_uring_setup(0x2e34, &(0x7f0000000180)={0x0, 0xfffffffc})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil})

0s ago: executing program 5 (id=2230):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="1c0000f500000000000000862dfdff00006a"], 0xfdef)

kernel console output (not intermixed with test programs):

xe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  498.634658][   T30] audit: type=1326 audit(1751282121.132:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.5.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  498.672029][   T30] audit: type=1326 audit(1751282121.132:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.5.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  498.698997][   T30] audit: type=1326 audit(1751282121.132:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.5.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  498.721545][T12000] EXT4-fs (loop2): 1 truncate cleaned up
[  498.723279][T12000] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  498.730910][   T30] audit: type=1326 audit(1751282121.202:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.5.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  498.764078][   T30] audit: type=1326 audit(1751282121.202:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.5.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  498.790383][   T30] audit: type=1326 audit(1751282121.502:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.5.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f45681858e7 code=0x7ffc0000
[  498.840061][   T30] audit: type=1326 audit(1751282121.502:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.5.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f456812ab19 code=0x7ffc0000
[  498.890531][T12000] EXT4-fs error (device loop2): ext4_empty_dir:3116: inode #2: block 13: comm syz.2.1742: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  498.951459][T12000] EXT4-fs (loop2): Remounting filesystem read-only
[  499.031712][ T5831] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  499.127711][ T5838] Bluetooth: hci2: unexpected event for opcode 0x0c1a
[  499.138611][T12018] loop5: detected capacity change from 0 to 128
[  499.176093][T12018] EXT4-fs: Ignoring removed oldalloc option
[  499.197606][T12018] EXT4-fs: inline encryption not supported
[  499.336395][T12018] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  499.405457][T12018] ext4 filesystem being mounted at /224/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  500.220397][ T7874] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  501.387329][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  501.403161][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  501.590010][T12031] loop0: detected capacity change from 0 to 32768
[  501.855735][T12031] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  501.900903][T12043] loop5: detected capacity change from 0 to 32768
[  501.950620][T12043] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  502.115991][T12043] XFS (loop5): Ending clean mount
[  502.121725][T12031] XFS (loop0): Ending clean mount
[  502.186276][T12031] XFS (loop0): Quotacheck needed: Please wait.
[  502.447291][ T5838] Bluetooth: hci1: unexpected event for opcode 0x0c1a
[  502.478124][T12031] XFS (loop0): Quotacheck: Done.
[  502.511528][ T7874] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  502.629850][ T5833] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  503.922735][ T5917] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  504.154405][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  504.154780][   T30] audit: type=1326 audit(1751282127.032:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12105 comm="syz.5.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  504.187400][ T5944] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  504.445078][ T5917] usb 3-1: Using ep0 maxpacket: 16
[  504.460934][ T5917] usb 3-1: config index 0 descriptor too short (expected 59154, got 18)
[  504.472929][ T5917] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[  504.473056][   T30] audit: type=1326 audit(1751282127.042:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12105 comm="syz.5.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  504.504366][ T5917] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[  504.532305][ T5917] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  504.562483][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  504.562981][   T30] audit: type=1326 audit(1751282127.072:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12105 comm="syz.5.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  504.597022][ T5917] usb 3-1: Product: syz
[  504.601563][ T5917] usb 3-1: Manufacturer: syz
[  504.607491][ T5917] usb 3-1: SerialNumber: syz
[  504.622953][ T5944] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  504.628560][ T5917] usb 3-1: config 0 descriptor??
[  504.642907][ T5944] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  504.663915][ T5944] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  504.673283][ T5944] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  504.681277][ T5944] usb 4-1: SerialNumber: syz
[  504.690045][   T30] audit: type=1326 audit(1751282127.082:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12105 comm="syz.5.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  504.714468][   T30] audit: type=1326 audit(1751282127.092:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12105 comm="syz.5.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  504.738377][   T30] audit: type=1326 audit(1751282127.092:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12105 comm="syz.5.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  504.752089][ T5917] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  504.769533][   T30] audit: type=1326 audit(1751282127.402:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12105 comm="syz.5.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  504.799684][   T30] audit: type=1326 audit(1751282127.402:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12105 comm="syz.5.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  504.983694][ T5944] usb 4-1: 0:2 : does not exist
[  505.040724][ T5944] usb 4-1: USB disconnect, device number 30
[  505.047727][T12123] loop0: detected capacity change from 0 to 1024
[  505.087198][T12123] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  505.100971][T12123] ext4 filesystem being mounted at /370/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  505.358393][T12123] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  505.374945][ T5838] Bluetooth: hci3: unexpected event for opcode 0x0c1a
[  505.389559][T12123] EXT4-fs (loop0): Remounting filesystem read-only
[  505.420425][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.095119][ T5917] ssu100 3-1:0.0: probe with driver ssu100 failed with error -71
[  506.144751][ T5917] usb 3-1: USB disconnect, device number 33
[  506.332318][   T30] audit: type=1326 audit(1751282129.292:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12140 comm="syz.6.1784" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x0
[  506.397372][T12147] loop5: detected capacity change from 0 to 512
[  506.397795][T12146] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1783'.
[  506.406758][T12147] EXT4-fs: Ignoring removed nomblk_io_submit option
[  506.427963][T12147] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  506.447218][T12147] EXT4-fs (loop5): 1 truncate cleaned up
[  506.456783][T12147] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  506.476419][T12144] loop0: detected capacity change from 0 to 4096
[  506.521702][T12144] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  506.578023][ T7874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.650784][T12144] overlayfs: upper fs does not support tmpfile.
[  506.668967][T12144] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  506.711187][T12156] netlink: 'syz.5.1788': attribute type 9 has an invalid length.
[  506.796351][ T1117] ntfs3(loop0): ino=9, ntfs3_write_inode failed, -22.
[  506.809432][ T5833] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[  506.860553][ T5833] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[  507.052697][ T5944] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  507.095418][T12154] loop2: detected capacity change from 0 to 40427
[  507.107074][T12154] F2FS-fs (loop2): invalid crc value
[  507.226602][ T5944] usb 4-1: Using ep0 maxpacket: 8
[  507.272745][ T5944] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  507.291834][T12154] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  507.299994][ T5944] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  507.330775][ T5944] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  507.364847][ T5944] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  507.388300][ T5944] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  507.407595][ T5944] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.663468][ T5838] Bluetooth: hci2: unexpected event for opcode 0x0c1a
[  508.317144][ T5944] usb 4-1: GET_CAPABILITIES returned 0
[  508.333629][ T5831] syz-executor: attempt to access beyond end of device
[  508.333629][ T5831] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  508.351678][ T5944] usbtmc 4-1:16.0: can't read capabilities
[  508.358654][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  508.358677][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  508.358688][ T5831] Call Trace:
[  508.358696][ T5831]  <TASK>
[  508.358704][ T5831]  dump_stack_lvl+0x189/0x250
[  508.358737][ T5831]  ? __pfx_dump_stack_lvl+0x10/0x10
[  508.358758][ T5831]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  508.358792][ T5831]  ? __pfx_queue_work_on+0x10/0x10
[  508.358817][ T5831]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  508.358839][ T5831]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  508.358863][ T5831]  ? f2fs_hw_is_readonly+0x39b/0x470
[  508.358890][ T5831]  f2fs_handle_critical_error+0x37c/0x540
[  508.358921][ T5831]  f2fs_write_end_io+0x495/0x810
[  508.358942][ T5831]  ? blkg_put+0x22/0x240
[  508.358981][ T5831]  __submit_merged_bio+0x27a/0x6a0
[  508.359011][ T5831]  __submit_merged_write_cond+0x255/0x530
[  508.359041][ T5831]  f2fs_write_data_pages+0x261d/0x3000
[  508.359062][ T5831]  ? __lock_acquire+0xab9/0xd20
[  508.359123][ T5831]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  508.359199][ T5831]  ? __mod_zone_page_state+0xd7/0x140
[  508.359237][ T5831]  ? folios_put_refs+0x560/0x640
[  508.359273][ T5831]  ? __lock_acquire+0xab9/0xd20
[  508.359304][ T5831]  ? do_raw_spin_lock+0x121/0x290
[  508.359336][ T5831]  ? do_raw_spin_unlock+0x122/0x240
[  508.359355][ T5831]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  508.359379][ T5831]  do_writepages+0x32e/0x550
[  508.359417][ T5831]  ? do_raw_spin_unlock+0x122/0x240
[  508.359442][ T5831]  filemap_fdatawrite+0x199/0x240
[  508.359467][ T5831]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  508.359551][ T5831]  ? do_raw_spin_unlock+0x122/0x240
[  508.359575][ T5831]  f2fs_sync_dirty_inodes+0x31f/0x830
[  508.359620][ T5831]  f2fs_write_checkpoint+0x95a/0x1df0
[  508.359675][ T5831]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  508.359748][ T5831]  ? try_to_wake_up+0x7e5/0x1290
[  508.359780][ T5831]  ? kill_f2fs_super+0x298/0x6c0
[  508.359812][ T5831]  kill_f2fs_super+0x2c3/0x6c0
[  508.359845][ T5831]  ? __pfx_kill_f2fs_super+0x10/0x10
[  508.359866][ T5831]  ? radix_tree_delete_item+0x2b6/0x400
[  508.359900][ T5831]  ? shrinker_free+0x2ce/0x3e0
[  508.359924][ T5831]  deactivate_locked_super+0xbc/0x130
[  508.359950][ T5831]  cleanup_mnt+0x425/0x4c0
[  508.359972][ T5831]  ? lockdep_hardirqs_on+0x9c/0x150
[  508.360000][ T5831]  task_work_run+0x1d1/0x260
[  508.360023][ T5831]  ? __pfx_task_work_run+0x10/0x10
[  508.360040][ T5831]  ? __x64_sys_umount+0x122/0x160
[  508.360071][ T5831]  ? exit_to_user_mode_loop+0x40/0x110
[  508.360098][ T5831]  exit_to_user_mode_loop+0xec/0x110
[  508.360120][ T5831]  do_syscall_64+0x2bd/0x3b0
[  508.360136][ T5831]  ? lockdep_hardirqs_on+0x9c/0x150
[  508.360160][ T5831]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.360177][ T5831]  ? clear_bhb_loop+0x60/0xb0
[  508.360200][ T5831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.360217][ T5831] RIP: 0033:0x7f127198fc57
[  508.360234][ T5831] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  508.360249][ T5831] RSP: 002b:00007ffe5c83e7c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  508.360269][ T5831] RAX: 0000000000000000 RBX: 00007f1271a10925 RCX: 00007f127198fc57
[  508.360282][ T5831] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe5c83e880
[  508.360293][ T5831] RBP: 00007ffe5c83e880 R08: 0000000000000000 R09: 0000000000000000
[  508.360305][ T5831] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe5c83f910
[  508.360317][ T5831] R13: 00007f1271a10925 R14: 000000000007be7a R15: 00007ffe5c83f950
[  508.360352][ T5831]  </TASK>
[  508.360360][ T5831] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  508.542225][T12164] loop5: detected capacity change from 0 to 32768
[  508.552264][ T5944] usb 4-1: USB disconnect, device number 31
[  508.584927][T12164] XFS: attr2 mount option is deprecated.
[  508.771617][T12164] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  508.823787][T12164] XFS (loop5): Ending clean mount
[  508.830309][T12164] XFS (loop5): Quotacheck needed: Please wait.
[  508.880047][T12164] XFS (loop5): Quotacheck: Done.
[  508.961526][ T7874] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  509.169233][T12203] loop2: detected capacity change from 0 to 128
[  509.199778][T12203] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  509.213508][T12203] ext4 filesystem being mounted at /384/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  509.311998][ T5831] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  509.388725][T12211] Illegal XDP return value 2539361135 on prog  (id 362) dev syz_tun, expect packet loss!
