last executing test programs:

5m46.277928571s ago: executing program 4 (id=2022):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_OPENQRY(r0, 0x4b4c, &(0x7f0000000280))

5m46.045898398s ago: executing program 4 (id=2025):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000480)={0x19, 0x201, 0x2, {0x9, @pix={0x7, 0x8, 0x41416770, 0x5, 0x3, 0xfffffff3, 0x5, 0x983e, 0x1, 0x3, 0x2}}, 0x9})

5m45.721983318s ago: executing program 4 (id=2029):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)

5m45.298007644s ago: executing program 4 (id=2037):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x808, &(0x7f0000000100)=ANY=[@ANYBLOB="696f636861727365743d170ddbbba28854f76e642c756d61736b3d30303030303030303030303030303030303030303030362c696f636861727365743d63703934392c6572726f72733d72656d6f756e742d726f2c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',allow_utime=00000000000000000000003,gid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,discard,errors=continue,\x00'], 0x5, 0x1510, &(0x7f00000037c0)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='debugfs\x00', 0x0, &(0x7f0000000100))

5m44.834315199s ago: executing program 4 (id=2043):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x3, &(0x7f00000000c0)=0x6, 0x3)

5m44.165076212s ago: executing program 4 (id=2052):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x4, 0x4, 0x3e8, 0x0, 0x200, 0x100, 0x300, 0x300, 0x300, 0x8000000, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2}}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x8100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x4}}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'erspan0\x00', 'dvmrp0\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x2}}}, {{@uncond, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

5m43.535641344s ago: executing program 32 (id=2052):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x4, 0x4, 0x3e8, 0x0, 0x200, 0x100, 0x300, 0x300, 0x300, 0x8000000, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2}}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x8100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x4}}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'erspan0\x00', 'dvmrp0\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x2}}}, {{@uncond, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

4m34.3544411s ago: executing program 2 (id=3010):
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04030b00c800ce5dd37d19965f"], 0xe)

4m34.109597405s ago: executing program 2 (id=3015):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_buf(r0, 0x1, 0x1f, 0x0, &(0x7f0000000000))

4m33.883607918s ago: executing program 2 (id=3019):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000002e00090025bd7000000000000400000008001a"], 0x1c}, 0x1, 0x0, 0x0, 0x42804}, 0x84)

4m33.649140793s ago: executing program 2 (id=3024):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x1010006, &(0x7f0000006840)={[{@gid}, {@gid}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@quota}, {@nodiscard}, {@nointegrity}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@nodiscard}, {@nodiscard}]}, 0x1, 0x626d, &(0x7f0000000380)="$eJzs3cuOHFcZB/Cv+jaXYMfKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffvLMj/7+p+GZ//7lVv+NScvdvv3b//z17qNvLwAAAHRRWZZlkT7mn4yIQfpsDwA8/fLrf5nk29VzV2/OWX/UarVavYB1XTne3XoREZv1dar3DA7HA8CC2YxP2u4CLZJ/pw0i4pm2OwHMtaLtDnAk7j+4s16kfIv668HaTns+F2RP/pvF7vUdk6bTNM8xmdXjayv68dyE/qzMqA/zJOffa+Z/Zad9lJY76vxnZVL+o51Lnzon599v5t/w9OTfG5t/V+X8B4fKvy9/AAAAAACYY/nv/ydaPv679PibciD7Hf9dm1EfAAAAAAAAAOBJO+z4f4PG+H+7jP8HAAAAc6v6rF753fGHt036Lrbq9stFxLHG8kDHpItlVtvuBwAAAAAAAAAAAAB0yWDnHN7LRcQwIo6trpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJq9eHqY3PWH7VarVaPq+vK8e7Wi4jYrK9TvWcwHD8ALJjN+KTtLtAi+XfaICJeaLsTwFwr2u4AR+L+gzvrRcq3qL8epPHd87kge/LfLLbXy+uPm07TPMdkVo+vrejHcxP68/yM+jBPcv69Zv5XdtpHabnHz7/c82fCts4xmpR/tZ0nWuhP23L+/Wb+DUe9/8/KVvTG5t9VOf/BofLvyx8AAAAAAOZY/vv/ibk6/jt61M2Zar/jv2tj1zi6vgAAAAAAAADAk3L/wZ31fN1rPv7/hTHLuf7z6ZTzL+TfSTn/XiP/rzaW69fm7739MP9/P7iz/sdb//p8nh40/6U8U6RHVpEeEUW6p2KQpo+zdZ+1NeyPqnsaFr3+IJ3zUw7fjWtxPTbi7J5le+n/42H7uT3tVU+H2+1lf6f9/J72wW57Xv/CnvZhOruoXMntp2M9fh7X453t9qptacr2L09pL6e05/z79v9OyvkPaj9V/qupvWhMK/c+6n1mv69Px93PW9e++JuzR785U21Ff3fb6qrte6mF/mz/nzwzil/e3Lhx+vbVW7dunIs02XPr+UiTJyznP0w/u8//L++05+f9+v5676PRofOfF1sxmJj/y7X5antfmXHf2pDzH6WfnP87qX38/r/I+U/e/19toT8AAAAAAAAAAAAAAACwn7Isty8RfSsiLqbrf9q6NhMAmK38+l8m+fZZ1f0Z359aveB1MWf9eVL10kGW/7Scm/6q1Qtb15XjvVkvIuJv9XWq9wy/HvfLAIB59mlE/LPtTtAa+XdY/r6/anqq7c4AM3Xzgw9/evX69Y0bN9vuCQAAAAAAAADwqPL4n2u18Z9PlWV5t7HcnvFf3461xx3/c5BndgcYnTBQdf/w27Sfrd6o36sNN/5iTBr/e7g7t9/434Mp9zec0j6a0r40pX15SvvYCz1qcv4v1sY7PxURJxvDr3dh/NfmmPddkPN/qfZ4rvL/SmO5ev7l7xc5/96e/M/cev8XZ25+8OFr196/+t7Gexs/u3Du3NkLFy9eunTpzLvXrm+c3fm3xR4frZx/HvvaeaDdkvPPmcu/W3L+X0q1/Lsl5//lVMu/W3L++f2e/Lsl558/+8i/W3L+r6Ra/t2S8/9aquXfLTn/V1Mt/27J+X891fLvlpz/a6mWf7fk/E+nWv7dkvM/k+oD5r9y1P1iNnL++QiX/b9bcv75zAb5d0vO/3yq5d8tOf8LqZZ/t+T8X0+1/Lsl5/+NVMu/W3L+F1Mt/27J+X8z1fLvlpz/pVTLv1ty/t9Ktfy7Jef/7VTLv1ty/m+kWv7dkvP/Tqrl3y05/++mWv7dkvP/Xqrl3y05/zdTLf9uefj9/2bMmDGTZ9p+ZgIAAAAAAAAAAAAAmmZxOnHb2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2Lu7GLnO+n7gZ9a767UDiYGQv5O/AxvHhJBssms78QttigmvDW8lEAp9wXa9a7Pg2MZrl0Aj2TRQImFUVNE2XLQFhNrcVKQSF7QClAvUCqkStFLpDaJC5SKqAgpIlWgF2WrOeZ5nZ2bnZde7Xp855/OR7J935pw5z5x5ztn57fo7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWt3yurlPNbIsa/7J/9qWZS9o/nvL5Lb8tldf7RECAAAAa/XL/O/nrks3HFrBSi3L/NPLvvPVxcXFxey9m/507HOLi+mOySwb25xl+X3RUz98X6N1meCxbKIx0vL1yIDNbxpw/+iA+8cG3D8+4P7NA+6fGHD/sh2wzJbi5zH5g+3K/7mt2KXZ9dlYft+uLms91tg8MhJ/lpNr5Ossjh3P5rOT2Vw207Z8sWwjX/7rtzS39eYsbmukZVs7mjPkp48ei2NohH28q21bS48Z/fi12eTPfvrosb8+9+yN3erA3dD2eMU4b9/ZHOcnwi3FWBvZ5rRP4jhHWsa5o8trsqltnI18vea/O8f53ArHuWlpmBuq8zWfyEbyf38330+jrT/WS/tpR7jt57dmWXZxadidyyzbVjaSbW27ZWTp9ZkoZmTzMZpT6cXZ6Krm6S0rmKfNOrurfZ52HhPx9b8lrDfaYwytL9OPPz7e8rr/YvFy5mnUfNa9jpXOObjex0pZ5mCcF9/Nn/TjXefgrvD8H72t9xzsOne6zMH0vFvm4M5Bc3BkfFM+5vQiNPJ1lubg7rblN+VbauT1mdv6z8Hpcw+fmV746Mfumn/46Im5E3On9u7ePbN3374DBw5MH58/OTdT/H2Ze7v8tmYj6RjYGfZdPAZe2bFs61Rd/OL4svPv5R6HE32Ow20dy673cTja+eQaG3NALp/TxbHx7uZOn7g0kvU4xvLX5461H4fpebcch6Mtx2HX7yldjsPRFRyHzWXO3LGy9yyjLX+6jaH394K1zcFtLXOw8/1I5xxc7/cjZZmDE2FefP+O3t8LdoTxPj612vcjm5bNwfR0w7mneUt6vz9xIC/d5uVNzTuuGc/OL8ydvfuRo+fOnd2dhbIhXtIyVzrn69aW55Qtm68jq56vh+Zf9vhNXW7fFvbVxF3NvyZ6vlbNZe65u/9rlX93674/227dk4WyzjZ6f3b7bt7cn+NZ9vlvffzBbzz6+df13J/NfvMT02t/Lx760sXChfwxxnqcf2Pf/3yxvfRQj20aGy2O301p74y1nY/bX6rR/NzVyLf93PTKzsdj4c9Gn4+v73M+3t6x7Hqfj8c6n1w8HzcG/bRjbTpfz4kwT07O9D8fN5fZvme1c3K07/n41lAbYf+/KnQKqS9qmTu95m3a1ujoWHheo3EL7fN0b9vyY6E3a27ryT3hTWEa5crm6e23Fstvalkv2qh5Otmx7HrP0/Szr17ztDHop2+Xp/P1nAjz4vq9/edpc5mn71n7uXNL/GfLe9fxQXNwbNN4c8xjaRLm5/tscUucg3dnx7LT2clsNr93PJ9PjXxbU/eu7Fw5Hv5s9Llye585eHvHsus9B9PPV3vNvcbo8ie/Djpfz4kwL564t/8cbC7z+v3r+9719nBLWqblvWvnz9d6/czrpo7ddKXmymgY57f29//ZbHOZkwdW22f23093hluu6bKfOo/fXsfUbLYx+2l7GOezB3rvp+Z4mst87uAK59OhLMsufPj+/Oe94fcrF85/76ttv3fp9judCx++/ycvPP6Pqxk/AMPv+aJsLb7XtfxmaiW//wcAAACGQuz7R0JN9P8AAABQGbHvj/8rPNH/AwAAQGXEvn801KQK/f8fDl5k++ufnX/+QpaS+eFDE1JmLu2GB4rlYsZ1Jnw9ubikefv9X57773+4sLLhjWRZ9osH/qDr8tsfiOMqTIZxPvWG9tuX+epdK9r2kYcupO225te/EB4/Pp+VToNuEdyZLMu+ft1n8u1Mvu9SXp9+4EheH7z4+GPNZZ47WHwd13/mJcXyfxHCv4eOH21b/5mwH34U6sxbuu+PuN5XLr1qx/73LG0vrtfYeW3+tJ94f/G48XNyPvtYsXzcz73G/41PP/mV5vKPvKL7+C+MdB//k+Fxvxzq/9xcLN/6GjS/jut9Mow/bi+ud/eXvtl1/E99qlj+zBuL5Y6EGrd/e/h61xufnW/dX480jrY9r+xNxXJx+zPf++P8/vh48fE7xz9x+FLb/uicH0//a/E40x3Lx9vjdqK/79h+83Fa52fc/pN/dKRtPw/a/lMPPnNz83E7t39nx3JnPnxHvv2lx2v/xKa//ORnum4vjufQ355pez6H3hmO47D9J94f5mO4/3+fKh6v89MVjryz/fwTl//Ctgttzyd688+K7T/1mhN53TyxZes1L3jhtRdf3tx3WfbdzcXjDdr+ib863Tb+L95Q7I94f8zod26/l7j9sx+ZOnV64fz8bNqrj16Xf3bOW4vxxPFeF86tnV8fPn3uA3NnJ2cmZ7JssrofoXfZvhTqT4pysf/Si8vOoHc8FF7Pm/7861tv+5dPx9v//d3F7ZfeUnzfemVY7rPh9m3h9Vvd9pd74pYb8uO78XQY4eLyzwteix27/uvAihYMz7/zfUGc72de+oF8PzTvy79vxON6jeP/wWzxOF8L+3UxfDLzzhuWtte6fPxshEvvKo73Ne+/cJqLr+vfhNf7bT8qHj+OKz7fH4T3Md/c3n6+i/PjaxdGOh8//xSPi+F8kl0s7o9Lxf196bkbug4vfg5JdvHG/Os/SY9z46qeZi8LH12YPjl/6vwj0+fmFs5NL3z0Y4cfPn3+1LnD+Wd5Hv7goPWXzk9b8/PT7Ny+e7L8bHW6KFfY1R7/mYeOze6fuW127vjR88fPPXRm7uyJYwsLx+ZmF247evz43EcGrT8/e9/uPQf37t8zdWJ+9r4DBw/uPTg1f+p0cxjFoAbYN/OhqVNnD+erLNx3z8Hd9957z8zUw6dn5+7bPzMzdX7Q+vn3pqnm2r8/dXbu5NFz8w/PTS3Mf2zuvt0H9+3bM/DTAB8+c3xhcvrs+VPT5xfmzk4Xz2XyXH5z83vfoPWppoX/KN7PdmoUH8SXvePOfenzWZu+/PGeD1Us0vEBos+Gz6L59ovOHFjJ17HvHws1qUL/DwAAAORi3z8eaqL/BwAAgMqIff/mUBP9PwAAAFRG7PsnQk3/JaAm/X/l8v/bL6xo+/L/8v+t+0v+v2b5/3eVLf9fnC9S/j/Lspvl/y/bWvP31cv/j7Z9Jf8/gPy//L/8v/w/66ps+f/Y92/JMr//BwAAgIqKff/WUBP9PwAAAFRG7PuvCTXR/wMAAEBlxL7/BaEmNen/5f/l/+X/5f/l/7tv/6rl/13/f03k//uT/x9A/n86q1f+/+J6jv8q5P+3tH4h/08ZlS3/H/v+F4aa1KT/BwAAgCHW+6cGHWLff22oif4fAAAAKiP2/deFmuj/AQAAoDJi378t1KQm/b/8/5ry/ylzJf/fPn75/3by/2E+yP/L/28A+f/+5P8HkP93/f/hyv+3kf+njMqW/499/4tCTWrS/wMAAEAdxL7/xaEm+n8AAAAon9HLWy32/S8JNVnW/1/mBgAAAICrLvb912cdQfCa/P5f/t/1/+X/5f/l/7tvf+X5/02Z/H95yP/3J/8/gPy//L/8/6ry/42WNwHy/3RTtvx/3vdnE9lLQ01q0v8DAABAHcS+/4ZQE/0/AAAAVEbs+/9fqIn+HwAAACoj9v3bQ01q0v/L/1cm///z1pdO/l/+v9/25f9d/7/K5P/7k/8fQP5f/l/+3/X/WVdly//Hvv/GUJOa9P8AAABQB7HvvynURP8PAAAAlRH7/v8faqL/BwAAgMqIff+OUJOa9P/y/yXP/8fkqOv/y//L/5cy/z8h/1868v/9yf8PIP8v/y//L//Puipb/j/2/TeHmtSk/wcAAIA6iH3/y0JN9P8AAABQGbHvf3moif4fAAAAKiP2/ZPZv7XfUZP+fzX5/8ZF+f9ervD1/8dXcP3/NvL/8v/9ti//7/r/VSb/35/8/wDy//L/8v/y/6yrsuX/J/O1JrJbQk1q0v8DAABAHcS+f2eoif4fAAAAKiP2/beGmuj/AQAAoDJi378r1KQm/b/r/w9F/j+T/5f/l/+X/5f/Xxn5//7k/weQ/5f/l/+X/2ddlS3/H/v+V4Sa1KT/BwAAgDqIff9toSb6fwAAAKiM2Pe/MtRE/w8AAACVEfv+20NNatL/y//L/8v/y//L/3ffvvz/cJL/70/+fwD5f/l/+X/5f9ZV2fL/se9/VahJTfp/AAAAqIPY998RaqL/BwAAgMqIff+doSb6fwAAAKiM2PdPhZrUpP+X/5f/l/+X/5f/7759+f/hJP/fn/z/APL/8v/y//L/rKuy5f9j339XqElN+n8AAACog9j33x1qov8HAACAyoh9/3Soif4fAAAAKiP2/TOhJjXp/+X/5f/l/+X/V5X/f/nS48r/F+T/y0X+vz/5/wHk/+X/r3r+f0z+n0opW/4/9v27Q01q0v8DAABAHcS+f0+oif4fAAAAKiP2/XtDTfT/AAAAUBmx778n1KQm/X+V8v/5M5D/b1tP/l/+v9v2Xf9f/r/K5P/7W//8f3yK8v/y//L/rv8v/89yZcv/x77/3lCTmvT/AAAAUAex798XaqL/BwAAgMqIff/+UBP9PwAAAFRG7PsPhJrUpP+vUv6/WFH+PytR/j+S/y/I/8v/y/9fefL//bn+/wDy//L/Q5z/b84t+X/Kpmz5/9j3Hww1qUn/DwAAAHUQ+/5Xh5ro/wEAAKAyYt//K6Em+n8AAACojNj3/2qoSU36f/l/+X/X/5f/L3v+f1z+X/5/FeT/+5P/H0D+X/5/iPP/rv9PGZUt/x/7/vtCTWrS/wMAAEAdxL7/10JN9P8AAABQGbHvf02oif4fAAAAKiP2/YdCTWrS/w9v/n+8xxMqaf4/3ij/L/8v/+/6//L/V9S65P//Tv5f/l/+X/5f/l/+n/VQtvx/7PtfG2pSk/4fAAAA6iD2/feHmuj/AQAAoDJi3/+6UBP9PwAAAFRG7PtfH2pSk/5/ePP/vZ5QSfP/Nbn+/9hl5f/H2sYu/7+0nvx/Qf5f/n81XP+/P/n/AeT/5f/l/+X/WVdly//Hvv8NoSY16f8BAACgDmLf/8ZQE/0/AAAAVEbs+98UaqL/BwAAgMqIff+bQ01q0v/L/8v/u/6//L/8f/fty/8PJ/n//uT/B5D/l/+X/5f/Z12VLf8f+/5fDzWpSf8PAAAAdRD7/gdCTfT/AAAAUBmx739LqIn+HwAAACoj9v1vDTWpSf8v/y//L/8v/y//33378v/DSf6/vyHL///y2nC7/H9B/r/c419t/n+04+srkv//Ya/8/+LmzvXl/7kSypb/j33/20JNatL/AwAAQB3Evv/toSb6fwAAAKiM2Pe/I9RE/w8AAACVEfv+3wg1qUn/L//fHMdSeln+X/4/v0H+X/5f/n9oyf/3N2T5f9f/7yD/X+7xu/6//D/LlS3/H/v+d4aa1KT/BwAAgDqIff+DoSb6fwAAAKiM2Pe/K9RE/w8AAACVEfv+d4ea1KT/l/93/X/5f/l/+f/u25f/H07y//3J/w8g/y//X7b8/3/K/zPcypb/j33/Q6EmNen/AQAAoA5i3/+eUBP9PwAAAFRG7Pt/M9RE/w8AAACVEfv+94aa1KT/l/8flvz/pPz/KvP/4+E2+X/5f/n/epH/70/+fwD5f/n/suX/y3j9/4nu68v/003Z8v+x739fqMnK+/8eRwAAAABQFrHv/61Qk5r8/h8AAADqIPb9vx1qov8HAACAyoh9/++EmtSk/5f/H5b8v+v/Z67/L//f8Xzk/+X/u9m4/H8888j/y//L/0fy/zXJ//cg/083Zcv/x77/d0NNatL/AwAAQB3Evv/9oSb6fwAAABgK3f5PdqfY9x8ONdH/AwAAQGXEvv9IqElN+n/5f/l/+f+S5v//bOc/f/87bz+yW/5f/l/+f1U29Pr/zYPf9f/l/+X/E/l/+X/5fzqVLf8f+/6joSZLjd9bXeAfAAAAhlvs+38v1KQmv/8HAACAOoh9/7FQE/0/AAAAVEbs+2dDTWrS/8v/y//L/5c0/z/E1/+P+2OY8v9Tm4co/x9PuvL/XW1o/v89Szlx+f/V5v/Hu97amf9vyP+3kf9f9fi/nWWZ/L/8P1dR2fL/se+fCzWpSf8PAAAAdRD6/pHjRV26Q/8PAAAAlRH7/hOhJvp/AAAAqIzY938g1KQm/b/8v/y//L/8v+v/d99+afP/rv/fl/x/f+XJ/3fn+v/y/8M8fvl/+X+WK1v+P/b986EmNen/AQAAoA5i3//BUBP9PwAAAFRG7Ps/FGqi/wcAAIDKiH3/yVCTmvT/8v/y//L/8v/y/923/3/s3cezpmWZx/H3QFN0D0XN7GYxi3HvyoUrFrJwpX+ACzYutMqySlAxJxpzxJwDBlQMGEARE5gDmFDMomLOATNqtQV9XVef0+c5z3tO93vO+zz3/fks5sKGnvcw1QP+aL596//nSf8/Tv+/hP5f/6//1/+zUlPr/3P3PyRu6WT/AwAAQA9y918Yt9j/AAAA0Izc/RfFLfY/AAAANCN3/0Pjlk72v/5f/99s/38v/f9On6//1/+3TP8/Tv+/hP5f/6//1/+zUlPr/3P3Pyxu6WT/AwAAQA9y9z88brH/AQAAoBm5+y+OW+x/AAAAaEbu/kfELZ3s/5P6/41Fn/1/Zrz6/5b6f+//7/j5+n/9f8sOtv+/9M6/8un/9f/6/6D/1//r/znZ1Pr/3P2PjFs62f8AAADQg9z9j4pb7H8AAABoRu7+R8ct9j8AAAA0I3f/Y+KWTva/9/+9/z+t/v8M/b/+X/+v/z8t3v8f11P/f/Et51x4+7X/d91ePl//r//X/+v/Wa2p9f+5+x8bt3Sy/wEAAKAHufsfF7fY/wAAANCM3P2Pj1vsfwAAAJihI4Pfmrv/CXFLJ/tf/6//n1b/v8b3/w9Psv/P39T/6//1/7uk/x/XU/9/Kp+v/9f/6//1/6zW1Pr/3P1PjFs62f8AAADQg9z9T4pb7H8AAACYrqF/EXtE7v5L4hb7HwAAAJqRu/9o3NLJ/tf/73///2/9/zz6f+//6//1/03Q/4/T/y+h/9f/6//1/6zU1Pr/3P2Xxi2d7H8AAADoQe7+J8ct9j8AAAA0I3f/U+IW+x8AAACakbv/qXFLJ/tf/+/9f/1/z/3/PeP36P+HPl//P0/6/3HT7f+P/3+W/n/2/f9Z+n/9v/6fzfbY/98x8pftlfT/ufufFrd0sv8BAACgB7n7nx632P8AAADQjNz9z4hb7H8AAABoRu7+Z8Ytnex//b/+X//fc/9/mu//b/+hdxf9/zD9/8HQ/4+bTP+/cWjwm/X/6+7/j/239//1//p/Vmlq7//n7n9W3NLJ/gcAAIAe5O5/dtwysv/3/A/zAQAAgLXK3f+cuMXP/wMAAMDsZXWWu/+5cUsn+1//r//X/+v/T7n/7/j9/+s2fX36/2nR/4+bTP+/A/3/uvv/9fbzc//69f/6f7abWv+fu/95cUsn+x8AAAB6kLv/srjF/gcAAIBm5O5/ftxi/wMAAEAzcve/IG7pZP8P9/8nfr/+f3f0/1u/fv3/8I+PVfX/+b9R/z/a/5/v/f8+6f/H6f+X0P/r//X/O/X/R5Z9f/0/Q6bW/+fuf2Hc0sn+BwAAgB7k7n9R3GL/AwAAQDNy9784brH/AQAAoBm5+18St3Sy/73/r//X/8+v/5/H+//bM8GW3v9fHHj/f0j/v0v6/3H6/yX0/5v6+Y2F/r/j/v/cHd7/H/lVAPT/DJla/5+7/6VxSyf7HwAAAHqQu/9lcYv9DwAAAPOw+d8dOPlfKA25+18et9j/AAAA0Izc/a+IW9rZ/6Nvder/9f/6f/1/o+//N9b/e/9/t/T/4/T/S+j/96OfP9RY/3/5Tt9/Cv3/Jfv3/v89ln1//T9DtvT/15/49nX1/7n7Xxm3tLP/AQAAoHu5+18Vt9j/AAAA0Izc/a+OW+x/AAAAaEbu/tfELZ3s/33v/0d+9QH9v/5f/6//1//r/1dN/z9O/7+E/n+t7+fP/eufQv+/svf/9f+syJb+f5N19f+5+18bt3Sy/wEAAKAHuftfF7fY/wAAANCM3P2Xxy32PwAAADQjd//r45ZO9r/3//X/+n/9v/5/+PP1//N0Wv39Gfr/ov/X/+v/9f/6f1Zgav1/7v43xC2d7H8AAADoQe7+N8Yt9j8AAAA0I3f/m+IW+x8AAACakbv/irilk/2v/9/f/j+/Xf+v/1/o//X/+v8D0e37/xtDfyfabof+/6YHHb3v1m/R/+v/9f/6f/0/u/Q/I79vEv3/sRP/7TJ3/5vjlk72PwAAAPQgd/9b4hb7HwAAAJqRu/+tcYv9DwAAAM3I3X9l3LLH/T/WPEyZ/t/7//p//b/+f/jz9f/z1G3/v0ve/19C/6//1//nD0f9Pysxif5/03/O3f+2uMXP/wMAAEAzcve/PW6x/wEAAKAZufvfEbfY/wAAANCM3P3vjFs62f/6f/2//l//r/8f/nz9/zzp/8fp/5eYU/9/5Wn0/4eGv3nd/fzpWvfX30j/7/1/Vmpq/X/u/qvilk72PwAAAPQgd/+74hb7HwAAAJqRu//dcYv9DwAAAM3I3f+euKWT/a//1//r//X/+v/hz9f/z5P+f5z+f7FYXD3yBQz1/8fOnmb/7/3/yX39+n/9P9tNrf/P3f/euKWT/Q8AAAA9yN1/ddxi/wMAAEAzcvdfE7fY/wAAANCM3P3vi1s62f/6f/2//l//r/8f/nz9/zzp/8fp/5eY0/v/+v/Jff36f/0/202t/8/d//64pZP9DwAAAD3I3X9t3GL/AwAAQDNy938gbrH/AQAAoBm5+6+LWzrZ//p//b/+X/8/q/7/TP2//n/c/vX/C/2//l//v4T+X/+v/+dkU+v/c/d/MG7pZP8DAABAD3L3fyhusf8BAACgGbn7Pxy32P8AAADQjNz9H4lbOtn/+n/9v/5f/z+r/t/7//r/Jbz/P07/v4T+X/+v/9f/s1LD/f8la+v/c/d/NG7pZP8DAABAD3L3Xx+32P8AAADQjNz9N8Qt9j8AAAA0I3f/x+KWTva//l//v7X/Xyz0//p//f9xY/3/4dX0/4cX+v+V29f+/4qI0fX/+n/9/6DJ9v9nLBrq/4/s+P31/0zR1N7/z93/8bilk/0PAAAAPcjd/4m4xf4HAACAZuTu/2TcYv8DAABAM3L3fypu6WT/6//1/97/1//r/4c/3/v/8+T9/3H6/yX0/232/97/1/+zNjf81/FfX+xk6+r/c/d/Om7pZP8DAABAD3L3fyZusf8BAACgGbn7Pxu32P8AAADQjNz9n4tbOtn/+n/9v/5f/6//H/58/f886f/H6f+X0P/r//X/+n9Wamrv/+fu/3zc0sn+BwAAgB7k7r8xbrH/AQAAoBm5+2+KW+x/AAAAaEbu/i/ELZ3sf/2//l//P8/+/7D+X/+v/x80lf7/vPPuc7P+X/+v/9f/6//1/72bWv+fu/+LcUsn+x8AAAB6kLv/S3GL/Q8AAADNyN3/5bjF/gcAAIBm5O7/StzSyf7f3v+ftTheqB431P9Ho6b/30T/v/Xr1/8P//jw/r/+X/+//6bS/3v//9S+fv2//n/OX/+e+v+7bf/++n9aNLX+P3f/zXFLJ/sfAAAAepC7/6txi/0PAAAAzcjd/7W4xf4HAACAZuTuvyVu6WT/e/9f/6//1//r/4c/X/8/T/r/cfr/JfT/+n/v/1/0gDP1/6zO1Pr/3P1fj1s62f8AAADQg9z934hb7H8AAABoRu7+b8Yt9j8AAAA0I3f/t+KWTva//l//r//X/+v/hz9f/z9P+v9x+v9y8p/acf30/4eHvnHd/fzpWvfX30z/7/1/Vmhq/X/u/m/HLZ3sfwAAAOhB7v7vxC32PwAAADQjd/934xb7HwAAAJqRu/97cUsn+1//r/9vv/+/v/7/pM/X/+v/W6b/z7+jD9P/L9FP/z9o3f383L9+/b/+n+2m1v/n7r81bulk/wMAAEAPcvd/P26x/wEAAKAZuft/ELfY/wAAANCM3P0/jFs62f/6/776/41Fj/2/9//1//r/nuj/x+n/l9D/6//1//p/Vmpq/X/u/ts2DnW5/wEAAGCu7nf3B9+62z/2trv+5+HFj+KW8xfHdvnT2AAAAMDE3bn7Nw4tFj++6z/5+X8AAABoUe7+n8Qtnex//X9f/X+f7//r//X/+v+e6P/H6f+X0P/r/3f6+o/p/5d9f/0/Q6bW/+fu/2ncsmn4HdrznyUAAAAwJbn7fxa3dPLz/wAAANCD3P0/j1u27X+/HCAAAADMVe7+X8Qts/35/3P39Efr/yfe/y/2qf+PP07/f5z+X/8/9Pn6/3nS/487zf7/2Ib+X/8/oun+3/v/+n9OydT6/9z9v4xbZrv/AQAAgMViseWfKOTu/1XcYv8DAABAM3L3/zpusf8BAACgGbn7fxO3dLL/9f8H3v9nqr6P7/8fqd/y/n/n/f9lhwc/X/+v/2+Z/n9c3+//33v5k876/1b6/7P1//p/pmFq/X/u/t/GLZ3sfwAAAOhB7v7fxS32PwAAADQjd//v4xb7HwAAAJqRu/8PcUsn+1//P/H3/0+p/9/F+//6/z76/x0+v53+/3/POXrjBQ+85ir9PyccZP+fPxb0/3Pp/3dB/99K/+/9f/0/E7H6/n/rL+Wy1/4/d/8f45ZO9j8AAAD0IHf/7XGL/Q8AAADNyN3/p7jF/gcAAIBm5O7/c9zSyf7X/+v/p9L/5/+t19D/Hz3l/v/IYrFYS/+fTXHv/b/3//X/23n/f5z+fwn9v/5f/6//Z6VW3/9v/ca99v+5+/8St3Sy/wEAAKAHufv/Grfk/t/Y8z+6BwAAACYmd//f4hY//w8AAADNyN3/97ilk/2v/9f/T6X/T97/P/H92nr//4KKU/vs//+/fkv/v7/0/+P0/0vo//X/+n/9Pys1tf4/d/8/4pZO9j8AAAD0IHf/HXGL/Q8AAADNyN3/z7jF/gcAAIBm5O7/V9zSyf7X/7fa/2cRr//X/0+l//f+v/f/D4b+f5z+fwn9v/5f/6//Z6Wm1v/n7v9PAAAA//8si2f+")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})

