last executing test programs:

3.914143329s ago: executing program 0 (id=4055):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)={0x38, 0x3, 0x1, 0x101, 0x0, 0x0, {0x2}, [@CTA_FILTER={0x14, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x408}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x814}]}, @CTA_TUPLE_ORIG={0x10, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}]}, 0x38}}, 0x0)

3.756099118s ago: executing program 0 (id=4059):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_getnetconf={0x14, 0x52, 0x311}, 0x14}}, 0x0)

3.585407938s ago: executing program 0 (id=4062):
r0 = syz_usb_connect(0x2, 0x3b, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xb3, 0x17, 0xe, 0x10, 0x16d5, 0x650a, 0x83b1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xac, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, [@cdc_ecm={{0x5}, {0x5, 0x24, 0x0, 0x5}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x24, 0x9, 0xf8}}]}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f00000000c0)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

2.496015482s ago: executing program 3 (id=4079):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, 0x0)

2.437411946s ago: executing program 3 (id=4081):
r0 = socket(0x25, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000480)={'ip6tnl0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x4, 0x13, 0x8, 0x1, 0x2, @mcast2, @loopback, 0x8000, 0x10, 0x6, 0x6}})

2.276913835s ago: executing program 3 (id=4083):
syz_mount_image$jfs(&(0x7f0000000200), &(0x7f00000000c0)='./bus\x00', 0x1010846, &(0x7f0000000340)={[{@quota}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@quota}, {@discard_size={'discard', 0x3d, 0x7}}, {@discard_size={'discard', 0x3d, 0x3}}, {@gid}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@uid={'uid', 0x3d, 0xee01}}]}, 0x24, 0x61e6, &(0x7f000000d780)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X/X9KWq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySG/zT0bEIL23BwCefvn5v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtVrBofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+fLC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP78/0TLx3+XHn9TDmS/479rM+oDAAAAAAAAADxphx3/b9AY/2+X8f8AAABgblXv1Su/O/7wtknfxVbdfrmIeKaxPNAx6WKZ1bb7AQAAAAAAAAAAAABdMtg5h/dyETGMiGdWV8uyrH7qmvVhPe76i67r2w9d1vYfeQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcqvZ0dLy+VK7X1tnla3LY0O8IJ4MCqrX7ZcW69u2vvlae3N31fd16jsH6Bjs9Fi4AAQETvPRvcnPSP9z/PVYirLZ6PlFzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIz//N4wJqtVqtVqufvrquHO9uvYiIzfo61WsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rzQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPR8TtnWO0aT8q+080UJ/2pbz7zfzbzjq/X9WtqI3Nv+uyvkPDpV/X/4AAAAAADDH8uf/J+bq+O/oUTdnqv2O/66NXePo+gIAAAAAAAAAT8r9B3fW83Wv+fj/F8Ys5/rPp1POv5B/J+X8e438v9pYrl+bv/f2w/z//eDO+h9v/evzeXrQ/JfyTJEeWUV6RBTpnopBmj7O1n3W1rA/qu5pWPT6g3TOTzl8N67F9diIs3uW7aX/j4ft5/a0Vz0dbreX/Z3283vaB7vtef0Le9qH6eyiciW3n471+Hlcj3e226u2pSnbvzylvZzSnvPv2/87Kec/qP1U+a+m9qIxrdz7qPeZ/b4+HXc/b1374m/OHv3mTLUV/d1tq6u276UW+rP9f3JsFL+8uXHj9O2rt27dOBdpsufW85EmT1jOf5h+dv/+v7zTnv/u1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl5/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6zfDrcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8+tM7/uvOI70YM+Z9F+T8X6o9nqv8v9JYrp5/+ftFzr+3J/8zt97/xZmbH3z42rX3r7638d7Gzy6cO3f2wsWLly5dOvPutesbZ3f+bbHHRyvnn8e+dh5ot+T8c+by75ac/5dSLf9uyfl/OdXy75acf369J/9uyfnn9z7y75ac/yupln+35Py/lmr5d0vO/9VUy79bcv5fT/XB85/2yTWLIOf/Wqrt/92S8z+davl3S87/TKoPmP/KUfeL2cj55yNc9v9uyfnnMxvk3y05//Opln+35PwvpFr+3ZLzfz3V8u+WnP83Ui3/bsn5X0y1/Lsl5//NVMu/W3L+l1It/27J+X8r1fLvlpz/t1Mt/27J+b+Ravl3S87/O6mWf7fk/L+bavl3S87/e6mWf7fk/N9Mtfy75eH3/5sxY8ZMnmn7LxMAAAAAAAAAAAAA0DSL04nb3kYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnt3FyPXWd8P/My+ee1AYiAEJ38DG8eEkGyyazvxC/+mmPDa8FYCodAXbNe7Ngt+w2uXhEayaaBEwqioom24aAsItbmpyAUXtAKUC0SFVAnaC3qDqFC5iKqAAlIlWkG2mnOe59mZ2dmZXXuyPnPO5yMlv+zMmTlnzpw5u9/dfGcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGh18xvmP93Isqz5T/6vrVn2guZ/b57aml/22qu9hQAAAMCV+nX+72evSxccXMONWpb551d872tLS0tL2ftH/2L880tL6YqpLBvflGX5ddGTP/5Ao3WZ4NFssjHS8vVIn9WP9rl+rM/1432un+hz/aY+10/2uX7FDlhhc/H7mPzOdub/ubXYpdn12Xh+3c4ut3q0sWlkJP4uJ9fIb7M0fixbyE5k89ls2/LFso18+W/c3FzXW7O4rpGWdW1vHiE/f+Ro3IZG2Mc729a1fJ/RT1+fTf3i548c/btzz9zYbfbdDW33V2znbTua2/nJcEmxrY1sU9oncTtHWrZze5fnZLRtOxv57Zr/3bmdz65xO0eXN3NDdT7nk9lI/t/fz/fTWOuv9dJ+2h4u++UtWZZdXN7szmVWrCsbyba0XTKy/PxMFkdk8z6ah9KLs7F1Hac3r+E4bc65ne3HaedrIj7/N4fbja2yDa1P008/MdHyvP9q6XKO06j5qFd7rXQeg4N+rZTlGIzHxffzB/1Y12NwZ3j8j9y6+jHY9djpcgymx91yDO7odwyOTIzm25yehEZ+m+VjcFfb8qP5mhr5fPrW3sfgzLmTZ2YWH/74nQsnjxyfPz5/as+uXbN79u7dv3//zLGFE/Ozxb8vc2+X35ZsJL0GdoR9F18Dr+5YtvVQXfrSxIrz7+W+Did7vA63diw76NfhWOeDa2zMC3LlMV28Nt7b3OmTl0ayVV5j+fNz+5W/DtPjbnkdjrW8Drt+T+nyOhxbw+uwucyZ29f2M8tYyz/dtmH17wVXdgxubTkGO38e6TwGB/3zSFmOwclwXPzw9tW/F2wP2/vY9Hp/HhldcQymhxvOPc1L0s/7k/vz0e24vKl5xTUT2fnF+bN3PXTk3Lmzu7IwNsRLWo6VzuN1S8tjylYcryPrPl4PLrzisZu6XL417KvJO5v/mlz1uWouc/ddvZ+r/Ltb9/3ZdunuLIwB2+j92e27eXN/TmTZF779iQe++cgX3rDq/mzmzU/OXPnP4imXtpx/x1c5/8bc/1yxvnRXj46OjxWv39G0d8bbzsftT9VYfu5q5Ot+dmZt5+Px8M9Gn4+v73E+3tax7KDPx+OdDy6ejxv9fttxZTqfz8lwnJyY7X0+bi6zbfd6j8mxnufjW8JshP3/mpAUUi5qOXZWO27TusbGxsPjGotraD9O97QtPx6yWXNdT+wOPxSmrVzbcXrbLcXyoy23izbqOJ3qWHbQx2n63ddqx2mj32/fLk/n8zkZjovr9/Q+TpvLPHX3lZ87N8f/bDl3TvQ7BsdHJ5rbPJ4Owvx8ny1tjsfgXdnR7HR2IpvLr53Ij6dGvq7pe9Z2rpwI/2z0uXJbj2Pwto5lB30Mpu9jqx17jbGVD34AOp/PyXBcPH5P72Owucwb9w32Z9fbwiVpmZafXTt/v7ba77xu6thNz9exMha289v7ev9utrnMif3rzZm999Md4ZJruuynztfvaq+puWxj9tO2sJ3P7F99PzW3p7nM5w+s8Xg6mGXZhY/el/++N/x95cL5H3yt7e8u3f6mc+Gj9/3shce+s57tB2D4PVeMLcX3upa/TK3l7/8AAADAUIi5fyTMRP4HAACAyoi5P/5f4Yn8DwAAAJURc/9YmEkV8v+f9F9k2xufWXjuQpaa+UtBvD7thvuL5WLHdTZ8PbW0rHn5fV+Z/+9/urC2zRvJsuxX9/9x1+W33R+3qzAVtvPJN7VfvsLX7lzTug8/eCGtt7W//sVw//HxrPUw6FbBnc2y7BvXfTZfz9QHLuXzqfsP5/OBi4892lzm2QPF1/H2T7+kWP6vQ/n34LEjbbd/OuyHn4Q5+7bu+yPe7quXXrN93/uW1xdv19hxbf6wH/9gcb/xfXI+92ixfNzPq23/Nz/zxFebyz/0qu7bf2Gk+/Y/Ee73K2H+z8uL5Vufg+bX8XafCtsf1xdvd9eXv9V1+5/8dLH8mTcXyx0OM67/tvD1zjc/s9C6vx5qHGl7XNlbiuXi+md/8Gf59fH+4v13bv/koUtt+6Pz+Hjq34r7melYPl4e1xP9Y8f6m/fTenzG9T/xp4fb9nO/9T/5wNMvb95v5/rv6FjuzEdvz9e/fH/t79j0N5/6bNf1xe05+A9n2h7PwXeH13FY/+MfDMdjuP5/nyzur/PdFQ6/u/38E5f/4tYLbY8neusvivU/+brj+dw0uXnLNS944bUXX9ncd1n2/U3F/fVb//G/Pd22/V+6odgf8frY0e9c/2ri+s9+bPrU6cXzC3Nprz5yXf7eOW8vtidu73Xh3Nr59aHT5z40f3Zqdmo2y6aq+xZ6l+3LYf6sGBd7L7204gx6+4Ph+bzpr76x5dZ//Uy8/N/fW1x+6W3F961Xh+U+Fy7fGp6/9a1/pcdvviF/fTeeClu4tPL9gq/E9p3/tX9NC4bH3/lzQTzez7z0Q/l+aF6Xf9+Ir+sr3P4fzRX38/WwX5fCOzPvuGF5fa3Lx/dGuPSe4vV+xfsvnObi8/r34fl+x0+K+4/bFR/vj8LPMd/a1n6+i8fH1y+MdN5//i4eF8P5JLtYXB+Xivv70rM3dN28+D4k2cUb86//PN3Pjet6mKtZfHhx5sTCqfMPzZybXzw3s/jwxw+dPH3+1LlD+Xt5Hvpwv9svn5+25Oenufm9d2f52ep0MZ5nV3v7zzx4dG7f7K1z88eOnD927sEz82ePH11cPDo/t3jrkWPH5j/W7/YLc/fu2n1gz77d08cX5u7df+DAngPTC6dONzej2Kg+9s5+ZPrU2UP5TRbvvfvArnvuuXt2+uTpufl7983OTp/vd/v8e9N089Z/NH12/sSRcwsn56cXFz4+f++uA3v37u77boAnzxxbnJo5e/7UzPnF+bMzxWOZOpdf3Pze1+/2VNPifxQ/z3ZqFG/El73rjr3p/VmbvvKJVe+qWKTjDUSfCe9F890Xndm/lq9j7h8PM6lC/gcAAAByMfdPhJnI/wAAAFAZMfdvCjOR/wEAAKAyYu6fDDP9LwE1yf+V6/9vu7Cm9ev/l6n/37739P+Xb6f/Xxh4//89Zev/F+cL/f/BuNL+vf5/oP+v/6//r/+v/88AlK3/H3P/5izz938AAACoqJj7t4SZyP8AAABQGTH3XxNmIv8DAABAZcTc/4Iwk5rkf/1//f+r3//3+f/6/wX9f/3/QdD/703/vw/9/5msXv3/i4Pc/qvQ/9/c+oX+P2VUtv5/zP0vDDOpSf4HAACAOoi5/9owE/kfAAAAKiPm/uvCTOR/AAAAqIyY+7eGmdQk/+v/X1H/P3Wu9P/bt1//v53+fzge9P/1/zeA/n9v+v996P/7/P/h6v+30f+njMrW/4+5/0VhJjXJ/wAAAFAHMfe/OMxE/gcAAIDyGbu8m8Xc/5IwkxX5/zJXAAAAAFx1Mfdfn3UUwWvy93/9f5//r/+v/6//3339a+//j2b6/+Wh/9+b/n8f+v/6//r/+v8MVNn6/3nuzyazl4aZ1CT/AwAAQB3E3H9DmIn8DwAAAJURc//LwkzkfwAAAKiMmPu3hZnUJP/r/1em///L1qdO/1//v9f69f99/n+V6f/3pv/fh/6//r/+v/4/A1W2/n/M/TeGmdQk/wMAAEAdxNx/U5iJ/A8AAACVEXP//wszkf8BAACgMmLu3x5mUpP8r/9f8v5/bI76/H/9f/3/Uvb/J/X/S0f/vzf9/z70//X/9f/1/xmosvX/Y+5/eZhJTfI/AAAA1EHM/a8IM5H/AQAAoDJi7n9lmIn8DwAAAJURc/9UmElN8v96+v+Ni/r/q3meP/9/Yg2f/99G/1//v9f6L6v//+OXfedh/X+f/z8E9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu7fEWYi/wMAAEBlxNx/S5iJ/A8AAACVEXP/zjCTmuR/n/8/FP3/TP9f//+q9/9z+v/6/+Wn/9+b/n8f+v/6//r/+v8MVNn6/zH3vyrMpCb5HwAAAOog5v5bw0zkfwAAAKiMmPtfHWYi/wMAAEBlxNx/W5hJTfK//r/+v/6//r/+f/f16/8PJ/3/3vT/+9D/1//X/9f/Z6DK1v+Puf81YSY1yf8AAABQBzH33x5mIv8DAABAZcTcf0eYifwPAAAAlRFz/3SYSU3yv/6//r/+v/6//n/39ev/Dyf9/970//vQ/9f/1//X/2egytb/j7n/zjCTmuR/AAAAqIOY++8KM5H/AQAAoDJi7p8JM5H/AQAAoDJi7p8NM6lJ/tf/1//X/9f/X1f//5XL96v/X9D/Lxf9/970//vQ/9f/v+r9/3H9fyqlbP3/mPt3hZnUJP8DAABAHcTcvzvMRP4HAACAyoi5f0+YifwPAAAAlRFz/91hJjXJ//r/+v/6//r/Pv+/+/r1/4eT/n9vg+//x4eo/6//r//v8//1/1mpbP3/mPvvCTOpSf4HAACAOoi5f2+YifwPAAAAlRFz/74wE/kfAAAAKiPm/v1hJjXJ//r/+v/6//r/+v/d16//P5z0/3vz+f996P/r/w9x/795bOn/UzZl6//H3H8gzKQm+R8AAADqIOb+14aZyP8AAABQGTH3//8wE/kfAAAAKiPm/t8IM6lJ/tf/1//X/9f/L3v/f0L/X/9/HfT/e9P/70P/X/9/iPv/Pv+fMipb/z/m/nvDTGqS/wEAAKAOYu7/zTAT+R8AAAAqI+b+14WZyP8AAABQGTH3HwwzqUn+1//foP5/vFD/X/9f/9/n/+v/P6/0/3vT/+9D/1//X/9f/5+BKlv/P+b+14eZ1CT/AwAAQB3E3H9fmIn8DwAAAJURc/8bwkzkfwAAAKiMmPvfGGZSk/yv/+/z/69+/3+8bdv1/5dvp/9f0P/X/18P/f/e9P/70P/X/9f/1/9noMrW/4+5/01hJjXJ/wAAAFAHMfe/OcxE/gcAAIDKiLn/LWEm8j8AAABURsz9bw0zqUn+1//X/7/6/X+f/6//X9D/1/8fBP3/3vT/+9D/1//X/9f/Z6DK1v+Puf+3wkxqkv8BAACgDmLuvz/MRP4HAACAyoi5/21hJvI/AAAAVEbM/W8PM6lJ/tf/1//X/9f/1//vvn79/+Gk/9/bkPX/f31tuFz/v6D/X+7tX2//f6zj6+el///j1fr/S5s6b6//z/OhbP3/mPvfEWZSk/wPAAAAdRBz/zvDTOR/AAAAqIyY+98VZiL/AwAAQGXE3P/bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7w0xqkv8BAACgDmLufyDMRP4HAACAyoi5/z1hJvI/AAAAVEbM/e8NM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/4NhJjXJ/wAAAFAHMfe/L8xE/gcAAIDKiLn/d8JM5H8AAACojJj73x9mUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x938gzGTt+X9yzUsCAAAAV0XM/b8bZlKTv/8DAABAHcTc/3thJvI/AAAAVEbM/b8fZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/0GYSU3yPwAAANRBzP0fDDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/ueNffvi9dx7epf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfcA/AAAADLeY+/8wzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/79vuSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZlmm/6//z1VUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAAAoo02Xc6OY+z8UZlKT/K//r/+v/6//7/P/u6+/tP1/n//fk/5/b+Xp/3fn8//1/4d5+/X/9f9ZqWz9/5j7F8JMapL/AQAAoA5i7v9wmIn8DwAAAJURc/9HwkzkfwAAAKiMmPtPhJnUJP/r/+v/6//r/+v/d1+//v9w0v/vTf+/D/1//X/9f/1/Bqps/f+Y+0+GmdQk/wP/x959NGlWl30cv5unKWaKzbN7Fs9C974EFrLWF+CCjQutslyAijnNYI6Yc8AsBgygiAlzAhOKYkLFnANmxBqL6eu6psPpc3fP3N19zv//+Sy8oGE8N9YU+KP5cgAAgB7k7r80brH/AQAAoBm5+y+LW+x/AAAAaEbu/ofFLZ3sf/2//r/Z/v+++v/dnq//1/+3TP8/Tv+/hP5f/6//1/+zD3cv/XPs1Pr/3P0Pj1s62f8AAADQg9z9j4hb7H8AAABoRu7+y+MW+x8AAACakbv/kXFLJ/t/W/+/tuiz/8+MV//fUv/v/f+7Pl//r/9v2eH2/1fc82c+/b/+X/8f9P/6f/0/202t/8/d/6i4pZP9DwAAAD3I3f/ouMX+BwAAgGbk7n9M3GL/AwAAQDNy9z82bulk/3v/v/f/6//1//r/4efr/+fJ+//H9dT/X37rhZfeef3/37Cf5+v/9f/6f/0/qzW1/j93/+Pilk72PwAAAPQgd//j4xb7HwAAAJqRu/8JcYv9DwAAADN0fPCrufufGLd0sv/1//p//X/0/8f0//p//X8L9P/jeur/z+b5+n/9v/5f/89qTa3/z93/pLilk/0PAAAAPcjd/+S4xf4HAACA6Rr6B7FH5O4/EbfY/wAAANCM3P0n45ZO9r/+/+D7///o/+fR/3v/v/5f/98E/f84/f8S+n/9v/5f/89KTa3/z91/RdzSyf4HAACAHuTuf0rcYv8DAABAM3L3PzVusf8BAACgGbn7nxa3dLL/9f/e/6//1//r/4efr/+fJ/3/OP3/Evr/c+3nz9f/6//1/2y2z/7/rpE/ba+k/8/d//S4pZP9DwAAAD3I3f+MuMX+BwAAgGbk7n9m3GL/AwAAQDNy9z8rbulk/x9Y/3/b8mfr//X/+v+Z9/87f+qdpv8fpv8/HPr/cZPp/9fWB7+s/599/+/9//p//T9bTO39/7n7nx23dLL/AQAAoAe5+58Tt4zs/33/zXwAAADgSOXuf27c4vv/AAAAMHtZneXuf17c0sn+9/5//b/+X//v/f/Dzx/r/2/Y9Pn0/9Oi/x83mf5/F/p//f+cP7/+X//PTlPr/3P3Pz9u6WT/AwAAQA9y918Zt9j/AAAA0Izc/S+IW+x/AAAAaEbu/hfGLZ3s/+H+/8xv1//vjf5/6+fX/w///FhV/5//jfr/0f7/Yu//75P+f5z+fwn9v/5f/79b/3982Y/X/zNkav1/7v4XxS2d7H8AAADoQe7+F8ct9j8AAAA0I3f/S+IW+x8AAACakbv/pXFLJ/vf+//1//r/+fX/3v+/4Sjf/7849P5/Xf+/R/r/cfr/JfT/+n/9//j7/0f+LQD6f4ZMrf/P3f+yuKWT/Q8AAAA9yN3/8rjF/gcAAIB52PzPDmz/B0pD7v5XxC32PwAAADQjd/8r45Z29v/ouzr1//p//b/+X/8//Pxp9f/e/79X+v9x+v8l9P8H0c+vN9b/X7Xbj59C/3/ioPv/Efp/hmzp/2888/Wj6v9z978qbmln/wMAAED3cve/Om6x/wEAAKAZuftfE7fY/wAAANCM3P2vjVs62f8H3v+P/NsH9P/6f/2//l//r/9fNf3/OP3/Evp/7//3/n/9Pyu1pf/f5Kj6/9z9r4tbOtn/AAAA0IPc/a+PW+x/AAAAaEbu/qviFvsfAAAAmpG7/w1xSyf73/v/9f/6f/2//n/4+fr/eTqn/v48/X/R/+v/9f/6f/0/KzC1/j93/xvjlk72PwAAAPQgd/+b4hb7HwAAAJqRu//NcYv9DwAAAM3I3f+WuKWT/a//P9j+P7+u/9f/L/T/+n/9/6Ho9v3/a0N/Jdppl/7/5oecvP/Wr+j/9f/6f/2//p89+t+R3zaJ/v/Umf93mbv/rXFLJ/sfAAAAepC7/21xi/0PAAAAzcjd//a4xf4HAACAZuTuvzpu2ef+H2sepkz/7/3/+n/9v/5/+Pn6/3nqtv/fI+//X0L/r//X/+v/WalJ9P+bfj13/zviFt//BwAAgGbk7n9n3GL/AwAAQDNy978rbrH/AQAAoBm5+98dt3Sy//X/+n/9v/5f/z/8fP3/POn/x+n/l5hT/3/1OfT/68NfPup+/lwd9efX/+v/2Wlq/X/u/mvilk72PwAAAPQgd/974hb7HwAAAJqRu/+9cU87Yf8DAABAS3L3vy9u6WT/6//1//p//b/+f/j5+v950v+P0/8vFotrRz7AUP9/6oJp9v/e/z+5z6//1/+z09T6/9z9749bOtn/AAAA0IPc/dfGLfY/AAAANCN3/3Vxi/0PAAAA03Zs779r7v4PbP+Bnex//b/+X/+v/9f/Dz9f/z9P+v9x+v8l5vT+f/3/5D6//l//z05T6/9z938wbulk/wMAAEAPcvdfH7fY/wAAANCM3P0filvsfwAAAGhG7v4b4pZO9r/+X/+v/9f/6/+Hn6//n6eD6/8X+n/9v/5/Cf2//l//z3ZT6/9z9384bulk/wMAAEAPcvd/JG6x/wEAAKAZufs/GrfY/wAAANCM3P0fi1s62f/6f/2//l//r/8ffr7+f568/3+c/n8J/b/+X/+v/2elhvv/E0fW/+fu/3jc0sn+BwAAgB7k7r8xbrH/AQAAoBm5+z8Rt9j/AAAA0Izc/Z+MWzrZ//p//f/W/n+x0P/r//X/Gw6h/z+20P+vnP5/nP5/Cf1/m/3/eYuG+v/ju/54/T9TNLX3/+fu/1Tc0sn+BwAAgB7k7v903GL/AwAAQDNy938mbrH/AQAAoBm5+z8bt3Sy//X/+n/v/9f/6/+Hn+/9//Ok/x+n/19C/99m/+/9//p/jszU+v/c/Z+LWzrZ/wAAANCD3P2fj1vsfwAAAGhG7v4vxC32PwAAADQjd/8X45ZO9r/+X/+v/9f/6/+Hn6//nyf9/zj9/xL6f/2//l//z0pNrf/P3f+luKWT/Q8AAAA9yN1/U9xi/wMAAEAzcvffHLfY/wAAANCM3P1fjls62f/6f/2//n+e/f8x/b/+X/8/aCr9/0UX3e8W/b/+X/+v/9f/6/97N7X+P3f/V+KWTvY/AAAA9CB3/1fjFvsfAAAAmpG7/2txi/0PAAAAzcjd//W4pZP9v7P/P3+xUahuGOr/o1HT/2+i/9/6+fX/wz8/vP9f/6//P3hT6f+9///sPr/+X/8/58+/r/7/3jt/vP6fFk2t/8/df0vc0sn+BwAAgB7k7v9G3GL/AwAAQDNy938zbrH/AQAAoBm5+2+NWzrZ/97/r//X/+v/9f/Dz9f/z5P+f5z+fwn9v/7f+/8ve9D/6P9Znan1/7n7vxW3dLL/AQAAoAe5+78dt9j/AAAA0Izc/bfFLfY/AAAANCN3/3filk72v/5f/6//1//r/4efr/+fJ/3/OP1/2f6HtqGf/v/Y0BePup8/V0f9+Zvp/73/nxWaWv+fu/+7cUsn+x8AAAB6kLv/e3GL/Q8AAADNyN3//bjF/gcAAIBm5O7/QdzSyf7X/+v/2+//H6j/3/Z8/b/+v2X6//wr+jD9/xL99P+Djrqfn/vn1//r/9lpav1/7v7b45ZO9j8AAAD0IHf/D+MW+x8AAACakbv/R3GL/Q8AAADNyN3/47ilk/2v/++r/19b9Nj/e/+//l//3xP9/zj9/xL6f/2//l//z0pNrf/P3X/H2nqX+x8AAADm6gH3eejte/197zj9n8cWP4lbLl6c2uO3sQEAAICJu2f3r60vFj89/Wu+/w8AAAAtyt3/s7ilk/2v/++r/+/z/f/6f/2//r8n+v9x+v8l9P/6f/2//p+Vmlr/n7v/53HLpuG3vu8/SgAAAGBKcvf/Im7p5Pv/AAAA0IPc/b+MW3bsf/86QAAAAJir3P2/ils6+f6//n/i/f/igPr/+P30/xv0//r/oefr/+dJ/z/uHPv/U2v6f/3/CP2//l//z3ZT6/9z9/86bulk/wMAAECjtvwdhdz9v4lb7H8AAABoRu7+38Yt9j8AAAA0I3f/7+KWTva//v/Q+/9M1Q/w/f/H65e8/7/z/v/KY4PP1//r/1um/x/n/f9L6P9b6f8v0P/r/5mGqfX/uft/H7d0sv8BAACgB7n7/xC32P8AAADQjNz9f4xb7H8AAABoRu7+P8Utnex//f/E3/9/Vv3/Ht7/r//vo//f5fnt9P//d+HJmy558HXX6P854zD7//y5oP/X/+v/N0yo//f+f/0/E7H6/n99yxf32//n7v9z3NLJ/gcAAIAe5O6/M26x/wEAAKAZufv/ErfY/wAAANCM3P1/jVs62f/6f/3/VPr//N/6CPr/k2fd/x9fLBZH0v9nU9x7/+/9//r/nbz/f5z+fwn9v/5f/6//Z6VW3/9v/eJ++//c/X+LWzrZ/wAAANCD3P1/j1ty/6/t+2/dAwAAABOTu/8fcYvv/wMAAEAzcvf/M27pZP/r//X/U+n/k/f/n/lxbb3//5KKU/vs/+9Vv6T/P1j6/3H6/yX0//p//b/+n5WaWv+fu/9fcUsn+x8AAAB6kLv/rrjF/gcAAIBm5O7/d9xi/wMAAEAzcvffHbd0sv/1/632/1nE6//1/1Pp/73/3/v/D4f+f5z+fwn9v/5f/6//Z6Wm1v/n7v9vAAAA//+RlXrD")
llistxattr(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=""/33, 0x21)