[  509.952673][ T5838] Bluetooth: hci3: unexpected event for opcode 0x0c1a
[  511.042957][   T30] audit: type=1326 audit(1751282133.982:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12241 comm="syz.5.1814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  511.419266][ T5944] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  511.427299][T12250] loop0: detected capacity change from 0 to 128
[  511.439174][   T30] audit: type=1326 audit(1751282133.982:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12241 comm="syz.5.1814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  511.445158][T12250] EXT4-fs: Ignoring removed oldalloc option
[  511.478824][   T30] audit: type=1326 audit(1751282133.982:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12241 comm="syz.5.1814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  511.502404][ T5917] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  511.505743][T12250] EXT4-fs: inline encryption not supported
[  511.512511][   T30] audit: type=1326 audit(1751282133.982:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12241 comm="syz.5.1814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  511.539773][   T30] audit: type=1326 audit(1751282133.982:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12241 comm="syz.5.1814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  511.578462][T12250] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  511.591218][T12250] ext4 filesystem being mounted at /380/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  511.592059][T12253] syzkaller1: entered promiscuous mode
[  511.630283][   T30] audit: type=1326 audit(1751282133.992:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12241 comm="syz.5.1814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  511.664633][ T5944] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  511.701663][ T5944] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  511.723377][ T5917] usb 7-1: device descriptor read/64, error -71
[  511.733169][   T30] audit: type=1326 audit(1751282134.322:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12241 comm="syz.5.1814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  511.733313][ T5944] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  511.762962][T12253] syzkaller1: entered allmulticast mode
[  511.791666][   T30] audit: type=1326 audit(1751282134.332:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12241 comm="syz.5.1814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  511.863325][ T5944] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  511.886783][ T5944] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  511.911996][ T5944] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.945507][ T5944] usb 4-1: config 0 descriptor??
[  511.952494][ T5833] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  511.962812][ T5917] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  512.104670][ T5917] usb 7-1: device descriptor read/64, error -71
[  512.213711][ T5917] usb usb7-port1: attempt power cycle
[  512.370051][T12267] tmpfs: Bad value for 'mpol'
[  512.405061][ T5944] plantronics 0003:047F:FFFF.0018: ignoring exceeding usage max
[  512.444747][ T5944] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  512.622679][ T5917] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  513.146557][ T5917] usb 7-1: device descriptor read/8, error -71
[  513.821294][   T30] audit: type=1326 audit(1751282136.752:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12275 comm="syz.0.1825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51eeb8e929 code=0x7ffc0000
[  513.872300][ T5944] usb 4-1: USB disconnect, device number 32
[  513.878256][T12258] loop2: detected capacity change from 0 to 32768
[  513.880355][   T30] audit: type=1326 audit(1751282136.762:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12275 comm="syz.0.1825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f51eeb8e929 code=0x7ffc0000
[  513.961571][T12258] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  513.983341][ T5917] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  514.175034][ T5917] usb 7-1: device descriptor read/8, error -71
[  514.225663][ T5838] Bluetooth: hci3: unexpected event for opcode 0x0c1a
[  514.251627][T12258] XFS (loop2): Ending clean mount
[  514.262304][T12258] XFS (loop2): Quotacheck needed: Please wait.
[  514.372105][ T5917] usb usb7-port1: unable to enumerate USB device
[  514.396977][T12258] XFS (loop2): Quotacheck: Done.
[  514.483828][T12258] XFS (loop2): User initiated shutdown received.
[  514.491335][T12258] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  514.509495][T12258] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  514.552310][ T5831] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  514.956063][ T5944] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  515.002028][T12304] syzkaller1: entered promiscuous mode
[  515.017529][T12304] syzkaller1: entered allmulticast mode
[  515.159177][ T5944] usb 4-1: Using ep0 maxpacket: 32
[  515.188871][ T5944] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  515.238901][ T5944] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  515.276962][ T5944] usb 4-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  515.296716][ T5944] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  515.311748][ T5944] usb 4-1: Product: syz
[  515.316060][ T5944] usb 4-1: Manufacturer: syz
[  515.320720][ T5944] usb 4-1: SerialNumber: syz
[  515.331233][T12312] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1834'.
[  515.340124][ T5944] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input20
[  515.636436][ T5917] usb 4-1: USB disconnect, device number 33
[  515.674925][T12319] loop6: detected capacity change from 0 to 64
[  516.264513][ T5917] appletouch 4-1:1.0: input: appletouch disconnected
[  516.392762][T12303] loop5: detected capacity change from 0 to 40427
[  516.521103][T12333] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1839'.
[  516.565926][T12308] loop2: detected capacity change from 0 to 40427
[  516.579636][T12303] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  516.603851][T12308] F2FS-fs (loop2): invalid crc value
[  516.732739][ T5946] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  516.823441][T12308] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  516.893154][ T7874] syz-executor: attempt to access beyond end of device
[  516.893154][ T7874] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  517.010524][ T5946] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  517.020812][ T7874] CPU: 0 UID: 0 PID: 7874 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  517.020839][ T7874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  517.020854][ T7874] Call Trace:
[  517.020862][ T7874]  <TASK>
[  517.020871][ T7874]  dump_stack_lvl+0x189/0x250
[  517.020906][ T7874]  ? __pfx_dump_stack_lvl+0x10/0x10
[  517.020934][ T7874]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  517.020959][ T7874]  ? __pfx_queue_work_on+0x10/0x10
[  517.020985][ T7874]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  517.021008][ T7874]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  517.021034][ T7874]  ? f2fs_hw_is_readonly+0x39b/0x470
[  517.021063][ T7874]  f2fs_handle_critical_error+0x37c/0x540
[  517.021095][ T7874]  f2fs_write_end_io+0x495/0x810
[  517.021117][ T7874]  ? blkg_put+0x22/0x240
[  517.021158][ T7874]  __submit_merged_bio+0x27a/0x6a0
[  517.021188][ T7874]  __submit_merged_write_cond+0x255/0x530
[  517.021220][ T7874]  f2fs_write_data_pages+0x261d/0x3000
[  517.021287][ T7874]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  517.021365][ T7874]  ? __mod_zone_page_state+0xd7/0x140
[  517.021403][ T7874]  ? folios_put_refs+0x560/0x640
[  517.021441][ T7874]  ? __lock_acquire+0xab9/0xd20
[  517.021474][ T7874]  ? do_raw_spin_lock+0x121/0x290
[  517.021507][ T7874]  ? do_raw_spin_unlock+0x122/0x240
[  517.021526][ T7874]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  517.021551][ T7874]  do_writepages+0x32e/0x550
[  517.021590][ T7874]  ? do_raw_spin_unlock+0x122/0x240
[  517.021614][ T7874]  filemap_fdatawrite+0x199/0x240
[  517.021639][ T7874]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  517.021724][ T7874]  ? do_raw_spin_unlock+0x122/0x240
[  517.021749][ T7874]  f2fs_sync_dirty_inodes+0x31f/0x830
[  517.021793][ T7874]  f2fs_write_checkpoint+0x95a/0x1df0
[  517.021848][ T7874]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  517.021921][ T7874]  ? try_to_wake_up+0x81b/0x1290
[  517.021956][ T7874]  ? kill_f2fs_super+0x298/0x6c0
[  517.021988][ T7874]  kill_f2fs_super+0x2c3/0x6c0
[  517.022022][ T7874]  ? __pfx_kill_f2fs_super+0x10/0x10
[  517.022044][ T7874]  ? radix_tree_delete_item+0x2b6/0x400
[  517.022078][ T7874]  ? shrinker_free+0x2ce/0x3e0
[  517.022103][ T7874]  deactivate_locked_super+0xbc/0x130
[  517.022129][ T7874]  cleanup_mnt+0x425/0x4c0
[  517.022152][ T7874]  ? lockdep_hardirqs_on+0x9c/0x150
[  517.022180][ T7874]  task_work_run+0x1d1/0x260
[  517.022204][ T7874]  ? __pfx_task_work_run+0x10/0x10
[  517.022220][ T7874]  ? __x64_sys_umount+0x122/0x160
[  517.022252][ T7874]  ? exit_to_user_mode_loop+0x40/0x110
[  517.022280][ T7874]  exit_to_user_mode_loop+0xec/0x110
[  517.022303][ T7874]  do_syscall_64+0x2bd/0x3b0
[  517.022319][ T7874]  ? lockdep_hardirqs_on+0x9c/0x150
[  517.022343][ T7874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.022361][ T7874]  ? clear_bhb_loop+0x60/0xb0
[  517.022385][ T7874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.022402][ T7874] RIP: 0033:0x7f456818fc57
[  517.022420][ T7874] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  517.022435][ T7874] RSP: 002b:00007ffd22ae4cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  517.022455][ T7874] RAX: 0000000000000000 RBX: 00007f4568210925 RCX: 00007f456818fc57
[  517.022468][ T7874] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd22ae4d70
[  517.022480][ T7874] RBP: 00007ffd22ae4d70 R08: 0000000000000000 R09: 0000000000000000
[  517.022492][ T7874] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd22ae5e00
[  517.022504][ T7874] R13: 00007f4568210925 R14: 000000000007e209 R15: 00007ffd22ae5e40
[  517.022540][ T7874]  </TASK>
[  517.030370][T12328] loop3: detected capacity change from 0 to 32768
[  517.040308][ T7874] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  517.239567][T12328] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  517.242189][ T5946] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  517.326779][T12328] XFS (loop3): Ending clean mount
[  517.334044][ T5946] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  517.378929][T12328] XFS (loop3): Quotacheck needed: Please wait.
[  517.382172][ T5946] usb 1-1: config 0 interface 0 has no altsetting 0
[  517.455473][ T5946] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  517.471919][ T5946] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  517.483846][ T5946] usb 1-1: config 0 interface 0 has no altsetting 0
[  517.491779][ T5946] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  517.500820][ T5946] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  517.521770][ T5946] usb 1-1: config 0 interface 0 has no altsetting 0
[  517.529900][ T5946] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  517.539368][ T5946] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  517.551319][ T5946] usb 1-1: config 0 interface 0 has no altsetting 0
[  517.558495][T12328] XFS (loop3): Quotacheck: Done.
[  517.565915][ T5946] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  517.596109][ T5946] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  517.627452][ T5946] usb 1-1: config 0 interface 0 has no altsetting 0
[  517.654039][ T5946] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  517.670807][T12328] XFS (loop3): User initiated shutdown received.
[  517.681750][ T5946] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  517.694854][T12328] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  517.712153][T12353] loop6: detected capacity change from 0 to 256
[  517.718558][ T5946] usb 1-1: config 0 interface 0 has no altsetting 0
[  517.726836][T12328] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  517.758557][ T5946] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  517.781834][ T5946] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  517.812778][ T5946] usb 1-1: config 0 interface 0 has no altsetting 0
[  517.830764][ T5946] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  517.847828][ T5946] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  517.891692][ T5946] usb 1-1: config 0 interface 0 has no altsetting 0
[  517.901091][ T5830] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  517.918080][T12358] loop6: detected capacity change from 0 to 1024
[  517.930975][ T5946] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  517.939483][T12358] EXT4-fs: Ignoring removed nobh option
[  517.958875][T12358] EXT4-fs: inline encryption not supported
[  517.969324][ T5946] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  518.016914][ T5946] usb 1-1: Product: syz
[  518.021107][ T5946] usb 1-1: Manufacturer: syz
[  518.076689][ T5946] usb 1-1: SerialNumber: syz
[  518.105988][ T5946] usb 1-1: config 0 descriptor??