4m32.166846027s ago: executing program 2 (id=3048):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b30, &(0x7f00000000c0)={'wlan0\x00'})

4m31.039872007s ago: executing program 2 (id=3066):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r0, 0x8918, 0x0)

4m30.686887617s ago: executing program 33 (id=3066):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r0, 0x8918, 0x0)

2m49.211415567s ago: executing program 3 (id=4617):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r0, 0x10c, 0x2, &(0x7f0000000140), &(0x7f0000000080)=0x4)

2m48.978672572s ago: executing program 3 (id=4622):
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000001080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x21408, 0x0, 0x3, 0x0, &(0x7f0000006380))
mount(0x0, &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f00000004c0)='smb3\x00', 0xe00, &(0x7f0000000500)='acl')

2m48.66598321s ago: executing program 3 (id=4628):
r0 = io_uring_setup(0x13b5, &(0x7f0000000140)={0x0, 0x5606, 0x40, 0xdfffffff, 0x2fa})
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0x14, &(0x7f0000003480)={0x4, 0x0, 0x4, &(0x7f00000001c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x0}, 0x2)

2m48.445477854s ago: executing program 3 (id=4632):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x4, &(0x7f0000000140)={[{@uid}, {@nodecompose}, {@umask={'umask', 0x3d, 0x1}}, {@barrier}, {@gid={'gid', 0x3d, 0xee00}}, {@nodecompose}, {@gid}, {@nls={'nls', 0x3d, 'cp1251'}}, {}, {@barrier}]}, 0xfc, 0x6ea, &(0x7f0000000f80)="$eJzs3c1vHGcdB/Dv7K7fUtG6bdIWVImoEQURkfhFKQQJJSCEfKhQBAckbiZxGitOWtkuuBEC837toX9Ae8iNExL3oHKGC4KjxakSohdOvi2a2dn12t71S5zEMXw+1ew8M8/7b2dmdza1JsD/rbnzaT1Ikbnzb66V2xv3Z5c27s+O1dlLScp0I2l1VinuJsXHydV0lny23FmXL4b188Hi5e/9/T8bn3S2WvVSlW/srvfzdpIvHHwW6/WSs0ma9Xq3kR3bY8n4/u1dH9De+PZWegbPv+jllAE71w0cHLf2LuuHqT70fAdOjiLf+Myg/ZPJqfrzrvqcq68OjSc7ukfvUFc5AAAAOGZz/z4zc5jyE/X6uc1sZu3E38YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAE1Ukzc6qWhrd9NkU3ef/j9b7UqdPtAfHPQAAAAAAAAAA2GVk29ZokrHuxpXBNT6/mc2s5dnudruo/s3/tWrjdPX6TN7NShaynAtZy3xWs5rlTCeZ7O9sbX51dXl6WM1iPalrzgysObN9XM2DTXj8YMUAAAAAAAAA4H/eLzO39e//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwNCiSZmdVLae76ck0WknGk4yW5daTv3bTJ0QxaOeDJz8OAAAAOJLxh6jz3GY2s5Znu9vtorrnf6m6Xx7Pu7mb1SxmNUtZyI36Hrq8629s3J9d2rg/e6dcjjz0qsV0fnsY3PMrVYmJ3MxitedCrleDuZFGVbP0zyR3umPaPa5ffFq2faXjJwcc2Y16XXb2fvdXhLEjT/gRmExajYz0IjJVja1zEDzfH4Xdkfjmp8MavdpZtXb2lP6eptPo/fJzutNDmdw35lcOOLNT9bqcz2+H/XLzqI1vdbo+tFAvEo1UkZjpO/pe2jvmyRf/+Pv3by3dvX3r5sr5JzKlx2nnMTHbF4mXDxCJHzy1kWjtnd3YuWOq2nmmu/nRM0m+n/M5m2tZzmJ+nPmsZiFFPdP5+nguXyf3jtTVbVvXhgygZ7R+X5p1ud6YMpfvDBzT2Xy7Ss3ntarus1lMkbdzIwt5o/pvJtP5ai7lUi73vcNnho67mlt11jcOd9af+1KdmEjyu3p93DoXhTKuz/fFtf+aO1nlbe0Z6YvSC3u/u7uvjftPufW5OlH28as9j4YnbWckpvsi8eLekfioXb6uLN29vXxr/p0Bn67tYqRa/+1c0m539r1e55VH3G/2//rzp6PObx9917HyeHkh4/WV5PmMdIbW7Oa92LvKVPEa7a93upe3/RN3NOPl+dzo9NQ5U7879Ewdrb/D7W5ppsp7eWDebJX3Sl9e//et5O0s9b4PAfAUO/XlU6MT/5r4y8SHE7+euDXx5vi3xr429upoRv488vXWVPP1xqvFH/JhfrZ1/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy8lffu3Z5fWlpYHpxoNIdmDUmkfe/2fPdJPgetlZWifpLOofoammgcrfp+id4jfx5fF8efKHbtKWf8aLroPvnocLWmdh9RV48zUP84bK2M9025ObTwqTrRfq4TpUN1MbnzyEyGFB7rBLM55Dyt36KHebgocCJcXL3zzsWV9+59ZfHO/FsLby3cHbl06fLU5UtvzF68ubi0MNV5Pe5RAo/D1vd2AAAAAAAAAAAA4KQ44N8VXPvhj6r/Q/Ch/l7iuOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnGxz59N6kCLTUxemyu2N+7NL5dJNb5VsJWk0kuKnSfFxcjWdJZN9zRXD+vlg8XIzySdbbbW65Rt71GuPHWgW6/WSs0ma9foItrV3/cjtFb0ZlgE71w0cHLf/BgAA//+iRulF")
mount$bind(&(0x7f0000000200)='./file1\x00', &(0x7f0000000340)='./file1\x00', 0x0, 0x883042, 0x0)

2m48.051865364s ago: executing program 3 (id=4638):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="0c0100000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400fc0000000000000000000000000000000c00028005000100000000003c0002800c00028005000100000000002c000180140003000000000000000000000000000000000114000400fe8000000000000000000000000000aa080007400000000078000680140005"], 0x10c}}, 0x0)

2m47.526804005s ago: executing program 3 (id=4646):
r0 = syz_open_dev$sndctrl(&(0x7f0000000140), 0x960, 0x101e00)
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, 0x0)

2m46.936005801s ago: executing program 34 (id=4646):
r0 = syz_open_dev$sndctrl(&(0x7f0000000140), 0x960, 0x101e00)
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, 0x0)

12.530834854s ago: executing program 6 (id=7113):
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x50009405, 0x0)

12.32965557s ago: executing program 6 (id=7117):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000080)={0x7, {{0xa, 0x4e24, 0xa79, @mcast1, 0x200}}, 0x1, 0x6, [{{0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x7}}, {{0xa, 0x4e21, 0x80000000, @private1={0xfc, 0x1, '\x00', 0x1}, 0x80}}, {{0xa, 0x4e21, 0x3, @loopback, 0x81}}, {{0xa, 0x4e22, 0x9, @mcast2, 0x3}}, {{0xa, 0x4e23, 0x616, @mcast1, 0x5fca171d}}, {{0xa, 0x4e20, 0x6, @empty, 0x70c8}}]}, 0x390)

12.126175893s ago: executing program 6 (id=7122):
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f00000000c0)={0x5, 0x8, [0x0, 0x0]})

11.940306107s ago: executing program 6 (id=7125):
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x2000003, &(0x7f0000000040)={[{@adinicb}, {@unhide}, {@anchor={'anchor', 0x3d, 0xec1}}, {@lastblock={'lastblock', 0x3d, 0x2}}, {@gid_ignore}, {@undelete}, {@volume={'volume', 0x3d, 0x7}}, {@gid_forget}, {@lastblock={'lastblock', 0x3d, 0x2}}]}, 0xde, 0xc2e, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy7FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cvHU6fSwWwEAPEiXR7966oz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7yWxqv3HfVL7f5bt8eGR7avdjhVNfuq8uVP/fSZs+e+9MLQ+W5eas98QP377bPx2ujVi42XZ2/OzU8tLExNNsZm2hOzk1O73sNe6291ojoBjZuv35q8fn2hceb5s5s+vj34/sATxwYvDD178plu2bHhkZHRjSL13vK1e25Ix04zPA5FEScjxXPf+2lqRUQRez8X9Qc79lsdrjpxourE2PBI1ZHpdmtmsfzwSvdEFBGNnkrN7jnafiyi1v9A+7CzZsRS2fyywSfK7o3OteZb16anGlda84vtxfbszJXUaW3Zn0YUcT5FLEfE6sDdu+uPImqR4jtH19K1iOjrnocvVhODd25HsY993IWynY3+iOXiERizA2wging1UvzsneMxka8z1bXmCxGvlvmDiLfKfCkilV+McxHvbfM94tFUiyL+shz/C2tpsroedK8rl77W+MrM9dmest3ryke8P9x1pXhI94fDW/LBOODXpnoU0aqu+Gvp3n+zAwAAAAAAAAAAAAAAAMD9djiK+EykeOU//qSaVxzVvPSjF4b+cPBX+3rKPf0h+0kR8XxELBW7m5N7KE8MvJKupPSQ5xI/zupRxJ/m+X/fetiNAQAAAAAAAAAAAAAAAAAAeKwV8ZNI8eK7x9Ny9K4p3p650bjaujbdWRW2u/Zvd8309fX19UbqZDPneM6lnMs5V3Ku5owi18/ZzDmecynncs6VnKs5oy/Xz9nMOZ5zKedyzpWcqzmjluvnbOYcz7mUcznnSs7VnHFA1u4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg4KaKIX0SKb39jLUWKiGbEeHRyZeBhtw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2kIr4fKRp/1LyzrRYRqfq343j5y7loHirzk9EcKvOlaF7M2aqy1vzWQ2g/e9OfivhxpBiov31nwPP493fe3fkaxFvf3Hj32Von+7ofDr4/8MSxoxeGRn7j6Z1ep+0acOJSe+bW7cbY8MjIaM/mWj76J3u2DebjFven60TEwhtvvt6anp6av/cX5VdgD9UfoRep9rj01IvqRdQORDMeTt95DJT3//cixe+++5/dG37n/l+PX+m8u3OHj5//2cb9/8WtO9rl/b+2tV6+/5f39O3u/0/2bHsx/26kvxZRX7w5138sor7wxpsn2zdbN6ZuTM2cO3Xqy0NDXz57qv9QRP16e3qq59V9OV0AAAAAAAAAAAAAAAAAD04q4vcjRevHa6kREber+VqDF4aePflMX/RV8602zdt+bfTqxcbLszfn5qcWFqYmG2Mz7YnZyandHq5eTfcaGx7Zl858qMP73P7D9Zdn596Yb9/448VtPz9Sv3htYXG+NbH9x3E4iohm75YTVYPHhkeqRk+3WzNV1SvbTqb/6PpTEf8VKSbONdLn87Y8/3/rDP9N8/+Xtu5on+b/f6JnW3nMlIr4eaT4nb96Oj5ftfNI3HXOcrm/ixQnzn8ul4tDZbluGzrPFejMDCzL/l+k+KdfbC7bnQ/55EbZ07s+sY+IcvyPRorv/8V34zfzts3Pf9h+/I9s3dE+jf9TPduObHpewZ67Th7/k5HipSffjt/K2z7o+R/dZ28cz4XvPJ9jn8b/Uz3bBvNxf/v+dB0AAAAAAAAAAOCR1p+K+PtI8cORWnohb9vN3/+b3Lqjffr7X5/u2TZ5f9Yr+tAXez6pAAAAAHBA9KcifhIpbiy+fWcO9eb53z3zP39vY/7ncNryafXnfL9WPTfgfv75X6/BfNzxvXcbAAAAAAAAAAAAAAAAAAAADpSUinghr6c+Xs3nn9xxPfWVSPHK/zyXy6VjZbnuOvCD1a/1y7MzJy9OT89OtBZb16anGqNzrYmpsu5TkWLtbz+X6xbV+urd9eY7a7xvrMU+HylG/qFbtrMWe3dt8qc2yp4uy34iUvz3P24u213H+lMbZc+UZf8mUnz9X7Yve2yj7Nmy7HcjxY++3uiWPVKW7T4f9dMbZZ+fmC32YVQAAAAAAAAAAAAAAAAAAAB43PSnIv48UvzvzeU7c/nz+v/9PW8rb32zZ73/LW5X6/wPVuv/7/T6Xtb/r54rsLTTUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OMpRRFvRoq5y2tpZaB831G/1J65dXtseGT7aodTVbOvKl/+1E+fOXvuSy8Mne/mB9e/3z4Tr41evdh4efbm3PzUwsLUZGNspj0xOzm16z3stf5WJ6oT0Lj5+q3J69cXGmeeP7vp49uD7w88cWzwwtCzJ5/plh0bHhkZ7SlT67/no98l7bD9UBTx15Hiue/9NP1wIKKIvZ+LD/nu7LfDVSdOVJ0YGx6pOjLdbs0slh9e6Z6IIqLRU6nZPUcPYCz2pBmxVDa/bPCJsnujc6351rXpqcaV1vxie7E9O3MldVpb9qcRRZxPEcsRsTpw9+76o4jXI8V3jq6lfx2I6Ouehy9eHv3qqTM7t6PYxz7uQtnORn/EcvEIjNkBNhBF/HOk+Nk7x+PfBiJq0fmJL0S8WuYPIt6Kznin8otxLuK9bb5HPJpqUcT/l+N/YS29M1BeD7rXlUtfa3xl5vpsT9nudeWRvz88SAf82lSPIn5UXfHX0r/77xoAAAAAAAAAAAAAAADgACni1yPFi+8eT9X84DtzitszNxpXW9emO9P6unP/unOm19fX1xupk82c4zmXci7nXMm5mjOKXD9ns8z6+vp4fr+UcznnSs7VnNGX6+ds5hzPuZRzOedKztWcUcv1czZzjudcyrmccyXnas44IHP3AAAAAAAAAAAAAAAAAACAj5ei+ifFt7+xltYHOutLj0cnV6wH+rH3ywAAAP//Iun4rQ==")
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