1.784266465s ago: executing program 0 (id=4088):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1, 0x4, 0x4, 0x2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)

1.637533663s ago: executing program 0 (id=4090):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0x7000000)

1.637109223s ago: executing program 1 (id=4091):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000140)={0x4, [0x3, 0x1000, 0x0, 0x1, 0x2, 0x6, 0x7, 0x3, 0x10, 0x1, 0x4, 0x9ee0, 0x28, 0x385, 0xef9a, 0xfff, 0x7, 0xb2, 0x1, 0x2, 0x7fff, 0x4, 0x1ff, 0x0, 0xfffc, 0x0, 0x2, 0x10, 0x6, 0xd, 0x4, 0x79, 0x5, 0x7, 0x6, 0x2, 0x81, 0xffff, 0x8000, 0x9, 0x0, 0x2, 0x423, 0xfff, 0x86, 0x400, 0x3, 0x9], 0xc})

1.490287011s ago: executing program 0 (id=4093):
msgsnd(0x0, 0x0, 0x8, 0x0)
syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="07010100ffd9f810f80600b0f97d0102030109022c0401000000020904000001ff615a00090588"], 0x0)

1.437656555s ago: executing program 1 (id=4094):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xf0)
ioctl$sock_ax25_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={@default, @bcast, 0x4, [@default, @null, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @bcast, @null]})

1.373985899s ago: executing program 3 (id=4095):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000022c0)={0xf, 0xfffffff9, 0x7f, 0x1f5, 0x6, 0x80001})

1.249396526s ago: executing program 1 (id=4097):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000004, 0x3b071, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000003000000000000000000008018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000101040085000000060000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f87fffffb702000008000000b703000087000000850000000600000095"], &(0x7f00000000c0)='GPL\x00', 0xb, 0xff3, &(0x7f0000000cc0)=""/4083, 0x41000, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcbb}, 0x94)