[  518.128099][T12358] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  518.173074][ T5946] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0
[  518.235263][T12358] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.1847: Allocating blocks 385-513 which overlap fs metadata
[  518.333571][T12358] EXT4-fs (loop6): pa ffff888030d84828: logic 16, phys. 129, len 24
[  518.341649][T12358] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  518.448570][T12358] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  518.486780][T12358] EXT4-fs (loop6): This should not happen!! Data will be lost
[  518.486780][T12358] 
[  518.528629][T12358] EXT4-fs (loop6): Total free blocks count 0
[  518.559013][T12358] EXT4-fs (loop6): Free/Dirty block details
[  518.561684][ T5947] usb 1-1: USB disconnect, device number 24
[  518.582714][T12358] EXT4-fs (loop6): free_blocks=128
[  518.587205][ T5947] yurex 1-1:0.0: USB YUREX #0 now disconnected
[  518.587850][T12358] EXT4-fs (loop6): dirty_blocks=0
[  518.587868][T12358] EXT4-fs (loop6): Block reservation details
[  518.612134][T12373] loop3: detected capacity change from 0 to 64
[  518.653666][T12373] minix_free_block (loop3:1): bit already cleared
[  518.657048][T12358] EXT4-fs (loop6): i_reserved_data_blocks=0
[  518.661023][T12373] minix_free_block (loop3:4): bit already cleared
[  518.705675][T12373] minix_free_block (loop3:3): bit already cleared
[  518.717277][T12373] minix_free_block (loop3:2): bit already cleared
[  518.748197][T12373] minix_free_block (loop3:1): bit already cleared
[  519.006828][   T92] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  519.660449][T12379] loop3: detected capacity change from 0 to 64
[  519.783168][   T92] usb 6-1: device descriptor read/64, error -71
[  520.174704][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  520.174721][   T30] audit: type=1326 audit(1751282142.832:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12384 comm="syz.6.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  520.202928][T12385] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  520.243724][   T92] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  520.261975][   T30] audit: type=1326 audit(1751282142.842:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12384 comm="syz.6.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  520.440608][   T30] audit: type=1326 audit(1751282142.852:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12384 comm="syz.6.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  520.464838][   T30] audit: type=1326 audit(1751282142.852:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12384 comm="syz.6.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  520.489055][   T30] audit: type=1326 audit(1751282142.862:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12384 comm="syz.6.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  520.517513][   T92] usb 6-1: device descriptor read/64, error -71
[  520.638630][   T92] usb usb6-port1: attempt power cycle
[  520.686733][   T30] audit: type=1326 audit(1751282142.862:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12384 comm="syz.6.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  520.748958][   T30] audit: type=1326 audit(1751282143.212:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12384 comm="syz.6.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  520.822894][   T30] audit: type=1326 audit(1751282143.212:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12384 comm="syz.6.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  521.052711][   T92] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  521.268758][   T92] usb 6-1: device descriptor read/8, error -71
[  521.967249][T12397] loop0: detected capacity change from 0 to 32768
[  522.043337][T12397] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  522.609672][   T30] audit: type=1326 audit(1751282145.472:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12429 comm="syz.3.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a978e929 code=0x7ffc0000
[  522.824459][T12437] random: crng reseeded on system resumption
[  523.246302][   T30] audit: type=1326 audit(1751282145.482:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12429 comm="syz.3.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa6a978e929 code=0x7ffc0000
[  523.315160][ T5833] (syz-executor,5833,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 76
[  523.409734][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[  523.956576][ T5838] Bluetooth: hci4: command 0x0406 tx timeout
[  524.342979][   T92] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  524.855216][ T5947] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  525.081052][   T92] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  525.098999][   T92] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  525.108947][   T92] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  525.122224][   T92] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  525.131517][   T92] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  525.141410][   T92] usb 6-1: config 0 descriptor??
[  525.272208][ T5947] usb 3-1: device descriptor read/64, error -71
[  525.632945][ T5947] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  525.747910][T12480] random: crng reseeded on system resumption
[  525.802689][ T5947] usb 3-1: device descriptor read/64, error -71
[  526.507086][   T92] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  526.740408][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  526.740423][   T30] audit: type=1326 audit(1751282149.712:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.6.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  526.772762][   T30] audit: type=1326 audit(1751282149.712:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.6.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  526.785090][   T92] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  526.795709][   T30] audit: type=1326 audit(1751282149.712:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.6.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  526.795755][   T30] audit: type=1326 audit(1751282149.712:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.6.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  526.795795][   T30] audit: type=1326 audit(1751282149.712:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.6.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  526.795834][   T30] audit: type=1326 audit(1751282149.712:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.6.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  526.795873][   T30] audit: type=1326 audit(1751282149.712:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.6.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  526.795912][   T30] audit: type=1326 audit(1751282149.712:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.6.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  526.795950][   T30] audit: type=1326 audit(1751282149.712:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.6.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  526.795994][   T30] audit: type=1326 audit(1751282149.742:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.6.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  527.020901][ T5947] usb usb3-port1: attempt power cycle
[  527.514638][   T92] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  527.539423][   T92] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  527.610481][   T92] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  527.644536][   T92] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  527.671464][   T92] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  527.702489][   T92] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  527.745805][   T92] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  527.893484][   T92] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  527.953076][   T92] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  528.009539][   T92] usb 6-1: USB disconnect, device number 18
[  528.089410][T12477] loop3: detected capacity change from 0 to 32768
[  528.119550][T12477] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  528.192031][T12515] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1896'.
[  528.201749][T12515] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1896'.
[  528.251580][T12477] XFS (loop3): Ending clean mount
[  528.308527][T12497] loop6: detected capacity change from 0 to 32768
[  528.320730][T12497] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1890 (12497)
[  528.362171][T12497] BTRFS info (device loop6): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  528.387649][T12517] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1897'.
[  528.398360][T12497] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  528.398624][ T5830] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  528.419059][T12497] BTRFS info (device loop6): using free-space-tree
[  529.819436][T12557] syzkaller1: entered promiscuous mode
[  529.836499][T12557] syzkaller1: entered allmulticast mode
[  529.961831][T12562] loop5: detected capacity change from 0 to 1024
[  530.080028][T12562] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  530.117573][T12562] ext4 filesystem being mounted at /257/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  530.199460][T10528] BTRFS info (device loop6): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  530.837457][ T7874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.575174][T12590] loop2: detected capacity change from 0 to 1024
[  531.585834][T12590] EXT4-fs: Ignoring removed nobh option
[  531.592365][T12590] EXT4-fs (loop2): stripe (1572) is not aligned with cluster size (16), stripe is disabled
[  531.637481][T12590] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  531.901286][T12593] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 16: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  531.936212][T12600] random: crng reseeded on system resumption
[  532.059471][T12593] EXT4-fs (loop2): Remounting filesystem read-only
[  532.734082][ T5831] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.284252][T12621] loop0: detected capacity change from 0 to 256
[  533.426717][T12627] input: syz1 as /devices/virtual/input/input21
[  533.454957][T12627] input: failed to attach handler leds to device input21, error: -6
[  533.619139][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  533.619180][   T30] audit: type=1326 audit(1751282156.572:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12626 comm="syz.6.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  533.732312][ T5917] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  533.991218][   T30] audit: type=1326 audit(1751282156.572:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12626 comm="syz.6.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  534.014123][ T5917] usb 4-1: Using ep0 maxpacket: 16
[  534.044434][ T5917] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  534.059543][ T5917] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  534.070276][   T30] audit: type=1326 audit(1751282156.582:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12626 comm="syz.6.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  534.118222][ T5917] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  534.138506][ T5917] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  534.147903][ T5917] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.180087][   T30] audit: type=1326 audit(1751282156.582:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12626 comm="syz.6.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  534.224075][ T5917] usb 4-1: config 0 descriptor??
[  534.342883][   T30] audit: type=1326 audit(1751282156.582:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12626 comm="syz.6.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  535.059283][   T30] audit: type=1326 audit(1751282156.582:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12626 comm="syz.6.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  535.083007][   T30] audit: type=1326 audit(1751282156.722:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12626 comm="syz.6.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  535.109940][   T30] audit: type=1326 audit(1751282156.722:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12626 comm="syz.6.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  535.139966][T12649] random: crng reseeded on system resumption
[  535.380871][ T5917] hid_parser_main: 1 callbacks suppressed
[  535.380893][ T5917] shield 0003:0955:7214.001A: unknown main item tag 0x0
[  535.463682][ T5917] shield 0003:0955:7214.001A: unknown main item tag 0x0
[  535.502723][ T5917] shield 0003:0955:7214.001A: unknown main item tag 0x0
[  535.547802][ T5917] shield 0003:0955:7214.001A: unknown main item tag 0x0
[  535.574346][ T5917] shield 0003:0955:7214.001A: unknown main item tag 0x0
[  535.591055][ T5917] input: HID 0955:7214 Haptics as /devices/virtual/input/input22
[  535.603028][T12628] random: crng reseeded on system resumption
[  535.892267][ T5917] shield 0003:0955:7214.001A: Registered Thunderstrike controller
[  535.901407][ T5917] shield 0003:0955:7214.001A: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  536.042129][T12652] loop2: detected capacity change from 0 to 32768
[  536.213732][T12652] XFS: ikeep mount option is deprecated.
[  536.257393][T12652] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  536.286035][   T44] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  536.300024][ T5917] usb 4-1: USB disconnect, device number 34
[  536.301443][T12652] XFS (loop2): Ending clean mount
[  536.307923][T12670] program syz.6.1936 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  536.342153][   T44] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  536.380059][   T44] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  536.402258][   T44] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  536.634420][ T5831] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  536.819784][T12676] loop3: detected capacity change from 0 to 40427
[  536.891700][T12676] F2FS-fs (loop3): build fault injection rate: 690
[  536.900345][T12676] F2FS-fs (loop3): Image doesn't support compression
[  536.907164][T12676] F2FS-fs (loop3): Image doesn't support compression
[  536.913886][T12676] F2FS-fs (loop3): build fault injection type: 0x0
[  536.985494][   T30] audit: type=1326 audit(1751282159.952:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12680 comm="syz.6.1941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  537.053941][T12676] F2FS-fs (loop3): invalid crc value
[  537.055926][   T30] audit: type=1326 audit(1751282159.952:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12680 comm="syz.6.1941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  537.527132][T12676] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  537.587623][ T5830] syz-executor: attempt to access beyond end of device
[  537.587623][ T5830] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  537.646179][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  537.646206][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  537.646217][ T5830] Call Trace:
[  537.646225][ T5830]  <TASK>
[  537.646233][ T5830]  dump_stack_lvl+0x189/0x250
[  537.646266][ T5830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  537.646288][ T5830]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  537.646312][ T5830]  ? __pfx_queue_work_on+0x10/0x10
[  537.646336][ T5830]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  537.646359][ T5830]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  537.646383][ T5830]  ? f2fs_hw_is_readonly+0x39b/0x470
[  537.646412][ T5830]  f2fs_handle_critical_error+0x37c/0x540
[  537.646442][ T5830]  f2fs_write_end_io+0x495/0x810
[  537.646463][ T5830]  ? blkg_put+0x22/0x240
[  537.646502][ T5830]  __submit_merged_bio+0x27a/0x6a0
[  537.646531][ T5830]  __submit_merged_write_cond+0x255/0x530
[  537.646562][ T5830]  f2fs_write_data_pages+0x261d/0x3000
[  537.646627][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  537.646716][ T5830]  ? __mod_zone_page_state+0xd7/0x140
[  537.646752][ T5830]  ? folios_put_refs+0x560/0x640
[  537.646788][ T5830]  ? __lock_acquire+0xab9/0xd20
[  537.646820][ T5830]  ? do_raw_spin_lock+0x121/0x290
[  537.646858][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  537.646877][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  537.646901][ T5830]  do_writepages+0x32e/0x550
[  537.646939][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  537.646962][ T5830]  filemap_fdatawrite+0x199/0x240
[  537.646987][ T5830]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  537.647069][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  537.647092][ T5830]  f2fs_sync_dirty_inodes+0x31f/0x830
[  537.647135][ T5830]  f2fs_write_checkpoint+0x95a/0x1df0
[  537.647188][ T5830]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  537.647262][ T5830]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  537.647278][ T5830]  ? kfree+0x18e/0x440
[  537.647302][ T5830]  ? kill_f2fs_super+0x298/0x6c0
[  537.647332][ T5830]  kill_f2fs_super+0x2c3/0x6c0
[  537.647364][ T5830]  ? __pfx_kill_f2fs_super+0x10/0x10
[  537.647388][ T5830]  ? radix_tree_delete_item+0x2b6/0x400
[  537.647421][ T5830]  ? shrinker_free+0x2ce/0x3e0
[  537.647446][ T5830]  deactivate_locked_super+0xbc/0x130
[  537.647471][ T5830]  cleanup_mnt+0x425/0x4c0
[  537.647493][ T5830]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.647520][ T5830]  task_work_run+0x1d1/0x260
[  537.647544][ T5830]  ? __pfx_task_work_run+0x10/0x10
[  537.647560][ T5830]  ? __x64_sys_umount+0x122/0x160
[  537.647590][ T5830]  ? exit_to_user_mode_loop+0x40/0x110
[  537.647616][ T5830]  exit_to_user_mode_loop+0xec/0x110
[  537.647638][ T5830]  do_syscall_64+0x2bd/0x3b0
[  537.647654][ T5830]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.647678][ T5830]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.647696][ T5830]  ? clear_bhb_loop+0x60/0xb0
[  537.647718][ T5830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.647736][ T5830] RIP: 0033:0x7fa6a978fc57
[  537.647752][ T5830] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  537.647766][ T5830] RSP: 002b:00007ffd518f0d58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  537.647786][ T5830] RAX: 0000000000000000 RBX: 00007fa6a9810925 RCX: 00007fa6a978fc57
[  537.647799][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd518f0e10
[  537.647810][ T5830] RBP: 00007ffd518f0e10 R08: 0000000000000000 R09: 0000000000000000
[  537.647821][ T5830] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd518f1ea0
[  537.647833][ T5830] R13: 00007fa6a9810925 R14: 00000000000833bd R15: 00007ffd518f1ee0
[  537.647873][ T5830]  </TASK>
[  537.647881][ T5830] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  538.086435][T12679] loop0: detected capacity change from 0 to 32768
[  538.118694][T12689] loop5: detected capacity change from 0 to 1024
[  538.139203][T12690] input: syz1 as /devices/virtual/input/input23
[  538.249485][T12699] random: crng reseeded on system resumption
[  538.268918][T12698] loop2: detected capacity change from 0 to 512
[  538.283786][T12698] EXT4-fs: quotafile must be on filesystem root
[  538.655633][    T9] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  538.914540][    T9] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  539.008843][T12679] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  539.008860][T12679]   allowing incompatible features above 0.0: (unknown version)
[  539.008866][T12679]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  539.033065][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  539.043614][    T9] usb 3-1: config 0 descriptor??