11.517283373s ago: executing program 6 (id=7129):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20, 0x8, 0x0, 0x0, 0xfe, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x1}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, @LWTUNNEL_IP_OPT_ERSPAN_VER={0x5, 0x1, 0x6}}}}]}, 0x38}}, 0x0)

11.195753368s ago: executing program 6 (id=7136):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'veth0_to_team\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x4, [0xfffffffd, 0x10, 0x0, 0x0, 0x3ffffd]}})

10.81756205s ago: executing program 35 (id=7136):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'veth0_to_team\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x4, [0xfffffffd, 0x10, 0x0, 0x0, 0x3ffffd]}})

5.165336552s ago: executing program 5 (id=7221):
r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000001ec0)='./binderfs/binder-control\x00', 0x802, 0x0)
ioctl$BINDER_CTL_ADD(r0, 0xc1086201, &(0x7f0000001f00)={'custom0\x00'})

4.907985677s ago: executing program 5 (id=7223):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8994, &(0x7f0000000040)={'bond0\x00', @random="18faff000020"})

2.848016352s ago: executing program 8 (id=7234):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})

2.649150943s ago: executing program 8 (id=7237):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000c40)="18000000140081044e81f782db44b9042d02200802110000", 0x18}], 0x1, 0x0, 0x0, 0x7400}, 0x4009044)

2.535968287s ago: executing program 0 (id=7238):
r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000500)='./binderfs/binder-control\x00', 0x2, 0x0)
ioctl$BINDER_CTL_ADD(r0, 0xc1086201, &(0x7f0000000540)={'binder1\x00'})

2.449615157s ago: executing program 0 (id=7241):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffdff, 0x0, 0x0, 0x0, 0x1ffffc}, [@call={0x85, 0x0, 0x0, 0x53}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000001900)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.259014864s ago: executing program 0 (id=7244):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r0, &(0x7f0000000000)={{0x6, @netrom={0xbb, 0xbb, 0x2, 0xbb, 0xbb, 0x0, 0x0}}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @null, @default, @default]}, 0x48)

2.107438682s ago: executing program 0 (id=7246):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x1, 0x3}]}}}]}, 0x3c}, 0x1, 0x8, 0x0, 0x4008884}, 0x0)

2.078920902s ago: executing program 7 (id=7247):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xfffffffa})

1.835872844s ago: executing program 7 (id=7250):
r0 = syz_open_dev$video(&(0x7f0000000000), 0x7ff, 0x40400)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000180)={0x9, @win={{0x6, 0x3, 0x0, 0x7f}, 0x3, 0x100, 0x0, 0x7ff, 0xfffffffffffffffc, 0xfc}})

1.751973148s ago: executing program 7 (id=7251):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/ip_mr_vif\x00')
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0x10d}], 0x1, 0x76, 0x76)

1.746490032s ago: executing program 1 (id=7252):
syz_mount_image$minix(&(0x7f0000000540), &(0x7f0000000040)='./file2\x00', 0x204000, &(0x7f0000000100)=ANY=[], 0x3, 0x1f5, &(0x7f0000000580)="$eJzs28tuElEcx/HfATowWrVeF8YEExe6ESiNTVwVn8NV09KmcapG3EBMxBfQZ/A5fBkfQBfuXIlhZoDpXOx4plN6+X42/Dk/zuFM6XBOyIwAXFo9PZSRkTN98qCx9uW2ydXPKXtiAEo3CR//TGy4Vr0AnBXV3/GWcAcwXs58AJyWny+k75J+/Pqwo2pyVz/Nx7O8Uk/mn6T7tTA3Dbnx/cVX6fGsv7mS7F8LHoP8aur4Tx7N3n9V13RdN7Smm7plxjJ+vjvvf89qDwQAwGVj1Doub0nVjDRYvJO7goUV7X1LruoLjvYOvH73mHwjM6/7eWvnjbf7j3cBkKaScv73InVw/mer+udfJyNdkfx8PXzeKDJVACdsMBzV5Xn9d4PhdJH3i9Grbe+/CteqV57ClDZyeuHEWiYfJc1berYjT3SkxY3+nZuDps1UHUVbTPArjeIvdvMMWFFa9NLiSLeS0XQJKPahmLFV99XPSj2uYsWWcr24mfJZWBf1U/rnP1os+5sJQNna7w/ftgfD0dODw+39/n7/dbfTeb75bGN9s9v2d/bt+f4+/tM+gHNusegrcjUQAAAAAAAAAAAAAAA4T+7orgpc25N1YxAAAACAM+jE7hmqKfN2q2UfIwAAAAAAAAAAAAAAAAAAF83fAAAA///LCwWx")
truncate(&(0x7f0000000000)='./file2\x00', 0x8800000)

1.584033239s ago: executing program 7 (id=7253):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000001e00)=""/218, &(0x7f0000001f00)=0xda)

1.499721443s ago: executing program 1 (id=7254):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
ioctl$EVIOCGKEYCODE(r0, 0x80084504, &(0x7f0000000340)=""/163)

1.363912335s ago: executing program 7 (id=7255):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
quotactl_fd$Q_GETFMT(r0, 0xffffffff80000402, 0x0, 0x0)

1.331501473s ago: executing program 1 (id=7256):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001200), 0x40000)
ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000001240))

1.260344223s ago: executing program 5 (id=7257):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000340)='./file0\x00', 0x3000010, &(0x7f0000000180)={[{@unhide}, {@noadinicb}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@umask={'umask', 0x3d, 0x3d}}, {@unhide}, {@gid_forget}, {@shortad}, {@longad}, {@adinicb}]}, 0x1, 0xc5f, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcVy9S+iYhXuqqbZBpBlIRRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFEjQw2iLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkTYt/hGlfD4J9d2ZeW/mvZnVjCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl8+kzaZMOhR9AYAGBfXB35yumzmz3/AYAn1vWt/vsfAAAAAAAAAAAAAAA4KFIU8XSkmLm6ksaq5Y76lXbf3XujQ8ObVzuSqpqHqvLlT/3M2XPnv3hh8GI3r7SnPqD+bvt0vDZy/XLj5ek7M7MTc3MT443RqfbN6fGJbe9hp/U3OlmdgMad1++O37o11zj7wrl1m+8NvN//1PGBS4PPnXq2W3Z0aHh4ZK1Ivbd87aEb0rHVCI/DUcSpSPH8936SWhFRxM7PRX1/r/1GR6pOnKw6MTo0XHVkst2ami83XuueiCKi0VOp2T1Hm1+LqPXtax+21oxYKJtfNvhk2b2RmdZs68bkRONaa3a+Pd+enrqWOq0t+9OIIi6miMWIWO5/cHd9UUQtUnz72Eq6kd/6UZ2HL1QDg7duR7GHfdyGsp2NvojF4jG4ZgdYfxTxaqT46Tsn4ma+z1T3ms9HvFrm9yPeKvOliFR+Mc5HvLfJ94jHUy2K+PPy+l9aSePV/aB7X7ny1caXp25N95Tt3lc+4vPhgTvFI3o+HNmQ++OA35vqUUSruuOvpIf/ww4AAAAAAAAAAAAAAAAAu+1IFPGpSPHKv/1RNa44qnHpxy4N/v7AL/eOGX/mQ/ZTln0hIhaK7Y3JPZwHBl5L11Iqth6fzt6qRxF/nMf/ffNRNwYAAAAAAAAAAAAAAAAAAOAXWhE/jhQvvnsiLUbvnOLtqduN660bk51ZYbtz/3bnTF9dXV1tpCpjIC+PdZZXF3Iu5lzKuZzy/MLd+kUnmznHci7kXMy5lHM5ZxzK9XM2c47lXMi5mHMp53LOqOX6OZs5x3Iu5FzMuZRzOWcckLl7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeJEUU8fNI8a2vr6RIEdGMGItOLvU/6tYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKX+VMQ/RIrGHzTvr6tFRKr+33Gi/OV8NA+X+fFoDpb5UjQv52xVWWt+8xG0n53pS0X8KFL019++f8Hz9e/rLN3/GsRb31hb+nStk4e6Gwfe73/q+LFLg8OffWarz2mzBpy80p66e68xOjQ8PNKzupaP/vGedQP5uMXudJ2ImHvjzddbk5MTsw//ofwKPGT17pXcwdH380Oq7WJT+7fZ9+7vmkfQ5agdlDP/iD5E7UA049H0fZ36ft6U2Dfl8/+9SPHb7/5794Hfef7X45c6S/ef8PGzP1l7/r+4cUfbfP7XNtbLz//ySbDZ8//pnnUv5j+N9NUi6vN3ZvqOR9Tn3njzVPtO6/bE7Ymp86dPf2lw8EvnTvcdjqjfak9O9HzaldMFAAAAAAAAAAAAAAAAsH9SEb8bKVo/WkmNiLhXjdcauDT43KlnD8WharzVunHbr41cv9x4efrOzOzE3NzEeGN0qn1zenxiu4erV8O9RoeG96QzH+rIHrf/SP3l6Zk3Ztu3/3B+0+1H65dvzM3Ptm5uvjmORBHR7F1zsmrw6NBw1ejJdmuqqnpt08H0H11fKuI/IsXN8430ubwuj//fOMJ/3fj/hY072sXx/589ujb+72OdKLrHTKmIn0WK3/qLZ+JzVTuPxgPnLJf7m0hx8uJncrk4XJbrtqHzXoHOyMCy7P9Eir//+fqy3fGQT6+VPfORT/ABV17/Y5Fe/e6ffSd+Pa9b//6Hza//0Y072qP3P3yiZ93Rde8r2HHXydf/VKR46em34zeqNf/3ge//6L6x4USn8Nr7Ofbo+v9qz7qBfNzf3K3OAwAAAAAAAAAAPMb6UhF/Gyl+MFxLF/K67fz7v/GNO9qjf//1yZ5147szX9GHT3sDAAAAAE+IvlTEjyPF7fm374+hXj/+u2f85++sjf8cShu2Vn/P9yvVewN28+//eg3k447tvNsAAAAAAAAAAAAAAAAAAABwoKRUxIU8n/pYNZ5/fMv51JcixSv/9Xwul46X5brzwA9Uv9avrk6dujw5OV2P+daNyYnGyEzr5kRZ9xORYuWvP5PrFtX86t355jtzvK/NxT4bKYa/2y3bmYu9Ozd5Zz7w+upqxJmy7McixX/+3fqyeWrqPHd0td+zZdm/ihRf+6fNyx5fK3uuLPudSPHDrzW6ZY+WZS/kl6F+cq3sCzeni725MAAAAAAAAAAAAAAAAAAAAPxC6UtF/Gmk+O87i/fH8uf5//t6FitvfaNnvv8N7lXz/A9U8/9v9flh5v+v3iuwsNVRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgyZSiiDcjxczVlbTUXy531K+0p+7eGx0a3rzakVTVPFSVL3/qZ86eO//FC4MXu/nB9Xfbp+K1keuXGy9P35mZnZibmxhvjE61b06PT2x7Dzutv9HJ6gQ07rx+d/zWrbnG2RfOrdt8b+D9/qeOD1wafO7Us92yo0PDwyM9ZWp9D330B6Qt1h+OIv4yUjz/vZ+kH/RHFLHzc/Eh3529dqTqxMmqE6NDw1VHJtutqfly47XuiSgiGj2Vmt1ztA/XYkeaEQtl88sGnyy7NzLTmm3dmJxoXGvNzrfn29NT11KntWV/GlHExRSxGBHL/Q/uri+KeD1SfPvYSvrn/ohD3fPwhasjXzl9dut2FHvYx20o29noi1gsHoNrdoD1RxH/GCl++s6J+Jf+iFp0fuLzEa+W+f2It6JzvVP5xTgf8d4m3yMeT7Uo4n/L639pJb3TX94PuveVK19tfHnq1nRP2e595bF/PuynA35vqkcRP6zu+CvpX/2+BgAAAAAAAAAAAAAAADhAivi1SPHiuydSNT74/pji9tTtxvXWjcnOsL7u2L/umOnV1dXVRupkM+dYzoWcizmXci7njCLXz9kss766OpaXF3Iu5lzKuZwzDuX6OZs5x3Iu5FzMuZRzOWfUcv2czZxjORdyLuZcyrmcMw7I2D0AAAAAAAAAAAAAAAAAAODJUlT/S/Gtr6+k1f7O/NJj0ckl84E+8f4/AAD//3zh6fM=")
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0x0, 0x0, &(0x7f00000000c0))

1.083844356s ago: executing program 8 (id=7258):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000580)={0x1, @raw_data="e1b3e2fb19f3de0f15f5d9bec27f00000000000000a8743db2849d0a05b8a5b6d403d19118b0caf96216ade4c99afa9c2d435fda334600d0dcad52bd67d034b17acb09b2f084efa2a40aeb57558091039ff479cda324a9a7c75355fc13414f0ffef95c5d20ca0bd8973b26308e23bb381991069422d4ee50a670573cfee1b2f026e672c8abad3573b62b15499693827453df4b6f7ae84f6cadd25bbe19c759020d4b3171ea2f0d2be38a8b8c961c4e92c37c929204ff8616dab4e15b53489411738da1152117359c"})

1.075500597s ago: executing program 0 (id=7259):
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0xfffffffe)
futex(&(0x7f000000cffc), 0x8, 0x400, 0x0, 0x0, 0x1)

1.061364259s ago: executing program 1 (id=7260):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@ipv6_newrule={0x2c, 0x20, 0x2d2c6d60ea1da725, 0x70bd29, 0x25dfdbfd, {0xa, 0x0, 0x0, 0xcd, 0xff, 0x0, 0x0, 0x1, 0x10002}, [@FIB_RULE_POLICY=@FRA_PRIORITY={0x8}, @FIB_RULE_POLICY=@FRA_FWMASK={0x8, 0x10, 0x7fffffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008081}, 0x0)

877.179902ms ago: executing program 5 (id=7261):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mbind(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x1b2, 0x0)

876.522541ms ago: executing program 8 (id=7262):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e", 0x2a}], 0x2)

706.972885ms ago: executing program 1 (id=7263):
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067f0200040000000000df000058000b4824ca945f64009400ff0325010ebc001500000000008000f0fffeffe809005300fff5dd000000100001d80cf42098da03870000000000", 0x58}], 0x1)

517.950872ms ago: executing program 8 (id=7264):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getpeername(r0, 0x0, 0x0)

486.020024ms ago: executing program 5 (id=7265):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140100000001010800000000000000000200000ab0000e802c00018014000300fe80000000000000000000000000003e14000400000000000000000000000000000000000c000280050001008400000014000180080001000a01010208000200ffffffff1400018008000100ffffffff080002000a0101002c00018014000300fc01000000000000000000000000000014000400ff01000000000000000000000000000106000340000000000c00028005000100010000000c00028005000100060000004800028014000180a5ff0100ac1414aa08000200ac14142c0c000280050001003a0000001400018008000100e000000108000200"], 0x114}, 0x1, 0x0, 0x0, 0x90}, 0x8000)

484.284908ms ago: executing program 1 (id=7266):
syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f0000000000)='./file1\x00', 0x1c005, &(0x7f00000002c0)={[{@fatal_errors_bug}, {@datasum}, {@autodefrag}, {@nossd}, {@acl}, {@rescan_uuid_tree}, {@noacl}, {@clear_cache}, {@rescue={'rescue', 0x3d, 'usebackuproot'}}, {@discard_async}, {@nodatacow}]}, 0x9, 0x559d, &(0x7f0000004040)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
mount(&(0x7f0000000100)=@loop={'/dev/loop', 0x0}, &(0x7f0000000180)='./file1\x00', &(0x7f0000000280)='btrfs\x00', 0x814008, 0x0)

362.789724ms ago: executing program 7 (id=7267):
mmap(&(0x7f0000800000/0x3000)=nil, 0x3000, 0x4, 0x66032, 0xffffffffffffffff, 0x40000000)
mremap(&(0x7f0000800000/0x1000)=nil, 0x1000, 0x3000, 0x0, &(0x7f0000800000/0x3000)=nil)

130.445708ms ago: executing program 5 (id=7268):
r0 = semget(0x1, 0x4, 0x281)
semctl$SEM_STAT(r0, 0x1, 0x12, 0x0)

40.863084ms ago: executing program 8 (id=7269):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x3c1, 0x3, 0x12a0, 0x1100, 0x18c, 0x203, 0x1100, 0x19030000, 0x1100, 0x2e0, 0x2e0, 0x11d0, 0x2e0, 0x7fffffe, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [0x0, 0x0, 0xff, 0xff], [0x7fffffff, 0xff000000, 0xff000000, 0xff000000], 'bond_slave_1\x00', 'bond0\x00', {}, {}, 0x84, 0x7, 0x2, 0x55}, 0x300, 0x10d8, 0x1100, 0x0, {0x1000000}, [@common=@unspec=@cgroup1={{0x1030}, {0x1, 0x0, 0x1, 0x1, './cgroup.cpu/syz1\x00', 0xfffffffc, {0x3}}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1, 0x8d, 0x74c}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1300)