1.209219188s ago: executing program 3 (id=4098):
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1c802, &(0x7f0000002740)=ANY=[], 0x3, 0x5fa3, &(0x7f0000007fc0)="$eJzs3dtvHFcdB/DfXry+lKZRhaoQ8eCmUFpKc0+g3JrywAMggYTyTCLXrQJpQUlAtIoUV3lAPHD5E+ClLzz0HykSfwHiDyCSzVMlKIPGPicZr9deh9g7uz6fj7SZ+e2Z8Z7J1+O9zMyeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADie9/98blORFz7VbrjeMRnohfRjVis6+WoZ67k5fsRcSI2m+O5iOjNR9Trb/7zTMTFiPj4WMT6xt2V+u7z++zHpbN3bn36/e/8/Td/uH/ip2/+5MPh9h999sJHv70XcfyHr3306b2D2XYAAAAoRVVVVSe9zT+Z3t932+4UADAR+fm/SvL9arVarT7Q+vfd6eqPutC6qRrtXrOIiLXmOvVrBofjAWDGrMUnbXeBFsm/aP2IeKrtTgBTrdN2BzgU6xt3Vzop307z+WB5qz1/Trkt/7XOw+s7dpuOM3yOyaR+v+5HL57dpT+LE+rDNMn5d4fzv7bVPkjLHXb+k7Jb/oOtS5+Kk/PvDec/ZFv+f4yImc2/OzL/UuX8+4+T/1pvhvd/+QMAAAAAcPTlz/+Pt3z8d/7JN2Vf9jr+uzyhPgAAAAAAAADAQXvS8f8eMv4fAAAATK36vXrtT8ce3bfbd7HV91/tRDw9tDxQmHSxzFLb/QAAAAAAAAAAAACAkvS3zuG92omYi4inl5aqqqpvTcP143rS9Wdd6dsPJWv7jzwAAGz5+Fi6lj8PwNeJWIiIq+m7/uaWlpaqamFxqVqqFufz69nB/EK12Hhfm6f1ffODfbwg7g+q+octNNZrGvd+eVz78M+rH2tQ9fbRscloOXQAirf1bLTuGemIqapnou1XOcwG+//RY/9nP9r+PQUAAAAOX1VVVSd9nffJdMy/23anAIBJWMjP/8PHBdRqtVqtVh+9uqka7V6ziIi15jr1awbD8QPAjFmLT9ruAi2Sf9H6EXGi7U4AU63Tdgc4FOsbd1c6Kd9O8/kgje+ezwXZlv9aZ3O9vP6o6TjD55hM6vfrfvTi2V3689yE+jBNcv7d4fyvbbUP0nKHnf+k7JZ/vZ3HW+hP23L+veH8hxyd/Lsj8y9Vzr//WPn35A8AAAAAAFMsf/5/vNzjv73cn+UJ9QEAAAAAAAAADtr6xt2VfN1rPv7/+RHLdZpzrv88MnL+nX3n7/rfoyTn3x3Of+iEnF5j/sEbj/L/18bdlQ/v/PNzeTr1+c/1BvVjz3W6vX4656eaeytuxM1YjbM7lu9vaz+3o31uW/v5Me0XdrQP6vbF3H46VuLncTPefNg+P+bEqIUx7dWY9px/z/5fpJx/v3Gr819K7Z2hae3BB90d+31zOupxrvzlPy/u3Lsm7370Hm5bU719p1roz+b/yVOD+OXt1Vunf339zp1b5yJNtt17PtLkgOX859It5//SC1vt+e9+c3998MHgsfOfFvejv2v+LzTm6+19ecJ9a0POf5BuOf/8DDR6/5/l/Hff/19poT8AAAAAAAAAAAAAAACwl6qqNi8RvRIRl9P1P21dmwkATNTvfpBmqiTUarVarVYf2bqpGu31ZhELjRV8UAAAs+q/EfGPtjtBa+RfsPx9f/X0C213Bpio2++9/7PrN2+u3rrddk8AAAAAAAAAgP9XHv9zuTH+8+Z5QEPjRm8b//WNWJ7Z8T+7g97mWOdpg56Pvcf/PhV7j//dH/N4c2PaB2Pa58e0L4xpH3mhR0PO//mUcc7/ZNqwksZ/famF/rQt538qjfWc8//S0HLN/Ks/z3L+3W35n7nzzi/O3H7v/VdvvHP97dW3V989d/byxQuXLl64dOnMWzdurp7d+rfFHh+unH8e+9p5oGXJ+efM5V+WnP8XUy3/suT8X0y1/MuS88+v9+Rflpx/fu8j/7Lk/F9OtfzLkvP/cqrlX5ac/yupln9Zcv5fSbX8y5LzfzXV8i9Lzv90quVflpz/mVTLvyw5/3yES/5lyfnnMxvkX5ac//lUy78sOf8LqZZ/WXL+F1Mt/7Lk/C+lWv5lyflfTrX8y5Lz/2qq5V+WnP/XUi3/suT8X0u1/MuS8/96quVflpz/N1It/7Lk/L+ZavmXJef/rVTLvyw5/2+nWv5lyfm/nmr5l+XR9/+bmfDMv/8aMQXdMFPqzLt/22uZtv8yAQAAAAAAAAAAAADDJnGmcdvbCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9jBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYu7sYucr7DOBnv+y1ccAN38SBtTFgYPHu+gscYjBJSClpU0pC2rSkxrHXH4m/6l0ngFBZCm2JglSk9oJeNE2iNIrUVqAoUlOJRkiN1N6Vq0TcRK3EhaVC5aCkUipgqzPzvu/OzM7OrO1de845vx/Cf+/MmZl3zpyZ3WetZwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABqt//jkn/dlWZb/X/tjbZatyf++Ktudfzmz42KvEAAAADhf79X+/IfL0gm7F3Ghhm3+7fr/+MHs7Oxs9sV3Tr//l7Oz6YyRLBtYmWW186J//9UvZxu3CZ7Nhvv6G77u73LzA13OH+xy/lCX81d0OX9ll/OHu5w/bwfMs6r++5jalW2s/XVtfZdmV2RDtfM2trnUs30r+/vj73Jq+mqXmR06kB3OjmST2fi8y/TV/suyV9fnt/VAFm+rv+G21mVZdubnT+2La+gL+3hj1nRjNY2P3dv3ZSPv/Pypfd+dfuvadrPrbpi30izbtCFf53NZNvfrqqwvW5n2SVxnf8M617VZ50DTOvtql8v/3rrOM4tcZ7zfw2Gdr3dY57pw2uM3Zlk2ky24Tatns/5sdcutpv09XD8i8uvIH8oPZoNndZysX8Rxkl/mzRubj5PWYzLu//VhnwwusIbGh+PtZ1bM2+/nepzk97oXjtX8uh/Kb3R4uPFXq03Har7NUzctfAy0fezaHAPpWG44BjZ0Owb6VwzUjoH+uTVvaDoGJuZdpj/rq93W6Zs6HwNj00dPjE098eQdh4/uPTh5cPLYxPiObVu3b9u6ffvYgcNHJsfrf57dLi2Q1Vl/OgY3hNeaeAze0rJt4yE5+62lex4M98jzIL/vn705X9Ca/myBYzzf5rlN5/88SN/3G54Hgw3Pg7avqW2eB4OLeB7k25zZtLjvmYMN/7dbw3K9Fq5tOAYu5vfD/DYfvXXh18J1YV3P33a23w8H5h0D8W71hedefkr6eW/4rrBf5h8X1+VnXLIiOzU1eXLz43unp09OZGFcEJc3PFatx8vqhvuUzTte+s/6eNn99+/efF2b09eGfTV8e+fHKt9m22jnx6r26t68P1dk9f3ZdOqWLIwldqH3Z7vvZvn+TFmiw/7Mt3nujvP/WTDlkobXv6Fur38DQ4P117+BtDeGml7/5j80A7WVZdmZOxb3+jcU/r/Qr39X9MjrX76vHt3c+RjIt3l+7GyPgcGOr383htkX1nNrSAzDDbn//dr5M/XDtOGx7HrcDA4OheNmMN5i83Gzdd5l8mvLb3vT+LkdN5tubH6smn5uKeFxk++rvxrvfNzk27w2cf6vHaviXxteO1Z0OwaGBlbk6x1KB0H99W52VTwGNmf7suPZkWx/ukz+KOe3NbplccfAivD/hX7tuKZHjoF8X720pfMxkG/z461L+7PTpnBK2qbhZ6fW3y8slPmvG5y7vtbdttSZP1/nJ37y6XRauwyRb/PWtrPNGZ330+3hlEva7KfW589Cx/T+7MLsp2vCOo9s7/y7qXybK3Ys8njanWXZGxNv1H7fFX6/+/1TP/lB0+992/1O+Y2JNx4ce/inZ7N+AADO3fu1P2dW1H/WbPgX68X8+z8AAABQCDH394eZyP8AAABQGjH3D4SZyP8AAABQGjH3D4aZVCT/H7pr58vvPZ2ldwOcDeL5cTc8dE99u9jxnglfj8zOyU//2HeGXv7a04u77f4sy9598ENttz90T1xX3Ym4zo80nz7PNTcs6vYfe2Ruu8b3Tzizs3798f4s9jCIXeVXx7bUrnfkiYnafO3BrDYfnnn+2fr117+O25/eWt/+b8Kbluw+0Nd0+U1hPRvDHMlW1d5T5qHdc/shn/FyL6+7/l8v/9zc7cXL9W24tHY3X/rj+vXG94h68fL69vF+L7T+f/n6917Ot3/8pvbrf7q//fpPh+t9M8xf7apv37jPv9aw/j8N64+3Fy+3+ds/arv+V66ub/9KOC6+GWbr+u/7iw+/1+7xirez++765eLtj//vttrl4vXF629d//DTE037o/X6X3unfj27vvKLgcbt4+nxdqLH7m4+vvvC49vUI8+y7Ht/ljXt5+yj9cv9c8v64/WduLv9+m9vWeeJvhtql5+7P2ub7tc3/m5L2/sb17P7H9c23Z8X7w/7752xH+fXe/rhcDyG8//v9fr1tb6X6Sv3N7/exO2/ubb+vI3XN9ay/hdb1j9zQ77vuq//gXfq63/l3pVN69/9yXA8PVCf3dZ/8G8va7r8t75bfzxOfnX02PGpU4f3N+zVxufxyuFVqy9Z84FLLwuvpa1f7zk+fWjy5Mj4yHiWjRTwLQOXe/3fDvN/6mNm6W+h7qe/qB93L3yq/n3rll/Wv34xnP5YeDzj98dv/PVQ0/Ha+rjP3Fuf57v+28I6Fuvqr//XDYva8PQXXj31T3/yVuvPBfH+nLhyuHb/Xlp/Ve28vtfq57e+XnXzn1c2P69/Njhemz8M+3U2vDPzhqvqt9d6/fG9SV74TP35G3+Si5fPWt5PZO1A8/043/X/LPwc86Nrml//4vHxw6db3s15bdaXL2EmvD5kM/Xz41Zxf79w5qq2txffhyebufZslrmgqSemxo4cPnbq8bHpyanpsaknntxz9PipY9N7au9duudL3S4/9/xeXXt+75/csS2rPduP18cyu9jrP/HIvv13jt+8f/LA3lMHph85MXny4L6pqX2T+6du3nvgwORXu13+8P5dE1t2br1zy+jBw/t33bVz59ado4ePHc+XUV9UFzvGvzx67OSe2kWmdm3bObF9+7bx0aPH90/uunN8fPRUt8vXvjeN5pf+yujJySN7pw8fnRydOvzk5K6JnTt2bOn67o9HTxyYGhk7eerY2KmpyZNj9fsyMl07Of/e1+3yVMPU8fB616Iv/HT++dt3pPfHzX3nmQWvqr5J84+n2dvhvaDi97duX8fcPxRmUpH8DwAAAFUQc3944/+5M+R/AAAAKI2Y+1eGmcj/AAAAUBox99eT/3D6+Peq5P+l6v8/o/9fs/z9/0z/X/9f/1//v1D0//X/O9H/1/8v8vr1//X/6a7X+v8h92erssy//wMAAEBJxdy/OsxE/gcAAIDSiLn/kjAT+R8AAABKI+b+NWEmFcn/Pv9f/1//v1P/P26r/5/p//dC/3/jf+v/z6P/r/+f6f+fs4vdny/6+nuw/79K/59e02v9/5j7PxBmUpH8DwAAAFUQc/+lYSbyPwAAAJRGzP2XhZnI/wAAAFAaMfevDTOpSP7X/9f/1//3+f/6/4Xp//v8/zb0//X/M/3/c3ax+/NFX38P9v99/j89p9f6/zH3/1qYSUXyPwAAAFRBzP0fDDOR/wEAAKA0Yu6/PMxE/gcAAIDSiLn/ijCTiuT/avb/38yyTP8/0//X/29Zp/6//v9y0P/X/+9E/1//v8jr1//X/6e7Xuv/x9x/ZZhJRfI/AAAAVEHM/VeFmcj/AAAAUBox918dZiL/AwAAQGnE3H9NmElF8n81+/8+/1//v07/v3md+v/6/8uh0v3/dw/p/3eh/6//X+T16//r/9Ndr/X/Y+6/NsykIvkfAAAAqiDm/uvCTOR/AAAAKI2Y+z8UZiL/AwAAQGnE3L8uzKQi+V//X/9f/1//X/9f/385Fav/37/gOT7/v07/v9nS9f9n5hag/1+Y9ev/6//TXa/1/2Pu/3CYSUXyPwAAAFRBzP3Xh5nI/wAAAFAaMfffEGYi/wMAAEBpxNw/EmZSkfyv/6//r/+v/6//r/+/nIrV/1+Y/n+d/n8zn/+v/6//r/9PZ73W/4+5f32YSUXyPwAAAFRBzP0bwkzkfwAAACiNmPtvDDOR/wEAAKA0Yu7fGGZSmvz/gY7n6v/r/+v/6//r/+v/Lyf9f/3/TvT/9f+LvH79f/1/uuu1/n/M/TeFmZQm/wMAAAAx998cZiL/AwAAQGnE3H9LmIn8DwAAAKURc/+mMJOK5H/9f/1//f8C9/8H9P8z/f+ep/+v/9+J/r/+f5HXr/+v/093vdb/j7n/1jCTiuR/AAAAqIKY+28LM5H/AQAAoDRi7r89zET+BwAAgNKIuX80zKQi+V//X/9f/7/A/X+f/9+0fv3/3qT/X5T+/1Dzl/r/i6L/r/+v/6//T2e91v+Puf+OMJOK5H8AAACogpj7N4eZyP8AAABQGjH3j4WZyP8AAABQGjH3j4eZVCT/6//r/+v/6//r/xe2/79sXfelpP9flP5/C/3/RdH/1//X/9f/p7Ne6//H3D8RZlKR/A8AAABVEHP/ljAT+R8AAABKI+b+rWEm8j8AAACURsz928JMKpL/C9L/35wKUPr/+v/6//r/+v+Fov+v/9+J/r/+f5HXr/+v/0+z/jan9Vr/P+b+7WEmFcn/AAAAUAUx9+8IM5nL/2sv/KoAAACApRRz/51hJv79HwAAAEoj5v67wkwqkv8L0v/3+f/6//r/DfT/9f+LRP9f/78T/X/9/yKvX/9f/5/ueq3/H3P/zjCTiuR/AAAAqIKY+z8SZiL/AwAAQGnE3H93mIn8DwAAAIXS7nMIo5j7PxpmUpH8r/9f9v7/7Er9f/1//f/O69f/X176//r/nej/6/8Xef36//r/dNdr/f+Y+3eFmVQk/wMAAEAVxNx/T5iJ/A8AAAClEXP/vWEm8j8AAACURsz9u8NMKpL/9f/L3v/3+f/6//r/3dav/7+89P/1/zvR/y9m/z/82KL/30P9//wY0v+nF/Va/z/m/vvCTCqS/wEAAKAKYu7/WJiJ/A8AAAClEXP/x8NM5H8AAAAojZj7PxFmUpH8r/+v/6//r/9fzP7/kP5/Qej/L1v/v/ZSqP9fp/9/bi52f77o6++l/r/P/6dX9Vr/P+b++8NMKpL/AQAAoApi7v9kmIn8DwAAAKURc/+vh5nI/wAAAFAaMfc/EGZSkfyv/79k/f81mf6//n/L9ev/+/x//X/9f5//35n+v/5/kdev/6//T3e91v+Puf83wkwqkv8BAACgCmLufzDMRP4HAACA0oi5/1NhJvI/AAAAFMyKBc+Juf83w0wqkv+L1/8f6dX+f81C/fn+dP36//r/+v/6//r/S0n/X/8/0/8/Zxe7P1/09ev/6//TXa/1/2Pu/60wk4rkfwAAAKiCmPs/HWYi/wMAAEBpxNz/22Em8j8AAACURsz9D4WZVCT/L3X/v/XynZTs8/9rfP6//n+m/5/o/+v/Z/r/+v9d6P/r/xd0/fFHEf1//X+66LX+f8z9vxNmUpH8DwAAAFUQc//DYSbyPwAAAPSoQ2d9iZj7PxNmIv8DAABAacTc/9kwk4rk/+J9/r/+v/6//r/+v/5/kej/6/93ov+v/1/k9fv8f/1/uuu1/n/M/Y+EmVQk/wMAAEAVxNz/uTAT+R8AAABKI+b+3w0zkf8BAACgNGLu/70wk4rkf/1//X/9f/1//X/9/+Wk/z+//5+/hlWm/z/b+oxrpv+v/1/k9ev/6//TXa/1/2Pu/3yYSUXyPwAAAFRBzP2/H2Yi/wMAAEBpxNz/B2Em8j8AAACURsz9j4aZVCT/6//r/+v/V7b/n5at/6//v5z0/33+fyf6//r/RV6//r/+P931Wv8/5v4vhJlUJP8DAABAFcTc/4dhJvI/AAAAlEbM/XvCTOR/AAAAKI2Y+x8LM6lI/tf/1//X/69s/9/n/wf6/8tL/1//vxP9f/3/Iq9f/1//n+56rf8fc//eMJPdzTcDAAAAFFfM/V8MM6nIv/8DAABAFcTcvy/MRP4HAACA0oi5f3+YSUXyv/6//r/+v/6//r/+/3LS/9f/70T/X/+/yOvX/9f/p7te6//H3D8ZZlKR/A8AAABVEHP/gTAT+R8AAABKI+b+g2Em8j8AAACURsz9h8JMKpL/9f/1//X/K9v/f/37LevU/9f/Xw76//r/nej/6/8Xef36//r/dNdr/f+Y+w+HmVQk/wMAAEAVxNz/pTAT+R8AAABKI+b+L4eZyP8AAABQGjH3HwkzqUj+1//X/9f/r2z/f3Gf/79q7nb1//X/z4X+v/5/J/r/+v9FXr/+v/4/3fVa/z/m/qNhJhXJ/wAAAFB2a9LfhrNjYSbyPwAAAJRGzP3Hw0zkfwAAACiNmPtPhJlUJP/r/59d/79vgW6g/n/79ev/l6D/30D/X///XOj/6/93ov+v/1/k9ev/6//TXa/1/2Pu/6Mwk4rkfwAAAKiCmPtPhpnI/wAAAFAaMfdPhZnI/wAAAFAaMfdPh5lUJP/r//v8f/1//X/9f/3/5aT/r//fif6//n+R16/////s3eeSZ2W1x/GmOXMYivIeKO/AK/ACfOE1WGV5B+YEZsyKOSfMCbNizjlnzFkUxRyrtOheayFDz949M/2fefazPp8XLk7DqXkoOFXnV+O3tv6fdaP1/7n77x+3NNn/AAAA0EHu/gfELfY/AAAATCN3/wPjFvsfAAAAppG7/0FxS5P9r//X/+v/9f/6f/3/Lun/9f9L9P/6/y2/X/+v/2fdaP1/7v4Hxy1N9j8AAAB0kLv/IXGL/Q8AAADTyN3/0LjF/gcAAIBp5O5/WNzSZP/r//X/+n/9v/5f/79L+n/9/xL9v/5/y+/X/+v/WTda/5+7/+FxS5P9DwAAAB3k7n9E3GL/AwAAwDRy9z8ybrH/AQAAYBq5+6+JW5rsf/2//l//v8H+///0//r/7dD/6/+X6P/1/1t+v/5f/8+60fr/3P3Xxi1N9j8AAAB0kLv/UXGL/Q8AAACbc/f7Hf3z3P2PjlvsfwAAAJhG7v7HxC1N9r/+X/+v/99g/+/7//r/DdH/6/+X6P/1/1t+v/5f/8+60fr/3P2PjVua7H8AAADoIHf/4+IW+x8AAACmkbv/8XGL/Q8AAABbdyr/IHf/E+KWJvtf/3/x+v/L9P/6f/2//l//f+L0//r/Pf3/ebvU/fzW36//1/+zbuf9/72vO7jH7f9z918XtzTZ/wAAANBB7v4nxi32PwAAAEwjd/+T4hb7HwAAAKaRu//JcUuT/a//9/3/O/r//1ym/9f/6//v+Ln+/2To//X/S/T/+v8tv1//r/9n3c77/5Xe/8z/OXf/U+KWJvsfAAAAOsjd/9S4xf4HAACAaeTuf1rcYv8DAADANHL3Pz1uabL/9f/6f9//1//r//X/u6T/H7b/P/P/9O5M/38s+n/9/9n6/3se4/36fzoYrf/P3f+MuKXJ/gcAAIAOcvc/M26x/wEAAGAaufuvj1vsfwAAAJhG7v5nxS1N9r/+X/+v/9f/37n/32/Z/9/+M/3/buj/h+3/l+n/j0X/r//3/X/9P8tG6/9z9z87bmmy/wEAAKCD3P3PiVvsfwAAAJhG7v7nxi32PwAAAEwjd//z4pb9S/Wii0v/r//X/+v/L+j7/5fP0f/7/v/u6P/Pv/+/1zHepf8/pP8/P5e6n9/6+/X/+n/Wjdb/5+5/ftzi9/8BAABgDvt7tftfELfY/wAAADCN3P0vjFvsfwAAAJhG7v4XxS1N9r/+X/+v/9f/X1D/P8n3//X/u6P/9/3/Jcft//f0//X3ov8f5/36f/0/60br/3P3vzhuabL/AQAAoIPc/S+JW+x/AAAAmEbu/pfGLfY/AAAATCN3/8vilib7X/+v/9f/6//1//r/XdL/6/+X+P6//n/L79f/6/9ZN1r/n7v/5XFLk/0PAAAAHeTuf0XcYv8DAADANHL3vzJusf8BAABgGrn7XxW3nLn/9y/mqy4e/b/+X/+v/9f/6/93Sf+v/1+i/z+6/z99ll9P/z/W+/X/+n/Wjdb/5+6/IW7x+/8AAAAwjdz9r45b7H8AAACYRu7+18Qt9j8AAABMI3f/a+OWJvv/bP3/bVcd/nn9//Ho/49+v/5f/6//1//r//X/S/T/vv+/5ffr//X/rBut/8/d/7q4pcn+BwAAgA5y978+brH/AQAAYBq5+98Qt9j/AAAAMI3c/W+MW5rs/5P//v/V+n/9v/4/rv5f/6//1//r/5fp//X/W36//l//z7rR+v/c/W+KW5rsfwAAAOggd/+b4xb7HwAAAKaRu/8tcYv9DwAAANPI3f/WuKXJ/j/5/t/3//X/59j/7+v/k/4//rnq//X/52Cr/f++/v+A/l//v+X36//1/6wbrf/P3X/jwdTrt/8BAACggxsP/vP03tviFvsfAAAAppG7/+1xi/0PAAAA08jd/464pcn+1//r/y95/+/7/0X/H/9c9f/6/3Ow1f7f9/8P6f/1/1t+v/5f/8+60fr/3P3vjFua7H8AAADoIHf/u+IW+x8AAACmEbv/8L/8bv8DAADAlN598J+n994TtzTZ/437/6svtP+/8n/+WP9/9Pv1/yfS/9945r97+n/9/5bo//X/S/T/+v8tv3+c/j9+cI3+n/GM1v/n7n9v3NJk/wMAAEAHufvfF7fY/wAAADCN3P03xS32PwAAAEwjd//745Ym+79x/z/J9//vc2u8QP8/b//v+/9x9f/6/6Po/yfo/2//f7/0//Xr6/+38/5x+n/f/2dco/X/ufs/ELc02f8AAADQQe7+D8Yt9j8AAABMI3f/h+IW+x8AAACmkbv/w3FLk/2v/996/+/7//p//b/+f2z6f/3/Et//1/9v+f36f/0/60br/3P3fyRuabL/AQAAoIPc/R+NW+x/AAAAmEbu/o/FLfY/AAAATCN3/8fjlib7X/+v/99V/3/7L6L/b9L/X3tF/vX6f/3/Xej/9f9L9P/6/y2/X/+v/2fdaP1/7v5PxC1N9j8AAAB0kLv/k3GL/Q8AAADTyN3/qbjF/gcAAIBp5O7/dNxwj7tduiedrFNn+Xnkuvp//b/v/+v/ff9f/79L+n/9/xL9v/5/y+/X/+v/WTda/5+7/zNxi9//BwAAgGnk7v9s3GL/AwAAwDRy938ubrH/AQAAYBq5+z8ftzTZ//p//b/+f7P9/5X6/zu/X/8/Jv2//n+J/l//v+X3H7v/v/no/339Px2M1v/n7v9C3NJk/wMAAEAHufu/GLfY/wAAADCN3P1filvsfwAAAJhG7v4vxy1N9r/+X/+v/99s/+/7/2e8X/8/Jv2//v/QLUf+VP+v/9/y+33/X//PutH6/9z9X4lbmux/AAAA6CB3/1fjFvsfAAAAppG7/2txi/0PAAAA08jd//W4pcn+1//r//X/+n/9v/5/l/T/+v8l+n/9/5bfr//X/7NutP4/d/834pYm+x8AAAA6yN3/zbjF/gcAAIBp5O7/Vtxi/wMAAMA0cvd/O25psv9n7v+X/jL9/yH9v/5/T/+v/98x/b/+f4n+X/+/5ffr//X/rBut/8/d/524pcn+BwAAgA5y9383brH/AQAAYBq5+2+OW+x/AAAAmEbu/u/FLU32/8z9/xL9/yH9v/5/T/+v/98x/b/+f4n+X/+/5ffr//X/rLtE/f+pvbP0/7n7vx+3NNn/AAAA0EHu/h/ELfY/AAAATCN3/w/jFvsfAAAAppG7/0dxyzz7/743LfxJ/f+J9/8H/xLp//X/e/p//b/+/4D+X/+/RP+v/9/y+/X/+n/Wjfb9/9z9P45b5tn/AAAA0MD+4p/N3f+TuMX+BwAAgGnk7v9p3GL/AwAAwDRy9/8sbmmy//X/vv+v/2/V/1++p//X/19k+n/9/xL9v/5/y+/X/+v/WTda/5+7/+dxSw6/q87n7xIAAAAYSe7+X8QtTX7/HwAAADrI3f/LuMX+BwAAgGnk7v9V3NJk/+v/9f/6/1b9v+//6/8vOv2//n+J/l//v+X3Z/+f/97p//X/3NVo/X/u/l/HLU32PwAAAHSQu/+WuMX+BwAAgGnk7v9N3GL/AwAAwDRy9/82bmmy//X/+n/9v/5f/6//3yX9v/5/if5f/7/l9/v+v/6fdaP1/7n7b41bmux/AAAA6CB3/+/iFvsfAAAAppG7//dxi/0PAAAA08jdf1vc0mT/6//1/1P2/1fo//X/+v9R6P/1/0v0//r/Lb9f/6//Z91o/X/u/j/ELU32PwAAAHSQu/+PcYv9DwAAANPI3f+nuMX+BwAAgGnk7v9z3NJk/+v/9f/n3v+fqr/vYft/3//X/+v/hzFv////+v+j+v/T5/b+E+j/D37Frfb/199w+GP9/zbfr//X/7NutP4/d/9f4pYm+x8AAAA6yN3/17jF/gcAAIBp5O7/W9xi/wMAAMA0cvf/PW5psv/1//r/Kb//r//X/+v/hzFv/+/7/77/7/v/+n/9v/6fNaP1/7n7/xG3NNn/AAAA0EHu/n/GLfY/AAAATCN3/7/iFvsfAAAAppG7/99xS5P9r//X/+v/9f/6f/3/Lun/9f9L9P/6/y2/X/+v/2fdaP1/7v7/BgAA///+4C6F")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)