[  539.074545][    T9] cp210x 3-1:0.0: cp210x converter detected
[  539.143992][T12679] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  539.152714][T12679] bcachefs (loop0): initializing new filesystem
[  539.170792][T12679] bcachefs (loop0): going read-write
[  539.402418][T12679] bcachefs (loop0): marking superblocks
[  539.441074][T12679] bcachefs (loop0): initializing freespace
[  539.457896][T12679] bcachefs (loop0): done initializing freespace
[  539.477965][T12679] bcachefs (loop0): reading snapshots table
[  539.492729][T12679] bcachefs (loop0): reading snapshots done
[  539.536250][    T9] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  539.580604][T12679] bcachefs (loop0): done starting filesystem
[  539.587769][    T9] usb 3-1: cp210x converter now attached to ttyUSB0
[  539.797095][    T9] usb 3-1: USB disconnect, device number 37
[  539.811334][ T5833] bcachefs (loop0): shutting down
[  539.819129][ T5838] Bluetooth: hci4: unexpected event for opcode 0x0c1a
[  539.828353][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  539.828732][ T5833] bcachefs (loop0): going read-only
[  539.851864][ T5833] bcachefs (loop0): finished waiting for writes to stop
[  539.857150][    T9] cp210x 3-1:0.0: device disconnected
[  539.865994][ T5833] bcachefs (loop0): flushing journal and stopping allocators, journal seq 9
[  539.906550][ T5833] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10
[  539.926262][ T5833] bcachefs (loop0): clean shutdown complete, journal seq 11
[  539.936338][ T5833] bcachefs (loop0): marking filesystem clean
[  539.989723][ T5833] bcachefs (loop0): shutdown complete
[  540.083084][ T5947] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  540.218739][T12727] loop6: detected capacity change from 0 to 1024
[  540.228424][   T44] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  540.264825][ T5947] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  540.279347][ T5947] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  540.291272][ T5947] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  540.291747][   T12] hfsplus: b-tree write err: -5, ino 4
[  540.312631][ T5947] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  540.332661][ T5947] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  540.363139][ T5947] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.386720][ T5947] usb 4-1: config 0 descriptor??
[  540.412895][   T44] usb 6-1: Using ep0 maxpacket: 8
[  540.420010][   T44] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  540.441204][   T44] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  540.572730][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  540.572747][   T30] audit: type=1326 audit(1751282163.492:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12728 comm="syz.6.1954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  540.601900][   T44] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  541.179347][   T44] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  541.192525][   T30] audit: type=1326 audit(1751282163.492:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12728 comm="syz.6.1954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  541.215064][   T44] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  541.224271][   T44] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.236461][   T30] audit: type=1326 audit(1751282163.492:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12728 comm="syz.6.1954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  541.260488][   T30] audit: type=1326 audit(1751282163.492:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12728 comm="syz.6.1954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  541.283670][   T30] audit: type=1326 audit(1751282163.492:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12728 comm="syz.6.1954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  541.330099][   T30] audit: type=1326 audit(1751282163.492:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12728 comm="syz.6.1954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  541.356705][   T30] audit: type=1326 audit(1751282163.542:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12728 comm="syz.6.1954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  541.380000][   T30] audit: type=1326 audit(1751282163.542:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12728 comm="syz.6.1954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  541.406506][ T5947] plantronics 0003:047F:FFFF.001B: ignoring exceeding usage max
[  541.423527][ T5947] plantronics 0003:047F:FFFF.001B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  541.442656][   T30] audit: type=1326 audit(1751282163.592:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12728 comm="syz.6.1954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  541.470368][   T30] audit: type=1326 audit(1751282163.592:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12728 comm="syz.6.1954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  541.521761][   T44] usb 6-1: GET_CAPABILITIES returned 0
[  541.530170][   T44] usbtmc 6-1:16.0: can't read capabilities
[  541.740579][   T44] usb 6-1: USB disconnect, device number 19
[  541.909363][ T5917] usb 4-1: USB disconnect, device number 35
[  541.959990][T12747] loop6: detected capacity change from 0 to 2048
[  542.000154][T12747] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  542.029646][T12747] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  542.041189][T12743] loop2: detected capacity change from 0 to 40427
[  542.053644][T12743] F2FS-fs (loop2): build fault injection rate: 771
[  542.086202][T12743] F2FS-fs (loop2): invalid crc value
[  542.094407][T10528] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  542.229108][T12754] loop6: detected capacity change from 0 to 2048
[  542.247368][T12754] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  542.291802][T12743] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  542.375808][T10528] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  542.401378][T12743] syz.2.1959: attempt to access beyond end of device
[  542.401378][T12743] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  542.474186][ T5831] syz-executor: attempt to access beyond end of device
[  542.474186][ T5831] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  542.502068][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  542.502096][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  542.502108][ T5831] Call Trace:
[  542.502116][ T5831]  <TASK>
[  542.502125][ T5831]  dump_stack_lvl+0x189/0x250
[  542.502160][ T5831]  ? __pfx_dump_stack_lvl+0x10/0x10
[  542.502182][ T5831]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  542.502207][ T5831]  ? __pfx_queue_work_on+0x10/0x10
[  542.502233][ T5831]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  542.502257][ T5831]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  542.502282][ T5831]  ? f2fs_hw_is_readonly+0x39b/0x470
[  542.502313][ T5831]  f2fs_handle_critical_error+0x37c/0x540
[  542.502343][ T5831]  f2fs_write_end_io+0x495/0x810
[  542.502365][ T5831]  ? blkg_put+0x22/0x240
[  542.502406][ T5831]  __submit_merged_bio+0x27a/0x6a0
[  542.502437][ T5831]  __submit_merged_write_cond+0x255/0x530
[  542.502469][ T5831]  f2fs_write_data_pages+0x261d/0x3000
[  542.502537][ T5831]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  542.502579][ T5831]  ? kernel_text_address+0xa5/0xe0
[  542.502640][ T5831]  ? stack_depot_save_flags+0x40/0x900
[  542.502688][ T5831]  ? cleanup_mnt+0x425/0x4c0
[  542.502708][ T5831]  ? task_work_run+0x1d1/0x260
[  542.502724][ T5831]  ? exit_to_user_mode_loop+0xec/0x110
[  542.502758][ T5831]  ? __lock_acquire+0xab9/0xd20
[  542.502802][ T5831]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  542.502827][ T5831]  do_writepages+0x32e/0x550
[  542.502866][ T5831]  ? do_raw_spin_unlock+0x122/0x240
[  542.502892][ T5831]  filemap_fdatawrite+0x199/0x240
[  542.502917][ T5831]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  542.503003][ T5831]  ? do_raw_spin_unlock+0x122/0x240
[  542.503027][ T5831]  f2fs_sync_dirty_inodes+0x31f/0x830
[  542.503072][ T5831]  f2fs_write_checkpoint+0x95a/0x1df0
[  542.503128][ T5831]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  542.503207][ T5831]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  542.503224][ T5831]  ? kfree+0x18e/0x440
[  542.503249][ T5831]  ? kill_f2fs_super+0x298/0x6c0
[  542.503280][ T5831]  kill_f2fs_super+0x2c3/0x6c0
[  542.503314][ T5831]  ? __pfx_kill_f2fs_super+0x10/0x10
[  542.503336][ T5831]  ? radix_tree_delete_item+0x2b6/0x400
[  542.503368][ T5831]  ? shrinker_free+0x2ce/0x3e0
[  542.503393][ T5831]  deactivate_locked_super+0xbc/0x130
[  542.503419][ T5831]  cleanup_mnt+0x425/0x4c0
[  542.503441][ T5831]  ? lockdep_hardirqs_on+0x9c/0x150
[  542.503469][ T5831]  task_work_run+0x1d1/0x260
[  542.503493][ T5831]  ? __pfx_task_work_run+0x10/0x10
[  542.503510][ T5831]  ? __x64_sys_umount+0x122/0x160
[  542.503542][ T5831]  ? exit_to_user_mode_loop+0x40/0x110
[  542.503568][ T5831]  exit_to_user_mode_loop+0xec/0x110
[  542.503591][ T5831]  do_syscall_64+0x2bd/0x3b0
[  542.503612][ T5831]  ? lockdep_hardirqs_on+0x9c/0x150
[  542.503637][ T5831]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.503656][ T5831]  ? clear_bhb_loop+0x60/0xb0
[  542.503679][ T5831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.503696][ T5831] RIP: 0033:0x7f127198fc57
[  542.503714][ T5831] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  542.503730][ T5831] RSP: 002b:00007ffe5c83e7c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  542.503751][ T5831] RAX: 0000000000000000 RBX: 00007f1271a10925 RCX: 00007f127198fc57
[  542.503764][ T5831] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe5c83e880
[  542.503776][ T5831] RBP: 00007ffe5c83e880 R08: 0000000000000000 R09: 0000000000000000
[  542.503788][ T5831] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe5c83f910
[  542.503800][ T5831] R13: 00007f1271a10925 R14: 00000000000846a1 R15: 00007ffe5c83f950
[  542.503835][ T5831]  </TASK>
[  542.867966][ T5831] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  542.952149][    C1] sd 0:0:1:0: [sda] tag#202 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  542.962476][    C1] sd 0:0:1:0: [sda] tag#202 CDB: Read(6) 08 00 9f d1 fe de
[  542.969846][    C1] sd 0:0:1:0: [sda] tag#203 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  542.980184][    C1] sd 0:0:1:0: [sda] tag#203 CDB: Read(6) 08 00 9f d1 fe de
[  542.987811][    C1] sd 0:0:1:0: [sda] tag#204 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  542.998135][    C1] sd 0:0:1:0: [sda] tag#204 CDB: Read(6) 08 00 9f d1 fe de
[  543.005784][    C1] sd 0:0:1:0: [sda] tag#205 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  543.016053][    C1] sd 0:0:1:0: [sda] tag#205 CDB: Read(6) 08 00 9f d1 fe de
[  543.023365][    C1] sd 0:0:1:0: [sda] tag#206 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  543.033661][    C1] sd 0:0:1:0: [sda] tag#206 CDB: Read(6) 08 00 9f d1 fe de
[  543.040940][    C1] sd 0:0:1:0: [sda] tag#207 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  543.051279][    C1] sd 0:0:1:0: [sda] tag#207 CDB: Read(6) 08 00 9f d1 fe de
[  543.059254][    C1] sd 0:0:1:0: [sda] tag#208 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  543.069588][    C1] sd 0:0:1:0: [sda] tag#208 CDB: Read(6) 08 00 9f d1 fe de
[  543.076927][    C1] sd 0:0:1:0: [sda] tag#209 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  543.087251][    C1] sd 0:0:1:0: [sda] tag#209 CDB: Read(6) 08 00 9f d1 fe de
[  543.095110][    C1] sd 0:0:1:0: [sda] tag#210 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  543.105482][    C1] sd 0:0:1:0: [sda] tag#210 CDB: Read(6) 08 00 9f d1 fe de
[  543.113862][    C1] sd 0:0:1:0: [sda] tag#211 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  543.124188][    C1] sd 0:0:1:0: [sda] tag#211 CDB: Read(6) 08 00 9f d1 fe de
[  543.134105][T12769] loop6: detected capacity change from 0 to 1024
[  543.328473][   T13] hfsplus: b-tree write err: -5, ino 4
[  543.527795][T12780] loop3: detected capacity change from 0 to 512
[  543.586446][T12780] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2798: inode #11: comm syz.3.1972: corrupted xattr block 95: invalid header
[  543.631451][T12780] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1972: bg 0: block 7: invalid block bitmap