0s ago: executing program 0 (id=7270):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3400000044000701feffffff00000000037c0000040042800c00018006000600800a0000100002800a99"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)

kernel console output (not intermixed with test programs):

 leftover after parsing attributes in process `syz.6.5595'.
[  552.223219][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  552.273338][  T914] usb 8-1: palm_os_3_probe - error -71 getting bytes available request
[  552.281680][  T914] visor 8-1:1.0: Handspring Visor / Palm OS converter detected
[  552.349094][  T914] usb 8-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  552.391260][  T914] usb 8-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  552.427886][  T914] usb 8-1: USB disconnect, device number 10
[  552.531255][  T914] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  552.613120][  T914] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  552.641532][  T914] visor 8-1:1.0: device disconnected
[  553.042234][T18993] netlink: 'syz.0.5607': attribute type 1 has an invalid length.
[  553.059969][T18993] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5607'.
[  553.616685][T19012] loop7: detected capacity change from 0 to 2048
[  553.704671][T19012] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  553.991156][T13226] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  554.086447][T18998] loop1: detected capacity change from 0 to 32768
[  554.205003][T18998] ialloc: diAlloc returned -17!
[  554.252377][T19043] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5631'.
[  554.291729][T19043] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5631'.
[  554.301722][T19043] netlink: 'syz.5.5631': attribute type 5 has an invalid length.
[  554.460948][T19048] loop8: detected capacity change from 0 to 2048
[  554.472983][T19044] loop6: detected capacity change from 0 to 4096
[  554.499924][T19048] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024)
[  554.521717][T19044] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  554.578825][T19053] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  554.608125][T19044] ntfs3(loop6): ino=19, mi_enum_attr
[  554.723479][T19044] ntfs3(loop6): failed to convert "c46c" to cp865
[  554.764285][T19044] ntfs3(loop6): ino=20, mi_enum_attr
[  555.752092][T19092] loop7: detected capacity change from 0 to 256
[  555.833817][T19092] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  556.030942][T19102] No control pipe specified
[  556.373352][T19110] loop5: detected capacity change from 0 to 4096
[  556.417561][T19110] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  556.530089][T19110] ntfs3(loop5): Failed to initialize $Extend/$Reparse.
[  556.688691][ T5972] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  556.909063][ T5972] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  556.937522][ T5972] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  556.990093][ T5972] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  557.020276][ T5972] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  557.052947][T19140] loop8: detected capacity change from 0 to 64
[  557.084650][T19120] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  557.105705][ T5972] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  557.215120][T19146] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[  557.255360][T19146] netdevsim netdevsim6 netdevsim0: entered allmulticast mode
[  557.406586][T19150] ip6gretap0: entered promiscuous mode
[  557.412233][T19150] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  557.477757][    T9] usb 8-1: USB disconnect, device number 11
[  557.599976][T19161] sit0: entered promiscuous mode
[  557.636949][T19161] netlink: 1 bytes leftover after parsing attributes in process `syz.5.5687'.
[  557.971849][T19171] loop5: detected capacity change from 0 to 2048
[  558.015839][T19171] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  558.069470][T19175] loop6: detected capacity change from 0 to 128
[  558.077422][T19171] syz.5.5693: attempt to access beyond end of device
[  558.077422][T19171] loop5: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  558.081299][T19180] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  558.234071][T19171] syz.5.5693: attempt to access beyond end of device
[  558.234071][T19171] loop5: rw=0, sector=9437254, nr_sectors = 2 limit=2048
[  558.335222][T19171] NILFS (loop5): I/O error reading meta-data file (ino=6, block-offset=0)
[  558.382774][T19182] loop8: detected capacity change from 0 to 4096
[  558.485438][T19182] ntfs3(loop8): ino=1a, mi_enum_attr
[  558.501307][T19182] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[  558.659070][T19195] IPv6: NLM_F_CREATE should be specified when creating new route
[  558.842193][T19200] ieee802154 phy0 wpan0: encryption failed: -22
[  559.139956][T19177] loop1: detected capacity change from 0 to 32768
[  559.176032][T19177] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.5696 (19177)
[  559.233658][T19177] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  559.329782][T19177] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  559.455729][T19228] loop5: detected capacity change from 0 to 1024
[  559.643596][T19177] BTRFS info (device loop1): enabling ssd optimizations
[  559.693177][T19244] loop7: detected capacity change from 0 to 4096
[  559.699725][T19177] BTRFS info (device loop1): turning on async discard
[  559.719793][T19177] BTRFS info (device loop1): enabling free space tree
[  560.226804][ T5820] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  560.263082][T19267] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5724'.
[  560.314465][T19267] netlink: 'syz.8.5724': attribute type 1 has an invalid length.
[  560.322327][T19267] netlink: 20 bytes leftover after parsing attributes in process `syz.8.5724'.
[  560.670127][   T30] audit: type=1326 audit(1763642407.629:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19280 comm="syz.8.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88978f749 code=0x7ffc0000
[  560.804978][   T30] audit: type=1326 audit(1763642407.629:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19280 comm="syz.8.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88978f749 code=0x7ffc0000
[  560.903556][   T30] audit: type=1326 audit(1763642407.648:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19280 comm="syz.8.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7fd88978f749 code=0x7ffc0000
[  560.914216][T19290] loop6: detected capacity change from 0 to 64
[  560.984332][T19290] bfs: Unknown parameter 'eP'
[  561.031444][   T30] audit: type=1326 audit(1763642407.648:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19280 comm="syz.8.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88978f749 code=0x7ffc0000
[  561.130720][T19290] loop6: detected capacity change from 0 to 16
[  561.199974][T19290] erofs (device loop6): EXPERIMENTAL metadata compression support in use. Use at your own risk!
[  561.238610][T19290] erofs (device loop6): bogus i_mode (0) @ nid 916717819658240
[  561.388248][T19307] loop5: detected capacity change from 0 to 256
[  561.401054][T19301] loop8: detected capacity change from 0 to 4096
[  561.432067][T19301] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512).
[  561.523805][T19304] loop1: detected capacity change from 0 to 4096
[  561.589156][T19304] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  561.622829][T19301] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[  561.685778][T19301] ntfs3(loop8): ino=19, mi_enum_attr
[  561.756939][T19301] ntfs3(loop8): failed to convert "c46c" to macgaelic
[  561.800599][T19301] ntfs3(loop8): ino=20, mi_enum_attr
[  561.832723][T19304] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  561.844764][T19316] loop5: detected capacity change from 0 to 128
[  561.879111][T19304] ntfs3(loop1): ino=19, mi_enum_attr
[  561.885570][T19320] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  561.915947][T19316] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  562.039895][T19316] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  562.496784][T19336] loop5: detected capacity change from 0 to 256
[  562.504282][T19336] exfat: Deprecated parameter 'namecase'
[  562.646315][T19336] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d)
[  562.808274][T19348] netlink: zone id is out of range
[  562.823515][T19348] netlink: zone id is out of range
[  562.896766][T19348] netlink: zone id is out of range
[  562.932698][T19348] netlink: zone id is out of range
[  562.937842][T19348] netlink: zone id is out of range
[  562.942954][T19348] netlink: zone id is out of range
[  563.008550][T19348] netlink: zone id is out of range
[  563.013688][T19348] netlink: zone id is out of range
[  563.057677][T19348] netlink: zone id is out of range
[  563.083070][T19348] netlink: zone id is out of range
[  563.098093][T19360] loop6: detected capacity change from 0 to 1024
[  563.245737][T19364] loop5: detected capacity change from 0 to 256
[  563.327804][T19364] FAT-fs (loop5): Directory bread(block 64) failed
[  563.347775][   T50] hfsplus: b-tree write err: -5, ino 4
[  563.357750][T19364] FAT-fs (loop5): Directory bread(block 65) failed
[  563.390130][T19364] FAT-fs (loop5): Directory bread(block 66) failed
[  563.416653][T19364] FAT-fs (loop5): Directory bread(block 67) failed
[  563.436166][T19364] FAT-fs (loop5): Directory bread(block 68) failed
[  563.442685][T19364] FAT-fs (loop5): Directory bread(block 69) failed
[  563.498618][T19364] FAT-fs (loop5): Directory bread(block 70) failed
[  563.562631][T19374] netlink: 20 bytes leftover after parsing attributes in process `syz.8.5776'.
[  563.573718][T19364] FAT-fs (loop5): Directory bread(block 71) failed
[  563.604563][T19364] FAT-fs (loop5): Directory bread(block 72) failed
[  563.624851][T19364] FAT-fs (loop5): Directory bread(block 73) failed
[  563.740508][T19378] netlink: 209852 bytes leftover after parsing attributes in process `syz.6.5779'.
[  563.834266][T19382] loop8: detected capacity change from 0 to 64
[  563.877647][T19382] hfs: unable to locate alternate MDB
[  563.883054][T19382] hfs: continuing without an alternate MDB
[  563.985123][T19386] wg1 speed is unknown, defaulting to 1000
[  564.019940][T19386] wg1 speed is unknown, defaulting to 1000
[  564.049622][T19386] wg1 speed is unknown, defaulting to 1000
[  564.121341][T19386] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  564.183704][T19352] loop1: detected capacity change from 0 to 32768
[  564.253022][T19386] wg1 speed is unknown, defaulting to 1000
[  564.296011][T19386] wg1 speed is unknown, defaulting to 1000
[  564.344771][T19386] wg1 speed is unknown, defaulting to 1000
[  564.355038][T19352] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  564.431008][T19386] wg1 speed is unknown, defaulting to 1000
[  564.433349][T19404] netlink: 'syz.8.5792': attribute type 2 has an invalid length.
[  564.444925][T19404] netlink: 'syz.8.5792': attribute type 1 has an invalid length.
[  564.454081][T19404] netlink: 'syz.8.5792': attribute type 1 has an invalid length.
[  564.485543][T19386] wg1 speed is unknown, defaulting to 1000
[  564.504411][T19352] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad chain 1280
[  564.509197][T19386] wg1 speed is unknown, defaulting to 1000
[  564.599245][T19352] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  564.637124][T19352] OCFS2: File system is now read-only.
[  564.667076][T19352] (syz.1.5765,19352,1):ocfs2_search_chain:1817 ERROR: status = -30
[  564.717867][T19352] (syz.1.5765,19352,1):ocfs2_search_chain:1940 ERROR: status = -30
[  564.762738][T19352] (syz.1.5765,19352,1):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30
[  564.803454][T19352] (syz.1.5765,19352,0):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[  564.829584][T19352] (syz.1.5765,19352,0):ocfs2_claim_new_inode:2298 ERROR: status = -30
[  564.874779][T19352] (syz.1.5765,19352,0):ocfs2_claim_new_inode:2313 ERROR: status = -30
[  564.916579][T19352] (syz.1.5765,19352,0):ocfs2_mknod_locked:641 ERROR: status = -30
[  564.939192][T19420] netlink: 'syz.0.5798': attribute type 10 has an invalid length.
[  564.963950][T19352] (syz.1.5765,19352,0):ocfs2_mknod:388 ERROR: status = -30
[  564.986204][T19420] batman_adv: batadv0: Adding interface: macvtap0
[  564.992738][T19420] batman_adv: batadv0: The MTU of interface macvtap0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  565.038957][T19352] (syz.1.5765,19352,0):ocfs2_mknod:505 ERROR: status = -30
[  565.047154][T19352] (syz.1.5765,19352,0):ocfs2_mkdir:661 ERROR: status = -30
[  565.093219][T19420] batman_adv: batadv0: Not using interface macvtap0 (retrying later): interface not active
[  565.270012][T19430] autofs4:pid:19430:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.8074), cmd(0xc018937e)
[  565.277303][ T5820] ocfs2: Unmounting device (7,1) on (node local)
[  565.340502][T19430] autofs4:pid:19430:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e)
[  567.114577][T19506] loop1: detected capacity change from 0 to 2048
[  567.285831][T19506] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  567.308021][T19506] ext4 filesystem being mounted at /987/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  567.332925][T19506] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.5842: bg 0: block 345: padding at end of block bitmap is not set
[  567.358644][T19506] EXT4-fs (loop1): Remounting filesystem read-only
[  567.365340][T19506] EXT4-fs warning (device loop1): ext4_xattr_inode_lookup_create:1602: inode #18: comm syz.1.5842: cleanup dec ref error -117
[  567.399258][T19517] loop6: detected capacity change from 0 to 4096
[  567.428173][T19519] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  567.465937][T19517] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  567.588741][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.636443][T19522] loop7: detected capacity change from 0 to 256
[  567.737556][T10799] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  568.470317][T19551] loop6: detected capacity change from 0 to 256
[  568.531929][T19551] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  568.577332][T19551] FAT-fs (loop6): Filesystem has been set read-only
[  568.601187][T19551] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  568.639086][T19551] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  568.732712][   T30] audit: type=1800 audit(1763642415.168:139): pid=19551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.5862" name="file1" dev="loop6" ino=1048679 res=0 errno=0
[  569.220186][T19582] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5878'.
[  569.267800][T19582] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5878'.
[  569.364466][T19580] loop6: detected capacity change from 0 to 4096
[  569.443585][T19580] ntfs3(loop6): Failed to initialize $Extend/$ObjId.
[  569.458446][T19591] netlink: 'syz.5.5883': attribute type 1 has an invalid length.
[  569.807744][T19605] xfrm0: entered promiscuous mode
[  569.835207][T19605] xfrm0: entered allmulticast mode
[  570.086619][ T5972] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  570.163711][T19620] netlink: 33024 bytes leftover after parsing attributes in process `syz.5.5896'.
[  570.293000][ T5972] usb 1-1: Using ep0 maxpacket: 8
[  570.323689][ T5972] usb 1-1: config 2 has an invalid interface number: 31 but max is 0
[  570.352246][ T5972] usb 1-1: config 2 has no interface number 0
[  570.358397][ T5972] usb 1-1: config 2 interface 31 has no altsetting 0
[  570.398684][ T5972] usb 1-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  570.438224][ T5972] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  570.473620][ T5972] usb 1-1: Product: syz
[  570.477825][ T5972] usb 1-1: Manufacturer: syz
[  570.500599][ T5972] usb 1-1: SerialNumber: syz
[  571.032261][ T5972] ch9200 1-1:2.31: probe with driver ch9200 failed with error -22
[  571.057171][ T5972] usb 1-1: USB disconnect, device number 64
[  571.721278][T19656] loop8: detected capacity change from 0 to 32768
[  571.749569][T19656] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.5913 (19656)
[  571.798719][T19656] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  571.820072][T19676] netlink: 'syz.1.5924': attribute type 12 has an invalid length.
[  571.849230][T19656] BTRFS info (device loop8): using sha256 (sha256-lib) checksum algorithm
[  571.924858][T19653] loop5: detected capacity change from 0 to 32768
[  572.060510][T19653] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  572.087096][T19656] BTRFS info (device loop8): enabling ssd optimizations
[  572.127523][T19706] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5925'.
[  572.137342][T19656] BTRFS info (device loop8): turning on async discard
[  572.160752][T19656] BTRFS info (device loop8): enabling free space tree
[  572.416940][T19653] XFS (loop5): Ending clean mount
[  572.437745][T16785] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  572.444675][T19665] loop7: detected capacity change from 0 to 32768
[  572.481805][T19653] XFS (loop5): Quotacheck needed: Please wait.
[  572.537946][T19665] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  572.632780][T19653] XFS (loop5): Quotacheck: Done.
[  572.812108][T19665] XFS (loop7): Ending clean mount
[  572.951857][ T5819] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  573.259079][T19742] netlink: 'syz.1.5938': attribute type 21 has an invalid length.
[  573.288147][T19742] netlink: 156 bytes leftover after parsing attributes in process `syz.1.5938'.
[  573.299524][T13226] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  573.660842][T19753] netlink: 'syz.0.5948': attribute type 4 has an invalid length.
[  573.738170][T19753] netlink: 'syz.0.5948': attribute type 1 has an invalid length.
[  573.792813][T19753] netlink: 228 bytes leftover after parsing attributes in process `syz.0.5948'.
[  574.013918][T19767] loop8: detected capacity change from 0 to 64
[  574.143236][T19773] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5955'.
[  574.394470][T16785] Trying to free block not in datazone
[  574.446115][T16785] Trying to free block not in datazone
[  574.468609][T16785] Trying to free block not in datazone
[  574.474953][T16785] Trying to free block not in datazone
[  574.492637][T16785] Trying to free block not in datazone
[  574.498168][T16785] Trying to free block not in datazone
[  574.511592][T16785] Trying to free block not in datazone
[  574.517263][T16785] Trying to free block not in datazone
[  574.527147][T16785] Trying to free block not in datazone
[  574.533231][T16785] Trying to free block not in datazone
[  574.538683][T16785] Trying to free block not in datazone
[  574.544813][T16785] Trying to free block not in datazone
[  574.550310][T16785] Trying to free block not in datazone
[  574.588992][T16785] Trying to free block not in datazone
[  574.604899][T16785] Trying to free block not in datazone
[  574.629033][T16785] Trying to free block not in datazone
[  574.634546][T16785] Trying to free block not in datazone
[  574.669456][T16785] Trying to free block not in datazone
[  574.682485][T16785] Trying to free block not in datazone
[  574.695806][T16785] Trying to free block not in datazone
[  574.701299][T16785] Trying to free block not in datazone
[  574.732978][T16785] Trying to free block not in datazone
[  574.746415][T16785] Trying to free block not in datazone
[  574.752011][T16785] Trying to free block not in datazone
[  574.764272][T16785] Trying to free block not in datazone
[  574.769949][  T914] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[  574.779693][T19795] netlink: 48 bytes leftover after parsing attributes in process `syz.6.5967'.
[  574.791370][T16785] Trying to free block not in datazone
[  574.808009][T16785] Trying to free block not in datazone
[  574.818957][T16785] Trying to free block not in datazone
[  574.830038][T16785] Trying to free block not in datazone
[  574.838043][T19799] loop7: detected capacity change from 0 to 512
[  574.861797][T16785] Trying to free block not in datazone
[  574.872603][T16785] Trying to free block not in datazone
[  574.888900][T16785] Trying to free block not in datazone
[  574.898317][T16785] Trying to free block not in datazone
[  574.915822][T19799] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  574.934295][T16785] Trying to free block not in datazone
[  574.949874][  T914] usb 6-1: Using ep0 maxpacket: 32
[  574.957162][  T914] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  574.968224][T16785] Trying to free block not in datazone
[  574.968271][T16785] Trying to free block not in datazone
[  574.968297][T16785] Trying to free block not in datazone
[  574.968308][T16785] Trying to free block not in datazone
[  574.968320][T16785] Trying to free block not in datazone
[  574.968338][T16785] Trying to free block not in datazone
[  574.971841][T16785] Trying to free block not in datazone
[  574.982249][  T914] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  574.996179][T19799] ext4 filesystem being mounted at /465/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  575.031284][  T914] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  575.041710][  T914] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.080409][  T914] usb 6-1: config 0 descriptor??
[  575.081477][T19799] EXT4-fs error (device loop7): ext4_xattr_block_find:1874: inode #15: comm syz.7.5969: corrupted xattr block 32: overlapping e_value 
[  575.099603][  T914] hub 6-1:0.0: USB hub found
[  575.269426][T19812] loop8: detected capacity change from 0 to 1764
[  575.316791][  T914] hub 6-1:0.0: config failed, can't read hub descriptor (err -90)
[  575.326163][T19812] iso9660: Corrupted directory entry in block 2 of inode 1920
[  575.354984][T13226] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.408593][T19811] loop1: detected capacity change from 0 to 4096
[  575.438580][T19811] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  575.461036][T19815] loop6: detected capacity change from 0 to 64
[  575.470274][T19811] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  575.478908][T19811] ntfs3(loop1): ino=19, mi_enum_attr
[  575.494858][T19811] ntfs3(loop1): failed to convert "c46c" to cp857
[  575.495312][T19811] ntfs3(loop1): ino=20, mi_enum_attr
[  575.572771][T19817] netlink: 'syz.7.5974': attribute type 1 has an invalid length.
[  575.581495][  T914] usbhid 6-1:0.0: can't add hid device: -71
[  575.604231][  T914] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  575.665924][  T914] usb 6-1: USB disconnect, device number 58
[  575.705790][T19819] netlink: 'syz.8.5976': attribute type 2 has an invalid length.
[  575.835712][T19819] : entered promiscuous mode
[  576.354567][T19843] tmpfs: Bad value for 'nr_blocks'
[  576.364261][   T30] audit: type=1326 audit(1763642422.286:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19846 comm="syz.6.5989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  576.364322][   T30] audit: type=1326 audit(1763642422.286:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19846 comm="syz.6.5989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  576.364375][   T30] audit: type=1326 audit(1763642422.295:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19846 comm="syz.6.5989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  576.364426][   T30] audit: type=1326 audit(1763642422.295:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19846 comm="syz.6.5989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  576.364478][   T30] audit: type=1326 audit(1763642422.295:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19846 comm="syz.6.5989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  576.739499][T19851] loop7: detected capacity change from 0 to 4096
[  577.001454][T19869] net_ratelimit: 30 callbacks suppressed
[  577.001477][T19869] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  577.103642][T19872] loop8: detected capacity change from 0 to 128
[  577.284629][T19872] FAT-fs (loop8): Directory bread(block 32) failed
[  577.310410][T19872] FAT-fs (loop8): Directory bread(block 33) failed