689.0825ms ago: executing program 2 (id=4102):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFT_MSG_NEWSETELEM={0x54, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x28, 0x3, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x18, 0xb, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe8}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

539.165398ms ago: executing program 2 (id=4103):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x54, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x54}}, 0x0)

371.544468ms ago: executing program 2 (id=4104):
unshare(0x22020400)
bpf$OBJ_PIN_PROG(0x11, 0x0, 0x0)

362.541259ms ago: executing program 3 (id=4105):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0xc0, 0x49, 0x7fff0000}]})
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

259.226305ms ago: executing program 1 (id=4106):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001180)=@newsa={0x144, 0x10, 0x413, 0x70bd29, 0x0, {{@in=@remote, @in6=@private1, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x21}, {@in=@local, 0xfffffffc, 0x32}, @in6=@loopback={0x100000000000000}, {0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x9, 0x80000, 0x81}, {0x0, 0x5, 0x4, 0x4000006}, {0x0, 0xfffffff9, 0x80000}, 0x0, 0x0, 0x2, 0x1, 0x81, 0x61}, [@algo_aead={0x4c, 0x12, {{'authencesn(sha224-ce,pcbc(fcrypt-generic))\x00'}, 0x0, 0x80}}, @extra_flags={0x8, 0x18, 0x3}]}, 0x144}, 0x1, 0x0, 0x0, 0x612fc0b6c779297b}, 0x20000080)

251.496925ms ago: executing program 2 (id=4107):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x14, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x4, 0xf2}]}, 0x14}], 0x1, 0x0, 0x0, 0x1}, 0x0)

131.242473ms ago: executing program 2 (id=4108):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000280)={0xa, 0x0, 0x6, @dev={0xfe, 0x80, '\x00', 0xd}, 0xcc, 0x3}, 0x20)

128.532043ms ago: executing program 1 (id=4109):
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x10800, &(0x7f0000001180)=ANY=[], 0x1, 0x18c, &(0x7f0000000200)="$eJzskj2r01AYx38nyU2vohcFp7vYofgyaNNUxU3Huru5WNpYi6naJqAtBSMiHRzE0U/QryH4BXQQwbVzkeLiIpHzknCqH+Ge35B/nn+e85znOTmPs2nWAP7slgPuovA54qsQBMBFob2tp/WD0W9G32vhi8m7Z/w3Ro+z+SI0OU3Oa+NJP02TWRP4pbzayu689tiqUt93y4F8eQiUZVlKbwgynTNWjg9MrZzjAC6oIco6Rw4ig8tAO588b2fzxbXxpD9KRsnT2O/eim5E0c24/WicJpF+CmsLMwpSrwKNQ2rk9wPgrYl/so+wWpOcBnGKB/XasDrDI8G/eNbaSgWf6r4aYfW/4D6XkG29KKo60m2pKgFqpB4C3wSdwOpP73WoPlwfPEuHKwSiWrYmqGt0NhzUQWwH3dsFZ3WplSnZMtozuja6AXW1fvzevzJBIZ/vTHSlgJCX/TyfdeSc+k3wCsjzWexVXnyusA9M7vrR2x/us/ff2TocDofD4XA4HA7HSeNvAAAA//99JHhE")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)

1.29888ms ago: executing program 2 (id=4110):
r0 = socket(0xa, 0x801, 0x0)
getsockopt(r0, 0x0, 0x40, 0x0, &(0x7f00000000c0)=0x54)

0s ago: executing program 1 (id=4111):
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x22000c0, &(0x7f0000000180)={[{@codepage={'codepage', 0x3d, 'cp949'}}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}]}, 0x4, 0x335, &(0x7f0000000880)="$eJzs3U1r1E4cB/DvJNnd7L+l/9hWCp6kWvBU2npQvFikePENeJBibbdQGitoBS2I1bOIN0Hw6M2z6FvQi/gG9NSDeNJL8WBkJpPN7DqTfehDWvb7AXdjMg+/STLJzC7bgIgG1pWFr2/O78h/ogLAB3AJ8ACEQADgJCbC+xubHQvym0sCaU7xT5rljYYtawidIy8pQIBhYx0dkCRJkm8dU/08lFioPMLswQYPqOneqbaHhx7ZwdhO2zVYjCMsdrGLBxgpMxwiIiqfqKm7g6fvEsN6/O55wJQehx/3+3/L+Ga3vDiOhOb930v/nwi5f/5Xm+R8b20zbqykUzh59L1slmgry3pOJPnuriI9s/whY8hl1GKnYvHqq2txY3pbFfAUlzUj2bh6XUHWEMUVbTV9m7TMTQsUtb3YkGpDRbZhzhH/WFGN1gnwh+94aa9u8VMXMYmP4rNYFBFeYaU5/gsSIXeO2j9RW1dJ459xl6haGaWpWlqZh39CVXIqOwLv3+atrLv2a2ifkUAfR9E+fo+yOF9U3bkwitaPFdLWzbpbp3KNAYFQswYz11wz0W9rrvH2uuqrlbgxvXwndp30+8u6/8RzcV1M4gfeYcEY/3sy9RTcPbOllwuVUp8Zhe0JVMqoi2hVB77dU88k5aqzo7g9wy1cxMi9h1vrS3HcuFv+QtZV+sx+ep/jSU9EfTrKNfLdSINQLlQA7Fulf5IksW4K0HuBPnoNo6KaeuF13uSt9SWhr3l7a6C8crZtmncnBjAPQK/Jrgj91P64mauWF9hV9l/yaKs19hMyi+oQOkhWVcsmH7Wuekq9j0qvPVpfijteQY7xVIAy+UHHxI2yg6EyyHGXSOd/xnxlRl115EtUMP9JOhVulDjrmAGNqtf/upvBNYt1jhOHsoUOc64z54CzbTV6yGp80l5spOPEUfxWsvevMsQCvuAmP/8nIiIiIiIiIiIiIiIiIiIiIiIiIjpuev01Qj8/J2itcWcA//AGEREREREREREREREREREREREREREREdHeGM//BXz1xJiq7fm/RU9qUvz0gQDh3p//i8jv4vm/YruHVhKRzd8AAAD//+GuXfk=")
syz_mount_image$fuse(0x0, &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2000019, 0x0, 0xfc, 0x0, 0x0)

kernel console output (not intermixed with test programs):