[  543.659777][T12780] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  543.735619][T12780] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #11: comm syz.3.1972: corrupted xattr block 95: invalid header
[  543.779741][T12780] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  543.839883][T12780] EXT4-fs (loop3): 1 orphan inode deleted
[  543.854627][T12780] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  543.914315][T12791] loop5: detected capacity change from 0 to 2048
[  543.971525][T12791] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  544.139320][ T5830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  544.488719][T12801] loop0: detected capacity change from 0 to 32768
[  544.528058][T12791] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  544.565608][T12802] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  544.582727][T12791] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 129 with max blocks 1 with error 28
[  544.610687][T12802] EXT4-fs (loop5): This should not happen!! Data will be lost
[  544.610687][T12802] 
[  544.628284][T12791] EXT4-fs (loop5): This should not happen!! Data will be lost
[  544.628284][T12791] 
[  544.660498][T12802] EXT4-fs (loop5): Total free blocks count 0
[  544.671452][T12791] EXT4-fs (loop5): Total free blocks count 0
[  544.688196][T12791] EXT4-fs (loop5): Free/Dirty block details
[  544.700918][T12801] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  544.700938][T12801]   allowing incompatible features above 0.0: (unknown version)
[  544.700951][T12801]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  544.717604][T12802] EXT4-fs (loop5): Free/Dirty block details
[  544.717743][T12802] EXT4-fs (loop5): free_blocks=2415919504
[  544.752792][ T5917] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  544.839977][T12801] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  544.854242][T12801] bcachefs (loop0): initializing new filesystem
[  544.908481][ T5917] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  544.928396][ T5917] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  544.958826][T12797] loop6: detected capacity change from 0 to 131072
[  544.966942][T12797] F2FS-fs (loop6): build fault injection rate: 7
[  544.968212][T12801] bcachefs (loop0): going read-write
[  544.976046][T12797] F2FS-fs (loop6): build fault injection type: 0x40004
[  544.982623][ T5917] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  544.988824][T12797] F2FS-fs (loop6): QUOTA feature is enabled, so ignore qf_name
[  545.007287][T12797] F2FS-fs (loop6): invalid crc value
[  545.026310][T12797] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  545.026401][ T5917] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.039774][T12797] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  545.072720][T12797] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  545.083495][T12801] bcachefs (loop0): marking superblocks
[  545.099021][T12797] F2FS-fs (loop6): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1cb/0x970
[  545.124640][T12799] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  545.156369][ T5917] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  545.157117][T12797] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  545.194588][T12797] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  545.212335][T12801] bcachefs (loop0): initializing freespace
[  545.223904][T12797] F2FS-fs (loop6): Bad quota inode 2:255
[  545.229612][T12797] F2FS-fs (loop6): Failed to enable quota tracking (type=2, err=-2). Please run fsck to fix.
[  545.241128][T12797] F2FS-fs (loop6): Cannot turn on quotas: error -2
[  545.247691][T12797] F2FS-fs (loop6): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_recover_fsync_data+0x449/0x8960
[  545.261197][T12818] loop3: detected capacity change from 0 to 4096
[  545.263755][T12801] bcachefs (loop0): done initializing freespace
[  545.274192][T12797] F2FS-fs (loop6): Mounted with checkpoint version = 1b41e954
[  545.283759][T12797] F2FS-fs (loop6): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x4e9/0x20c0
[  545.295614][T12797] F2FS-fs (loop6): invalid blkaddr: 513, type: 10, run fsck to fix.
[  545.303958][T12797] F2FS-fs (loop6): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x589/0x20c0
[  545.315325][T12797] F2FS-fs (loop6): invalid blkaddr: 516, type: 10, run fsck to fix.
[  545.328016][T12801] bcachefs (loop0): reading snapshots table
[  545.340490][T12801] bcachefs (loop0): reading snapshots done
[  545.343628][T12821] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  545.346659][T12797] F2FS-fs (loop6): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x589/0x20c0
[  545.369165][T12797] F2FS-fs (loop6): invalid blkaddr: 1025, type: 10, run fsck to fix.
[  545.377815][T12797] F2FS-fs (loop6): invalid blkaddr: 1029, type: 10, run fsck to fix.
[  545.505609][T12801] bcachefs (loop0):  loop0: Superblock write was silently dropped! (seq 0 expected 42)
[  545.520204][T12801] bcachefs (loop0): done starting filesystem
[  545.758988][T12825] bcachefs (loop0): going read-only
[  545.782387][T12825] bcachefs (loop0): finished waiting for writes to stop
[  545.842241][T12825] bcachefs (loop0): flushing journal and stopping allocators, journal seq 2
[  546.021882][T12825] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 2
[  546.071803][ T5946] usb 3-1: USB disconnect, device number 38
[  546.095893][T12825] bcachefs (loop0): clean shutdown complete, journal seq 3
[  546.105379][T12825] bcachefs (loop0): marking filesystem clean
[  546.173286][ T5833] bcachefs (loop0): shutting down
[  546.245898][ T5833] bcachefs (loop0): shutdown complete
[  546.479741][T12837] loop6: detected capacity change from 0 to 1024
[  546.508245][T12824] loop5: detected capacity change from 0 to 32768
[  546.516410][T12837] EXT4-fs: Ignoring removed nobh option
[  546.521989][T12837] EXT4-fs: Ignoring removed bh option
[  546.562081][T12837] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  546.602539][T12824] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  546.611303][T12837] EXT4-fs (loop6): shut down requested (2)
[  546.645503][T12824] XFS (loop5): Ending clean mount
[  546.709057][T10528] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  546.721851][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  546.721868][   T30] audit: type=1804 audit(1751282169.692:825): pid=12824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1982" name="/newroot/273/file1/file1" dev="loop5" ino=6150 res=1 errno=0
[  546.780641][T12853] loop2: detected capacity change from 0 to 1024
[  546.850441][ T7874] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  547.774403][   T30] audit: type=1326 audit(1751282170.412:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.3.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a978e929 code=0x7ffc0000
[  547.803996][   T30] audit: type=1326 audit(1751282170.422:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.3.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa6a978e929 code=0x7ffc0000
[  547.844509][T12879] loop6: detected capacity change from 0 to 764
[  547.861905][   T30] audit: type=1326 audit(1751282170.432:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.3.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a978e929 code=0x7ffc0000
[  547.891464][   T30] audit: type=1326 audit(1751282170.432:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.3.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa6a978e929 code=0x7ffc0000
[  547.920785][   T30] audit: type=1326 audit(1751282170.442:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.3.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a978e929 code=0x7ffc0000
[  547.965576][T12879] Symlink component flag not implemented
[  547.975696][T12879] Symlink component flag not implemented (7)
[  548.010117][   T30] audit: type=1326 audit(1751282170.442:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.3.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa6a978e929 code=0x7ffc0000
[  548.172854][   T30] audit: type=1326 audit(1751282170.772:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.3.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a978e929 code=0x7ffc0000
[  548.239719][   T30] audit: type=1326 audit(1751282170.772:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.3.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a978e929 code=0x7ffc0000
[  548.263229][T12886] loop2: detected capacity change from 0 to 2048
[  548.499920][T12890] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  549.282695][ T5944] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  549.302940][   T44] usb 3-1: new full-speed USB device number 39 using dummy_hcd
[  549.332007][T12893] loop5: detected capacity change from 0 to 32768
[  549.376822][T12893] JBD2: Ignoring recovery information on journal
[  549.447585][ T5944] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[  549.455946][ T5944] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  549.459773][T12893] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  549.467819][ T5944] usb 7-1: config 220 has no interface number 2
[  549.482496][ T5944] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  549.514409][   T44] usb 3-1: config 0 has an invalid interface number: 93 but max is 0
[  549.533373][   T44] usb 3-1: config 0 has no interface number 0
[  549.569697][   T44] usb 3-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[  549.581699][   T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.595091][ T5944] usb 7-1: config 220 interface 0 has no altsetting 0
[  549.601883][ T5944] usb 7-1: config 220 interface 76 has no altsetting 0
[  549.608811][ T5944] usb 7-1: config 220 interface 1 has no altsetting 0
[  549.619279][ T5944] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  549.628775][ T5944] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.638228][ T5944] usb 7-1: Product: syz
[  549.642959][ T5944] usb 7-1: Manufacturer: syz
[  549.647559][ T5944] usb 7-1: SerialNumber: syz
[  549.678538][   T44] usb 3-1: Product: syz
[  549.683487][   T44] usb 3-1: Manufacturer: syz
[  549.713984][   T44] usb 3-1: SerialNumber: syz
[  549.724372][   T44] usb 3-1: config 0 descriptor??
[  549.896726][ T5944] usb 7-1: selecting invalid altsetting 0
[  549.915129][ T5944] usb 7-1: Found UVC 7.01 device syz (8086:0b07)
[  549.933163][ T5944] usb 7-1: No valid video chain found.
[  549.950983][   T44] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in warm state.
[  549.963690][ T5944] usb 7-1: selecting invalid altsetting 0
[  549.981154][ T5944] usbtest 7-1:220.1: probe with driver usbtest failed with error -22
[  549.995057][   T44] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  550.019221][ T5944] usb 7-1: USB disconnect, device number 8
[  550.027581][   T44] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  550.064606][   T44] usb 3-1: media controller created
[  550.095733][   T44] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  550.110295][ T7874] ocfs2: Unmounting device (7,5) on (node local)
[  550.239697][   T44] DVB: Unable to find symbol dib7000p_attach()
[  550.250475][   T44] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  550.278585][   T44] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  550.298996][   T44] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  550.331836][   T44] usb 3-1: media controller created
[  550.366163][   T44] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  550.403268][   T44] dib0700: the master dib7090 has to be initialized first
[  550.417474][   T44] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  550.541523][T12910] netlink: 168 bytes leftover after parsing attributes in process `syz.3.2008'.
[  550.612836][   T44] rc_core: IR keymap rc-dib0700-rc5 not found
[  550.625537][   T44] Registered IR keymap rc-empty
[  550.651793][   T44] dvb-usb: could not initialize remote control.
[  550.662361][T12912] netlink: 'syz.6.2012': attribute type 10 has an invalid length.
[  550.699383][   T44] dvb-usb: DiBcom TFE7090PVR reference design successfully initialized and connected.
[  550.709280][T12912] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2012'.
[  550.775671][   T44] usb 3-1: USB disconnect, device number 39
[  551.047037][T12912] team0: Port device geneve0 added
[  551.061168][   T44] dvb-usb: DiBcom TFE7090PVR reference design successfully deinitialized and disconnected.