[  577.344490][T19872] FAT-fs (loop8): Directory bread(block 34) failed
[  577.375393][T19872] FAT-fs (loop8): Directory bread(block 35) failed
[  577.398578][T19872] FAT-fs (loop8): Directory bread(block 36) failed
[  577.447673][T19872] FAT-fs (loop8): Directory bread(block 37) failed
[  577.478989][T19872] FAT-fs (loop8): Directory bread(block 38) failed
[  577.506901][T19872] FAT-fs (loop8): Directory bread(block 39) failed
[  577.513586][T19872] FAT-fs (loop8): Directory bread(block 40) failed
[  577.561040][T19872] FAT-fs (loop8): Directory bread(block 41) failed
[  577.630935][T19893] xt_CT: You must specify a L4 protocol and not use inversions on it
[  577.894201][T19905] netlink: 76 bytes leftover after parsing attributes in process `syz.5.6018'.
[  577.915566][T19905] netlink: 76 bytes leftover after parsing attributes in process `syz.5.6018'.
[  577.996777][T19909] loop1: detected capacity change from 0 to 64
[  578.088264][T19912] ipt_ECN: cannot use operation on non-tcp rule
[  578.540753][T19931] loop6: detected capacity change from 0 to 256
[  578.598051][T19933] loop1: detected capacity change from 0 to 1024
[  578.662543][T19931] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xd6e00b17, utbl_chksum : 0xe619d30d)
[  578.724086][  T914] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  578.771948][T19937] dlm: non-version read from control device 36
[  578.815464][T19931] exFAT-fs (loop6): valid_size(4096) is greater than size(0)
[  578.898894][  T914] usb 9-1: Using ep0 maxpacket: 16
[  578.918461][  T914] usb 9-1: unable to get BOS descriptor or descriptor too short
[  578.939162][  T914] usb 9-1: config 102 has an invalid interface number: 21 but max is 0
[  578.969522][  T914] usb 9-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[  578.995045][T19943] loop7: detected capacity change from 0 to 128
[  578.997664][  T914] usb 9-1: config 102 has no interface number 0
[  579.033535][  T914] usb 9-1: config 102 interface 21 has no altsetting 0
[  579.059173][  T914] usb 9-1: New USB device found, idVendor=0421, idProduct=02e3, bcdDevice=e8.e7
[  579.073817][  T914] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  579.108576][  T914] usb 9-1: Product: syz
[  579.145008][  T914] usb 9-1: Manufacturer: syz
[  579.149657][  T914] usb 9-1: SerialNumber: syz
[  579.299919][T19952] loop6: detected capacity change from 0 to 64
[  579.329126][T19952] hfs: unable to locate alternate MDB
[  579.349104][T19952] hfs: continuing without an alternate MDB
[  579.418914][T19958] netlink: 'syz.0.6045': attribute type 2 has an invalid length.
[  579.456454][T19958] netlink: 'syz.0.6045': attribute type 1 has an invalid length.
[  579.535560][  T914] rndis_host 9-1:102.21: More than one union descriptor, skipping ...
[  579.559228][  T914] usb 9-1: bad CDC descriptors
[  579.565503][  T914] cdc_acm 9-1:102.21: More than one union descriptor, skipping ...
[  579.634295][  T914] usb 9-1: USB disconnect, device number 5
[  580.376673][T19989] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[  580.399304][T19961] loop5: detected capacity change from 0 to 32768
[  580.435970][T19989] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  580.456928][T19961] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.6047 (19961)
[  580.527688][T19961] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  580.575410][T19961] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm
[  580.989881][T19961] BTRFS info (device loop5): enabling ssd optimizations
[  581.011575][T19961] BTRFS info (device loop5): turning on async discard
[  581.065065][T19961] BTRFS info (device loop5): enabling free space tree
[  581.274393][T20043] loop1: detected capacity change from 0 to 64
[  581.293845][T20042] netlink: 'syz.0.6079': attribute type 11 has an invalid length.
[  581.302014][ T5819] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  581.312126][T20042] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6079'.
[  581.357143][T20043] Trying to free block not in datazone
[  581.945164][   T30] audit: type=1326 audit(1763642427.523:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20063 comm="syz.0.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47818f749 code=0x7ffc0000
[  582.036422][   T30] audit: type=1326 audit(1763642427.523:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20063 comm="syz.0.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47818f749 code=0x7ffc0000
[  582.127250][   T30] audit: type=1326 audit(1763642427.523:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20063 comm="syz.0.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7fb47818f749 code=0x7ffc0000
[  582.155684][   T30] audit: type=1326 audit(1763642427.523:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20063 comm="syz.0.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47818f749 code=0x7ffc0000
[  582.181311][   T30] audit: type=1326 audit(1763642427.523:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20063 comm="syz.0.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47818f749 code=0x7ffc0000
[  582.433791][ T5906] usb 2-1: new full-speed USB device number 72 using dummy_hcd
[  582.514546][T20089] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6104'.
[  582.614540][ T5906] usb 2-1: config 0 has an invalid interface number: 11 but max is 0
[  582.640873][ T5906] usb 2-1: config 0 has no interface number 0
[  582.659425][ T5906] usb 2-1: config 0 interface 11 altsetting 253 endpoint 0x7 has invalid maxpacket 1024, setting to 64
[  582.690164][ T5906] usb 2-1: config 0 interface 11 altsetting 253 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  582.690273][T20095] netlink: 'syz.8.6106': attribute type 21 has an invalid length.
[  582.714332][ T5906] usb 2-1: config 0 interface 11 altsetting 253 endpoint 0x87 has invalid wMaxPacketSize 0
[  582.739453][ T5906] usb 2-1: config 0 interface 11 has no altsetting 0
[  582.753824][ T5906] usb 2-1: New USB device found, idVendor=06cd, idProduct=012a, bcdDevice=d5.1b
[  582.774564][T20095] netlink: 132 bytes leftover after parsing attributes in process `syz.8.6106'.
[  582.808799][T20095] netlink: 20 bytes leftover after parsing attributes in process `syz.8.6106'.
[  582.817825][ T5906] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.854923][ T5906] usb 2-1: config 0 descriptor??
[  582.860674][T20071] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  582.907797][ T5906] keyspan 2-1:0.11: Keyspan 4 port adapter converter detected
[  582.938149][ T5906] keyspan 2-1:0.11: found no endpoint descriptor for endpoint 81
[  582.978044][ T5906] keyspan 2-1:0.11: found no endpoint descriptor for endpoint 1
[  583.028021][ T5906] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  583.045828][ T5906] keyspan 2-1:0.11: found no endpoint descriptor for endpoint 82
[  583.112692][ T5906] keyspan 2-1:0.11: found no endpoint descriptor for endpoint 2
[  583.146582][ T5906] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  583.207325][ T5906] keyspan 2-1:0.11: found no endpoint descriptor for endpoint 83
[  583.236539][ T5906] keyspan 2-1:0.11: found no endpoint descriptor for endpoint 3
[  583.287431][ T5906] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  583.317867][ T5906] keyspan 2-1:0.11: found no endpoint descriptor for endpoint 84
[  583.337268][ T5906] keyspan 2-1:0.11: found no endpoint descriptor for endpoint 4
[  583.375027][ T5906] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  583.395817][  T914] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  583.418391][T20123] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6120'.
[  583.437758][T20121] netdevsim netdevsim7 netdevsim0: entered promiscuous mode
[  583.448629][ T5906] usb 2-1: USB disconnect, device number 72
[  583.456251][T20121] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  583.519224][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  583.525705][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  583.536914][ T5906] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  583.567725][ T5906] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  583.583382][  T914] usb 9-1: config 0 has an invalid interface number: 64 but max is 0
[  583.606165][  T914] usb 9-1: config 0 has no interface number 0
[  583.611883][ T5906] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  583.645138][  T914] usb 9-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  583.659199][ T5906] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  583.676263][  T914] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  583.684276][  T914] usb 9-1: Product: syz
[  583.698525][ T5906] keyspan 2-1:0.11: device disconnected
[  583.737905][  T914] usb 9-1: Manufacturer: syz
[  583.742543][  T914] usb 9-1: SerialNumber: syz
[  583.781877][  T914] usb 9-1: config 0 descriptor??
[  584.022327][   T30] audit: type=1326 audit(1763642429.469:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20138 comm="syz.5.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  584.032625][  T914] uvcvideo 9-1:0.64: Found Unit with invalid ID 0
[  584.079073][  T914] uvcvideo 9-1:0.64: Found UVC 0.08 device syz (046d:0823)
[  584.093481][   T30] audit: type=1326 audit(1763642429.469:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20138 comm="syz.5.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  584.101441][  T914] uvcvideo 9-1:0.64: Failed to create links for entity 65535
[  584.170909][  T914] uvcvideo 9-1:0.64: Failed to register entities (-22).
[  584.205339][   T30] audit: type=1326 audit(1763642429.506:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20138 comm="syz.5.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  584.302657][  T914] usb 9-1: USB disconnect, device number 6
[  584.324894][   T30] audit: type=1326 audit(1763642429.506:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20138 comm="syz.5.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  584.384877][   T30] audit: type=1326 audit(1763642429.506:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20138 comm="syz.5.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  584.416018][T20153] loop6: detected capacity change from 0 to 16
[  584.463569][T20153] erofs (device loop6): mounted with root inode @ nid 36.
[  584.520184][T20153] erofs (device loop6): inconsistent algorithmtype 1 for nid 89
[  584.573163][T20153] erofs (device loop6): readahead error at folio 1 @ nid 89
[  584.630586][T20153] erofs (device loop6): inconsistent algorithmtype 1 for nid 89
[  584.668296][T20153] erofs (device loop6): inconsistent algorithmtype 1 for nid 89
[  584.676925][T20153] erofs (device loop6): read error -117 @ 1 of nid 89
[  584.906418][T20172] TCP: TCP_TX_DELAY enabled
[  585.012287][T20180] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  585.042830][T20181] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  585.060717][T20180] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  585.325873][T20194] netlink: 212408 bytes leftover after parsing attributes in process `syz.5.6156'.
[  585.382213][T20197] netlink: 'syz.6.6157': attribute type 1 has an invalid length.
[  585.459248][ T1204] usb 8-1: new full-speed USB device number 12 using dummy_hcd
[  585.477769][T20201] xt_cgroup: path and classid specified
[  585.641666][ T1204] usb 8-1: not running at top speed; connect to a high speed hub
[  585.662487][ T1204] usb 8-1: config 95 has an invalid interface number: 1 but max is 0
[  585.670603][ T1204] usb 8-1: config 95 has no interface number 0
[  585.704747][ T1204] usb 8-1: config 95 interface 1 has no altsetting 0
[  585.748013][T20215] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  585.756070][T20215] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  585.772370][ T1204] usb 8-1: New USB device found, idVendor=0763, idProduct=2031, bcdDevice=ad.3f
[  585.802943][ T1204] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.811425][ T1204] usb 8-1: Product: syz
[  585.857286][ T1204] usb 8-1: Manufacturer: syz
[  585.861924][ T1204] usb 8-1: SerialNumber: syz
[  585.994114][  T914] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  586.031477][T20225] loop1: detected capacity change from 0 to 256
[  586.050588][T20225] exfat: Deprecated parameter 'namecase'
[  586.056278][T20225] exfat: Deprecated parameter 'namecase'
[  586.064719][T20224] team0: Port device team_slave_0 removed
[  586.080740][T20224] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  586.116128][T20225] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbc8dc3cd, utbl_chksum : 0xe619d30d)
[  586.182657][T20225] exFAT-fs (loop1): error, data size is invalid(16777215)
[  586.193230][  T914] usb 1-1: Using ep0 maxpacket: 16
[  586.220130][  T914] usb 1-1: config 0 has an invalid interface number: 237 but max is 0
[  586.243578][  T914] usb 1-1: config 0 has no interface number 0
[  586.275820][  T914] usb 1-1: config 0 interface 237 has no altsetting 0
[  586.313460][  T914] usb 1-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad
[  586.344017][  T914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  586.368553][  T914] usb 1-1: Product: syz
[  586.381970][  T914] usb 1-1: Manufacturer: syz
[  586.386659][  T914] usb 1-1: SerialNumber: syz
[  586.392509][ T1204] usb 8-1: USB disconnect, device number 12
[  586.439311][  T914] usb 1-1: config 0 descriptor??
[  586.451422][T20235] netlink: 'syz.1.6175': attribute type 10 has an invalid length.
[  586.456531][  T914] snd_usb_podhd 1-1:0.237: Line 6 POD HD300 found
[  586.481868][T20235] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6175'.
[  586.495580][T20235] batman_adv: batadv0: Adding interface: virt_wifi0
[  586.503198][T20235] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  586.558268][T20235] batman_adv: batadv0: Interface activated: virt_wifi0
[  586.643367][ T6174] udevd[6174]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:95.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  586.680353][  T914] snd_usb_podhd 1-1:0.237: cannot get proper max packet size
[  586.722087][  T914] snd_usb_podhd 1-1:0.237: Line 6 POD HD300 now disconnected
[  586.756105][  T914] snd_usb_podhd 1-1:0.237: probe with driver snd_usb_podhd failed with error -22
[  586.916796][  T914] usb 1-1: USB disconnect, device number 65
[  587.157662][T20221] loop8: detected capacity change from 0 to 32768
[  587.340757][T20259] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6188'.
[  587.373076][T20259] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6188'.
[  587.421993][T20259] netlink: 540 bytes leftover after parsing attributes in process `syz.6.6188'.
[  587.554753][ T1204] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  587.629953][T20267] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  587.634974][T20263] loop8: detected capacity change from 0 to 4096
[  587.636820][T20267] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  587.650947][T20263] ntfs3(loop8): ino=3, Correct links count -> 2.
[  587.715544][ T1204] usb 2-1: Using ep0 maxpacket: 16
[  587.723330][ T1204] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  587.732004][ T1204] usb 2-1: config 0 has no interface number 0
[  587.743977][ T1204] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  587.757728][ T1204] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  587.782120][ T1204] usb 2-1: Product: syz
[  587.786448][ T1204] usb 2-1: Manufacturer: syz
[  587.807133][ T1204] usb 2-1: SerialNumber: syz
[  587.839349][ T1204] usb 2-1: config 0 descriptor??
[  587.907967][ T1204] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  588.243139][T20289] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6203'.
[  588.303470][ T1204] gspca_spca1528: reg_w err -71
[  588.324640][ T5906] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  588.339990][ T1204] spca1528 2-1:0.1: probe with driver spca1528 failed with error -71
[  588.371117][ T1204] usb 2-1: USB disconnect, device number 73
[  588.414585][T20287] loop8: detected capacity change from 0 to 4096
[  588.424139][T20295] xt_CT: You must specify a L4 protocol and not use inversions on it
[  588.440807][T20294] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  588.485099][T20287] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[  588.518643][ T5906] usb 8-1: Using ep0 maxpacket: 8
[  588.533446][ T5906] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  588.566514][ T5906] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  588.599005][ T5906] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  588.638357][T20287] ntfs3(loop8): Failed to load $Extend (-22).
[  588.644524][ T5906] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  588.667043][T20287] ntfs3(loop8): Failed to initialize $Extend.
[  588.675119][ T5906] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  588.708435][ T5906] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  588.732642][ T5906] usb 8-1: SerialNumber: syz
[  588.754326][T20283] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[  588.776960][ T5906] usb 8-1: bad CDC descriptors
[  588.811818][ T5906] usb-storage 8-1:1.0: USB Mass Storage device detected
[  588.853841][ T5906] usb-storage 8-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  588.876549][ T5906] scsi host1: usb-storage 8-1:1.0
[  589.679009][T20344] binder: BC_ACQUIRE_RESULT not supported
[  589.702745][T20344] binder: 20342:20344 ioctl c0306201 200000000480 returned -22
[  589.899724][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  589.899746][   T30] audit: type=1326 audit(1763642434.969:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.0.6233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47818f749 code=0x7ffc0000
[  590.022130][   T30] audit: type=1326 audit(1763642434.969:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.0.6233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47818f749 code=0x7ffc0000
[  590.044503][    C0] vkms_vblank_simulate: vblank timer overrun
[  590.118168][   T30] audit: type=1326 audit(1763642434.969:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.0.6233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7fb47818f749 code=0x7ffc0000
[  590.197605][   T30] audit: type=1326 audit(1763642434.969:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.0.6233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47818f749 code=0x7ffc0000
[  590.220067][    C0] vkms_vblank_simulate: vblank timer overrun
[  590.230754][T20308] usb 8-1: reset high-speed USB device number 13 using dummy_hcd
[  590.334522][   T30] audit: type=1326 audit(1763642434.969:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.0.6233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47818f749 code=0x7ffc0000
[  590.498877][T20379] netlink: 348 bytes leftover after parsing attributes in process `syz.8.6246'.
[  590.790166][T20393] netlink: 40 bytes leftover after parsing attributes in process `syz.5.6253'.
[  590.843649][T20395] loop6: detected capacity change from 0 to 256
[  590.920694][T20390] loop1: detected capacity change from 0 to 4096
[  590.951488][T20390] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  591.041961][T20401] loop7: detected capacity change from 0 to 256
[  591.051803][T20400] xt_hashlimit: size too large, truncated to 1048576
[  591.058721][T20400] xt_hashlimit: max too large, truncated to 1048576
[  591.134655][   T24] usb 8-1: USB disconnect, device number 13
[  591.284658][T20403] loop8: detected capacity change from 0 to 2048
[  591.355140][T20403] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  591.531597][T20413] x_tables: unsorted underflow at hook 4
[  591.767611][T20422] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6268'.
[  592.055837][T20435] netlink: 'syz.5.6274': attribute type 1 has an invalid length.
[  592.440793][ T5906] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  592.459512][T20451] loop8: detected capacity change from 0 to 2048
[  592.500603][T20451] EXT4-fs (loop8): Test dummy encryption mode enabled
[  592.556072][T20451] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  592.633332][ T5906] usb 2-1: Using ep0 maxpacket: 8
[  592.656477][ T5906] usb 2-1: New USB device found, idVendor=0471, idProduct=0313, bcdDevice=81.d5
[  592.665762][ T5906] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  592.673757][ T5906] usb 2-1: Product: syz
[  592.697335][ T5906] usb 2-1: Manufacturer: syz
[  592.701954][ T5906] usb 2-1: SerialNumber: syz
[  592.762204][ T5906] usb 2-1: config 0 descriptor??
[  592.776198][ T5906] pwc: Philips PCVC720K/40 (ToUCam XS) USB webcam detected.
[  592.800263][T16785] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  592.998770][ T5906] pwc: send_video_command error -71
[  593.004012][ T5906] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  593.058189][ T5906] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[  593.081787][ T5906] usb 2-1: USB disconnect, device number 74
[  593.348896][   T30] audit: type=1326 audit(1763642438.177:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.6.6301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  593.456112][   T30] audit: type=1326 audit(1763642438.177:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.6.6301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  593.532765][   T30] audit: type=1326 audit(1763642438.186:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.6.6301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  593.583453][T20503] loop8: detected capacity change from 0 to 512
[  593.598634][T20503] EXT4-fs: Ignoring removed oldalloc option
[  593.609903][   T30] audit: type=1326 audit(1763642438.186:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.6.6301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  593.691830][   T30] audit: type=1326 audit(1763642438.186:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.6.6301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  593.714193][    C0] vkms_vblank_simulate: vblank timer overrun
[  593.739761][T20503] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  593.783219][T20503] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  593.793865][T20509] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  593.898819][T16785] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  594.197927][T20528] sock: sock_timestamping_bind_phc: sock not bind to device
[  594.209992][T20529] loop7: detected capacity change from 0 to 164
[  594.754534][T20549] loop6: detected capacity change from 0 to 512
[  594.869425][T20549] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.6326: inode has both inline data and extents flags
[  594.980986][T20562] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6333'.
[  595.002602][T20549] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.6326: couldn't read orphan inode 15 (err -117)
[  595.045133][T20549] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  595.339201][T10799] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  595.387818][T20575] xt_bpf: check failed: parse error
[  595.969287][   T24] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  596.153031][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  596.175802][   T24] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x9D, changing to 0x8D
[  596.209163][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  596.245476][   T24] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  596.254994][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.277617][   T24] usb 8-1: Product: syz
[  596.288207][   T24] usb 8-1: Manufacturer: syz
[  596.298997][   T24] usb 8-1: SerialNumber: syz
[  596.343363][   T24] usb 8-1: config 0 descriptor??
[  596.414808][T20615] loop5: detected capacity change from 0 to 128
[  596.505559][T20615] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  596.513657][T20615] FAT-fs (loop5): Filesystem has been set read-only
[  596.621122][T20622] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6361'.
[  596.640551][   T24] usb 8-1: USB disconnect, device number 14
[  596.694437][T20584] loop6: detected capacity change from 0 to 32768
[  596.737277][T20584] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6338 (20584)
[  596.816407][T20584] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  596.842311][T20628] xt_l2tp: invalid flags combination: 8