[  231.049619][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.165059][T11091] XFS (loop2): Quotacheck: Done.
[  231.300173][ T5765] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  231.980798][T11160] xt_l2tp: missing protocol rule (udp|l2tpip)
[  232.110965][T11168] loop0: detected capacity change from 0 to 256
[  232.121656][T11170] loop1: detected capacity change from 0 to 512
[  232.146122][T11170] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  232.237120][    T8] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  232.453729][    T8] usb 3-1: config 0 has an invalid interface number: 36 but max is 0
[  232.467827][    T8] usb 3-1: config 0 has no interface number 0
[  232.487861][    T8] usb 3-1: New USB device found, idVendor=0733, idProduct=0430, bcdDevice=ce.72
[  232.516161][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.537569][    T8] usb 3-1: Product: syz
[  232.547208][    T8] usb 3-1: Manufacturer: syz
[  232.551847][    T8] usb 3-1: SerialNumber: syz
[  232.574344][    T8] usb 3-1: config 0 descriptor??
[  232.596733][    T8] gspca_main: spca505-2.14.0 probing 0733:0430
[  233.038763][    T8] gspca_spca505: reg write: error -71
[  233.044376][    T8] spca505: probe of 3-1:0.36 failed with error -5
[  233.081159][    T8] usb 3-1: USB disconnect, device number 19
[  233.274412][T11211] netlink: 'syz.3.2435': attribute type 30 has an invalid length.
[  233.315206][T11214] netlink: 'syz.0.2436': attribute type 13 has an invalid length.
[  233.336122][T11214] gretap0: refused to change device tx_queue_len
[  233.344182][T11214] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  233.510007][T11220] gretap1: entered allmulticast mode
[  233.597071][ T5776] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  233.790707][ T5776] usb 2-1: Using ep0 maxpacket: 16
[  233.809205][ T5776] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  233.827687][ T5776] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.844670][T11234] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2446'.
[  233.857826][ T5776] usb 2-1: config 0 descriptor??
[  233.865330][ T5776] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  234.075757][ T5776] usb 2-1: Detected FT232B
[  234.085453][T11243] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled
[  234.278774][ T5776] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  234.297398][ T5776] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  234.326673][ T5776] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  234.365050][ T5776] usb 2-1: USB disconnect, device number 12
[  234.399988][ T5776] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  234.435926][ T5776] ftdi_sio 2-1:0.0: device disconnected
[  234.898861][T11253] loop3: detected capacity change from 0 to 32768
[  234.937236][T11256] loop2: detected capacity change from 0 to 32768
[  235.025695][   T75] read_mapping_page failed!
[  235.039888][   T75] ERROR: (device loop3): txCommit: 
[  235.039888][   T75] 
[  235.076680][   T75] jfs_write_inode: jfs_commit_inode failed!
[  235.090873][T11268] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2462'.
[  235.504747][T11283] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2471'.
[  235.581027][T11285] netlink: 'syz.2.2470': attribute type 7 has an invalid length.
[  236.029773][T11299] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2477'.
[  236.256201][T11281] loop0: detected capacity change from 0 to 32768
[  236.308204][T11281] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  236.505948][T11281] XFS (loop0): Ending clean mount
[  236.525405][T11281] XFS (loop0): Quotacheck needed: Please wait.
[  236.629293][T11281] XFS (loop0): Quotacheck: Done.
[  236.700983][ T5767] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  236.842019][T11334] loop1: detected capacity change from 0 to 1024
[  236.992002][ T2909] hfsplus: b-tree write err: -5, ino 4
[  237.225542][T11344] usb usb8: usbfs: process 11344 (syz.1.2495) did not claim interface 0 before use
[  237.259244][T11346] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2491'.
[  237.282187][T11346] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2491'.
[  237.518616][T11360] netlink: 'syz.1.2504': attribute type 5 has an invalid length.
[  237.547654][ T5776] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  237.577718][T11360] ip6erspan0: entered promiscuous mode
[  237.750044][ T5776] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  237.766969][ T5776] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  237.798019][ T5776] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  237.816391][ T5776] usb 3-1: config 1 has no interface number 0
[  237.835853][ T5776] usb 3-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30
[  237.874655][ T5776] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32
[  237.917455][ T5776] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  237.945983][ T5776] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.974788][ T5776] usb 3-1: Product: syz
[  237.982535][ T5776] usb 3-1: Manufacturer: syz
[  237.988095][ T5776] usb 3-1: SerialNumber: syz
[  238.166507][T11387] netlink: 'syz.0.2517': attribute type 30 has an invalid length.
[  238.240775][   T28] audit: type=1326 audit(1771253567.398:3994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  238.307219][   T28] audit: type=1326 audit(1771253567.398:3995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  238.330477][   T28] audit: type=1326 audit(1771253567.398:3996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  238.353438][   T28] audit: type=1326 audit(1771253567.398:3997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  238.376165][   T28] audit: type=1326 audit(1771253567.398:3998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  238.411661][   T28] audit: type=1326 audit(1771253567.398:3999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  238.450545][   T28] audit: type=1326 audit(1771253567.398:4000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  238.495600][  T787] usb 3-1: USB disconnect, device number 20
[  238.501876][   T28] audit: type=1326 audit(1771253567.398:4001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  238.577569][   T28] audit: type=1326 audit(1771253567.398:4002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  238.702907][T11404] loop0: detected capacity change from 0 to 1024
[  239.047984][T11417] netlink: 800 bytes leftover after parsing attributes in process `syz.0.2531'.
[  239.062355][T11417] netlink: 1301 bytes leftover after parsing attributes in process `syz.0.2531'.
[  239.350012][T11428] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2537'.
[  239.376516][T11426] loop3: detected capacity change from 0 to 4096
[  239.390693][T11432] kAFS: No cell specified
[  239.395548][T11426] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  239.513123][T11434] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  239.544211][T11426] ntfs3: loop3: Failed to load $Extend (-22).
[  239.600516][T11426] ntfs3: loop3: Failed to initialize $Extend.
[  240.083441][T11458] qrtr: Invalid version 195
[  240.100222][T11456] loop0: detected capacity change from 0 to 4096
[  240.117036][T11456] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  240.209722][T11462] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2554'.
[  240.226330][T11462] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  240.296132][ T5817] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  240.328479][T11456] ntfs3: loop0: failed to convert "076c" to cp949
[  240.497106][ T5817] usb 4-1: Using ep0 maxpacket: 32
[  240.517098][ T5817] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  240.558691][T11470] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  240.569863][ T5817] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  240.587140][ T5817] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.605424][ T5817] usb 4-1: Product: syz
[  240.615949][T11470] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  240.619942][ T5817] usb 4-1: Manufacturer: syz
[  240.649289][ T5817] usb 4-1: SerialNumber: syz
[  240.678568][ T5817] usb 4-1: config 0 descriptor??
[  240.686268][ T5817] usb 4-1: bad CDC descriptors
[  240.700810][ T5817] usb 4-1: unsupported MDLM descriptors
[  240.859920][T11480] xt_hashlimit: size too large, truncated to 1048576
[  240.920339][ T5817] usb 4-1: USB disconnect, device number 17
[  241.412921][   T28] audit: type=1107 audit(1771253570.568:4003): pid=11500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  241.527566][  T787] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  241.727074][  T787] usb 3-1: Using ep0 maxpacket: 32
[  241.753384][  T787] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  241.784442][  T787] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  241.817058][  T787] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.825105][  T787] usb 3-1: Product: syz
[  241.847001][  T787] usb 3-1: Manufacturer: syz
[  241.851649][  T787] usb 3-1: SerialNumber: syz
[  241.869538][  T787] usb 3-1: config 0 descriptor??
[  241.875261][T11495] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  241.900852][  T787] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input15
[  242.117877][T11521] loop3: detected capacity change from 0 to 512
[  242.154086][T11521] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  242.175022][T11495] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  242.181567][T11495] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  242.194315][T11521] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  242.214263][T11521] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.2583: invalid indirect mapped block 2683928664 (level 1)
[  242.224359][T11503] loop0: detected capacity change from 0 to 32768
[  242.229300][T11495] vhci_hcd vhci_hcd.0: Device attached
[  242.305980][T11503] jfs_strtoUCS: char2uni returned -22.
[  242.317249][T11521] EXT4-fs (loop3): Remounting filesystem read-only
[  242.329886][T11522] vhci_hcd: connection closed
[  242.330923][  T787] usb 3-1: USB disconnect, device number 21
[  242.331606][ T2983] vhci_hcd: stop threads
[  242.335682][    C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  242.343180][T11503] charset = cp936, char = 0xd4
[  242.347844][T11521] EXT4-fs (loop3): 1 truncate cleaned up
[  242.371859][T11521] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.386334][ T2983] vhci_hcd: release socket
[  242.390966][ T2983] vhci_hcd: disconnect device
[  242.438190][ T5772] vhci_hcd: vhci_device speed not set
[  242.530930][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.125955][T11547] loop2: detected capacity change from 0 to 4096
[  243.137039][T11547] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  243.202607][T11547] ntfs3: loop2: failed to convert "c46c" to iso8859-6
[  243.212130][T11547] ntfs3: loop2: failed to convert "0030" to iso8859-6
[  243.231939][T11547] ntfs3: loop2: failed to convert "0031" to iso8859-6
[  243.257096][   T23] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  243.441627][T11560] binder: BC_ACQUIRE_RESULT not supported
[  243.451992][   T23] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  243.458193][T11560] binder: 11559:11560 ioctl c0306201 200000000040 returned -22
[  243.466244][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.489150][   T23] usb 2-1: Product: syz
[  243.493356][   T23] usb 2-1: Manufacturer: syz
[  243.508390][   T23] usb 2-1: SerialNumber: syz
[  243.524343][   T23] usb 2-1: config 0 descriptor??
[  243.599495][T11566] loop3: detected capacity change from 0 to 8
[  243.611054][T11566] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  243.640549][T11566] cramfs: Error -3 while decompressing!
[  243.651109][T11566] cramfs: ffffffff973f8368(26)->ffff88805a97d000(4096)
[  243.659121][ T5760] udevd[5760]: incorrect cramfs checksum on /dev/loop3
[  243.675415][T11566] cramfs: Error -3 while decompressing!
[  243.682277][T11566] cramfs: ffffffff973f8382(26)->ffff8880585de000(4096)
[  243.693198][T11566] cramfs: Error -3 while decompressing!
[  243.705421][T11566] cramfs: ffffffff973f839c(16)->ffff88807302c000(4096)
[  243.705815][ T5760] udevd[5760]: incorrect cramfs checksum on /dev/loop3
[  243.723854][T11566] cramfs: Error -3 while decompressing!
[  243.737887][T11566] cramfs: ffffffff973f8368(26)->ffff88805a97d000(4096)
[  243.763161][   T23] usb-storage 2-1:0.0: USB Mass Storage device detected
[  244.024736][  T787] usb 2-1: USB disconnect, device number 13
[  244.299622][   T28] audit: type=1326 audit(1771253573.458:4004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  244.361122][   T28] audit: type=1326 audit(1771253573.458:4005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  244.400474][T11597] loop2: detected capacity change from 0 to 64
[  244.403532][   T28] audit: type=1326 audit(1771253573.488:4006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  244.447094][T11597] hfs: unable to locate alternate MDB
[  244.462188][   T28] audit: type=1326 audit(1771253573.488:4007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  244.485862][T11597] hfs: continuing without an alternate MDB
[  244.491148][   T28] audit: type=1326 audit(1771253573.488:4008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  244.528737][T11601] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2619'.
[  244.580874][   T28] audit: type=1326 audit(1771253573.488:4009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  244.627577][   T28] audit: type=1326 audit(1771253573.488:4010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  244.687216][   T28] audit: type=1326 audit(1771253573.498:4011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  244.758239][   T28] audit: type=1326 audit(1771253573.498:4012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  245.037828][T11618] kcapi: manufacturer command 52776558133248 unknown.
[  245.101013][T11621] loop1: detected capacity change from 0 to 256
[  245.121479][T11615] loop3: detected capacity change from 0 to 4096
[  245.151524][T11621] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  245.243519][T11625] x_tables: unsorted underflow at hook 4
[  245.391721][T11615] ntfs3: loop3: ino=9, attr_set_size
[  245.670191][T11639] sg_write: data in/out 262268/45 bytes for SCSI command 0x7a-- guessing data in;
[  245.670191][T11639]    program syz.3.2637 not setting count and/or reply_len properly
[  245.832755][T11644] loop2: detected capacity change from 0 to 1764
[  246.075009][T11656] loop3: detected capacity change from 0 to 64
[  246.085457][T11655] binder: 11652:11655 ioctl c0306201 200000000380 returned -14
[  246.280421][T11663] loop0: detected capacity change from 0 to 64
[  246.397411][T11668] program syz.3.2651 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  246.940639][T11691] loop0: detected capacity change from 0 to 1024
[  246.965756][T11691] EXT4-fs: Ignoring removed bh option
[  246.981750][T11691] EXT4-fs: inline encryption not supported
[  247.012915][T11691] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  247.050815][T11691] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce028, mo2=0000]
[  247.111167][T11691] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 2: comm syz.0.2664: lblock 2 mapped to illegal pblock 2 (length 1)
[  247.179958][T11691] EXT4-fs (loop0): Remounting filesystem read-only
[  247.186519][T11691] Quota error (device loop0): qtree_write_dquot: dquota write failed
[  247.224769][T11691] EXT4-fs (loop0): 1 orphan inode deleted
[  247.254283][T11691] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.274290][ T5772] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  247.276758][T11691] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.471015][ T5772] usb 3-1: Using ep0 maxpacket: 32
[  247.498234][ T5772] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  247.541739][ T5772] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  247.567209][ T5772] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  247.586507][ T5772] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.607969][ T5772] usb 3-1: config 0 descriptor??
[  247.642654][ T5772] hub 3-1:0.0: USB hub found
[  247.649745][T11716] loop1: detected capacity change from 0 to 4096
[  247.679698][T11716] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  247.827435][ T5772] hub 3-1:0.0: 1 port detected
[  247.839773][T11716] ntfs3: loop1: failed to convert "076c" to cp949
[  248.034222][ T5772] hub 3-1:0.0: hub_hub_status failed (err = -71)
[  248.052969][ T5772] hub 3-1:0.0: config failed, can't get hub status (err -71)
[  248.068027][  T787] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  248.087411][ T5772] usbhid 3-1:0.0: can't add hid device: -71
[  248.097773][ T5772] usbhid: probe of 3-1:0.0 failed with error -71
[  248.148454][ T5772] usb 3-1: USB disconnect, device number 22
[  248.267843][  T787] usb 1-1: Using ep0 maxpacket: 32
[  248.285959][  T787] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  248.315342][  T787] usb 1-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  248.334720][  T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.366979][  T787] usb 1-1: Product: syz
[  248.371201][  T787] usb 1-1: Manufacturer: syz
[  248.391530][  T787] usb 1-1: SerialNumber: syz
[  248.410964][  T787] usb 1-1: config 0 descriptor??
[  248.429739][  T787] usb 1-1: bad CDC descriptors
[  248.435095][  T787] usb 1-1: unsupported MDLM descriptors
[  248.523563][T11738] loop1: detected capacity change from 0 to 1024
[  248.540209][T11738] EXT4-fs: Ignoring removed oldalloc option
[  248.546632][T11738] EXT4-fs: Ignoring removed orlov option
[  248.582649][T11738] EXT4-fs: Ignoring removed oldalloc option
[  248.591593][T11738] EXT4-fs: Ignoring removed nomblk_io_submit option
[  248.613227][T11738] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.655069][  T787] usb 1-1: USB disconnect, device number 14
[  248.728251][T11738] EXT4-fs error (device loop1): ext4_xattr_set_entry:1670: inode #13: comm syz.1.2686: corrupted xattr entries
[  248.744774][T11738] EXT4-fs (loop1): Remounting filesystem read-only
[  248.751921][T11738] EXT4-fs warning (device loop1): ext4_xattr_ibody_set:2277: inode #18: comm syz.1.2686: dec ref error=-5
[  248.820572][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.002382][T11750] netdevsim netdevsim2: Firmware load for '..' refused, path contains '..' component
[  249.029045][T11752] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2692'.
[  249.300360][T11764] loop3: detected capacity change from 0 to 64
[  249.343246][T11764] hfs: filesystem is marked locked, mounting read-only.
[  249.398986][T11764] hfs: filesystem is marked locked, leaving read-only.
[  249.737845][T11785] netlink: 'syz.0.2707': attribute type 1 has an invalid length.
[  249.997280][ T5776] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  250.187202][ T5776] usb 4-1: Using ep0 maxpacket: 8
[  250.203463][ T5776] usb 4-1: config 1 has an invalid interface number: 128 but max is 1
[  250.225938][ T5776] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  250.241806][ T5776] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  250.251126][ T5776] usb 4-1: config 1 has no interface number 0
[  250.264706][ T5776] usb 4-1: config 1 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  250.305459][ T5776] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  250.332357][ T5776] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.348747][ T5776] usb 4-1: Product: syz
[  250.352964][ T5776] usb 4-1: Manufacturer: syz
[  250.368782][ T5776] usb 4-1: SerialNumber: syz
[  250.389188][ T5776] cdc_wdm 4-1:1.128: skipping garbage
[  250.405305][ T5776] cdc_wdm 4-1:1.128: invalid descriptor buffer length
[  250.420229][ T5776] cdc_wdm: probe of 4-1:1.128 failed with error -22
[  250.474272][T11812] loop0: detected capacity change from 0 to 4096
[  250.522637][T11812] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  250.571439][T11821] delete_channel: no stack
[  250.653530][   T27] usb 4-1: USB disconnect, device number 18
[  250.792300][T11828] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2729'.
[  250.801903][T11828] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  251.008374][T11835] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2732'.
[  251.038356][T11835] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2732'.
[  251.550668][T11855] loop2: detected capacity change from 0 to 4096
[  251.591977][T11855] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  251.624576][ T5776] IPVS: starting estimator thread 0...
[  251.656128][T11855] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  251.676250][T11855] ntfs3: loop2: Failed to load $Extend (-22).
[  251.694590][T11855] ntfs3: loop2: Failed to initialize $Extend.
[  251.747206][T11867] IPVS: using max 26 ests per chain, 62400 per kthread
[  251.923851][T11875] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2751'.
[  251.964598][T11877] netlink: 'syz.1.2752': attribute type 1 has an invalid length.
[  252.004458][T11877] netlink: 232 bytes leftover after parsing attributes in process `syz.1.2752'.
[  252.392578][T11897] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2763'.
[  252.417116][T11897] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2763'.
[  252.540052][T11904] netlink: 'syz.1.2765': attribute type 1 has an invalid length.
[  252.847337][ T5776] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  252.996456][T11908] loop3: detected capacity change from 0 to 32768
[  253.017549][T11908] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.2767 (11908)
[  253.047184][ T5776] usb 1-1: Using ep0 maxpacket: 8
[  253.055041][ T5776] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  253.075697][ T5776] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  253.087204][T11908] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  253.106691][ T5776] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  253.125489][T11908] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  253.136014][ T5776] usb 1-1: SerialNumber: syz
[  253.140774][T11908] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  253.151838][T11908] BTRFS info (device loop3): use lzo compression, level 0
[  253.160130][ T5776] usb 1-1: config 0 descriptor??
[  253.165889][T11908] BTRFS info (device loop3): max_inline at 0
[  253.177495][T11908] BTRFS info (device loop3): using free space tree
[  253.186457][ T5776] usb 1-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  253.194933][ T5776] usb 1-1: Failed to create links for entity 255
[  253.207360][ T5776] usb 1-1: Failed to register entities (-22).
[  253.342072][T11908] BTRFS info (device loop3): enabling ssd optimizations
[  253.349188][T11908] BTRFS info (device loop3): auto enabling async discard
[  253.446222][T11947] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2779'.
[  253.448588][T11908] BTRFS error (device loop3: state M): unrecognized mount option 'ÿÿÿÿÿÿÿÿÿÿ0x0000000000000000ÿÿ18446744073709551615'
[  253.472619][ T5772] usb 1-1: USB disconnect, device number 15
[  253.558875][ T5766] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  254.297526][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  254.297540][   T28] audit: type=1800 audit(1771253583.448:4013): pid=11959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.3.2786" name="/" dev="sockfs" ino=26118 res=0 errno=0
[  254.373777][T11970] loop0: detected capacity change from 0 to 512
[  254.404419][T11972] loop1: detected capacity change from 0 to 16
[  254.407967][T11970] EXT4-fs: Ignoring removed mblk_io_submit option
[  254.466675][T11970] EXT4-fs (loop0): orphan cleanup on readonly fs
[  254.476259][T11970] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  254.507387][T11970] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.2789: attempt to clear invalid blocks 2 len 1
[  254.536441][T11972] erofs: (device loop1): mounted with root inode @ nid 36.
[  254.611967][T11970] EXT4-fs (loop0): Remounting filesystem read-only
[  254.617082][T11972] erofs: (device loop1): z_erofs_read_folio: read error -95 @ 8200 of nid 36
[  254.629401][T11970] EXT4-fs (loop0): 1 truncate cleaned up
[  254.636243][T11970] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  254.848837][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.067630][T11985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2795'.
[  255.099557][T11983] loop1: detected capacity change from 0 to 4096
[  255.513500][T12001] binfmt_misc: register: failed to install interpreter file ./file0
[  255.835548][T12019] loop2: detected capacity change from 0 to 256
[  255.878442][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  255.881434][T12019] exfat: Deprecated parameter 'namecase'
[  255.884766][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  255.958949][T12019] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18d51376, utbl_chksum : 0xe619d30d)
[  256.000577][T12024] loop1: detected capacity change from 0 to 256
[  256.069600][T12024] FAT-fs (loop1): Directory bread(block 64) failed
[  256.091932][T12024] FAT-fs (loop1): Directory bread(block 65) failed
[  256.136412][T12024] FAT-fs (loop1): Directory bread(block 66) failed
[  256.149442][T12024] FAT-fs (loop1): Directory bread(block 67) failed
[  256.156103][T12024] FAT-fs (loop1): Directory bread(block 68) failed
[  256.169451][T12024] FAT-fs (loop1): Directory bread(block 69) failed
[  256.176341][T12024] FAT-fs (loop1): Directory bread(block 70) failed
[  256.185785][T12024] FAT-fs (loop1): Directory bread(block 71) failed
[  256.210499][T12024] FAT-fs (loop1): Directory bread(block 72) failed
[  256.226588][T12024] FAT-fs (loop1): Directory bread(block 73) failed
[  256.325850][T12024] syz.1.2815: attempt to access beyond end of device
[  256.325850][T12024] loop1: rw=524288, sector=1128, nr_sectors = 32 limit=256
[  256.372240][T12024] syz.1.2815: attempt to access beyond end of device
[  256.372240][T12024] loop1: rw=0, sector=1128, nr_sectors = 8 limit=256
[  256.429938][   T28] audit: type=1800 audit(1771253585.588:4014): pid=12024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2815" name=E91F7189591E9233614B dev="loop1" ino=1048621 res=0 errno=0
[  256.755098][T12044] loop1: detected capacity change from 0 to 4096