[  551.265226][T12909] loop5: detected capacity change from 0 to 32768
[  551.565623][   T30] audit: type=1326 audit(1751282174.462:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.6.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  551.765437][T12909] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  551.780626][   T30] audit: type=1326 audit(1751282174.462:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.6.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  551.805362][   T30] audit: type=1326 audit(1751282174.472:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.6.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  551.838407][   T30] audit: type=1326 audit(1751282174.482:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.6.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  551.861905][   T30] audit: type=1326 audit(1751282174.482:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.6.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  551.886737][   T30] audit: type=1326 audit(1751282174.492:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.6.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  552.312707][   T30] audit: type=1326 audit(1751282174.642:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.6.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  552.426009][   T30] audit: type=1326 audit(1751282174.652:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.6.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  552.500588][T12940] input input25: cannot allocate more than FF_MAX_EFFECTS effects
[  552.551946][   T30] audit: type=1326 audit(1751282175.332:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12932 comm="syz.0.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51eeb8e929 code=0x7ffc0000
[  552.642432][T12914] loop3: detected capacity change from 0 to 32768
[  552.654310][   T30] audit: type=1326 audit(1751282175.332:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12932 comm="syz.0.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51eeb8e929 code=0x7ffc0000
[  552.661038][T12909] XFS (loop5): Ending clean mount
[  552.679483][   T30] audit: type=1326 audit(1751282175.332:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12932 comm="syz.0.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f51eeb8e929 code=0x7ffc0000
[  552.751736][T12909] XFS (loop5): Quotacheck needed: Please wait.
[  552.945757][T12909] XFS (loop5): Quotacheck: Done.
[  553.010887][T12914] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[  553.010914][T12914]   allowing incompatible features above 0.0: (unknown version)
[  553.010927][T12914]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  553.056879][T12914] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  553.066274][T12914] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  553.074512][T12914] bcachefs (loop3): Version upgrade required:
[  553.074512][T12914] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  553.074512][T12914] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  553.074512][T12914]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  553.166386][T12914] bcachefs (loop3): dropping and reconstructing all alloc info
[  553.222963][ T5947] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  553.359270][T12914] bcachefs (loop3): accounting_read...
[  553.403427][ T5947] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  553.429013][ T5947] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  553.446123][ T7874] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  553.450403][ T5947] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  553.467710][T12914]  done
[  553.470699][T12914] bcachefs (loop3): alloc_read... done
[  553.480306][T12914] bcachefs (loop3): snapshots_read...
[  553.480997][ T5947] usb 7-1: config 0 interface 0 has no altsetting 0
[  553.481897][T12914]  done
[  553.497701][T12914] bcachefs (loop3): check_allocations...
[  553.513289][ T5947] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  553.567296][T12914]  done
[  553.570586][T12914] bcachefs (loop3): going read-write
[  553.591672][T12914] bcachefs (loop3): done starting filesystem
[  553.646226][ T5947] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  553.661058][ T5947] usb 7-1: config 0 interface 0 has no altsetting 0
[  553.669953][ T5947] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  553.702678][ T5947] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  553.737664][ T5947] usb 7-1: config 0 interface 0 has no altsetting 0
[  553.746096][ T5830] bcachefs (loop3): shutting down
[  553.747216][ T5947] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  553.752023][ T5830] bcachefs (loop3): going read-only
[  553.772248][ T5830] bcachefs (loop3): finished waiting for writes to stop
[  553.785303][ T5830] bcachefs (loop3): flushing journal and stopping allocators, journal seq 11
[  553.791397][ T5947] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  553.798736][ T5830] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 11
[  553.805472][ T5947] usb 7-1: config 0 interface 0 has no altsetting 0
[  554.264221][ T5830] bcachefs (loop3): unclean shutdown complete, journal seq 12
[  554.276064][ T5830] bcachefs (loop3): done going read-only, filesystem not clean
[  554.285509][ T5947] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  554.305209][ T5947] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  554.322779][ T5947] usb 7-1: config 0 interface 0 has no altsetting 0
[  554.345652][ T5947] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  554.367539][ T5947] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  554.381905][ T5830] bcachefs (loop3): shutdown complete
[  554.387917][ T5947] usb 7-1: config 0 interface 0 has no altsetting 0
[  554.399009][ T5947] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  554.432474][ T5947] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  554.456648][ T5947] usb 7-1: config 0 interface 0 has no altsetting 0
[  554.467439][ T5947] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  554.489715][ T5947] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  554.521908][ T5947] usb 7-1: config 0 interface 0 has no altsetting 0
[  554.537422][ T5947] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  554.599338][ T5947] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  554.617253][ T5947] usb 7-1: Product: syz
[  554.621437][ T5947] usb 7-1: Manufacturer: syz
[  554.627651][ T5947] usb 7-1: SerialNumber: syz
[  554.641890][ T5947] usb 7-1: config 0 descriptor??
[  554.652667][    T9] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  554.652866][ T5947] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  555.090298][    T9] usb 6-1: Using ep0 maxpacket: 8
[  555.125190][    T9] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  555.144916][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.183129][    T9] pvrusb2: Hardware description: Terratec Grabster AV400
[  555.195179][    T9] pvrusb2: **********
[  555.199181][    T9] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  555.210563][    T9] pvrusb2: Important functionality might not be entirely working.
[  555.228530][    T9] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  555.240379][ T5947] usb 7-1: USB disconnect, device number 9
[  555.240912][    T9] pvrusb2: **********
[  555.253632][ T5947] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  555.390266][ T2345] pvrusb2: Invalid write control endpoint
[  555.439565][ T2345] pvrusb2: Invalid write control endpoint
[  555.455151][ T2345] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  555.469977][ T2345] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  555.521255][ T2345] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  555.531914][ T2345] pvrusb2: Device being rendered inoperable
[  555.540752][ T2345] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  555.556375][ T2345] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  555.565959][ T2345] pvrusb2: Attached sub-driver cx25840
[  555.571423][ T2345] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  555.583769][ T2345] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  555.642662][ T5944] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  555.802746][ T5944] usb 3-1: Using ep0 maxpacket: 8
[  555.817358][ T5944] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  555.840060][ T5944] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.850368][ T5944] usb 3-1: Product: syz
[  555.856893][ T5944] usb 3-1: Manufacturer: syz
[  555.861502][ T5944] usb 3-1: SerialNumber: syz
[  555.888241][ T5944] usb 3-1: config 0 descriptor??
[  555.916448][ T5944] gspca_main: sq930x-2.14.0 probing 2770:930c
[  555.935744][T12997] loop0: detected capacity change from 0 to 32768
[  555.960008][T12997] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  556.030225][T12997] OCFS2: ERROR (device loop0): int ocfs2_get_clusters_nocache(struct inode *, struct buffer_head *, u32, unsigned int *, struct ocfs2_extent_rec *, unsigned int *): Inode 17058 has bad extent record (3, 4, 0)
[  556.053224][T12997] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  556.063686][T12997] OCFS2: File system is now read-only.
[  556.069161][T12997] (syz.0.2037,12997,1):ocfs2_get_clusters:634 ERROR: status = -30
[  556.080634][T12997] (syz.0.2037,12997,1):__ocfs2_move_extents_range:822 ERROR: status = -30
[  556.097096][T12997] (syz.0.2037,12997,1):ocfs2_move_extents:931 ERROR: status = -30
[  556.107555][T12997] (syz.0.2037,12997,1):ocfs2_ioctl_move_extents:1055 ERROR: status = -30
[  556.192271][ T5917] usb 6-1: USB disconnect, device number 20
[  556.264973][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[  556.773351][ T5944] gspca_sq930x: reg_w 0305 fd00 failed -71
[  556.790140][   T30] kauditd_printk_skb: 118 callbacks suppressed
[  556.790156][   T30] audit: type=1326 audit(1751282179.762:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13004 comm="syz.6.2041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  556.844442][ T5944] sq930x 3-1:0.0: probe with driver sq930x failed with error -71
[  556.866033][ T5944] usb 3-1: USB disconnect, device number 40
[  556.894057][   T30] audit: type=1326 audit(1751282179.762:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13004 comm="syz.6.2041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7fd8e929 code=0x7ffc0000
[  557.269930][T13016] loop3: detected capacity change from 0 to 1024
[  557.759785][T13024] loop0: detected capacity change from 0 to 4096
[  558.318358][   T30] audit: type=1326 audit(1751282181.282:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13028 comm="syz.5.2046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  558.376878][   T30] audit: type=1326 audit(1751282181.282:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13028 comm="syz.5.2046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  558.385727][T13030] syzkaller1: entered promiscuous mode
[  558.409149][T13024] ntfs3(loop0): ino=1a, mi_enum_attr
[  558.472187][T13024] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  558.488557][   T30] audit: type=1326 audit(1751282181.282:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13028 comm="syz.5.2046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  558.575010][T13030] syzkaller1: entered allmulticast mode
[  558.588683][   T30] audit: type=1326 audit(1751282181.282:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13028 comm="syz.5.2046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  558.623894][ T5838] Bluetooth: hci4: unexpected event for opcode 0x1003
[  558.720811][   T30] audit: type=1326 audit(1751282181.282:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13028 comm="syz.5.2046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  558.780562][   T30] audit: type=1326 audit(1751282181.282:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13028 comm="syz.5.2046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  558.813865][   T30] audit: type=1326 audit(1751282181.282:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13028 comm="syz.5.2046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  558.914133][T13045] loop5: detected capacity change from 0 to 8
[  558.938719][T13045] SQUASHFS error: lzo decompression failed, data probably corrupt
[  559.000856][T13045] SQUASHFS error: Failed to read block 0x144: -5
[  559.030173][   T30] audit: type=1326 audit(1751282181.282:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13028 comm="syz.5.2046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f456818e929 code=0x7ffc0000
[  559.078180][T13045] SQUASHFS error: Unable to read metadata cache entry [142]
[  559.098417][T13045] SQUASHFS error: Unable to read inode 0x11f
[  560.996099][    T9] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  561.643059][    T9] usb 1-1: Using ep0 maxpacket: 16
[  561.665982][    T9] usb 1-1: config 0 interface 0 has no altsetting 0
[  561.678203][    T9] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  561.701575][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.732109][    T9] usb 1-1: config 0 descriptor??
[  561.839487][T13104] loop6: detected capacity change from 0 to 512
[  561.860302][ T5917] kernel write not supported for file /1110/attr/exec (pid: 5917 comm: kworker/1:5)
[  561.931042][T13104] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  561.966645][T13104] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  562.123047][ T5946] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  562.163005][    T9] hid (null): global environment stack underflow
[  562.170320][    T9] hid (null): global environment stack underflow
[  562.189413][T10528] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  562.206112][    T9] hid (null): report_id 3899690137 is invalid
[  562.229136][    T9] hid (null): report_id 1862125167 is invalid
[  562.292807][ T5946] usb 6-1: Using ep0 maxpacket: 32
[  562.462926][ T5946] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  562.478708][    T9] usb 1-1: USB disconnect, device number 25
[  562.489790][ T5946] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  562.503152][ T5946] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  562.516332][ T5946] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  562.525650][ T5946] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.537631][ T5946] usb 6-1: config 0 descriptor??
[  562.673232][ T5838] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  562.688004][ T5838] Bluetooth: hci4: Injecting HCI hardware error event
[  562.699310][ T5846] Bluetooth: hci4: hardware error 0x00
[  562.830431][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  562.844532][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  563.301233][T13127] loop2: detected capacity change from 0 to 2048
[  563.563882][T13127] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  563.729574][ T5946] usbhid 6-1:0.0: can't add hid device: -71
[  563.742689][ T5946] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  563.759220][ T5946] usb 6-1: USB disconnect, device number 21
[  563.916809][T13147] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  563.924206][ T5834] IPVS: starting estimator thread 0...
[  564.022883][T13150] IPVS: using max 28 ests per chain, 67200 per kthread
[  564.032874][    T9] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  564.255111][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  564.273219][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  564.436983][    T9] usb 3-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  564.461318][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.480315][T13160] loop0: detected capacity change from 0 to 512
[  564.496500][    T9] usb 3-1: Product: syz
[  564.508526][    T9] usb 3-1: Manufacturer: syz
[  564.518618][    T9] usb 3-1: SerialNumber: syz
[  564.540354][T13160] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  564.540593][    T9] usb 3-1: config 0 descriptor??