[  596.856678][T20584] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  597.007527][T20584] BTRFS info (device loop6): rebuilding free space tree
[  597.148753][T20584] BTRFS info (device loop6): checking UUID tree
[  597.164134][T20584] BTRFS info (device loop6): enabling ssd optimizations
[  597.178079][T20584] BTRFS info (device loop6): turning off barriers
[  597.184519][T20584] BTRFS info (device loop6): disabling tree log
[  597.223793][T20584] BTRFS info (device loop6): turning on flush-on-commit
[  597.251811][T20584] BTRFS info (device loop6): enabling free space tree
[  597.299391][T20584] BTRFS info (device loop6): force clearing of disk cache
[  597.319541][T20584] BTRFS info (device loop6): use lzo compression, level 1
[  597.325713][T20663] loop8: detected capacity change from 0 to 256
[  597.337339][T20584] BTRFS info (device loop6): max_inline set to 0
[  597.482414][T20663] FAT-fs (loop8): Directory bread(block 64) failed
[  597.491326][T20667] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6375'.
[  597.510741][   T24] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  597.534409][T20663] FAT-fs (loop8): Directory bread(block 65) failed
[  597.555800][T20667] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6375'.
[  597.566590][T20663] FAT-fs (loop8): Directory bread(block 66) failed
[  597.570507][T20670] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  597.582513][T20663] FAT-fs (loop8): Directory bread(block 67) failed
[  597.601048][T20663] FAT-fs (loop8): Directory bread(block 68) failed
[  597.610882][T10799] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  597.658220][T20663] FAT-fs (loop8): Directory bread(block 69) failed
[  597.664853][T20663] FAT-fs (loop8): Directory bread(block 70) failed
[  597.682638][T20663] FAT-fs (loop8): Directory bread(block 71) failed
[  597.689449][T20663] FAT-fs (loop8): Directory bread(block 72) failed
[  597.700946][   T24] usb 1-1: Using ep0 maxpacket: 32
[  597.716874][   T24] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  597.732936][   T24] usb 1-1: config 0 has no interface number 0
[  597.739594][T20663] FAT-fs (loop8): Directory bread(block 73) failed
[  597.752698][   T24] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  597.776278][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  597.814373][   T24] usb 1-1: Product: syz
[  597.838267][T20676] loop7: detected capacity change from 0 to 256
[  597.853744][   T24] usb 1-1: Manufacturer: syz
[  597.867802][   T24] usb 1-1: SerialNumber: syz
[  597.892462][   T24] usb 1-1: config 0 descriptor??
[  597.923251][   T24] radio-si470x 1-1:0.35: could not find interrupt in endpoint
[  597.944776][T20676] FAT-fs (loop7): Directory bread(block 64) failed
[  597.963486][T20676] FAT-fs (loop7): Directory bread(block 65) failed
[  597.974356][   T24] radio-si470x 1-1:0.35: probe with driver radio-si470x failed with error -5
[  598.043425][T20676] FAT-fs (loop7): Directory bread(block 66) failed
[  598.065128][T20676] FAT-fs (loop7): Directory bread(block 67) failed
[  598.071754][T20676] FAT-fs (loop7): Directory bread(block 68) failed
[  598.133257][T20676] FAT-fs (loop7): Directory bread(block 69) failed
[  598.153340][   T24] radio-raremono 1-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  598.161535][T20676] FAT-fs (loop7): Directory bread(block 70) failed
[  598.213844][T20676] FAT-fs (loop7): Directory bread(block 71) failed
[  598.259533][T20676] FAT-fs (loop7): Directory bread(block 72) failed
[  598.266111][T20676] FAT-fs (loop7): Directory bread(block 73) failed
[  598.368791][   T24] radio-raremono 1-1:0.35: raremono_cmd_main failed (-71)
[  598.409957][   T24] radio-raremono 1-1:0.35: V4L2 device registered as radio48
[  598.485965][   T24] usb 1-1: USB disconnect, device number 66
[  598.512523][   T24] radio-raremono 1-1:0.35: Thanko's Raremono disconnected
[  598.600612][T20692] netlink: 20 bytes leftover after parsing attributes in process `syz.8.6386'.
[  599.011310][T20704] loop1: detected capacity change from 0 to 164
[  599.121204][T20710] random: crng reseeded on system resumption
[  599.166907][T20704] iso9660: Corrupted directory entry in block 2 of inode 1920
[  599.207977][T20710] Unrecognized hibernate image header format!
[  599.223456][T20710] PM: hibernation: Image mismatch: architecture specific data
[  599.435464][T20683] loop5: detected capacity change from 0 to 32768
[  599.471134][T20683] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.6384 (20683)
[  599.538730][T20683] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  599.571299][T20683] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  599.709578][T20737] netlink: 'syz.1.6402': attribute type 15 has an invalid length.
[  599.721006][T20716] loop8: detected capacity change from 0 to 4096
[  599.742955][T20683] BTRFS info (device loop5): setting nodatasum
[  599.783250][T20683] BTRFS info (device loop5): setting nodatacow
[  599.808790][T20683] BTRFS info (device loop5): enabling ssd optimizations
[  599.837977][T20683] BTRFS info (device loop5): turning on async discard
[  599.838681][T20716] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[  599.863043][T20683] BTRFS info (device loop5): enabling free space tree
[  599.956867][T20716] ntfs3(loop8): Failed to load $Extend (-22).
[  599.995678][T20716] ntfs3(loop8): Failed to initialize $Extend.
[  600.134209][ T5819] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  600.151616][T20748] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6405'.
[  600.158995][T20716] ntfs3(loop8): ino=21, The size of extended attributes must not exceed 64KiB
[  601.464606][T20792] xt_ecn: cannot match TCP bits for non-tcp packets
[  602.037966][T20818] sock: sock_timestamping_bind_phc: sock not bind to device
[  602.249994][T20827] Option '    ' to dns_resolver key: bad/missing value
[  602.308104][T20834] netlink: 188 bytes leftover after parsing attributes in process `syz.8.6448'.
[  602.325410][T20837] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6449'.
[  602.544747][ T5972] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  602.704991][T20849] loop7: detected capacity change from 0 to 512
[  602.717396][T20852] loop1: detected capacity change from 0 to 2048
[  602.736684][ T5972] usb 7-1: Using ep0 maxpacket: 8
[  602.748894][ T5972] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  602.768814][T20852] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  602.789315][ T5972] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  602.815342][T20849] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  602.833380][  T914] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[  602.870580][ T5972] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  602.880728][T20849] ext4 filesystem being mounted at /537/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  602.907576][ T5972] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  602.961064][ T5972] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  603.000041][ T5972] usb 7-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  603.027249][ T5972] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.050327][  T914] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  603.064388][T13226] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  603.078860][  T914] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  603.096154][ T5972] usb 7-1: config 0 descriptor??
[  603.102309][  T914] usb 1-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[  603.112429][T20831] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  603.119770][  T914] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.180899][  T914] usb 1-1: config 0 descriptor??
[  603.217166][T20865] netlink: 'syz.1.6461': attribute type 4 has an invalid length.
[  603.613530][T20864] Bluetooth: hci0: command 0x0406 tx timeout
[  603.618070][  T914] usb 7-1: USB disconnect, device number 15
[  603.632073][T20793] Bluetooth: hci6: Opcode 0x0c03 failed: -71
[  603.673483][ T5972] usb 1-1: USB disconnect, device number 67
[  603.679648][T20886] loop7: detected capacity change from 0 to 64
[  603.763944][T20886] syz.7.6468: attempt to access beyond end of device
[  603.763944][T20886] loop7: rw=0, sector=128, nr_sectors = 2 limit=64
[  603.823541][T20886] Trying to free block not in datazone
[  603.833748][T20886] Trying to free block not in datazone
[  603.841652][T20886] Trying to free block not in datazone
[  603.847113][T20886] Trying to free block not in datazone
[  603.854155][T20886] Trying to free block not in datazone
[  603.860043][T20886] Trying to free block not in datazone
[  603.865510][T20886] minix_free_block (loop7:6): bit already cleared
[  604.189269][T20901] netlink: 'syz.8.6478': attribute type 25 has an invalid length.
[  604.500750][T20917] xt_bpf: check failed: parse error
[  604.509071][T20919] loop7: detected capacity change from 0 to 1024
[  604.559054][T20910] loop6: detected capacity change from 0 to 4096
[  604.579813][T20910] ntfs3(loop6): Unsupported bytes per MFT record 8192.
[  604.599167][T20910] ntfs3(loop6): try to read out of volume at offset 0x1ffe00
[  604.626871][T20919] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  604.684653][T20919] EXT4-fs error (device loop7): ext4_get_first_dir_block:3552: inode #11: comm syz.7.6485: directory missing '..'
[  604.693214][T20923] netlink: 'syz.8.6488': attribute type 2 has an invalid length.
[  604.705695][T20910] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  604.727912][T20923] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6488'.
[  604.940337][T13226] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  605.369217][T20940] loop1: detected capacity change from 0 to 4096
[  605.422580][T20940] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  605.435960][T20948] loop7: detected capacity change from 0 to 512
[  605.454531][T20940] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[  605.477253][T20940] NILFS (loop1): mounting unchecked fs
[  605.506435][T20948] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  605.529247][T20940] NILFS (loop1): invalid segment: Checksum error in segment payload
[  605.560369][T20940] NILFS (loop1): unable to fall back to spare super block
[  605.601818][T20940] NILFS (loop1): error -22 while searching super root
[  605.605832][T20948] EXT4-fs (loop7): orphan cleanup on readonly fs
[  605.626224][T20948] EXT4-fs error (device loop7): ext4_orphan_get:1392: comm syz.7.6500: inode #15: comm syz.7.6500: iget: illegal inode #
[  605.647558][T20957] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6505'.
[  605.656885][T20957] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6505'.
[  605.667327][T20957] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6505'.
[  605.676350][T20957] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6505'.
[  605.685621][T20957] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6505'.
[  605.694748][T20957] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6505'.
[  605.703817][T20957] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6505'.
[  605.734917][T20948] EXT4-fs (loop7): Remounting filesystem read-only
[  605.769889][T20948] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  605.879262][T20918] loop5: detected capacity change from 0 to 32768
[  606.045910][T13226] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  606.688828][T20989] loop7: detected capacity change from 0 to 512
[  606.730128][T20989] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #15: comm syz.7.6518: iget: bad i_size value: 38620345925642
[  606.757848][T20989] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.6518: couldn't read orphan inode 15 (err -117)
[  606.813817][T20989] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  607.081819][T13226] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  608.210640][T21064] netlink: 'syz.5.6556': attribute type 1 has an invalid length.
[  608.218406][T21064] __nla_validate_parse: 47 callbacks suppressed
[  608.218424][T21064] netlink: 228 bytes leftover after parsing attributes in process `syz.5.6556'.
[  608.275010][  T914] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  608.395246][T21070] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6559'.
[  608.511928][  T914] usb 9-1: unable to get BOS descriptor or descriptor too short
[  608.525215][  T914] usb 9-1: config 1 has an invalid interface number: 255 but max is 1
[  608.535273][T21077] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6563'.
[  608.545025][  T914] usb 9-1: config 1 has no interface number 1
[  608.545078][  T914] usb 9-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  608.545119][  T914] usb 9-1: too many endpoints for config 1 interface 255 altsetting 255: 255, using maximum allowed: 30
[  608.545165][  T914] usb 9-1: config 1 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  608.545198][  T914] usb 9-1: config 1 interface 0 has no altsetting 0
[  608.656303][  T914] usb 9-1: config 1 interface 255 has no altsetting 0
[  608.668057][  T914] usb 9-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  608.678503][  T914] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  608.725438][  T914] usb 9-1: Product: syz
[  608.731878][  T914] usb 9-1: Manufacturer: syz
[  608.737063][  T914] usb 9-1: SerialNumber: syz
[  608.890619][T21094] loop5: detected capacity change from 0 to 128
[  608.975852][T21094] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  609.003204][T21094] ext4 filesystem being mounted at /1098/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  609.019593][  T914] smsusb:smsusb_probe: board id=8, interface number 0
[  609.047753][  T914] smsusb:smsusb_probe: board id=8, interface number 255
[  609.068020][  T914] usb 9-1: USB disconnect, device number 7
[  609.118903][T21098] netlink: 88 bytes leftover after parsing attributes in process `syz.7.6572'.
[  609.243164][ T5819] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  609.331230][T21108] xt_hashlimit: max too large, truncated to 1048576
[  609.688929][T21124] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6585'.
[  609.975642][T21137] vlan0: entered promiscuous mode
[  610.187075][T21141] IPv6: sit1: Disabled Multicast RS
[  610.427036][T21155] netlink: del zone limit has 4 unknown bytes
[  610.493159][T21159] loop8: detected capacity change from 0 to 256
[  610.692330][T21159] FAT-fs (loop8): Directory bread(block 64) failed
[  610.724084][T21159] FAT-fs (loop8): Directory bread(block 65) failed
[  610.743776][T21171] netlink: 64985 bytes leftover after parsing attributes in process `syz.5.6608'.
[  610.753553][T21159] FAT-fs (loop8): Directory bread(block 66) failed
[  610.805200][T21159] FAT-fs (loop8): Directory bread(block 67) failed
[  610.830122][T21159] FAT-fs (loop8): Directory bread(block 68) failed
[  610.836674][T21159] FAT-fs (loop8): Directory bread(block 69) failed
[  610.865643][T21159] FAT-fs (loop8): Directory bread(block 70) failed
[  610.904184][T21159] FAT-fs (loop8): Directory bread(block 71) failed
[  610.931043][T21159] FAT-fs (loop8): Directory bread(block 72) failed
[  610.967321][T21159] FAT-fs (loop8): Directory bread(block 73) failed
[  611.156802][   T30] audit: type=1326 audit(1763642454.844:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21184 comm="syz.6.6615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  611.243588][   T30] audit: type=1326 audit(1763642454.844:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21184 comm="syz.6.6615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  611.320156][   T30] audit: type=1326 audit(1763642454.844:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21184 comm="syz.6.6615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  611.390091][   T30] audit: type=1326 audit(1763642454.844:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21184 comm="syz.6.6615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  611.455830][T21198] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6622'.
[  611.470049][T21196] loop6: detected capacity change from 0 to 1024
[  611.505499][T21198] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6622'.
[  611.515276][   T30] audit: type=1326 audit(1763642454.844:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21184 comm="syz.6.6615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa792f8f749 code=0x7ffc0000
[  611.629537][T21202] openvswitch: netlink: Unexpected mask (mask=840, allowed=10048)
[  611.639646][T21196] syz.6.6621: attempt to access beyond end of device
[  611.639646][T21196] loop6: rw=0, sector=917504, nr_sectors = 2 limit=1024
[  611.689416][T21204] loop1: detected capacity change from 0 to 256
[  611.718362][T21196] Buffer I/O error on dev loop6, logical block 458752, async page read
[  611.727420][T21196] syz.6.6621: attempt to access beyond end of device
[  611.727420][T21196] loop6: rw=0, sector=917504, nr_sectors = 2 limit=1024
[  611.760082][T21196] Buffer I/O error on dev loop6, logical block 458752, async page read
[  611.823238][T21204] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf4000b1f, utbl_chksum : 0xe619d30d)
[  611.938280][T21212] loop7: detected capacity change from 0 to 256
[  611.971481][T21212] exfat: Deprecated parameter 'namecase'
[  612.010880][T21212] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  612.103566][T21212] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  612.205880][T21220] loop6: detected capacity change from 0 to 128
[  612.242411][T21220] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  612.301256][T21220] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  612.443184][T21228] loop1: detected capacity change from 0 to 256
[  612.651521][T21228] FAT-fs (loop1): Directory bread(block 64) failed
[  612.659315][T21234] loop8: detected capacity change from 0 to 1024
[  612.684588][T21228] FAT-fs (loop1): Directory bread(block 65) failed
[  612.720232][T21228] FAT-fs (loop1): Directory bread(block 66) failed
[  612.720998][T21234] hfsplus: keylen 65060 too large
[  612.752203][T21228] FAT-fs (loop1): Directory bread(block 67) failed
[  612.765247][T21234] hfsplus: xattr searching failed
[  612.777922][T21228] FAT-fs (loop1): Directory bread(block 68) failed
[  612.799106][T21228] FAT-fs (loop1): Directory bread(block 69) failed
[  612.806330][T21228] FAT-fs (loop1): Directory bread(block 70) failed
[  612.838641][T21228] FAT-fs (loop1): Directory bread(block 71) failed
[  612.885332][T21228] FAT-fs (loop1): Directory bread(block 72) failed
[  612.898724][T21228] FAT-fs (loop1): Directory bread(block 73) failed
[  613.000893][T21246] netlink: 408 bytes leftover after parsing attributes in process `syz.7.6644'.
[  613.106261][T21251] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6647'.
[  613.588403][T21274] __nla_validate_parse: 1 callbacks suppressed
[  613.588425][T21274] netlink: 76 bytes leftover after parsing attributes in process `syz.5.6659'.
[  613.656778][T21274] netlink: 76 bytes leftover after parsing attributes in process `syz.5.6659'.
[  614.563091][T21318] loop6: detected capacity change from 0 to 16
[  614.599200][T21319] loop7: detected capacity change from 0 to 256
[  614.606585][T21318] erofs (device loop6): mounted with root inode @ nid 36.
[  614.656229][T21321] loop1: detected capacity change from 0 to 64
[  614.722016][ T1204] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  614.917116][ T1204] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  614.962028][ T1204] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.025183][ T1204] usb 9-1: config 0 descriptor??
[  615.261245][T21287] loop5: detected capacity change from 0 to 32768
[  615.366340][T21287] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  615.479451][ T1204] ath6kl: Failed to submit usb control message: -71
[  615.502439][ T1204] ath6kl: unable to send the bmi data to the device: -71
[  615.513115][ T1204] ath6kl: Unable to send get target info: -71
[  615.526353][ T1204] ath6kl: Failed to init ath6kl core: -71
[  615.533434][ T1204] ath6kl_usb 9-1:0.0: probe with driver ath6kl_usb failed with error -71
[  615.559201][T21287] XFS (loop5): Ending clean mount
[  615.570726][ T1204] usb 9-1: USB disconnect, device number 8
[  615.616164][T21287] XFS (loop5): Quotacheck needed: Please wait.
[  615.719693][T21362] loop6: detected capacity change from 0 to 256
[  615.781868][T21287] XFS (loop5): Quotacheck: Done.
[  616.076161][T21370] bond3: option arp_interval: mode dependency failed, not supported in mode balance-tlb(5)
[  616.108684][T21370] bond3 (unregistering): Released all slaves
[  616.111598][ T5819] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  616.780965][T21393] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6714'.
[  616.812779][   T30] audit: type=1326 audit(1763642460.138:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21394 comm="syz.5.6706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  616.902785][   T30] audit: type=1326 audit(1763642460.176:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21394 comm="syz.5.6706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  617.006467][   T30] audit: type=1326 audit(1763642460.176:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21394 comm="syz.5.6706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  617.081429][T21373] loop6: detected capacity change from 0 to 32768
[  617.088232][   T30] audit: type=1326 audit(1763642460.176:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21394 comm="syz.5.6706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  617.168393][T21405] mmap: syz.8.6718 (21405): VmData 175878144 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  617.231736][T21373] ERROR: (device loop6): xtSearch: xt_getpage: xtree page corrupt
[  617.231736][T21373] 
[  617.314170][T21373] ERROR: (device loop6): remounting filesystem as read-only
[  617.355988][T21373] xtLookup: xtSearch returned -5
[  617.397029][T21373] ERROR: (device loop6): xtTruncate: xt_getpage: xtree page corrupt
[  617.397029][T21373] 
[  617.509546][T21414] xt_CT: You must specify a L4 protocol and not use inversions on it
[  617.551715][T21417] loop5: detected capacity change from 0 to 8
[  617.591917][T21383] loop7: detected capacity change from 0 to 32768
[  617.630627][T21417] SQUASHFS error: Failed to read block 0x1ec: -5
[  617.651196][T21417] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  617.666242][T21383] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.6709 (21383)
[  617.762373][T21383] BTRFS info (device loop7): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  617.779711][T21383] BTRFS info (device loop7): using blake2b (blake2b-256-generic) checksum algorithm
[  618.025319][T21444] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6730'.
[  618.086674][T21383] BTRFS info (device loop7): enabling ssd optimizations
[  618.136265][T21383] BTRFS info (device loop7): turning on async discard
[  618.164221][T21383] BTRFS info (device loop7): enabling free space tree
[  618.228433][T19261] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  618.288829][T19261] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  618.319137][T21454] bridge0: port 1(bridge_slave_0) entered disabled state
[  618.348399][T19261] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  618.405333][T19261] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  618.526350][T13226] BTRFS info (device loop7): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  618.784462][ T1204] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[  618.979478][ T1204] usb 6-1: Using ep0 maxpacket: 16
[  619.007197][ T1204] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  619.034910][ T1204] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  619.076260][ T1204] usb 6-1: New USB device found, idVendor=17ef, idProduct=7309, bcdDevice= 0.00
[  619.105948][ T1204] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  619.121726][ T1204] usb 6-1: config 0 descriptor??
[  619.144211][ T1204] hub 6-1:0.0: USB hub found
[  619.358614][ T1204] hub 6-1:0.0: 9 ports detected
[  619.394024][ T1204] hub 6-1:0.0: insufficient power available to use all downstream ports