[  256.783655][T12044] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  256.901088][T12044] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  256.919332][T12044] ntfs3: loop1: Failed to load $Extend (-22).
[  256.925456][T12044] ntfs3: loop1: Failed to initialize $Extend.
[  257.997092][   T27] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  258.199771][   T27] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  258.218018][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.247242][   T27] usb 4-1: config 0 descriptor??
[  258.340760][T12119] netlink: 'syz.0.2860': attribute type 3 has an invalid length.
[  258.467157][   T27] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00
[  258.486120][   T27] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  258.532123][T12127] loop0: detected capacity change from 0 to 1024
[  258.661277][   T27] [drm:udl_init] *ERROR* Selecting channel failed
[  258.713631][   T27] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2
[  258.742709][   T27] [drm] Initialized udl on minor 2
[  258.781597][   T27] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  258.808938][   T27] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  258.833034][   T23] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  258.855115][   T27] usb 4-1: USB disconnect, device number 19
[  258.869385][   T23] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  258.975070][T12143] netlink: 'syz.1.2872': attribute type 7 has an invalid length.
[  258.977222][T12139] loop2: detected capacity change from 0 to 64
[  258.983566][T12143] netlink: 'syz.1.2872': attribute type 8 has an invalid length.
[  258.997664][T12143] netlink: 'syz.1.2872': attribute type 15 has an invalid length.
[  259.163561][T12146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2873'.
[  259.340756][T12152] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2876'.
[  259.356619][T12154] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2877'.
[  259.632725][T12168] netlink: 9188 bytes leftover after parsing attributes in process `syz.2.2884'.
[  259.751363][T12174] loop1: detected capacity change from 0 to 256
[  259.785632][T12174] exfat: Deprecated parameter 'utf8'
[  259.824825][T12174] exfat: Deprecated parameter 'namecase'
[  259.932021][T12174] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x8b6193f0, utbl_chksum : 0xe619d30d)
[  260.334578][T12198] loop2: detected capacity change from 0 to 512
[  260.371690][T12200] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2900'.
[  260.399650][T12198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.624071][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.633662][T12211] loop1: detected capacity change from 0 to 1024
[  260.947826][T12225] Unsupported ieee802154 address type: 0
[  261.352110][   T28] audit: type=1326 audit(1771253590.508:4015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12239 comm="syz.2.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  261.406776][   T28] audit: type=1326 audit(1771253590.538:4016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12239 comm="syz.2.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  261.500601][   T28] audit: type=1326 audit(1771253590.588:4017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12239 comm="syz.2.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  261.564191][T12248] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2920'.
[  261.627548][   T28] audit: type=1326 audit(1771253590.588:4018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12239 comm="syz.2.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  261.695730][   T28] audit: type=1326 audit(1771253590.588:4019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12239 comm="syz.2.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  262.005871][T12264] trusted_key: encrypted_key: insufficient parameters specified
[  262.193335][   T28] audit: type=1326 audit(1771253591.348:4020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12272 comm="syz.2.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  262.217179][    T8] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  262.241698][   T28] audit: type=1326 audit(1771253591.378:4021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12272 comm="syz.2.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  262.301536][   T28] audit: type=1326 audit(1771253591.388:4022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12272 comm="syz.2.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  262.377736][   T28] audit: type=1326 audit(1771253591.388:4023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12272 comm="syz.2.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  262.441697][    T8] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  262.463884][    T8] usb 2-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  262.477751][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.485786][    T8] usb 2-1: Product: syz
[  262.495110][    T8] usb 2-1: Manufacturer: syz
[  262.501173][    T8] usb 2-1: SerialNumber: syz
[  262.518791][    T8] usb 2-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  262.710900][T12293] loop2: detected capacity change from 0 to 512
[  262.798566][T12293] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.827560][T12293] ext4 filesystem being mounted at /705/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.915913][T12293] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  262.935316][T12300] comedi comedi0: dmm32at: I/O port conflict (0x6,16)
[  262.993491][    T8] usb 2-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  263.057188][    T8] usb 2-1: USB disconnect, device number 14
[  263.085208][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.842793][T12341] netlink: 'syz.1.2963': attribute type 25 has an invalid length.
[  263.928735][T12343] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.2965' sets config #1
[  264.221040][T12354] loop2: detected capacity change from 0 to 1764
[  264.269492][T12357] loop3: detected capacity change from 0 to 1024
[  264.293945][ T5760] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  264.327102][T12357] hfsplus: bad catalog entry used to create inode
[  264.390303][T12354] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  264.425899][T12354] CIFS mount error: No usable UNC path provided in device string!
[  264.425899][T12354] 
[  264.449143][T12354] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  264.460984][ T2983] hfsplus: b-tree write err: -5, ino 4
[  264.844323][T12377] loop2: detected capacity change from 0 to 512
[  264.899825][T12377] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0002]
[  264.936757][T12377] System zones: 1-12
[  264.963567][T12377] EXT4-fs error (device loop2): dx_probe:823: inode #2: comm syz.2.2980: Directory hole found for htree index block 0
[  265.034427][T12377] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[  265.075529][T12377] EXT4-fs error (device loop2): dx_probe:823: inode #2: comm syz.2.2980: Directory hole found for htree index block 0
[  265.136369][T12377] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  265.163149][T12377] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.191655][T12367] loop0: detected capacity change from 0 to 32768
[  265.204918][T12377] EXT4-fs error (device loop2): dx_probe:823: inode #2: comm syz.2.2980: Directory hole found for htree index block 0
[  265.233236][T12367] (syz.0.2976,12367,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  265.264603][T12367] (syz.0.2976,12367,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  265.315142][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.385338][T12367] JBD2: Ignoring recovery information on journal
[  265.545890][T12399] loop2: detected capacity change from 0 to 1024
[  265.555206][T12399] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  265.599111][T12367] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  265.642298][T12399] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.707536][   T28] audit: type=1800 audit(1771253594.858:4024): pid=12399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2989" name="file1" dev="loop2" ino=15 res=0 errno=0
[  265.741543][T12399] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.2989: missing EA_INODE flag
[  265.831770][T12399] EXT4-fs (loop2): Remounting filesystem read-only
[  265.940853][T12410] netlink: 'syz.3.2995': attribute type 32 has an invalid length.
[  265.942221][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.982311][T12412] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2996'.
[  266.008485][T12412] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2996'.
[  266.097655][ T5767] ocfs2: Unmounting device (7,0) on (node local)
[  266.834662][T12445] netlink: 'syz.2.3011': attribute type 21 has an invalid length.
[  266.845930][T12445] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3011'.
[  266.908457][T12449] loop3: detected capacity change from 0 to 2048
[  266.954020][T12449] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.141261][T12461] netlink: 5 bytes leftover after parsing attributes in process `syz.0.3018'.
[  267.151236][T12461] 0ªX¹¦D: renamed from macvtap0 (while UP)
[  267.164316][T12461] 0ªX¹¦D: entered allmulticast mode
[  267.174529][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.179924][T12461] veth0_macvtap: entered allmulticast mode
[  267.197510][T12461] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  267.286371][T12463] loop2: detected capacity change from 0 to 4096
[  267.314897][T12463] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  267.418666][T12469] loop1: detected capacity change from 0 to 512
[  267.454083][T12463] ntfs3: loop2: failed to convert "c46c" to iso8859-2
[  267.502112][T12469] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.515671][T12469] ext4 filesystem being mounted at /759/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.555584][T12473] loop0: detected capacity change from 0 to 256
[  267.603802][T12469] Quota error (device loop1): do_check_range: Getting block 33554437 out of range 1-5
[  267.667776][T12469] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  267.702835][T12473] FAT-fs (loop0): Directory bread(block 64) failed
[  267.707144][T12469] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.3021: Failed to acquire dquot type 0
[  267.713021][T12473] FAT-fs (loop0): Directory bread(block 65) failed
[  267.732940][T12473] FAT-fs (loop0): Directory bread(block 66) failed
[  267.757340][T12473] FAT-fs (loop0): Directory bread(block 67) failed
[  267.775919][T12473] FAT-fs (loop0): Directory bread(block 68) failed
[  267.787627][T12473] FAT-fs (loop0): Directory bread(block 69) failed
[  267.803220][T12473] FAT-fs (loop0): Directory bread(block 70) failed
[  267.814129][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.823307][T12473] FAT-fs (loop0): Directory bread(block 71) failed
[  267.830719][T12473] FAT-fs (loop0): Directory bread(block 72) failed
[  267.836885][T12475] loop3: detected capacity change from 0 to 4096
[  267.837857][T12473] FAT-fs (loop0): Directory bread(block 73) failed
[  267.851360][T12475] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  267.932575][T12475] ntfs: (device loop3): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  267.957165][T12475] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  268.015628][T12475] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  268.037361][   T28] audit: type=1326 audit(1771253597.188:4025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.1.3027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  268.091277][T12475] ntfs: volume version 3.1.
[  268.130864][   T28] audit: type=1326 audit(1771253597.188:4026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.1.3027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  268.206139][   T28] audit: type=1326 audit(1771253597.218:4027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.1.3027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  268.306845][ T5766] ntfs: (device loop3): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  268.510854][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  268.671088][T12506] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3038'.
[  268.700572][T12510] loop2: detected capacity change from 0 to 512
[  268.728037][T12510] EXT4-fs: Ignoring removed orlov option
[  268.747704][T12510] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  268.771021][T12510] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  268.897776][T12510] EXT4-fs (loop2): 1 orphan inode deleted
[  268.903558][T12510] EXT4-fs (loop2): 1 truncate cleaned up
[  268.974292][T12510] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.080260][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.104414][T12505] loop1: detected capacity change from 0 to 32768
[  269.256097][T12505] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  269.343488][T12528] loop3: detected capacity change from 0 to 1024
[  269.490949][ T5768] ocfs2: Unmounting device (7,1) on (node local)
[  269.557100][    T8] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  269.655937][T12533] loop0: detected capacity change from 0 to 4096
[  269.663143][T12535] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3052'.
[  269.760598][    T8] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  269.773461][T12533] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  269.783307][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.838064][    T8] usb 3-1: config 0 descriptor??
[  270.062877][    T8] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00
[  270.092482][    T8] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  270.150347][T12547] loop1: detected capacity change from 0 to 128
[  270.195798][T12547] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  270.217508][T12547] ext4 filesystem being mounted at /767/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  270.262331][    T8] [drm:udl_init] *ERROR* Selecting channel failed
[  270.271323][ T5768] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  270.344554][T12552] loop0: detected capacity change from 0 to 4096
[  270.351632][T12554] ieee802154 phy0 wpan0: encryption failed: -22
[  270.354166][    T8] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2
[  270.385680][T12552] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  270.396743][    T8] [drm] Initialized udl on minor 2
[  270.443879][    T8] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  270.460117][    T8] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  270.468318][  T787] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  270.476685][  T787] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  270.486206][    T8] usb 3-1: USB disconnect, device number 23
[  270.527617][T12552] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[  270.778119][T12567] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  270.997603][ T5817] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  271.042868][T12577] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (2878)
[  271.055749][T12577] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  271.191398][ T5817] usb 4-1: Using ep0 maxpacket: 32
[  271.212676][ T5817] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  271.223838][ T5817] usb 4-1: config 0 has no interface number 0
[  271.247265][ T5817] usb 4-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  271.267851][ T5817] usb 4-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  271.303597][ T5817] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  271.324744][ T5817] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.340173][ T5817] usb 4-1: Product: syz
[  271.347272][ T5817] usb 4-1: Manufacturer: syz
[  271.351903][ T5817] usb 4-1: SerialNumber: syz
[  271.378039][ T5817] usb 4-1: config 0 descriptor??
[  271.383451][T12590] loop0: detected capacity change from 0 to 256
[  271.402593][ T5817] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  271.471230][T12593] loop1: detected capacity change from 0 to 1024
[  271.556501][T12593] hfsplus: inconsistency in B*Tree (128,1,255,1,0)
[  271.580086][T12593] hfsplus: xattr searching failed
[  271.595825][T12593] syz.1.3079: attempt to access beyond end of device
[  271.595825][T12593] loop1: rw=0, sector=917504, nr_sectors = 2 limit=1024
[  271.625221][ T5817] usb 4-1: qt2_setup_urbs - submit read urb failed -90
[  271.646417][T12593] Buffer I/O error on dev loop1, logical block 458752, async page read
[  271.657728][ T5817] quatech2: probe of 4-1:0.51 failed with error -90
[  271.665990][T12593] hfsplus: unable to mark blocks free: error -5
[  271.690658][T12593] hfsplus: can't free extent
[  271.883177][ T5776] usb 4-1: USB disconnect, device number 20
[  272.234719][T12617] loop1: detected capacity change from 0 to 2048
[  272.262564][T12617] EXT4-fs: Ignoring removed nomblk_io_submit option
[  272.275024][T12617] EXT4-fs: Ignoring removed nobh option
[  272.315108][T12617] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.501609][T12617] EXT4-fs error (device loop1): empty_inline_dir:1867: inode #12: block 5: comm syz.1.3091: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=7952, size=60 fake=0
[  272.536484][T12617] EXT4-fs (loop1): Remounting filesystem read-only
[  272.545549][T12617] EXT4-fs warning (device loop1): empty_inline_dir:1874: bad inline directory (dir #12) - inode 13, rec_len 7952, name_len 0inline size 60
[  272.682014][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.780549][T12641] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3101'.
[  272.906566][T12646] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3104'.
[  272.941416][T12646] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3104'.
[  273.141014][T12657] bad cache= option: no%e
[  273.141014][T12657] 
[  273.167408][T12657] CIFS: VFS: bad cache= option: no%e
[  273.393575][T12667] xt_hashlimit: invalid rate
[  273.437440][T12669] ipt_REJECT: TCP_RESET invalid for non-tcp
[  273.688503][T12675] netlink: 'syz.1.3121': attribute type 13 has an invalid length.
[  273.721622][T12675] netlink: 'syz.1.3121': attribute type 27 has an invalid length.
[  273.774991][T12677] loop3: detected capacity change from 0 to 4096
[  273.806421][T12677] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.858789][T12683] loop1: detected capacity change from 0 to 64
[  273.926628][T12683] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  273.960717][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.170377][T12665] loop2: detected capacity change from 0 to 32768
[  274.222843][T12665] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  274.412460][T12665] XFS (loop2): Ending clean mount
[  274.430066][T12665] XFS (loop2): Quotacheck needed: Please wait.
[  274.493572][T12665] XFS (loop2): Quotacheck: Done.
[  274.612612][T12705] loop3: detected capacity change from 0 to 1024
[  274.626881][ T5765] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  274.676665][T12705] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.728186][T12709] netlink: 'syz.0.3131': attribute type 10 has an invalid length.
[  274.734786][T12705] ext4 filesystem being mounted at /774/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  274.746689][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  274.746701][   T28] audit: type=1800 audit(1771253603.898:4034): pid=12683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3122" name="file1" dev="loop1" ino=5 res=0 errno=0
[  275.048168][T12709] infiniband !yz!: set down
[  275.054085][T12709] team0 (unregistering): Port device team_slave_0 removed
[  275.092258][T12709] team0 (unregistering): Port device team_slave_1 removed
[  275.128775][T12709] team0 (unregistering): Port device syz_tun removed
[  275.157735][    T8] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  275.357784][    T8] usb 4-1: Using ep0 maxpacket: 8
[  275.368405][    T8] usb 4-1: config 4 has an invalid interface number: 244 but max is 0
[  275.391516][    T8] usb 4-1: config 4 has no interface number 0
[  275.406342][    T8] usb 4-1: config 4 interface 244 altsetting 1 endpoint 0x1 has an invalid bInterval 41, changing to 7
[  275.430380][    T8] usb 4-1: config 4 interface 244 altsetting 1 endpoint 0x2 has invalid maxpacket 65267, setting to 1024
[  275.460488][    T8] usb 4-1: config 4 interface 244 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 1024
[  275.490273][    T8] usb 4-1: config 4 interface 244 has no altsetting 0
[  275.511756][    T8] usb 4-1: New USB device found, idVendor=05ac, idProduct=fa33, bcdDevice=cb.aa
[  275.537452][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.545501][    T8] usb 4-1: Product: syz
[  275.570142][    T8] usb 4-1: Manufacturer: syz
[  275.574816][    T8] usb 4-1: SerialNumber: syz
[  275.601298][T12726] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3139'.
[  275.622883][T12705] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  275.781709][T12733] loop0: detected capacity change from 0 to 1764
[  275.783708][T12731] loop2: detected capacity change from 0 to 1024
[  275.856838][    T8] ipheth 4-1:4.244: Unable to find endpoints
[  275.894798][T12731] hfsplus: inconsistency in B*Tree (128,1,255,1,0)
[  275.916575][    T8] usb 4-1: USB disconnect, device number 21
[  275.921848][T12731] hfsplus: xattr searching failed
[  275.940491][T12731] syz.2.3140: attempt to access beyond end of device
[  275.940491][T12731] loop2: rw=0, sector=917504, nr_sectors = 2 limit=1024
[  275.997093][T12731] Buffer I/O error on dev loop2, logical block 458752, async page read
[  276.047860][T12731] hfsplus: unable to mark blocks free: error -5
[  276.054164][T12731] hfsplus: can't free extent
[  276.063331][T12739] netlink: 248 bytes leftover after parsing attributes in process `syz.0.3152'.
[  276.351525][T12749] QAT: failed to copy from user.
[  276.508453][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.559037][T12759] (unnamed net_device) (uninitialized): up delay (129) is not a multiple of miimon (9), value rounded to 126 ms
[  276.705480][T12759] bond3: entered allmulticast mode
[  277.065707][T12782] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3165'.
[  277.139749][T12786] netlink: 'syz.0.3167': attribute type 1 has an invalid length.
[  277.229377][T12789] netlink: 'syz.3.3170': attribute type 10 has an invalid length.
[  277.281873][T12789] team0: Device veth1_macvtap failed to register rx_handler
[  277.487660][   T23] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  277.512879][   T28] audit: type=1326 audit(1771253606.668:4035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12801 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  277.573452][   T28] audit: type=1326 audit(1771253606.668:4036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12801 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  277.597240][   T28] audit: type=1326 audit(1771253606.668:4037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12801 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  277.620423][   T28] audit: type=1326 audit(1771253606.668:4038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12801 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  277.643034][   T28] audit: type=1326 audit(1771253606.668:4039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12801 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  277.666707][   T28] audit: type=1326 audit(1771253606.728:4040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12801 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  277.727064][   T23] usb 3-1: Using ep0 maxpacket: 8
[  277.752658][   T23] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  277.765916][   T23] usb 3-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54
[  277.787206][   T28] audit: type=1326 audit(1771253606.728:4041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12801 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  277.809873][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.818079][   T23] usb 3-1: Product: syz
[  277.822261][   T23] usb 3-1: Manufacturer: syz
[  277.826880][   T23] usb 3-1: SerialNumber: syz
[  277.832204][   T28] audit: type=1326 audit(1771253606.728:4042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12801 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  277.862343][   T23] usb 3-1: config 0 descriptor??
[  277.888061][   T23] cdc_phonet 3-1:0.0: invalid descriptor buffer length
[  277.894982][   T23] cdc_phonet: probe of 3-1:0.0 failed with error -22
[  277.912017][   T28] audit: type=1326 audit(1771253606.728:4043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12801 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  278.094510][   T23] usb 3-1: USB disconnect, device number 24
[  278.119695][T12821] ieee802154 phy0 wpan0: encryption failed: -22
[  278.341365][T12832] loop1: detected capacity change from 0 to 2048
[  278.389157][T12832] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  278.430978][T12832] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  278.453318][T12834] loop3: detected capacity change from 0 to 512
[  278.468616][T12834] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  278.479225][T12834] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  278.526108][T12834] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  278.555675][T12834] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  278.567254][T12834] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  278.575393][T12834] EXT4-fs (loop3): orphan cleanup on readonly fs
[  278.586127][T12834] EXT4-fs warning (device loop3): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  278.602294][T12834] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  278.612928][T12834] EXT4-fs (loop3): 1 truncate cleaned up
[  278.619652][T12839] xt_connbytes: Forcing CT accounting to be enabled
[  278.619926][T12834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  278.683924][T12839] xt_NFQUEUE: number of total queues is 0
[  278.688871][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.190696][T12858] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3202'.
[  279.232480][T12858] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3202'.
[  279.255778][T12861] loop1: detected capacity change from 0 to 2048
[  279.264800][T12858] netlink: 19 bytes leftover after parsing attributes in process `syz.2.3202'.
[  279.298403][T12864] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3206'.