[  564.558179][    T9] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  564.573267][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  564.579469][T13160] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  564.584300][    T9] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  564.601006][    T9] usb 3-1: media controller created
[  564.632664][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  564.651480][T13160] System zones: 0-1, 15-15, 18-18, 34-34
[  564.702256][T13160] EXT4-fs (loop0): orphan cleanup on readonly fs
[  564.710424][    T9] DVB: Unable to find symbol tda10046_attach()
[  564.716857][    T9] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  564.716858][T13160] __quota_error: 70 callbacks suppressed
[  564.716872][T13160] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0
[  564.733749][    T9] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  564.776706][ T5846] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  564.823395][T13160] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  564.847831][T13160] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  564.974162][T13160] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.2086: bad orphan inode 16
[  564.985748][T13160] ext4_test_bit(bit=15, block=18) = 1
[  564.991287][T13160] is_bad_inode(inode)=0
[  565.007801][T13160] NEXT_ORPHAN(inode)=0
[  565.011894][T13160] max_ino=32
[  565.015904][T13160] i_nlink=2
[  565.024766][T13160] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  565.105243][T13170] loop3: detected capacity change from 0 to 512
[  565.117256][T13155] loop6: detected capacity change from 0 to 32768
[  565.137352][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.149793][T13170] EXT4-fs (loop3): blocks per group (34) and clusters per group (32768) inconsistent
[  565.150646][T13155] 
[  565.150646][T13155]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.150646][T13155] 
[  565.203269][ T5834] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  565.268979][T13155] 
[  565.268979][T13155]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.268979][T13155] 
[  565.300249][T13155] 
[  565.300249][T13155]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.300249][T13155] 
[  565.323464][T13155] 
[  565.323464][T13155]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.323464][T13155] 
[  565.337004][T13155] 
[  565.337004][T13155]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.337004][T13155] 
[  565.348623][T13155] 
[  565.348623][T13155]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.348623][T13155] 
[  565.375127][ T5834] usb 6-1: Using ep0 maxpacket: 8
[  565.395094][  T114] 
[  565.395094][  T114]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.395094][  T114] 
[  565.422707][ T5834] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  565.442691][ T5834] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  565.461127][T10528] 
[  565.461127][T10528]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.461127][T10528] 
[  565.472692][ T5834] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  565.488030][ T5834] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  565.501203][T10528] 
[  565.501203][T10528]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.501203][T10528] 
[  565.541828][ T5834] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  565.567733][ T5834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  565.590598][    T9] dvb_usb_m920x 3-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  565.631638][    T9] usb 3-1: USB disconnect, device number 41
[  565.820853][ T5834] usb 6-1: GET_CAPABILITIES returned 0
[  565.839143][ T5834] usbtmc 6-1:16.0: can't read capabilities
[  565.868924][T13174] loop0: detected capacity change from 0 to 32768
[  565.879797][T13174] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2092 (13174)
[  565.906971][T13174] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  565.925562][T13174] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  565.936591][T13174] BTRFS info (device loop0): using free-space-tree
[  565.986819][T13186] loop3: detected capacity change from 0 to 4096
[  566.037301][ T5917] usb 6-1: USB disconnect, device number 22
[  566.080713][ T5833] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  567.106179][   T30] audit: type=1326 audit(1751282190.062:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.2.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127198e929 code=0x7ffc0000
[  567.112420][T13225] sctp: [Deprecated]: syz.5.2107 (pid 13225) Use of struct sctp_assoc_value in delayed_ack socket option.
[  567.112420][T13225] Use struct sctp_sack_info instead
[  567.155244][   T30] audit: type=1326 audit(1751282190.072:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.2.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f127198e929 code=0x7ffc0000
[  567.180471][   T30] audit: type=1326 audit(1751282190.072:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.2.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127198e929 code=0x7ffc0000
[  567.203572][ T5834] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  567.221308][   T30] audit: type=1326 audit(1751282190.072:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.2.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127198e929 code=0x7ffc0000
[  567.279573][   T30] audit: type=1326 audit(1751282190.132:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.2.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f127198e929 code=0x7ffc0000
[  567.412497][   T30] audit: type=1326 audit(1751282190.132:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.2.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127198e929 code=0x7ffc0000
[  567.435555][ T5834] usb 4-1: Using ep0 maxpacket: 8
[  567.441828][   T30] audit: type=1326 audit(1751282190.132:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.2.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127198e929 code=0x7ffc0000
[  567.469147][ T5834] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  567.540164][ T5834] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  567.572504][ T5834] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  567.582487][ T5834] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  567.623259][ T5834] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  567.666788][ T5834] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  567.712599][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.984713][ T5834] usb 4-1: usb_control_msg returned -32
[  567.990332][ T5834] usbtmc 4-1:16.0: can't read capabilities
[  568.146984][T13239] loop6: detected capacity change from 0 to 32768
[  568.848277][T13248] random: crng reseeded on system resumption
[  568.955156][T13239] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  568.972646][ T5834] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  569.142777][ T5834] usb 3-1: Using ep0 maxpacket: 32
[  569.150039][ T5834] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  569.161593][ T5834] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  569.185079][ T5834] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  569.197959][ T5834] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  569.219134][ T5834] usb 3-1: Product: syz
[  569.224342][ T5834] usb 3-1: Manufacturer: syz
[  569.229268][ T5834] usb 3-1: SerialNumber: syz
[  569.244025][ T5834] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input26
[  569.256683][T10528] ocfs2: Unmounting device (7,6) on (node local)
[  569.330843][ T5834] kernel write not supported for file bpf-prog (pid: 5834 comm: kworker/0:3)
[  569.482678][ T5834] usb 3-1: USB disconnect, device number 42
[  569.486795][ T5917] usb 4-1: USB disconnect, device number 36
[  569.503429][ T5947] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  569.548444][ T5834] appletouch 3-1:1.0: input: appletouch disconnected
[  569.598700][T13289] loop3: detected capacity change from 0 to 512
[  569.643373][T13289] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  569.667843][T13289] ext4 filesystem being mounted at /414/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  569.718864][ T5947] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  569.742705][ T5947] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  569.772097][ T5947] usb 6-1: Product: syz
[  569.796563][ T5947] usb 6-1: Manufacturer: syz
[  569.801195][ T5947] usb 6-1: SerialNumber: syz
[  569.819864][ T5947] usb 6-1: config 0 descriptor??
[  569.843243][ T5830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  570.249206][T13300] sctp: [Deprecated]: syz.3.2132 (pid 13300) Use of struct sctp_assoc_value in delayed_ack socket option.
[  570.249206][T13300] Use struct sctp_sack_info instead
[  570.485744][ T5947] usb 6-1: Firmware: major: 0, minor: 97, hardware type: UNKNOWN (40)
[  570.643589][T13305] loop0: detected capacity change from 0 to 512
[  570.682214][T13305] EXT4-fs: Ignoring removed nomblk_io_submit option
[  570.692700][ T5947] usb 6-1: failed to fetch extended address, random address set
[  570.700418][ T5947] usb 6-1: atusb_probe: initialization failed, error = -524
[  570.745041][ T5947] atusb 6-1:0.0: probe with driver atusb failed with error -524
[  570.761162][ T5947] usb 6-1: USB disconnect, device number 23
[  570.770073][T13305] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  570.831425][T13305] ext4 filesystem being mounted at /438/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  571.033268][T13327] syzkaller1: entered promiscuous mode
[  571.052665][T13327] syzkaller1: entered allmulticast mode
[  571.086998][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.638830][T13342] syzkaller1: entered promiscuous mode
[  571.657497][T13342] syzkaller1: entered allmulticast mode
[  571.989714][T13324] loop2: detected capacity change from 0 to 32768
[  572.059932][T13324] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  572.267802][T13324] XFS (loop2): Ending clean mount
[  572.485070][T13352] loop0: detected capacity change from 0 to 32768
[  572.549302][ T5831] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  572.607872][T13362] loop3: detected capacity change from 0 to 32768
[  572.644118][T13362] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  572.704876][T13362] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  572.884080][ T5830] ocfs2: Unmounting device (7,3) on (node local)
[  573.343605][T13382] random: crng reseeded on system resumption
[  574.119048][T13389] loop3: detected capacity change from 0 to 256
[  574.137741][T13387] syzkaller1: entered promiscuous mode
[  574.192665][T13387] syzkaller1: entered allmulticast mode
[  574.218023][T13389] FAT-fs (loop3): Directory bread(block 64) failed
[  574.251260][T13389] FAT-fs (loop3): Directory bread(block 65) failed
[  574.288020][T13389] FAT-fs (loop3): Directory bread(block 66) failed
[  574.311923][T13389] FAT-fs (loop3): Directory bread(block 67) failed
[  574.335771][T13389] FAT-fs (loop3): Directory bread(block 68) failed
[  574.342320][T13389] FAT-fs (loop3): Directory bread(block 69) failed
[  574.362861][T13394] veth0: entered promiscuous mode
[  574.378880][T13389] FAT-fs (loop3): Directory bread(block 70) failed
[  574.380076][T13392] veth0: left promiscuous mode
[  574.411294][T13389] FAT-fs (loop3): Directory bread(block 71) failed
[  574.428764][T13389] FAT-fs (loop3): Directory bread(block 72) failed
[  574.437032][T13400] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  574.446781][T13389] FAT-fs (loop3): Directory bread(block 73) failed
[  574.753555][T13409] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2171'.
[  574.787209][T13409] chnl_net:caif_netlink_parms(): no params data found
[  574.824775][ T5846] Bluetooth: hci3: unexpected event for opcode 0x1004
[  575.670385][T13396] loop2: detected capacity change from 0 to 32768
[  575.709409][T13396] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2165 (13396)
[  575.813170][T13396] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  575.849583][T13396] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  575.878219][T13396] BTRFS info (device loop2): using free-space-tree
[  575.904571][T13434] loop6: detected capacity change from 0 to 512
[  575.912221][T13434] EXT4-fs: Ignoring removed mblk_io_submit option
[  575.918901][T13433] loop3: detected capacity change from 0 to 256
[  575.920798][T13434] EXT4-fs: Ignoring removed bh option
[  575.935186][T13434] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  575.967676][T13433] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  576.006340][T13434] EXT4-fs (loop6): 1 truncate cleaned up
[  576.042497][   T30] audit: type=1800 audit(1751282199.012:1050): pid=13396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2165" name="file1" dev="loop2" ino=260 res=0 errno=0
[  576.064583][T13434] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  576.175585][T13428] loop0: detected capacity change from 0 to 32768
[  576.199526][   T30] audit: type=1804 audit(1751282199.152:1051): pid=13434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.2181" name="/newroot/179/bus/bus" dev="loop6" ino=18 res=1 errno=0
[  576.235063][T13428] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2178 (13428)
[  576.243544][   T30] audit: type=1800 audit(1751282199.152:1052): pid=13434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2181" name="bus" dev="loop6" ino=18 res=0 errno=0
[  576.286661][T10528] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  576.290936][T13458] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2182'.