[  619.403825][T21490] loop1: detected capacity change from 0 to 512
[  619.412888][T21490] EXT4-fs: Ignoring removed orlov option
[  619.434297][T21495] loop8: detected capacity change from 0 to 16
[  619.440921][T21494] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6753'.
[  619.457105][T21490] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  619.480966][T21495] erofs (device loop8): mounted with root inode @ nid 36.
[  619.535674][T21490] EXT4-fs (loop1): orphan cleanup on readonly fs
[  619.558113][T21490] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.6751: bg 0: block 248: padding at end of block bitmap is not set
[  619.582813][T21490] Quota error (device loop1): write_blk: dquota write failed
[  619.585342][ T1204] hub 6-1:0.0: hub_hub_status failed (err = -71)
[  619.598634][ T1204] hub 6-1:0.0: config failed, can't get hub status (err -71)
[  619.611015][T21490] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  619.698637][T21490] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.6751: Failed to acquire dquot type 1
[  619.716551][T21504] usb usb8: usbfs: process 21504 (syz.7.6757) did not claim interface 0 before use
[  619.731532][T21503] loop8: detected capacity change from 0 to 2048
[  619.748595][T21490] EXT4-fs (loop1): 1 truncate cleaned up
[  619.774252][T21503] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  619.794788][ T1204] usb 6-1: USB disconnect, device number 59
[  619.809359][T21490] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  619.933070][T21490] EXT4-fs: Ignoring removed orlov option
[  619.938901][T21490] EXT4-fs: can't change dax mount option while remounting
[  620.119883][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  620.374816][T21529] netlink: 32 bytes leftover after parsing attributes in process `syz.8.6771'.
[  620.428431][T21529] netlink: 32 bytes leftover after parsing attributes in process `syz.8.6771'.
[  620.641785][T21540] netlink: 'syz.7.6776': attribute type 21 has an invalid length.
[  620.652507][T21540] IPv6: NLM_F_CREATE should be specified when creating new route
[  620.708212][T21540] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  620.715576][T21540] IPv6: NLM_F_CREATE should be set when creating new route
[  620.722842][T21540] IPv6: NLM_F_CREATE should be set when creating new route
[  620.730064][T21540] IPv6: NLM_F_CREATE should be set when creating new route
[  620.846577][T21551] loop6: detected capacity change from 0 to 128
[  620.860623][T21550] cgroup: name respecified
[  620.904177][T21551] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  620.923179][T21551] ext4 filesystem being mounted at /767/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  621.060703][T21559] loop8: detected capacity change from 0 to 256
[  621.176549][T21560] mac80211_hwsim hwsim22 wlan0: entered promiscuous mode
[  621.181265][T10799] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  621.203535][T21560] mac80211_hwsim hwsim22 wlan0: entered allmulticast mode
[  621.246712][T21560] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  621.640728][T21580] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6794'.
[  621.661314][T21580] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6794'.
[  621.709873][T21586] loop1: detected capacity change from 0 to 128
[  621.879035][T21590] netlink: 72 bytes leftover after parsing attributes in process `syz.5.6801'.
[  622.375373][T21613] loop8: detected capacity change from 0 to 8
[  622.465017][T21570] loop6: detected capacity change from 0 to 32768
[  622.514805][T21570] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6789 (21570)
[  622.612183][T21570] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  622.668530][T21570] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  622.727602][T21570] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  622.966886][T21570] BTRFS info (device loop6): rebuilding free space tree
[  622.993312][T21570] BTRFS info (device loop6): disabling free space tree
[  623.018180][T21570] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  623.031141][   T24] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[  623.059327][T21647] vti0: entered promiscuous mode
[  623.066210][T21570] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  623.127099][T21570] BTRFS info (device loop6): setting nodatasum
[  623.155004][T21570] BTRFS info (device loop6): allowing degraded mounts
[  623.176675][T21570] BTRFS info (device loop6): turning on async discard
[  623.212784][   T24] usb 1-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  623.219030][T21570] BTRFS info (device loop6): enabling disk space caching
[  623.232449][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.242733][T21570] BTRFS info (device loop6): force clearing of disk cache
[  623.249863][T21570] BTRFS info (device loop6): force zlib compression, level 3
[  623.267699][   T24] usb 1-1: config 0 descriptor??
[  623.308201][T21653] netlink: 'syz.8.6823': attribute type 1 has an invalid length.
[  623.427706][ T5972] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[  623.463031][T21601] loop7: detected capacity change from 0 to 32768
[  623.544251][T10799] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  623.614464][ T5972] usb 6-1: Using ep0 maxpacket: 32
[  623.651827][ T5972] usb 6-1: config 0 interface 0 has no altsetting 0
[  623.675147][ T5972] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  623.715197][ T5972] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  623.734909][ T5972] usb 6-1: Product: syz
[  623.740662][   T24] hackrf 1-1:0.0: usb_control_msg() failed -71 request 0f
[  623.766583][ T5972] usb 6-1: Manufacturer: syz
[  623.771194][ T5972] usb 6-1: SerialNumber: syz
[  623.783538][   T24] hackrf 1-1:0.0: Could not detect board
[  623.809507][   T24] hackrf 1-1:0.0: probe with driver hackrf failed with error -71
[  623.857215][ T5972] usb 6-1: config 0 descriptor??
[  623.862625][   T24] usb 1-1: USB disconnect, device number 68
[  624.055500][T20885] Bluetooth: hci4: command 0x0406 tx timeout
[  624.389183][T21676] loop7: detected capacity change from 0 to 512
[  624.400307][ T5972] gs_usb 6-1:0.0: Couldn't get device config: (err=-71)
[  624.407302][ T5972] gs_usb 6-1:0.0: probe with driver gs_usb failed with error -71
[  624.466538][ T5972] usb 6-1: USB disconnect, device number 60
[  624.475514][T21676] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  624.567788][T21676] ext4 filesystem being mounted at /593/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  624.607634][T21685] netlink: 'syz.6.6836': attribute type 29 has an invalid length.
[  624.771721][ T1204] usb 1-1: new high-speed USB device number 69 using dummy_hcd
[  624.787449][T21687] netlink: 132 bytes leftover after parsing attributes in process `syz.8.6838'.
[  624.805508][T13226] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  624.806950][T21666] loop1: detected capacity change from 0 to 32768
[  624.827630][T21666] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.6830 (21666)
[  624.867969][T21666] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  624.893193][T21666] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  624.944508][ T1204] usb 1-1: Using ep0 maxpacket: 8
[  624.958861][ T1204] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  625.040035][ T1204] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  625.058768][ T1204] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  625.070237][ T1204] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  625.092511][ T1204] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  625.108577][ T1204] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  625.135796][ T1204] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  625.143890][ T1204] usb 1-1: Product: syz
[  625.153618][T21666] BTRFS info (device loop1): enabling ssd optimizations
[  625.168634][T21666] BTRFS info (device loop1): turning on async discard
[  625.172578][ T1204] usb 1-1: Manufacturer: syz
[  625.192430][ T1204] usb 1-1: SerialNumber: syz
[  625.209950][T21666] BTRFS info (device loop1): enabling free space tree
[  625.222634][ T1204] usb 1-1: config 0 descriptor??
[  625.427588][ T5820] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  625.452035][ T1204] radio-si470x 1-1:0.0: DeviceID=0x6e38 ChipID=0x8e9d
[  625.690522][ T1204] radio-si470x 1-1:0.0: si470x_get_report: usb_control_msg returned -71
[  625.726005][ T1204] radio-si470x 1-1:0.0: si470x_get_scratch: si470x_get_report returned -71
[  625.774778][ T1204] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -5
[  625.843464][ T1204] usb 1-1: USB disconnect, device number 69
[  626.742614][T21764] loop8: detected capacity change from 0 to 4096
[  626.807589][T21764] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512).
[  626.957973][T21764] ntfs3(loop8): ino=19, mi_enum_attr
[  627.030390][T21764] ntfs3(loop8): failed to convert "c46c" to iso8859-3
[  627.051399][T21764] ntfs3(loop8): ino=20, mi_enum_attr
[  627.430530][T21800] netlink: 64 bytes leftover after parsing attributes in process `syz.6.6885'.
[  627.442187][ T5922] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[  627.535578][T21795] loop1: detected capacity change from 0 to 4096
[  627.618985][ T5922] usb 6-1: Using ep0 maxpacket: 16
[  627.628391][ T5922] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  627.636402][ T5922] usb 6-1: config 0 has no interface number 0
[  627.680751][ T5922] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  627.729909][ T5922] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  627.808997][ T5922] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  627.844395][ T5922] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  627.869484][ T5922] usb 6-1: Product: syz
[  627.915691][ T5922] usb 6-1: SerialNumber: syz
[  627.940609][ T5922] usb 6-1: config 0 descriptor??
[  627.984450][ T5922] cm109 6-1:0.8: invalid payload size 0, expected 4
[  628.002817][ T5922] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input51
[  628.194325][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  628.435140][ T5972] usb 6-1: USB disconnect, device number 61
[  628.486496][ T5972] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  629.200377][T21869] xt_hashlimit: overflow, try lower: 6/0
[  629.524652][T21882] netlink: 666 bytes leftover after parsing attributes in process `syz.1.6918'.
[  629.814737][T21892] mmap: syz.0.6921 (21892) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  630.171677][T21910] loop6: detected capacity change from 0 to 64
[  630.274783][T21914] loop1: detected capacity change from 0 to 512
[  630.482389][T21914] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  630.582702][T21914] ext4 filesystem being mounted at /1194/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  630.730851][T21914] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz.1.6930: directory missing '..'
[  630.956758][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.019180][T21888] loop7: detected capacity change from 0 to 32768
[  631.082349][T21888] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.6920 (21888)
[  631.147005][T21944] loop5: detected capacity change from 0 to 256
[  631.219147][T21888] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  631.276225][T21944] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x6f16a1e2, utbl_chksum : 0xe619d30d)
[  631.304502][T21888] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm
[  631.336480][T21944] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 256)
[  631.584603][T21888] BTRFS info (device loop7): enabling ssd optimizations
[  631.629423][T21888] BTRFS info (device loop7): turning on async discard
[  631.629436][T21976] netlink: 'syz.1.6949': attribute type 15 has an invalid length.
[  631.629455][T21976] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6949'.
[  631.668482][T21888] BTRFS info (device loop7): enabling free space tree
[  631.950979][T13226] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  631.969559][T21984] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6953'.
[  632.255580][   T24] usb 2-1: new full-speed USB device number 75 using dummy_hcd
[  632.469721][   T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  632.479845][   T24] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  632.546892][   T24] usb 2-1: config 1 has no interface number 0
[  632.583166][T22005] ip6gretap3: entered promiscuous mode
[  632.588869][   T24] usb 2-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  632.637501][   T24] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  632.680936][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  632.709606][   T24] usb 2-1: Product: syz
[  632.732148][   T24] usb 2-1: Manufacturer: syz
[  632.758829][   T24] usb 2-1: SerialNumber: syz
[  632.788342][   T24] cdc_ncm 2-1:1.1: NCM or ECM functional descriptors missing
[  632.836141][   T24] cdc_ncm 2-1:1.1: bind() failure
[  632.846260][T22011] openvswitch: netlink: ufid size 24 bytes exceeds the range (1, 16)
[  633.419622][T22036] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  633.427976][T22036] /dev/nullb0: Can't open blockdev
[  633.434374][T22034] loop5: detected capacity change from 0 to 256
[  633.441637][T22037] binder: 22032:22037 ioctl c0046209 0 returned -22
[  633.488284][T22034] FAT-fs (loop5): Directory bread(block 64) failed
[  633.512245][T22034] FAT-fs (loop5): Directory bread(block 65) failed
[  633.528609][T22039] netlink: 'syz.8.6980': attribute type 10 has an invalid length.
[  633.536627][T22034] FAT-fs (loop5): Directory bread(block 66) failed
[  633.561436][T22034] FAT-fs (loop5): Directory bread(block 67) failed
[  633.574993][T22034] FAT-fs (loop5): Directory bread(block 68) failed
[  633.588389][T22039] macvlan0: entered promiscuous mode
[  633.603072][T22034] FAT-fs (loop5): Directory bread(block 69) failed
[  633.626875][T22034] FAT-fs (loop5): Directory bread(block 70) failed
[  633.633404][T22034] FAT-fs (loop5): Directory bread(block 71) failed
[  633.655805][T22039] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  633.678468][T22034] FAT-fs (loop5): Directory bread(block 72) failed
[  633.678476][T22043] tmpfs: Bad value for 'mpol'
[  633.709597][T22034] FAT-fs (loop5): Directory bread(block 73) failed
[  633.911678][T22050] ALSA: mixer_oss: invalid OSS volume ''
[  634.172906][T22059] loop6: detected capacity change from 0 to 512
[  634.225241][T22059] EXT4-fs: Ignoring removed nobh option
[  634.236308][T22061] loop7: detected capacity change from 0 to 2048
[  634.260393][T22061] EXT4-fs: Ignoring removed nobh option
[  634.273551][T22063] netlink: 'syz.8.6992': attribute type 4 has an invalid length.
[  634.300411][T22059] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  634.337447][T22061] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842e02c, mo2=0042]
[  634.348963][T22061] System zones: 0-7
[  634.356161][T22061] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  634.376544][T22059] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.6990: invalid indirect mapped block 256 (level 1)
[  634.377093][T22061] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.6991: bg 0: block 234: padding at end of block bitmap is not set
[  634.422583][T22061] EXT4-fs (loop7): Remounting filesystem read-only
[  634.436752][T22061] EXT4-fs warning (device loop7): ext4_xattr_inode_lookup_create:1602: inode #18: comm syz.7.6991: cleanup dec ref error -28
[  634.481917][T22059] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.6990: invalid indirect mapped block 2683928664 (level 1)
[  634.507853][T22059] EXT4-fs (loop6): 1 truncate cleaned up
[  634.561542][T22059] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  634.635877][T22059] EXT4-fs error (device loop6): ext4_find_dest_de:2052: inode #2: block 13: comm syz.6.6990: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  634.674173][T13226] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.779719][T22075] netlink: 40 bytes leftover after parsing attributes in process `syz.5.6997'.
[  634.828160][T10799] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.085361][T22087] tmpfs: User quota block hardlimit too large.
[  635.280518][ T5922] usb 2-1: USB disconnect, device number 75
[  635.385741][T22096] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7007'.
[  635.552433][T22103] loop8: detected capacity change from 0 to 256
[  635.603142][T22103] exfat: Deprecated parameter 'namecase'
[  635.712764][T22103] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  636.100839][  T914] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[  636.138988][T22124] F2FS-fs: Value of option "test_dummy_encryption" is unrecognized
[  636.286791][ T5922] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  636.300542][T22130] netlink: 'syz.6.7023': attribute type 10 has an invalid length.
[  636.330560][  T914] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  636.354375][  T914] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.362972][T22130] netdevsim netdevsim6 netdevsim0: left promiscuous mode
[  636.371292][  T914] usb 6-1: Product: syz
[  636.378253][T22130] netdevsim netdevsim6 netdevsim0: left allmulticast mode
[  636.394768][  T914] usb 6-1: Manufacturer: syz
[  636.402422][  T914] usb 6-1: SerialNumber: syz
[  636.418784][  T914] usb 6-1: config 0 descriptor??
[  636.461239][ T5922] usb 9-1: Using ep0 maxpacket: 16
[  636.488272][ T5922] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 8
[  636.506771][ T5922] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  636.527092][ T5922] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.547606][ T5922] usb 9-1: Product: syz
[  636.551833][ T5922] usb 9-1: Manufacturer: syz
[  636.558426][ T5922] usb 9-1: SerialNumber: syz
[  636.570162][T22141] netlink: 52 bytes leftover after parsing attributes in process `syz.0.7028'.
[  636.589530][ T5922] usb 9-1: config 0 descriptor??
[  636.604562][ T5922] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected
[  636.626635][T22141] netlink: 52 bytes leftover after parsing attributes in process `syz.0.7028'.
[  636.647087][ T5922] usb 9-1: Detected FT232R
[  636.661225][T22141] netlink: 52 bytes leftover after parsing attributes in process `syz.0.7028'.
[  636.663182][  T914] peak_usb 6-1:0.0: PEAK-System PCAN-USB FD v0 fw v0.0.0 (1 channels)
[  636.703437][    T9] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  636.822342][ T5922] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  636.842397][T22147] siw: device registration error -23
[  636.843964][ T5922] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  636.867225][ T5922] ftdi_sio 9-1:0.0: GPIO initialisation failed: -71
[  636.878675][  T914] peak_usb 6-1:0.0 can0: unable to request usb[type=2 value=5] err=-71
[  636.885249][    T9] usb 8-1: Using ep0 maxpacket: 16
[  636.906232][  T914] peak_usb 6-1:0.0: unable to tell PCAN-USB FD driver is loaded (err -71)
[  636.906764][ T5922] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  636.943999][    T9] usb 8-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  636.972494][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.987908][ T5922] usb 9-1: USB disconnect, device number 9
[  637.000984][    T9] usb 8-1: Product: syz
[  637.022123][ T5922] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  637.045148][    T9] usb 8-1: Manufacturer: syz
[  637.050103][    T9] usb 8-1: SerialNumber: syz
[  637.067252][  T914] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71
[  637.078801][ T5922] ftdi_sio 9-1:0.0: device disconnected
[  637.099289][    T9] usb 8-1: config 0 descriptor??
[  637.129991][  T914] usb 6-1: USB disconnect, device number 62
[  637.132189][    T9] visor 8-1:0.0: Sony Clie 3.5 converter detected
[  637.303038][T22165] loop6: detected capacity change from 0 to 512
[  637.331350][T22165] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  637.356716][    T9] usb 8-1: clie_3_5_startup: get config number failed: -71
[  637.382141][    T9] visor 8-1:0.0: probe with driver visor failed with error -71
[  637.403762][T22165] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #16: comm syz.6.7040: invalid indirect mapped block 4294967295 (level 0)
[  637.427376][    T9] usb 8-1: USB disconnect, device number 15
[  637.469593][T22165] EXT4-fs (loop6): Remounting filesystem read-only
[  637.484869][T22165] EXT4-fs (loop6): 1 orphan inode deleted
[  637.544640][T22165] EXT4-fs (loop6): 1 truncate cleaned up
[  637.605659][T22165] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  637.746274][T10799] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  637.913853][  T914] usb 1-1: new full-speed USB device number 70 using dummy_hcd
[  638.061953][T22193] loop6: detected capacity change from 0 to 512
[  638.079175][T22189] loop5: detected capacity change from 0 to 2048
[  638.086676][T22193] EXT4-fs: Ignoring removed mblk_io_submit option
[  638.103820][T22193] EXT4-fs: Ignoring removed bh option
[  638.115929][T22189] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  638.130976][T22193] EXT4-fs (loop6): Test dummy encryption mode enabled
[  638.140462][   T30] audit: type=1326 audit(1763642480.089:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22194 comm="syz.7.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f4b8f749 code=0x7ffc0000
[  638.143319][  T914] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[  638.182723][T22193] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  638.203040][T22197] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7055'.
[  638.224693][T22193] EXT4-fs (loop6): 1 truncate cleaned up
[  638.240165][   T30] audit: type=1326 audit(1763642480.108:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22194 comm="syz.7.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f4b8f749 code=0x7ffc0000
[  638.253602][  T914] usb 1-1: config 1 has an invalid interface number: 4 but max is 0
[  638.270242][T22193] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  638.272426][  T914] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 1
[  638.295732][  T914] usb 1-1: config 1 has no interface number 0
[  638.337500][T22193] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2"
[  638.338980][   T30] audit: type=1326 audit(1763642480.117:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22194 comm="syz.7.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f65f4b8f749 code=0x7ffc0000
[  638.432354][   T30] audit: type=1326 audit(1763642480.117:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22194 comm="syz.7.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f4b8f749 code=0x7ffc0000
[  638.439816][  T914] usb 1-1: config 1 has no interface number 1
[  638.459993][T22202] SET target dimension over the limit!
[  638.533213][   T30] audit: type=1326 audit(1763642480.117:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22194 comm="syz.7.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f4b8f749 code=0x7ffc0000
[  638.540588][  T914] usb 1-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  638.681392][  T914] usb 1-1: config 1 interface 4 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  638.713593][  T914] usb 1-1: config 1 interface 4 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 16
[  638.733629][T10799] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  638.742046][  T914] usb 1-1: config 1 interface 105 has no altsetting 0
[  638.759115][  T914] usb 1-1: config 1 interface 4 has no altsetting 0
[  638.813912][  T914] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=31.6d
[  638.836901][  T914] usb 1-1: New USB device strings: Mfr=107, Product=102, SerialNumber=146
[  638.845970][  T914] usb 1-1: Product: syz
[  638.850134][  T914] usb 1-1: Manufacturer: syz
[  638.856392][  T914] usb 1-1: SerialNumber: syz
[  639.088109][  T914] aqc111 1-1:1.105: probe with driver aqc111 failed with error -22
[  639.139410][   T30] audit: type=1400 audit(1763642481.015:180): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6DAB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36FD3578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04132163