[  279.320576][T12865] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  279.517155][   T23] usb 1-1: new full-speed USB device number 16 using dummy_hcd
[  279.733640][   T23] usb 1-1: config 8 has an invalid interface number: 177 but max is 0
[  279.747107][   T23] usb 1-1: config 8 has no interface number 0
[  279.753267][   T23] usb 1-1: config 8 interface 177 altsetting 9 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  279.792309][   T23] usb 1-1: config 8 interface 177 altsetting 9 endpoint 0x87 has invalid wMaxPacketSize 0
[  279.813895][   T23] usb 1-1: config 8 interface 177 has no altsetting 0
[  279.827432][   T23] usb 1-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[  279.836524][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.859877][T12862] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  279.947229][    T8] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  280.088384][   T23] usb 1-1: string descriptor 0 read error: -71
[  280.107314][   T23] ir_toy 1-1:8.177: required endpoints not found
[  280.130261][   T23] usb 1-1: USB disconnect, device number 16
[  280.157079][    T8] usb 3-1: Using ep0 maxpacket: 16
[  280.174425][    T8] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  280.203971][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.227282][    T8] usb 3-1: Product: syz
[  280.231495][    T8] usb 3-1: Manufacturer: syz
[  280.236104][    T8] usb 3-1: SerialNumber: syz
[  280.262736][    T8] r8152-cfgselector 3-1: config 0 descriptor??
[  280.271708][T12897] delete_channel: no stack
[  280.473886][T12905] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3226'.
[  280.597693][T12909] Cannot find add_set index 2 as target
[  280.704292][    T8] r8152-cfgselector 3-1: Unknown version 0x0000
[  280.733145][    T8] r8152-cfgselector 3-1: USB disconnect, device number 25
[  281.775494][T12966] loop2: detected capacity change from 0 to 64
[  281.801942][T12966] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  282.143621][T12971] loop3: detected capacity change from 0 to 4096
[  282.536155][T12981] netlink: 'syz.0.3263': attribute type 10 has an invalid length.
[  282.548299][T12963] loop1: detected capacity change from 0 to 32768
[  282.685461][T12963] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  282.717200][   T28] kauditd_printk_skb: 14 callbacks suppressed
[  282.717213][   T28] audit: type=1800 audit(1771253611.878:4058): pid=12966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3256" name="file1" dev="loop2" ino=5 res=0 errno=0
[  282.913800][ T5768] ocfs2: Unmounting device (7,1) on (node local)
[  283.064292][T12991] loop0: detected capacity change from 0 to 1024
[  283.575166][T13009] bridge2: entered promiscuous mode
[  283.600926][T13009] bridge2: entered allmulticast mode
[  283.618457][T13008] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3277'.
[  283.642788][T13008] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3277'.
[  284.297347][T13039] virtiofs: Unknown parameter 'always'
[  284.443114][T13046] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3296'.
[  284.453540][T13046] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3296'.
[  284.476114][T13046] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3296'.
[  284.505855][T13046] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3296'.
[  284.641698][T13049] loop2: detected capacity change from 0 to 4096
[  284.682672][T13049] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  284.691842][T13055] tmpfs: Bad value for 'mpol'
[  284.867348][   T23] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  284.939885][   T27] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  285.057974][   T23] usb 2-1: Using ep0 maxpacket: 8
[  285.075336][   T23] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  285.095365][   T23] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0
[  285.106020][   T23] usb 2-1: config 0 interface 0 has no altsetting 0
[  285.120804][   T23] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  285.137217][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.156084][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  285.165964][   T23] usb 2-1: Product: syz
[  285.173949][   T23] usb 2-1: Manufacturer: syz
[  285.178859][   T27] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  285.189596][   T23] usb 2-1: SerialNumber: syz
[  285.194691][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  285.207145][   T23] usb 2-1: config 0 descriptor??
[  285.212345][   T27] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  285.223480][   T27] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  285.239785][   T23] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found
[  285.252727][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.264126][   T27] usb 4-1: config 0 descriptor??
[  285.462330][   T23] snd_usb_toneport 2-1:0.0: cannot get proper max packet size
[  285.493692][   T27] hdpvr 4-1:0.0: firmware version 0x8 dated 
[  285.500935][   T23] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected
[  285.511452][   T23] snd_usb_toneport: probe of 2-1:0.0 failed with error -22
[  285.563487][T13067] loop0: detected capacity change from 0 to 32768
[  285.618989][T13067] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  285.651870][T13083] futex_wake_op: syz.2.3310 tries to shift op by 32; fix this program
[  285.701793][   T27] hdpvr 4-1:0.0: device init failed
[  285.708251][   T27] hdpvr: probe of 4-1:0.0 failed with error -12
[  285.750597][   T27] usb 4-1: USB disconnect, device number 22
[  285.782529][   T23] usb 2-1: USB disconnect, device number 15
[  285.832809][T13067] XFS (loop0): Ending clean mount
[  285.845076][T13085] loop2: detected capacity change from 0 to 128
[  285.853068][T13067] XFS (loop0): Quotacheck needed: Please wait.
[  285.892215][T13085] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  285.910132][T13067] XFS (loop0): Quotacheck: Done.
[  285.913387][T13085] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  285.984988][ T5767] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  286.214604][T13089] netlink: 'syz.2.3314': attribute type 3 has an invalid length.
[  286.312894][T13091] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3315'.
[  286.333897][T13091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3315'.
[  286.384072][T13091] tc_dump_action: action bad kind
[  286.654322][T13106] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  286.664396][T13099] loop0: detected capacity change from 0 to 4096
[  286.681430][T13106] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  286.707495][T13099] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  287.447157][T13136] ieee802154 phy0 wpan0: encryption failed: -90
[  287.485465][T13139] netlink: 84 bytes leftover after parsing attributes in process `syz.0.3338'.
[  287.694155][T13146] loop2: detected capacity change from 0 to 2048
[  287.760970][T13153] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  287.824136][T13146] NILFS error (device loop2): nilfs_check_page: bad entry in directory #2: disallowed inode number - offset=56, inode=6, rec_len=24, name_len=5
[  287.874769][T13146] Remounting filesystem read-only
[  287.937258][T13158] netlink: 'syz.1.3347': attribute type 1 has an invalid length.
[  288.265692][   T28] audit: type=1326 audit(1771253617.418:4059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.1.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  288.311648][   T28] audit: type=1326 audit(1771253617.448:4060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.1.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  288.401531][   T28] audit: type=1326 audit(1771253617.448:4061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.1.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  288.487452][   T28] audit: type=1326 audit(1771253617.448:4062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.1.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  288.549872][   T28] audit: type=1326 audit(1771253617.448:4063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.1.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  288.617061][   T28] audit: type=1326 audit(1771253617.448:4064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.1.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  288.627241][T13182] netlink: 1964 bytes leftover after parsing attributes in process `syz.1.3359'.
[  288.678291][   T28] audit: type=1326 audit(1771253617.448:4065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.1.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  288.731422][   T28] audit: type=1326 audit(1771253617.448:4066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.1.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  288.814709][   T28] audit: type=1326 audit(1771253617.448:4067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.1.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  288.886362][T13168] loop0: detected capacity change from 0 to 32768
[  288.945028][T13168] JBD2: Ignoring recovery information on journal
[  289.050490][T13168] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  289.209700][T13200] loop2: detected capacity change from 0 to 64
[  289.304339][T13200] Trying to free block not in datazone
[  289.327066][T13200] Trying to free block not in datazone
[  289.377286][ T5767] ocfs2: Unmounting device (7,0) on (node local)
[  289.564639][T13206] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3369'.
[  289.732609][T13190] loop1: detected capacity change from 0 to 32768
[  289.795996][T13212] loop0: detected capacity change from 0 to 4096
[  289.836402][T13190] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  289.902832][T13223] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  290.061945][T13190] XFS (loop1): Ending clean mount
[  290.119816][T13190] XFS (loop1): Quotacheck needed: Please wait.
[  290.215044][T13190] XFS (loop1): Quotacheck: Done.
[  290.482210][ T5768] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  290.585535][T13233] IPVS: set_ctl: invalid protocol: 233 172.30.1.3:20001
[  290.782106][T13237] loop0: detected capacity change from 0 to 1024
[  290.868598][T13237] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.972414][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.353111][T13258] netlink: 'syz.0.3389': attribute type 1 has an invalid length.
[  291.414312][T13260] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3388'.
[  291.717425][   T23] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  291.761045][T13275] loop1: detected capacity change from 0 to 1024
[  291.831204][T13275] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.917039][   T23] usb 3-1: Using ep0 maxpacket: 32
[  291.938642][   T23] usb 3-1: config 0 has an invalid interface number: 74 but max is 1
[  291.947275][ T5772] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[  291.985657][   T23] usb 3-1: config 0 has no interface number 1
[  292.047981][   T23] usb 3-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa
[  292.064857][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.075180][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.092734][   T23] usb 3-1: Product: syz
[  292.103346][   T23] usb 3-1: Manufacturer: syz
[  292.111426][   T23] usb 3-1: SerialNumber: syz
[  292.139497][   T23] usb 3-1: config 0 descriptor??
[  292.194187][ T5772] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[  292.217013][ T5772] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  292.239741][   T23] snd-usb-audio: probe of 3-1:0.74 failed with error -22
[  292.247930][ T5772] usb 1-1: config 0 has no interface number 0
[  292.254080][ T5772] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10
[  292.295092][ T5772] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[  292.306070][ T5772] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  292.339804][ T5772] usb 1-1: config 0 interface 52 has no altsetting 0
[  292.365064][ T5772] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  292.375655][ T7409] udevd[7409]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.74/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  292.411271][ T5772] usb 1-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  292.427358][ T5772] usb 1-1: Product: syz
[  292.431958][ T5772] usb 1-1: Manufacturer: syz
[  292.447082][ T5772] usb 1-1: SerialNumber: syz
[  292.468137][ T5772] usb 1-1: config 0 descriptor??
[  292.496284][   T23] usb 3-1: USB disconnect, device number 26
[  292.718812][ T5772] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  292.727743][ T5772] synaptics_usb: probe of 1-1:0.52 failed with error -5
[  292.925604][T13315] netlink: 'syz.1.3402': attribute type 9 has an invalid length.
[  292.964914][    T9] usb 1-1: USB disconnect, device number 17
[  293.383880][T13334] netlink: 'syz.2.3410': attribute type 2 has an invalid length.
[  293.645227][T13350] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3416'.
[  294.358913][T13371] loop2: detected capacity change from 0 to 4096
[  294.407102][T13371] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  294.615457][T13391] ieee802154 phy0 wpan0: encryption failed: -90
[  294.632348][T13371] ntfs3: loop2: failed to convert "c46c" to koi8-ru
[  294.795261][T13398] geneve2: entered promiscuous mode
[  294.797029][T13401] QAT: Device 9 not found
[  295.063081][T13413] loop2: detected capacity change from 0 to 512
[  295.106426][T13413] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  295.158905][T13413] EXT4-fs (loop2): orphan cleanup on readonly fs
[  295.190102][T13413] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:512: comm syz.2.3439: Block bitmap for bg 0 marked uninitialized
[  295.236832][T13412] loop3: detected capacity change from 0 to 4096
[  295.276983][T13412] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  295.339154][T13413] EXT4-fs (loop2): Remounting filesystem read-only
[  295.345859][T13413] EXT4-fs (loop2): 1 orphan inode deleted
[  295.381822][T13413] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  295.445134][T13413] loop2: Can't mount, would change RO state
[  295.566082][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.674713][T13412] ntfs3: loop3: ino=1e, "file1" ntfs_sync_inode failed, -22.
[  295.707429][T13412] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  295.897731][T13440] IPv6: NLM_F_REPLACE set, but no existing node found!
[  295.909941][   T11] ntfs3: loop3: ino=1e, ntfs3_write_inode failed, -22.
[  296.233021][T13454] netlink: 116 bytes leftover after parsing attributes in process `syz.0.3454'.
[  296.407203][T13461] IPVS: length: 218 != 24
[  297.022740][T13490] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3469'.
[  298.163470][T13546] snd_dummy snd_dummy.0: control 0:7841:0:syz0:0 is already present
[  298.396521][T13507] loop3: detected capacity change from 0 to 40427
[  298.427040][T13507] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  298.444834][T13507] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  298.481305][T13507] F2FS-fs (loop3): invalid crc value
[  298.506592][T13559] netlink: 5 bytes leftover after parsing attributes in process `syz.2.3495'.
[  298.528811][T13559] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  298.559873][T13507] F2FS-fs (loop3): Found nat_bits in checkpoint
[  298.720761][T13507] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  298.755011][T13507] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  298.807139][T13568] tmpfs: Bad value for 'mpol'
[  298.841923][T13572] geneve2: entered promiscuous mode
[  299.155665][T13580] tmpfs: Bad value for 'mpol'
[  299.298129][   T28] audit: type=1326 audit(1771253628.458:4068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13586 comm="syz.0.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  299.388475][   T28] audit: type=1326 audit(1771253628.478:4069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13586 comm="syz.0.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  299.466823][   T28] audit: type=1326 audit(1771253628.488:4070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13586 comm="syz.0.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  299.491611][   T28] audit: type=1326 audit(1771253628.488:4071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13586 comm="syz.0.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  299.597978][   T28] audit: type=1326 audit(1771253628.488:4072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13586 comm="syz.0.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  299.650472][   T28] audit: type=1326 audit(1771253628.488:4073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13586 comm="syz.0.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  299.734420][   T28] audit: type=1326 audit(1771253628.488:4074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13586 comm="syz.0.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  299.784713][   T28] audit: type=1326 audit(1771253628.488:4075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13586 comm="syz.0.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  299.859308][   T28] audit: type=1326 audit(1771253628.488:4076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13586 comm="syz.0.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  300.232690][T13588] loop1: detected capacity change from 0 to 32768
[  300.297674][T13588] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  300.485488][T13588] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  300.570774][T13588] XFS (loop1): Starting recovery (logdev: internal)
[  300.618058][T13588] XFS (loop1): Ending recovery (logdev: internal)
[  300.642401][T13588] XFS (loop1): AG 0: Corrupt btree 5 pointer at level 1 index 0.
[  300.677321][T13588] XFS (loop1): Failed to initialize disk quotas.
[  300.750154][T13588] XFS (loop1): AG 0: Corrupt btree 5 pointer at level 1 index 0.
[  300.845791][ T5768] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  301.027658][T13632] loop3: detected capacity change from 0 to 32768
[  301.064515][T13632] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.3528 (13632)
[  301.129743][T13632] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  301.165951][T13632] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  301.195782][T13632] BTRFS info (device loop3): using free space tree
[  301.321416][T13632] BTRFS info (device loop3): auto enabling async discard
[  301.400867][T13672] netlink: 209820 bytes leftover after parsing attributes in process `syz.1.3533'.
[  301.481535][ T5766] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  301.557012][ T5772] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  301.785159][ T5772] usb 1-1: Using ep0 maxpacket: 32
[  301.792775][ T5772] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  301.813272][ T5772] usb 1-1: config 0 has no interface number 0
[  301.848562][ T5772] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  301.877678][ T5772] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.892031][ T5772] usb 1-1: Product: syz
[  301.896331][ T5772] usb 1-1: Manufacturer: syz
[  301.905029][ T5772] usb 1-1: SerialNumber: syz
[  301.928160][ T5772] usb 1-1: config 0 descriptor??
[  302.007886][T13688] netlink: 7 bytes leftover after parsing attributes in process `syz.3.3546'.
[  302.052738][T13688] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3546'.
[  302.206611][ T5772] radio-si470x 1-1:0.35: this is not a si470x device.
[  302.405509][ T5772] radio-raremono 1-1:0.35: this is not Thanko's Raremono.
[  302.448878][ T5772] usb 1-1: USB disconnect, device number 18
[  302.673373][T13712] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  303.105502][T13731] loop0: detected capacity change from 0 to 256
[  303.297087][    T9] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  303.516998][    T9] usb 2-1: Using ep0 maxpacket: 16
[  303.530260][    T9] usb 2-1: config 3 has an invalid interface number: 12 but max is 0
[  303.540735][T13750] sctp: [Deprecated]: syz.0.3576 (pid 13750) Use of int in max_burst socket option deprecated.
[  303.540735][T13750] Use struct sctp_assoc_value instead
[  303.563686][    T9] usb 2-1: config 3 has no interface number 0
[  303.570626][    T9] usb 2-1: config 3 interface 12 has no altsetting 0
[  303.582247][    T9] usb 2-1: string descriptor 0 read error: -22
[  303.589239][    T9] usb 2-1: New USB device found, idVendor=a156, idProduct=e35a, bcdDevice=74.ff
[  303.605590][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.619210][    T9] usb-storage 2-1:3.12: USB Mass Storage device detected
[  303.717009][    T8] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  303.780461][T13760] loop3: detected capacity change from 0 to 8192
[  303.807380][T13760] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  303.841346][T13760] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  303.850841][T13760] REISERFS (device loop3): using ordered data mode
[  303.858365][T13760] reiserfs: using flush barriers
[  303.867710][T13760] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  303.888283][T13760] REISERFS (device loop3): checking transaction log (loop3)
[  303.897049][    T8] usb 3-1: Using ep0 maxpacket: 32
[  303.903158][ T5830] usb 2-1: USB disconnect, device number 16
[  303.909426][    T8] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  303.909456][    T8] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  303.910962][    T8] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  303.939896][    T8] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  303.955504][    T8] usb 3-1: Product: syz
[  303.960312][    T8] usb 3-1: Manufacturer: syz
[  303.971869][    T8] hub 3-1:4.0: USB hub found
[  304.080784][T13766] loop0: detected capacity change from 0 to 256
[  304.130486][T13766] FAT-fs (loop0): Directory bread(block 64) failed
[  304.136062][T13760] REISERFS (device loop3): Using tea hash to sort names
[  304.138284][T13766] FAT-fs (loop0): Directory bread(block 65) failed
[  304.144649][T13760] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  304.156399][T13766] FAT-fs (loop0): Directory bread(block 66) failed
[  304.173405][T13766] FAT-fs (loop0): Directory bread(block 67) failed
[  304.184195][T13766] FAT-fs (loop0): Directory bread(block 68) failed
[  304.187818][    T8] hub 3-1:4.0: config failed, hub doesn't have any ports! (err -19)
[  304.195479][T13766] FAT-fs (loop0): Directory bread(block 69) failed
[  304.212002][T13766] FAT-fs (loop0): Directory bread(block 70) failed
[  304.219041][T13766] FAT-fs (loop0): Directory bread(block 71) failed
[  304.225793][T13766] FAT-fs (loop0): Directory bread(block 72) failed
[  304.259782][T13766] FAT-fs (loop0): Directory bread(block 73) failed
[  304.557330][ T5830] usb 3-1: USB disconnect, device number 27
[  304.636256][T13772] loop1: detected capacity change from 0 to 764
[  305.196692][T13792] loop1: detected capacity change from 0 to 512
[  305.247946][T13792] EXT4-fs: Ignoring removed orlov option
[  305.253692][T13792] EXT4-fs: Ignoring removed mblk_io_submit option
[  305.294375][T13792] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  305.308253][T13784] loop0: detected capacity change from 0 to 32768
[  305.336263][T13784] (syz.0.3590,13784,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  305.339987][T13792] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.384900][T13792] ext4 filesystem being mounted at /905/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.385011][T13784] (syz.0.3590,13784,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  305.406673][T13792] EXT4-fs error (device loop1): ext4_search_dir:1549: inode #2: block 3: comm syz.1.3594: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0
[  305.444987][T13792] EXT4-fs (loop1): Remounting filesystem read-only
[  305.531855][T13784] JBD2: Ignoring recovery information on journal
[  305.548572][T13806] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3599'.
[  305.575534][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.687598][T13784] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  306.043554][T13823] xt_hashlimit: Unknown mode mask E2, kernel too old?
[  306.064473][ T5767] ocfs2: Unmounting device (7,0) on (node local)
[  306.462606][T13838] loop2: detected capacity change from 0 to 512
[  306.477555][T13839] loop0: detected capacity change from 0 to 1024
[  306.478953][T13835] loop1: detected capacity change from 0 to 4096
[  306.511683][T13835] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  306.555752][T13838] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.586802][T13838] ext4 filesystem being mounted at /862/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  306.597658][T13839] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0
[  306.608207][T13839] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  306.617824][T13839] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.3607: Failed to acquire dquot type 0
[  306.638984][T13839] EXT4-fs (loop0): 1 truncate cleaned up
[  306.645919][T13839] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.811745][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.844655][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.237549][T13863] vivid-006: disconnect
[  307.246524][T13862] vivid-006: reconnect
[  307.437660][T13871] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  307.730871][T13884] loop1: detected capacity change from 0 to 2048
[  307.771675][T13884] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  307.811935][T13890] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  307.844328][T13891] netlink: 'syz.0.3638': attribute type 3 has an invalid length.
[  308.030327][   T28] audit: type=1326 audit(1771253637.178:4077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13896 comm="syz.1.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  308.060781][T13895] loop2: detected capacity change from 0 to 256
[  308.115870][T13895] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  308.135760][   T28] audit: type=1326 audit(1771253637.178:4078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13896 comm="syz.1.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  308.161116][T13903] loop1: detected capacity change from 0 to 16