[  576.296883][T13428] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  576.346481][T13428] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  576.383284][T13428] BTRFS info (device loop0): disk space caching is enabled
[  576.386136][ T5831] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  576.400778][T13428] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  576.500890][T13462] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  576.542337][T13428] BTRFS info (device loop0): rebuilding free space tree
[  576.634772][T13428] BTRFS info (device loop0): disabling free space tree
[  576.641858][T13428] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  576.680268][T13428] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  576.824851][ T1169] wlan1: Trigger new scan to find an IBSS to join
[  577.890789][ T5833] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  578.157992][T13521] loop5: detected capacity change from 0 to 4096
[  578.254746][T13521] EXT4-fs (loop5): Test dummy encryption mode enabled
[  578.278201][T13530] loop2: detected capacity change from 0 to 7
[  578.305523][T13521] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  578.362986][T13530] Dev loop2: unable to read RDB block 7
[  578.403440][T13530]  loop2: AHDI p1 p2 p3
[  578.426056][T13530] loop2: partition table partially beyond EOD, truncated
[  578.452746][T13491] loop3: detected capacity change from 0 to 32768
[  578.460815][T13530] loop2: p1 start 1601398130 is beyond EOD, truncated
[  578.468208][T13530] loop2: p2 start 1702059890 is beyond EOD, truncated
[  578.494784][T13491] 
[  578.494784][T13491]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.494784][T13491] 
[  578.554316][T13491] 
[  578.554316][T13491]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.554316][T13491] 
[  578.577053][T13491] 
[  578.577053][T13491]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.577053][T13491] 
[  578.595154][ T7874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  578.611167][T13491] 
[  578.611167][T13491]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.611167][T13491] 
[  578.690918][  T113] 
[  578.690918][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.690918][  T113] 
[  578.772708][ T5834] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  578.806066][T13539] loop2: detected capacity change from 0 to 4096
[  578.864011][T13543] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  578.904260][ T5846] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  578.913055][ T5846] Bluetooth: hci3: Injecting HCI hardware error event
[  578.924273][ T5838] Bluetooth: hci3: hardware error 0x00
[  578.952890][ T5834] usb 7-1: Using ep0 maxpacket: 16
[  578.961267][ T5834] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  578.981794][ T5834] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  579.012524][ T5834] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  579.038361][ T5834] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  579.086079][ T5834] usb 7-1: Product: syz
[  579.090277][ T5834] usb 7-1: Manufacturer: syz
[  579.112660][ T5834] usb 7-1: SerialNumber: syz
[  579.118481][ T5846] Bluetooth: hci2: unexpected event for opcode 0x0c1a
[  579.321656][ T5830] 
[  579.321656][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  579.321656][ T5830] 
[  579.350368][ T5830] 
[  579.350368][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  579.350368][ T5830] 
[  579.385461][ T5834] usb 7-1: cannot find UAC_HEADER
[  579.476719][ T5834] snd-usb-audio 7-1:1.0: probe with driver snd-usb-audio failed with error -22
[  579.488712][ T5834] usb 7-1: USB disconnect, device number 10
[  579.587163][T13554] syzkaller1: entered promiscuous mode
[  579.593913][T13554] syzkaller1: entered allmulticast mode
[  579.678762][T13556] loop2: detected capacity change from 0 to 256
[  579.692880][T13556] exfat: Bad value for 'umask'
[  579.692924][ T5946] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  579.884539][ T5946] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  579.902726][ T5946] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  580.022676][ T5917] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  580.201496][ T5917] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  580.226422][ T5917] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a
[  580.236330][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.247244][ T5917] usb 3-1: Product: syz
[  580.251546][ T5917] usb 3-1: Manufacturer: syz
[  580.260692][ T5917] usb 3-1: SerialNumber: syz
[  580.360398][ T5917] usb 3-1: config 0 descriptor??
[  580.395701][ T5946] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  580.427578][ T5946] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  580.440354][ T5946] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.451930][ T5946] usb 6-1: config 0 descriptor??
[  580.579572][ T5917] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-8
[  580.602823][ T5917] dvb_usb_af9035 3-1:0.0: probe with driver dvb_usb_af9035 failed with error -8
[  580.640443][ T5917] usb 3-1: USB disconnect, device number 43
[  580.826642][   T59] wlan1: Trigger new scan to find an IBSS to join
[  580.848556][ T5917] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  580.861670][ T5917] hid-generic 0000:0000:0000.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  580.906693][ T5947] usb 4-1: new full-speed USB device number 37 using dummy_hcd
[  580.926452][ T5946] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  580.982942][ T5838] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  581.064703][ T5947] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  581.075867][ T5947] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  581.089190][ T5947] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  581.098512][ T5947] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.132814][ T5917] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  581.215122][ T5946] usb 6-1: USB disconnect, device number 24
[  581.292951][ T5917] usb 7-1: Using ep0 maxpacket: 8
[  581.299547][ T5917] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  581.309781][ T5917] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  581.324212][ T5917] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  581.334404][ T5947] usb 4-1: usb_control_msg returned -32
[  581.339976][ T5947] usbtmc 4-1:16.0: can't read capabilities
[  581.345852][ T5917] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  581.364880][ T5917] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  581.374168][ T5917] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.595555][ T5917] usb 7-1: usb_control_msg returned -32
[  581.601232][ T5917] usbtmc 7-1:16.0: can't read capabilities
[  581.767237][ T6361] wlan1: Creating new IBSS network, BSSID b2:a6:ed:0d:58:4c
[  582.895884][T13601] loop2: detected capacity change from 0 to 128
[  582.917760][T13601] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  582.940777][T13601] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  583.431610][T13621] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1523
[  583.445796][ T5838] Bluetooth: hci1: unexpected event for opcode 0x0c1a
[  583.455557][T13621] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 13621, name: syz.0.2229
[  583.476854][T13621] preempt_count: 0, expected: 0
[  583.482437][T13621] RCU nest depth: 1, expected: 0
[  583.487819][T13621] 2 locks held by syz.0.2229/13621:
[  583.493332][T13621]  #0: ffffffff8e13bee0 (rcu_read_lock){....}-{1:3}, at: query_vma_setup+0x18/0x110
[  583.507494][T13621]  #1: ffff88804837fd08 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x146/0xdc0
[  583.516727][T13621] CPU: 0 UID: 0 PID: 13621 Comm: syz.0.2229 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  583.516751][T13621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  583.516763][T13621] Call Trace:
[  583.516771][T13621]  <TASK>
[  583.516780][T13621]  dump_stack_lvl+0x189/0x250
[  583.516813][T13621]  ? __pfx_dump_stack_lvl+0x10/0x10
[  583.516848][T13621]  ? print_lock_name+0xde/0x100
[  583.516872][T13621]  __might_resched+0x495/0x610
[  583.516903][T13621]  ? __pfx___might_resched+0x10/0x10
[  583.516928][T13621]  ? vma_start_read+0x218/0x3b0
[  583.516943][T13621]  ? vma_start_read+0x259/0x3b0
[  583.516963][T13621]  ? __filemap_get_folio+0x9a6/0xaf0
[  583.516985][T13621]  down_read+0x22/0x2e0
[  583.517008][T13621]  freader_get_folio+0x38b/0x830
[  583.517040][T13621]  freader_fetch+0xa3/0x5d0
[  583.517076][T13621]  __build_id_parse+0x133/0x7d0
[  583.517104][T13621]  ? __pfx___build_id_parse+0x10/0x10
[  583.517134][T13621]  ? query_matching_vma+0x494/0x4b0
[  583.517168][T13621]  procfs_procmap_ioctl+0x77e/0xd10
[  583.517200][T13621]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  583.517239][T13621]  ? __fget_files+0x2a/0x420
[  583.517269][T13621]  ? __fget_files+0x2a/0x420
[  583.517286][T13621]  ? __fget_files+0x3a0/0x420
[  583.517302][T13621]  ? __fget_files+0x2a/0x420
[  583.517322][T13621]  ? bpf_lsm_file_ioctl+0x9/0x20
[  583.517344][T13621]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  583.517370][T13621]  __se_sys_ioctl+0xfc/0x170
[  583.517394][T13621]  do_syscall_64+0xfa/0x3b0
[  583.517413][T13621]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.517430][T13621]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  583.517448][T13621]  ? clear_bhb_loop+0x60/0xb0
[  583.517471][T13621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.517489][T13621] RIP: 0033:0x7f51eeb8e929
[  583.517510][T13621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.517525][T13621] RSP: 002b:00007f51efa20038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  583.517545][T13621] RAX: ffffffffffffffda RBX: 00007f51eedb5fa0 RCX: 00007f51eeb8e929
[  583.517559][T13621] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000003
[  583.517571][T13621] RBP: 00007f51eec10b39 R08: 0000000000000000 R09: 0000000000000000
[  583.517584][T13621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  583.517596][T13621] R13: 0000000000000000 R14: 00007f51eedb5fa0 R15: 00007ffd956a9538
[  583.517625][T13621]  </TASK>
[  583.517710][T13621] 
[  583.762581][T13621] =============================
[  583.767411][T13621] [ BUG: Invalid wait context ]
[  583.772312][T13621] 6.16.0-rc4-next-20250630-syzkaller #0 Tainted: G        W          
[  583.780447][T13621] -----------------------------
[  583.785278][T13621] syz.0.2229/13621 is trying to lock:
[  583.790630][T13621] ffff888148c60940 (mapping.invalidate_lock){++++}-{4:4}, at: freader_get_folio+0x38b/0x830
[  583.800714][T13621] other info that might help us debug this:
[  583.806584][T13621] context-{5:5}
[  583.810025][T13621] 2 locks held by syz.0.2229/13621:
[  583.815205][T13621]  #0: ffffffff8e13bee0 (rcu_read_lock){....}-{1:3}, at: query_vma_setup+0x18/0x110
[  583.824598][T13621]  #1: ffff88804837fd08 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x146/0xdc0
[  583.833374][T13621] stack backtrace:
[  583.837075][T13621] CPU: 0 UID: 0 PID: 13621 Comm: syz.0.2229 Tainted: G        W           6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  583.837096][T13621] Tainted: [W]=WARN
[  583.837101][T13621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  583.837111][T13621] Call Trace:
[  583.837119][T13621]  <TASK>
[  583.837127][T13621]  dump_stack_lvl+0x189/0x250
[  583.837149][T13621]  ? __pfx_dump_stack_lvl+0x10/0x10
[  583.837169][T13621]  ? __pfx__printk+0x10/0x10
[  583.837187][T13621]  __lock_acquire+0xbcb/0xd20
[  583.837207][T13621]  ? freader_get_folio+0x38b/0x830
[  583.837230][T13621]  lock_acquire+0x120/0x360
[  583.837246][T13621]  ? freader_get_folio+0x38b/0x830
[  583.837266][T13621]  ? vma_start_read+0x218/0x3b0
[  583.837278][T13621]  ? vma_start_read+0x259/0x3b0
[  583.837293][T13621]  down_read+0x46/0x2e0
[  583.837307][T13621]  ? freader_get_folio+0x38b/0x830
[  583.837326][T13621]  freader_get_folio+0x38b/0x830
[  583.837346][T13621]  freader_fetch+0xa3/0x5d0
[  583.837369][T13621]  __build_id_parse+0x133/0x7d0
[  583.837389][T13621]  ? __pfx___build_id_parse+0x10/0x10
[  583.837409][T13621]  ? query_matching_vma+0x494/0x4b0
[  583.837428][T13621]  procfs_procmap_ioctl+0x77e/0xd10
[  583.837450][T13621]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  583.837475][T13621]  ? __fget_files+0x2a/0x420
[  583.837489][T13621]  ? __fget_files+0x2a/0x420
[  583.837502][T13621]  ? __fget_files+0x3a0/0x420
[  583.837514][T13621]  ? __fget_files+0x2a/0x420
[  583.837529][T13621]  ? bpf_lsm_file_ioctl+0x9/0x20
[  583.837547][T13621]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  583.837566][T13621]  __se_sys_ioctl+0xfc/0x170
[  583.837584][T13621]  do_syscall_64+0xfa/0x3b0
[  583.837598][T13621]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.837612][T13621]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  583.837627][T13621]  ? clear_bhb_loop+0x60/0xb0
[  583.837642][T13621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.837656][T13621] RIP: 0033:0x7f51eeb8e929
[  583.837671][T13621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.837682][T13621] RSP: 002b:00007f51efa20038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  583.837697][T13621] RAX: ffffffffffffffda RBX: 00007f51eedb5fa0 RCX: 00007f51eeb8e929
[  583.837708][T13621] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000003
[  583.837718][T13621] RBP: 00007f51eec10b39 R08: 0000000000000000 R09: 0000000000000000
[  583.837727][T13621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  583.837736][T13621] R13: 0000000000000000 R14: 00007f51eedb5fa0 R15: 00007ffd956a9538
[  583.837752][T13621]  </TASK>
[  584.121654][ T5946] usb 4-1: USB disconnect, device number 37
[  584.128565][    T9] usb 7-1: USB disconnect, device number 11