[  639.298653][T22228] netlink: 12 bytes leftover after parsing attributes in process `syz.8.7069'.
[  639.506628][    T9] usb 1-1: USB disconnect, device number 70
[  640.107487][T22264] loop6: detected capacity change from 0 to 256
[  640.213135][T22264] FAT-fs (loop6): Directory bread(block 64) failed
[  640.219692][T22264] FAT-fs (loop6): Directory bread(block 65) failed
[  640.270684][T22264] FAT-fs (loop6): Directory bread(block 66) failed
[  640.320367][T22264] FAT-fs (loop6): Directory bread(block 67) failed
[  640.327014][T22264] FAT-fs (loop6): Directory bread(block 68) failed
[  640.351783][T22264] FAT-fs (loop6): Directory bread(block 69) failed
[  640.363067][T22264] FAT-fs (loop6): Directory bread(block 70) failed
[  640.375205][T22264] FAT-fs (loop6): Directory bread(block 71) failed
[  640.383363][T22264] FAT-fs (loop6): Directory bread(block 72) failed
[  640.390048][T22264] FAT-fs (loop6): Directory bread(block 73) failed
[  640.902867][T22295] loop6: detected capacity change from 0 to 1024
[  640.926953][T22295] syz.6.7097: attempt to access beyond end of device
[  640.926953][T22295] loop6: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  640.927029][T22295] Buffer I/O error on dev loop6, logical block 2889, async page read
[  640.927175][T22295] syz.6.7097: attempt to access beyond end of device
[  640.927175][T22295] loop6: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  640.927206][T22295] Buffer I/O error on dev loop6, logical block 2889, async page read
[  640.928519][   T30] audit: type=1800 audit(1763642482.699:181): pid=22295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.7097" name="file1" dev="loop6" ino=20 res=0 errno=0
[  640.930075][T22295] hfsplus: can't free extent: start 2889, count 1
[  641.396789][T22315] netlink: 2 bytes leftover after parsing attributes in process `syz.6.7108'.
[  641.450180][ T5906] usb 6-1: new high-speed USB device number 63 using dummy_hcd
[  641.634045][ T5906] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[  641.653309][ T5906] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  641.683914][ T5906] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  641.710218][T22332] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7115'.
[  641.720392][ T5906] usb 6-1: config 220 has no interface number 2
[  641.726696][ T5906] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  641.775342][  T914] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[  641.781556][ T5906] usb 6-1: config 220 interface 0 has no altsetting 0
[  641.791239][ T5906] usb 6-1: config 220 interface 76 has no altsetting 0
[  641.826358][ T5906] usb 6-1: config 220 interface 1 has no altsetting 0
[  641.850478][ T5906] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  641.874050][ T5906] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.895404][ T5906] usb 6-1: Product: syz
[  641.904898][ T5906] usb 6-1: Manufacturer: syz
[  641.909515][ T5906] usb 6-1: SerialNumber: syz
[  641.986554][  T914] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  641.996172][  T914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  642.004220][  T914] usb 2-1: Product: syz
[  642.054362][  T914] usb 2-1: Manufacturer: syz
[  642.058992][  T914] usb 2-1: SerialNumber: syz
[  642.117821][  T914] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  642.153455][ T5972] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  642.170642][ T5906] usb 6-1: selecting invalid altsetting 0
[  642.204732][ T5906] uvcvideo 6-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  642.228112][ T5906] uvcvideo 6-1:220.0: No valid video chain found.
[  642.293314][T22350] loop6: detected capacity change from 0 to 2048
[  642.317359][ T5906] usb 6-1: selecting invalid altsetting 0
[  642.323110][ T5906] usbtest 6-1:220.1: probe with driver usbtest failed with error -22
[  642.367359][T22350] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  642.381378][ T5906] usb 6-1: USB disconnect, device number 63
[  642.403057][T22352] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7126'.
[  642.564195][T10799] UDF-fs: error (device loop6): udf_read_inode: (ino 1440) failed !bh
[  642.579793][T10799] UDF-fs: error (device loop6): udf_read_inode: (ino 1440) failed !bh
[  642.772039][ T5922] usb 2-1: USB disconnect, device number 76
[  643.301562][ T5972] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  643.306069][T22376] netdevsim netdevsim8: Direct firmware load for ..€ failed with error -2
[  643.317188][ T5972] ath9k_htc: Failed to initialize the device
[  643.335636][   T24] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  643.350450][T22376] netdevsim netdevsim8: Falling back to sysfs fallback for: ..€
[  643.381351][ T5922] usb 2-1: ath9k_htc: USB layer deinitialized
[  643.557102][   T50] bridge_slave_1: left allmulticast mode
[  643.562818][   T50] bridge_slave_1: left promiscuous mode
[  643.582955][T22385] netlink: 'syz.1.7143': attribute type 3 has an invalid length.
[  643.587094][   T24] usb 8-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  643.620784][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[  643.630305][   T24] usb 8-1: New USB device strings: Mfr=4, Product=2, SerialNumber=3
[  643.632357][T22386] loop5: detected capacity change from 0 to 512
[  643.644573][   T24] usb 8-1: Product: syz
[  643.652037][   T24] usb 8-1: Manufacturer: syz
[  643.658303][   T24] usb 8-1: SerialNumber: syz
[  643.664408][T22385] netlink: 'syz.1.7143': attribute type 1 has an invalid length.
[  643.685220][   T24] usb 8-1: config 0 descriptor??
[  643.694476][T22385] netlink: 224 bytes leftover after parsing attributes in process `syz.1.7143'.
[  643.705396][   T50] bridge_slave_0: left allmulticast mode
[  643.736162][   T50] bridge_slave_0: left promiscuous mode
[  643.738267][T22386] EXT4-fs (loop5): orphan cleanup on readonly fs
[  643.774147][   T50] bridge0: port 1(bridge_slave_0) entered disabled state
[  643.783359][T22386] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  643.839381][T22386] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  643.904562][T22386] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.7144: attempt to clear invalid blocks 2 len 1
[  643.914897][   T24] usb-storage 8-1:0.0: USB Mass Storage device detected
[  643.956315][T22386] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.7144: invalid indirect mapped block 1819239214 (level 0)
[  643.992611][T22386] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.7144: invalid indirect mapped block 1819239214 (level 1)
[  644.031679][T22386] EXT4-fs (loop5): 1 truncate cleaned up
[  644.048748][T22386] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  644.130951][T20885] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  644.142050][T20885] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  644.150496][T20885] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  644.158878][T20885] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  644.167699][T20885] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  644.203050][   T24] usb 8-1: USB disconnect, device number 16
[  644.354913][T22386] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  644.400708][T22386] EXT4-fs error (device loop5): __ext4_remount:6748: comm syz.5.7144: Abort forced by user
[  644.473540][T22386] EXT4-fs (loop5): Remounting filesystem read-only
[  644.491606][T22386] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  644.659758][ T5819] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  644.937126][T22428] loop8: detected capacity change from 0 to 128
[  644.981594][T22428] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  645.100407][T22428] ext4 filesystem being mounted at /369/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  645.242579][T16785] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  645.333622][   T50] team0: Port device bridge0 removed
[  645.412974][T22449] loop5: detected capacity change from 0 to 512
[  645.433884][T22449] EXT4-fs: Ignoring removed nomblk_io_submit option
[  645.510548][T22449] EXT4-fs (loop5): Test dummy encryption mode enabled
[  645.563234][T22454] netlink: 180 bytes leftover after parsing attributes in process `syz.1.7168'.
[  645.590920][T22449] EXT4-fs (loop5): 1 truncate cleaned up
[  645.632414][T22449] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  645.728477][T22449] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.7167: bg 0: block 7: invalid block bitmap
[  645.891281][ T5819] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  645.917993][   T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  645.934951][   T50] bond_slave_0: left allmulticast mode
[  645.962874][   T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  645.979870][   T50] bond_slave_1: left allmulticast mode
[  645.985993][   T50] bond0 (unregistering): Released all slaves
[  646.034104][   T50] bond1 (unregistering): Released all slaves
[  646.107727][   T50] bond2 (unregistering): Released all slaves
[  646.221694][    T9] kernel read not supported for file /2394/net/fib_triestat (pid: 9 comm: kworker/0:0)
[  646.233866][ T1204] kernel write not supported for file /2394/net/fib_triestat (pid: 1204 comm: kworker/0:2)
[  646.269441][T22400] wg1 speed is unknown, defaulting to 1000
[  646.382169][T20885] Bluetooth: hci3: command tx timeout
[  647.021713][T22507] Cannot find add_set index 4 as target
[  647.694079][T22540] netlink: 'syz.0.7201': attribute type 2 has an invalid length.
[  647.871544][T22545] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[  647.960848][T22400] chnl_net:caif_netlink_parms(): no params data found
[  648.048417][T22553] netlink: 'syz.0.7207': attribute type 1 has an invalid length.
[  648.220144][T22559] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7210'.
[  648.385936][T22569] ieee802154 phy0 wpan0: encryption failed: -90
[  648.606581][T20885] Bluetooth: hci3: command tx timeout
[  648.959105][  T914] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[  649.017178][T22400] bridge0: port 1(bridge_slave_0) entered blocking state
[  649.047460][T22400] bridge0: port 1(bridge_slave_0) entered disabled state
[  649.077073][T22400] bridge_slave_0: entered allmulticast mode
[  649.117594][T22400] bridge_slave_0: entered promiscuous mode
[  649.171459][  T914] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  649.194480][T22400] bridge0: port 2(bridge_slave_1) entered blocking state
[  649.207141][  T914] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  649.207174][  T914] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.227901][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  649.234975][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  649.240385][  T914] gspca_main: stv0680-2.14.0 probing 041e:4007
[  649.254059][T22400] bridge0: port 2(bridge_slave_1) entered disabled state
[  649.265812][T22400] bridge_slave_1: entered allmulticast mode
[  649.307028][T22400] bridge_slave_1: entered promiscuous mode
[  649.443798][   T50] hsr_slave_0: left promiscuous mode
[  649.474163][   T50] hsr_slave_1: left promiscuous mode
[  649.487958][   T50] batman_adv: batadv0: Removing interface: batadv_slave_0
[  649.529074][   T50] batman_adv: batadv0: Removing interface: batadv_slave_1
[  649.963359][T22594] loop8: detected capacity change from 0 to 32768
[  649.988658][T22594] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.7220 (22594)
[  650.024711][   T24] usb 8-1: new full-speed USB device number 17 using dummy_hcd
[  650.119262][T22594] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  650.144164][T22594] BTRFS info (device loop8): using sha256 (sha256-lib) checksum algorithm
[  650.222077][   T24] usb 8-1: config 5 has an invalid interface number: 187 but max is 0
[  650.255443][   T24] usb 8-1: config 5 has no interface number 0
[  650.273910][   T24] usb 8-1: config 5 interface 187 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[  650.300685][T22594] BTRFS info (device loop8): enabling ssd optimizations
[  650.302285][   T24] usb 8-1: config 5 interface 187 altsetting 8 has an endpoint descriptor with address 0x93, changing to 0x83
[  650.324824][   T24] usb 8-1: config 5 interface 187 altsetting 8 endpoint 0x83 has an invalid bInterval 153, changing to 4
[  650.336596][   T24] usb 8-1: config 5 interface 187 altsetting 8 endpoint 0x83 has invalid maxpacket 57626, setting to 1023
[  650.341821][T22594] BTRFS info (device loop8): turning on async discard
[  650.347967][   T24] usb 8-1: config 5 interface 187 altsetting 8 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  650.368419][   T24] usb 8-1: config 5 interface 187 has no altsetting 0
[  650.378016][   T24] usb 8-1: New USB device found, idVendor=eb1a, idProduct=2801, bcdDevice=21.7a
[  650.379420][T22594] BTRFS info (device loop8): enabling free space tree
[  650.387287][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.409740][   T24] usb 8-1: Product: syz
[  650.409921][  T914] stv0680 1-1:4.0: STV(e): camera ping failed!!
[  650.420642][   T24] usb 8-1: Manufacturer: syz
[  650.425291][   T24] usb 8-1: SerialNumber: syz
[  650.462134][T22632] loop1: detected capacity change from 0 to 4096
[  650.490264][T22632] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  650.604263][T22632] ntfs3(loop1): ino=3, ntfs_set_state failed, -22.
[  650.616379][T16785] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  650.644808][  T914] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  650.691991][  T914] stv0680 1-1:4.0: last error: 109,  command = 0xfc
[  650.726336][   T24] em28xx 8-1:5.187: New device syz syz @ 12 Mbps (eb1a:2801, interface 187, class 187)
[  650.745709][  T914] usb 1-1: USB disconnect, device number 71
[  650.764533][   T24] em28xx 8-1:5.187: Device initialization failed.
[  650.777816][ T3518] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22.
[  650.785010][ T5820] ntfs3(loop1): ino=3, ntfs_set_state failed, -22.
[  650.787697][   T24] em28xx 8-1:5.187: Device must be connected to a high-speed USB 2.0 port.
[  650.801800][ T5820] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  650.827871][T20885] Bluetooth: hci3: command tx timeout
[  650.829167][   T24] usb 8-1: USB disconnect, device number 17
[  650.840026][ T5820] ntfs3(loop1): ino=3, ntfs_set_state failed, -22.
[  650.897414][   T13] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22.
[  651.072767][T22639] netlink: 'syz.8.7231': attribute type 30 has an invalid length.
[  651.397861][   T50] team0 (unregistering): Port device team_slave_1 removed
[  652.438826][T22679] loop1: detected capacity change from 0 to 64
[  652.651568][T22681] IPVS: length: 218 != 24
[  652.918245][T22688] loop5: detected capacity change from 0 to 2048
[  652.925470][T22400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  652.941679][T22688] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  652.953693][T22689] loop7: detected capacity change from 0 to 128
[  653.027664][T22400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  653.061079][T20885] Bluetooth: hci3: command tx timeout
[  653.261889][T22689] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  653.342379][T22689] ext4 filesystem being mounted at /666/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  653.345402][T22400] team0: Port device team_slave_0 added
[  653.406974][T22400] team0: Port device team_slave_1 added
[  653.436952][   T30] audit: type=1326 audit(1763642494.390:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22701 comm="syz.5.7261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  653.512433][   T30] audit: type=1326 audit(1763642494.390:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22701 comm="syz.5.7261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  653.603108][   T30] audit: type=1326 audit(1763642494.400:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22701 comm="syz.5.7261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  653.688296][T22710] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7265'.
[  653.717295][   T30] audit: type=1326 audit(1763642494.400:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22701 comm="syz.5.7261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  653.735218][T22710] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7265'.
[  653.758833][T13226] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  653.775220][T22400] batman_adv: batadv0: Adding interface: batadv_slave_0
[  653.796605][   T30] audit: type=1326 audit(1763642494.400:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22701 comm="syz.5.7261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ace38f749 code=0x7ffc0000
[  653.830815][T22400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  653.873318][T22400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  653.910420][T22400] batman_adv: batadv0: Adding interface: batadv_slave_1
[  653.919194][T22400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  653.980578][T22400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  654.170396][   T50] ------------[ cut here ]------------
[  654.176696][   T50] WARNING: CPU: 0 PID: 50 at net/ipv6/xfrm6_tunnel.c:341 xfrm6_tunnel_net_exit+0x7e/0x100
[  654.187222][   T50] Modules linked in:
[  654.191396][   T50] CPU: 0 UID: 0 PID: 50 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  654.201071][   T50] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  654.211546][   T50] Workqueue: netns cleanup_net
[  654.217507][   T50] RIP: 0010:xfrm6_tunnel_net_exit+0x7e/0x100
[  654.223508][   T50] Code: 88 bd 17 f8 4b 83 3c 2c 00 75 19 e8 bc fb b1 f7 49 81 fd f8 07 00 00 74 1d e8 ae fb b1 f7 49 83 c5 08 eb c9 e8 a3 fb b1 f7 90 <0f> 0b 90 49 81 fd f8 07 00 00 75 e3 48 81 c3 00 08 00 00 45 31 f6
[  654.243503][   T50] RSP: 0018:ffffc90000bb7890 EFLAGS: 00010293
[  654.249795][   T50] RAX: ffffffff8a0e081d RBX: ffff888031e70000 RCX: ffff88801a790000
[  654.257785][   T50] RDX: 0000000000000000 RSI: ffffffff8d70e43a RDI: ffff888031e70030
[  654.265947][   T50] RBP: ffffc90000bb7990 R08: ffffffff8f7cee77 R09: 1ffffffff1ef9dce
[  654.274334][   T50] R10: dffffc0000000000 R11: fffffbfff1ef9dcf R12: ffff888031e70000
[  654.278732][T22721] netlink: 'syz.0.7270': attribute type 2 has an invalid length.
[  654.282510][   T50] R13: 0000000000000030 R14: ffff88802e364900 R15: dffffc0000000000
[  654.282583][   T50] FS:  0000000000000000(0000) GS:ffff88812613b000(0000) knlGS:0000000000000000
[  654.282608][   T50] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  654.282628][   T50] CR2: 0000555558b14808 CR3: 00000000595e6000 CR4: 0000000000350ef0
[  654.282650][   T50] Call Trace:
[  654.282661][   T50]  <TASK>
[  654.282678][   T50]  ops_undo_list+0x49a/0x990
[  654.332988][   T50]  ? __pfx_ops_undo_list+0x10/0x10
[  654.338360][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.344068][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.349714][   T50]  ? do_raw_spin_unlock+0x122/0x240
[  654.355007][   T50]  cleanup_net+0x4d8/0x820
[  654.359434][   T50]  ? __pfx_cleanup_net+0x10/0x10
[  654.364375][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.370098][   T50]  ? _raw_spin_unlock_irq+0x23/0x50
[  654.375583][   T50]  ? process_scheduled_works+0x9ef/0x17b0
[  654.381658][   T50]  ? process_scheduled_works+0x9ef/0x17b0
[  654.387930][   T50]  process_scheduled_works+0xae1/0x17b0
[  654.393604][   T50]  ? __pfx_process_scheduled_works+0x10/0x10
[  654.399658][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.405310][   T50]  worker_thread+0x8a0/0xda0
[  654.409977][   T50]  kthread+0x711/0x8a0
[  654.414066][   T50]  ? __pfx_worker_thread+0x10/0x10
[  654.419294][   T50]  ? __pfx_kthread+0x10/0x10
[  654.423907][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.429592][   T50]  ? _raw_spin_unlock_irq+0x23/0x50
[  654.434805][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.440497][   T50]  ? lockdep_hardirqs_on+0x9c/0x150
[  654.445726][   T50]  ? __pfx_kthread+0x10/0x10
[  654.450344][   T50]  ret_from_fork+0x4bc/0x870
[  654.455069][   T50]  ? __pfx_ret_from_fork+0x10/0x10
[  654.460200][   T50]  ? __switch_to_asm+0x39/0x70
[  654.465015][   T50]  ? __switch_to_asm+0x33/0x70
[  654.469775][   T50]  ? __pfx_kthread+0x10/0x10
[  654.474412][   T50]  ret_from_fork_asm+0x1a/0x30
[  654.479216][   T50]  </TASK>
[  654.482241][   T50] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  654.489524][   T50] CPU: 0 UID: 0 PID: 50 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  654.498793][   T50] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  654.508835][   T50] Workqueue: netns cleanup_net
[  654.513598][   T50] Call Trace:
[  654.516865][   T50]  <TASK>
[  654.519781][   T50]  dump_stack_lvl+0x99/0x250
[  654.524368][   T50]  ? __asan_memcpy+0x40/0x70
[  654.529042][   T50]  ? __pfx_dump_stack_lvl+0x10/0x10
[  654.534241][   T50]  ? __pfx__printk+0x10/0x10
[  654.538839][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.544477][   T50]  vpanic+0x237/0x6d0
[  654.548457][   T50]  ? __pfx_vpanic+0x10/0x10
[  654.552974][   T50]  panic+0xb9/0xc0
[  654.556697][   T50]  ? __pfx_panic+0x10/0x10
[  654.561126][   T50]  __warn+0x31b/0x4b0
[  654.565101][   T50]  ? xfrm6_tunnel_net_exit+0x7e/0x100
[  654.570468][   T50]  ? xfrm6_tunnel_net_exit+0x7e/0x100
[  654.575832][   T50]  report_bug+0x2be/0x4f0
[  654.580166][   T50]  ? xfrm6_tunnel_net_exit+0x7e/0x100
[  654.585619][   T50]  ? xfrm6_tunnel_net_exit+0x7e/0x100
[  654.590984][   T50]  ? xfrm6_tunnel_net_exit+0x80/0x100
[  654.596356][   T50]  handle_bug+0x84/0x160
[  654.600607][   T50]  exc_invalid_op+0x1a/0x50
[  654.605121][   T50]  asm_exc_invalid_op+0x1a/0x20
[  654.609968][   T50] RIP: 0010:xfrm6_tunnel_net_exit+0x7e/0x100
[  654.615959][   T50] Code: 88 bd 17 f8 4b 83 3c 2c 00 75 19 e8 bc fb b1 f7 49 81 fd f8 07 00 00 74 1d e8 ae fb b1 f7 49 83 c5 08 eb c9 e8 a3 fb b1 f7 90 <0f> 0b 90 49 81 fd f8 07 00 00 75 e3 48 81 c3 00 08 00 00 45 31 f6
[  654.635555][   T50] RSP: 0018:ffffc90000bb7890 EFLAGS: 00010293
[  654.641615][   T50] RAX: ffffffff8a0e081d RBX: ffff888031e70000 RCX: ffff88801a790000
[  654.649573][   T50] RDX: 0000000000000000 RSI: ffffffff8d70e43a RDI: ffff888031e70030
[  654.657532][   T50] RBP: ffffc90000bb7990 R08: ffffffff8f7cee77 R09: 1ffffffff1ef9dce
[  654.665494][   T50] R10: dffffc0000000000 R11: fffffbfff1ef9dcf R12: ffff888031e70000
[  654.673453][   T50] R13: 0000000000000030 R14: ffff88802e364900 R15: dffffc0000000000
[  654.681425][   T50]  ? xfrm6_tunnel_net_exit+0x7d/0x100
[  654.686820][   T50]  ops_undo_list+0x49a/0x990
[  654.691419][   T50]  ? __pfx_ops_undo_list+0x10/0x10
[  654.696520][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.702154][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.707783][   T50]  ? do_raw_spin_unlock+0x122/0x240
[  654.712987][   T50]  cleanup_net+0x4d8/0x820
[  654.717398][   T50]  ? __pfx_cleanup_net+0x10/0x10
[  654.722322][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.727955][   T50]  ? _raw_spin_unlock_irq+0x23/0x50
[  654.733154][   T50]  ? process_scheduled_works+0x9ef/0x17b0
[  654.738870][   T50]  ? process_scheduled_works+0x9ef/0x17b0
[  654.744590][   T50]  process_scheduled_works+0xae1/0x17b0
[  654.750248][   T50]  ? __pfx_process_scheduled_works+0x10/0x10
[  654.756237][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.761882][   T50]  worker_thread+0x8a0/0xda0
[  654.766496][   T50]  kthread+0x711/0x8a0
[  654.770572][   T50]  ? __pfx_worker_thread+0x10/0x10
[  654.775675][   T50]  ? __pfx_kthread+0x10/0x10
[  654.780263][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.785892][   T50]  ? _raw_spin_unlock_irq+0x23/0x50
[  654.791088][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.796716][   T50]  ? lockdep_hardirqs_on+0x9c/0x150
[  654.801919][   T50]  ? __pfx_kthread+0x10/0x10
[  654.806513][   T50]  ret_from_fork+0x4bc/0x870
[  654.811100][   T50]  ? __pfx_ret_from_fork+0x10/0x10
[  654.816233][   T50]  ? __switch_to_asm+0x39/0x70
[  654.821076][   T50]  ? __switch_to_asm+0x33/0x70
[  654.825831][   T50]  ? __pfx_kthread+0x10/0x10
[  654.830427][   T50]  ret_from_fork_asm+0x1a/0x30
[  654.835195][   T50]  </TASK>
[  654.838436][   T50] Kernel Offset: disabled
[  654.842749][   T50] Rebooting in 86400 seconds..