[  308.163153][   T28] audit: type=1326 audit(1771253637.188:4079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13896 comm="syz.1.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  308.213287][   T28] audit: type=1326 audit(1771253637.188:4080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13896 comm="syz.1.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  308.227334][T13895] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d)
[  308.244977][T13903] erofs: (device loop1): mounted with root inode @ nid 36.
[  308.317833][T13905] vim2m vim2m.0: Fourcc format (0x31384142) invalid.
[  308.328414][   T28] audit: type=1326 audit(1771253637.188:4081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13896 comm="syz.1.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82cdb9bf79 code=0x7ffc0000
[  308.370524][ T5778] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress 4876 in[4096, 0] out[9000]
[  308.403277][T13903] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress 4876 in[4096, 0] out[8192]
[  308.447905][   T28] audit: type=1800 audit(1771253637.608:4082): pid=13903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3644" name="file2" dev="loop1" ino=89 res=0 errno=0
[  308.588001][   T28] audit: type=1107 audit(1771253637.748:4083): pid=13908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='Ý—::—
[  308.588001][   T28] '
[  308.743792][T13917] loop1: detected capacity change from 0 to 512
[  308.795650][T13913] loop3: detected capacity change from 0 to 8192
[  308.815456][T13917] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  308.855671][T13917] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  308.855768][T13917] System zones: 0-1, 15-15, 18-18, 34-34
[  308.856143][T13917] EXT4-fs (loop1): orphan cleanup on readonly fs
[  308.856251][T13917] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[  308.856330][T13917] EXT4-fs warning (device loop1): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  308.856354][T13917] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  308.857159][T13917] EXT4-fs (loop1): 1 truncate cleaned up
[  308.858345][T13917] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  308.879225][T13913] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  308.879251][T13913] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  308.879916][T13913] REISERFS (device loop3): using journaled data mode
[  308.879928][T13913] reiserfs: using flush barriers
[  308.886153][T13917] fscrypt (loop1, inode 16): Error -61 getting encryption context
[  308.934767][T13913] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  308.935112][T13913] REISERFS (device loop3): checking transaction log (loop3)
[  308.937988][T13913] REISERFS (device loop3): Using r5 hash to sort names
[  308.938228][T13913] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  308.938273][T13913] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  309.026710][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.182325][T13928] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3656'.
[  309.201997][T13928] ip6tnl5: entered allmulticast mode
[  309.707166][    T8] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  309.795538][T13951] tmpfs: Bad value for 'mpol'
[  309.910415][    T8] usb 4-1: unable to get BOS descriptor or descriptor too short
[  309.932862][    T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  309.957042][    T8] usb 4-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  309.988997][    T8] usb 4-1: config 1 interface 0 has no altsetting 1
[  310.010789][    T8] usb 4-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  310.037602][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.045636][    T8] usb 4-1: Product: syz
[  310.053589][    T8] usb 4-1: Manufacturer: syz
[  310.061106][    T8] usb 4-1: SerialNumber: syz
[  310.099055][    T8] smsusb:smsusb_probe: board id=8, interface number 0
[  310.318854][    T8] smsusb:smsusb_probe: Device initialized with return code -19
[  310.471120][T13979] loop2: detected capacity change from 0 to 1024
[  310.534465][    T8] usb 4-1: USB disconnect, device number 23
[  310.675805][T13985] loop1: detected capacity change from 0 to 1024
[  310.722893][T13985] hfsplus: bad catalog entry type
[  310.802930][   T59] hfsplus: b-tree write err: -5, ino 4
[  310.806272][T13990] openvswitch: netlink: Actions may not be safe on all matching packets
[  311.268572][T14009] loop2: detected capacity change from 0 to 65
[  311.373466][T14009] BFS-fs: bfs_fill_super(): NOTE: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway
[  311.856144][T14033] loop3: detected capacity change from 0 to 256
[  311.901424][T14033] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  311.929522][T14035] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  311.992784][T14033] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d)
[  312.937030][   T23] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  313.137519][   T23] usb 3-1: Using ep0 maxpacket: 8
[  313.150871][   T23] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[  313.162392][T14071] loop1: detected capacity change from 0 to 32768
[  313.171936][   T23] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  313.194982][   T23] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  313.227116][   T23] usb 3-1: Product: syz
[  313.244294][   T23] usb 3-1: Manufacturer: syz
[  313.277074][   T23] usb 3-1: SerialNumber: syz
[  313.277133][T14071] XFS (loop1): Mounting V5 filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d in no-recovery mode. Filesystem will be inconsistent.
[  313.370869][T14071] XFS (loop1): Metadata corruption detected at xfs_dinode_verify+0x2e5/0x11d0, inode 0x1803 dinode
[  313.384691][T14071] XFS (loop1): Unmount and run xfs_repair
[  313.395003][T14071] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[  313.403396][T14071] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00  INA.............
[  313.427413][T14071] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  313.437377][T14071] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 e2 bf 3d  4.Xh....4.Xh...=
[  313.446309][T14071] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20  4.Xh...=....... 
[  313.477129][T14071] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  313.486097][T14071] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 ca e6 3d c1  ..............=.
[  313.517596][T14071] 00000060: ff ff ff ff 6e d0 e3 2d 00 00 00 00 00 00 00 04  ....n..-........
[  313.551608][T14071] 00000070: 00 00 00 03 00 00 00 10 00 00 00 00 00 00 00 06  ................
[  313.570283][   T23] usb 3-1: Handspring Visor / Palm OS: No valid connect info available
[  313.591902][   T23] usb 3-1: Handspring Visor / Palm OS: port 208, is for unknown use
[  313.607399][T14100] binfmt_misc: register: failed to install interpreter file ./bus
[  313.610383][   T23] usb 3-1: Handspring Visor / Palm OS: port 187, is for Console use
[  313.647118][   T23] usb 3-1: Handspring Visor / Palm OS: Number of ports: 2
[  313.660800][ T5768] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  313.805825][   T23] usb 3-1: palm_os_3_probe - error -71 getting bytes available request
[  313.814767][   T23] visor 3-1:1.0: Handspring Visor / Palm OS converter detected
[  313.857473][   T23] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  313.884676][   T23] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  313.923768][   T23] usb 3-1: USB disconnect, device number 28
[  313.954788][   T23] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  313.993341][   T23] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  314.015202][   T23] visor 3-1:1.0: device disconnected
[  314.021862][T14106] loop3: detected capacity change from 0 to 4096
[  314.059702][T14106] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  314.333155][T14112] loop0: detected capacity change from 0 to 4096
[  314.406132][T14112] ntfs: volume version 3.1.
[  314.918785][T14129] loop1: detected capacity change from 0 to 4096
[  314.958738][T14129] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.175546][T14146] loop3: detected capacity change from 0 to 2048
[  315.207411][T14129] EXT4-fs error (device loop1): ext4_empty_dir:3154: inode #12: block 80: comm syz.1.3749: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  315.252375][T14146] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  315.265454][T14129] EXT4-fs (loop1): Remounting filesystem read-only
[  315.301804][T14129] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #12: comm syz.1.3749: directory missing '..'
[  315.414998][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.790141][T14166] loop3: detected capacity change from 0 to 512
[  315.882572][T14166] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #3: comm syz.3.3766: corrupted inode contents
[  315.924996][T14175] loop0: detected capacity change from 0 to 512
[  315.932393][T14175] EXT4-fs: Ignoring removed nomblk_io_submit option
[  315.940516][T14175] EXT4-fs: Ignoring removed bh option
[  315.981281][T14166] EXT4-fs error (device loop3): ext4_dirty_inode:6124: inode #3: comm syz.3.3766: mark_inode_dirty error
[  315.992745][T14175] EXT4-fs error (device loop0): mb_free_blocks:1954: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  316.006839][T14166] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #3: comm syz.3.3766: corrupted inode contents
[  316.021688][T14166] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #3: comm syz.3.3766: mark_inode_dirty error
[  316.031877][T14175] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #11: comm syz.0.3770: corrupted inode contents
[  316.047166][T14166] __quota_error: 1 callbacks suppressed
[  316.047182][T14166] Quota error (device loop3): write_blk: dquota write failed
[  316.060494][T14166] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  316.071099][T14166] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.3766: Failed to acquire dquot type 0
[  316.095776][T14166] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #16: comm syz.3.3766: corrupted inode contents
[  316.138997][T14166] EXT4-fs error (device loop3): ext4_dirty_inode:6124: inode #16: comm syz.3.3766: mark_inode_dirty error
[  316.144606][T14175] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #11: comm syz.0.3770: mark_inode_dirty error
[  316.188039][T14166] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #16: comm syz.3.3766: corrupted inode contents
[  316.208298][T14184] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  316.229153][T14175] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.3770: invalid indirect mapped block 1 (level 1)
[  316.238570][T14166] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.3766: mark_inode_dirty error
[  316.247519][T14184] bond0: (slave lo): Error: Device can not be enslaved while up
[  316.262562][T14175] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #11: comm syz.0.3770: corrupted inode contents
[  316.279799][T14166] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #16: comm syz.3.3766: corrupted inode contents
[  316.310794][T14166] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  316.324774][T14175] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[  316.341968][T14175] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #11: comm syz.0.3770: corrupted inode contents
[  316.357612][T14166] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #16: comm syz.3.3766: corrupted inode contents
[  316.371313][T14175] EXT4-fs error (device loop0): ext4_truncate:4294: inode #11: comm syz.0.3770: mark_inode_dirty error
[  316.383683][T14166] EXT4-fs error (device loop3): ext4_truncate:4294: inode #16: comm syz.3.3766: mark_inode_dirty error
[  316.396426][T14175] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[  316.405552][T14166] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  316.420273][T14166] EXT4-fs (loop3): 1 truncate cleaned up
[  316.421541][T14175] EXT4-fs (loop0): 1 truncate cleaned up
[  316.427277][T14166] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.447287][T14166] ext4 filesystem being mounted at /933/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  316.478751][T14175] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.581263][T14175] EXT4-fs error (device loop0): ext4_find_dest_de:2115: inode #2: block 13: comm syz.0.3770: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0
[  316.611337][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.655833][T14192] netlink: 'syz.1.3780': attribute type 15 has an invalid length.
[  316.694882][T14192] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3780'.
[  316.736514][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.134021][T14212] loop3: detected capacity change from 0 to 64
[  317.155577][T14212] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
[  317.176632][T14212] hfs: filesystem is marked locked, mounting read-only.
[  317.320997][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  317.333980][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  317.766745][T14204] loop1: detected capacity change from 0 to 32768
[  317.868406][T14204] jfs_rename: dtInsert returned -EIO
[  317.900813][T14236] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  317.937145][T14238] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3801'.
[  317.960432][T14238] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3801'.
[  318.056775][T14238] ip6gretap2: entered allmulticast mode
[  318.330999][T14244] loop2: detected capacity change from 0 to 4096
[  318.367017][T14244] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[  319.593769][T14302] loop2: detected capacity change from 0 to 128
[  319.642723][T14302] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  320.076277][   T28] audit: type=1326 audit(1771253649.228:4085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14321 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  320.161687][   T28] audit: type=1326 audit(1771253649.228:4086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14321 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  320.176800][T14324] loop1: detected capacity change from 0 to 1024
[  320.232592][   T28] audit: type=1326 audit(1771253649.268:4087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14321 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  320.248562][T14324] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  320.255311][    C1] vkms_vblank_simulate: vblank timer overrun
[  320.315397][   T28] audit: type=1326 audit(1771253649.268:4088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14321 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  320.337974][    C1] vkms_vblank_simulate: vblank timer overrun
[  320.397632][T14324] hfsplus: filesystem is marked journaled, leaving read-only.
[  320.398936][   T28] audit: type=1326 audit(1771253649.268:4089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14321 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c719bf79 code=0x7ffc0000
[  320.959170][T14356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3859'.
[  321.621708][T14383] loop0: detected capacity change from 0 to 256
[  321.680538][T14383] FAT-fs (loop0): Directory bread(block 64) failed
[  321.697057][T14383] FAT-fs (loop0): Directory bread(block 65) failed
[  321.726167][T14383] FAT-fs (loop0): Directory bread(block 66) failed
[  321.761171][T14383] FAT-fs (loop0): Directory bread(block 67) failed
[  321.783813][T14383] FAT-fs (loop0): Directory bread(block 68) failed
[  321.807016][T14383] FAT-fs (loop0): Directory bread(block 69) failed
[  321.813698][T14383] FAT-fs (loop0): Directory bread(block 70) failed
[  321.826404][T14383] FAT-fs (loop0): Directory bread(block 71) failed
[  321.842441][T14383] FAT-fs (loop0): Directory bread(block 72) failed
[  321.855919][T14388] loop2: detected capacity change from 0 to 1024
[  321.865091][T14383] FAT-fs (loop0): Directory bread(block 73) failed
[  322.072533][T14396] 8021q: VLANs not supported on lo
[  322.137945][T14398] loop2: detected capacity change from 0 to 256
[  322.677162][ T5776] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  322.817955][T14422] loop1: detected capacity change from 0 to 128
[  322.854578][T14424] loop0: detected capacity change from 0 to 64
[  322.861206][ T5776] usb 3-1: Using ep0 maxpacket: 16
[  322.877474][ T5776] usb 3-1: config 3 has an invalid interface number: 201 but max is 0
[  322.888824][T14422] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  322.909072][ T5776] usb 3-1: config 3 has no interface number 0
[  322.915726][ T5776] usb 3-1: config 3 interface 201 has no altsetting 0
[  322.969657][ T5776] usb 3-1: New USB device found, idVendor=2c7c, idProduct=0191, bcdDevice=a4.e0
[  322.990544][ T5776] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.048607][ T5776] usb 3-1: Product: syz
[  323.053189][ T5776] usb 3-1: Manufacturer: syz
[  323.078718][ T5776] usb 3-1: SerialNumber: syz
[  323.185456][T14428] netlink: 4432 bytes leftover after parsing attributes in process `syz.3.3895'.
[  323.375011][ T5776] usb 3-1: USB disconnect, device number 29
[  323.377593][T14434] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  323.841452][T14450] loop0: detected capacity change from 0 to 2048
[  323.870752][T14450] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  324.066513][T14458] loop1: detected capacity change from 0 to 2048
[  324.122396][T14458] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  324.227043][   T28] audit: type=1800 audit(1771253653.378:4090): pid=14458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3908" name="bus" dev="loop1" ino=1367 res=0 errno=0
[  324.561610][T14479] loop2: detected capacity change from 0 to 256
[  324.668215][T14479] FAT-fs (loop2): Directory bread(block 64) failed
[  324.694862][T14479] FAT-fs (loop2): Directory bread(block 65) failed
[  324.719299][T14479] FAT-fs (loop2): Directory bread(block 66) failed
[  324.739122][T14479] FAT-fs (loop2): Directory bread(block 67) failed
[  324.745829][T14479] FAT-fs (loop2): Directory bread(block 68) failed
[  324.779424][T14479] FAT-fs (loop2): Directory bread(block 69) failed
[  324.786104][T14479] FAT-fs (loop2): Directory bread(block 70) failed
[  324.806735][T14479] FAT-fs (loop2): Directory bread(block 71) failed
[  324.821513][T14479] FAT-fs (loop2): Directory bread(block 72) failed
[  324.861660][T14479] FAT-fs (loop2): Directory bread(block 73) failed
[  324.953108][T14489] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  325.499115][T14508] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3933'.
[  326.149001][T14528] netlink: 'syz.0.3942': attribute type 1 has an invalid length.
[  326.156828][T14528] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.3942'.
[  326.218058][T14530] No source specified
[  326.265101][T14511] loop2: detected capacity change from 0 to 32768
[  326.363317][T14511] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  326.452379][T14511] XFS (loop2): Ending clean mount
[  326.510943][T14511] XFS (loop2): Quotacheck needed: Please wait.
[  326.661276][T14511] XFS (loop2): Quotacheck: Done.
[  326.786060][ T5765] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  327.251653][T14574] loop3: detected capacity change from 0 to 1024
[  327.288011][T14574] EXT4-fs: Ignoring removed nomblk_io_submit option
[  327.305555][T14574] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  327.314942][T14576] sctp: [Deprecated]: syz.0.3962 (pid 14576) Use of int in max_burst socket option.
[  327.314942][T14576] Use struct sctp_assoc_value instead
[  327.363524][T14574] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e055c01c, mo2=0002]
[  327.376637][T14574] System zones: 0-1, 3-36
[  327.402578][T14574] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.638095][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.639546][T14587] loop0: detected capacity change from 0 to 4096
[  327.746677][T14591] netlink: 'syz.1.3969': attribute type 1 has an invalid length.
[  327.771043][   T28] audit: type=1326 audit(1771253656.928:4091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.2.3970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  327.837166][   T28] audit: type=1326 audit(1771253656.928:4092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.2.3970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  327.926117][   T28] audit: type=1326 audit(1771253656.928:4093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.2.3970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  327.964929][   T28] audit: type=1326 audit(1771253656.928:4094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.2.3970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  327.987402][    C1] vkms_vblank_simulate: vblank timer overrun
[  328.024999][   T28] audit: type=1326 audit(1771253656.928:4095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.2.3970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  328.084539][   T28] audit: type=1326 audit(1771253656.928:4096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.2.3970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  328.106962][    C1] vkms_vblank_simulate: vblank timer overrun
[  328.118968][ T5830] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  328.153688][   T28] audit: type=1326 audit(1771253656.928:4097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.2.3970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  328.225023][   T28] audit: type=1326 audit(1771253656.928:4098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.2.3970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  328.294468][   T28] audit: type=1326 audit(1771253656.928:4099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.2.3970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f9244f9bf79 code=0x7ffc0000
[  328.357391][ T5830] usb 4-1: Using ep0 maxpacket: 16
[  328.373771][ T5830] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  328.384322][ T5830] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.398965][ T5830] usb 4-1: Product: syz
[  328.403211][ T5830] usb 4-1: Manufacturer: syz
[  328.416520][ T5830] usb 4-1: SerialNumber: syz
[  328.425732][ T5830] r8152-cfgselector 4-1: config 0 descriptor??
[  328.557107][   T23] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  328.663952][T14623] loop2: detected capacity change from 0 to 256
[  328.692763][T14623] FAT-fs (loop2): Directory bread(block 64) failed
[  328.717241][T14623] FAT-fs (loop2): Directory bread(block 65) failed
[  328.723904][T14623] FAT-fs (loop2): Directory bread(block 66) failed
[  328.735434][T14623] FAT-fs (loop2): Directory bread(block 67) failed
[  328.745444][T14623] FAT-fs (loop2): Directory bread(block 68) failed
[  328.756125][T14623] FAT-fs (loop2): Directory bread(block 69) failed
[  328.763918][   T23] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  328.774316][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.781069][T14623] FAT-fs (loop2): Directory bread(block 70) failed
[  328.784003][   T23] usb 1-1: Product: syz
[  328.793628][   T23] usb 1-1: Manufacturer: syz
[  328.798821][   T23] usb 1-1: SerialNumber: syz
[  328.807201][T14623] FAT-fs (loop2): Directory bread(block 71) failed
[  328.810054][   T23] usb 1-1: config 0 descriptor??
[  328.813851][T14623] FAT-fs (loop2): Directory bread(block 72) failed
[  328.858300][T14623] FAT-fs (loop2): Directory bread(block 73) failed
[  328.867845][ T5830] r8152-cfgselector 4-1: Unknown version 0x0000
[  328.876332][ T5830] r8152-cfgselector 4-1: USB disconnect, device number 24
[  329.041680][   T23] hso 1-1:0.0: Failed to find BULK IN ep
[  329.062695][   T23] usb-storage 1-1:0.0: USB Mass Storage device detected
[  329.210649][T14635] loop1: detected capacity change from 0 to 1024
[  329.289693][T14635] hfsplus: inconsistency in B*Tree (128,1,255,1,0)
[  329.297132][T14635] hfsplus: xattr searching failed
[  329.313859][T14635] hfsplus: inconsistency in B*Tree (128,1,255,1,0)
[  329.328516][ T5830] usb 1-1: USB disconnect, device number 19
[  329.341439][T14635] hfsplus: xattr searching failed
[  330.003840][T14661] bridge4: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[  330.127007][ T5830] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[  330.157505][T14647] loop2: detected capacity change from 0 to 32768
[  330.197965][T14647] ea_get: extended attribute size too large: 2617245744 > INT_MAX
[  330.340217][ T5830] usb 2-1: config index 0 descriptor too short (expected 61256, got 72)
[  330.349971][ T5830] usb 2-1: config 1 has an invalid interface number: 0 but max is -1
[  330.367558][ T5830] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  330.401958][ T5830] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 0
[  330.428609][ T5830] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  330.476369][ T5830] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  330.488739][ T5830] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  330.496790][ T5830] usb 2-1: SerialNumber: syz
[  330.514281][ T5830] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[  330.533233][ T5830] cdc_acm 2-1:1.0: This needs exactly 3 endpoints
[  330.541025][ T5830] cdc_acm: probe of 2-1:1.0 failed with error -22
[  330.556779][T14675] random: crng reseeded on system resumption
[  330.769187][  T787] usb 2-1: USB disconnect, device number 17
[  331.168223][T14694] loop3: detected capacity change from 0 to 128
[  331.403110][T14704] netlink: 'syz.0.4021': attribute type 21 has an invalid length.
[  331.754343][T14718] loop0: detected capacity change from 0 to 128
[  331.973908][T14724] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  332.109011][T14730] loop0: detected capacity change from 0 to 4096
[  332.120440][T14730] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  332.248651][T14730] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  332.642144][T14748] loop2: detected capacity change from 0 to 64
[  332.654297][ T5767] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22.
[  333.092677][T14764] loop3: detected capacity change from 0 to 128
[  333.323172][T14774] loop3: detected capacity change from 0 to 64
[  333.807061][ T5830] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[  333.999565][T14800] loop2: detected capacity change from 0 to 4096
[  334.008233][T14800] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  334.018764][ T5830] usb 1-1: config 0 has an invalid interface number: 172 but max is 0
[  334.036995][ T5830] usb 1-1: config 0 has no interface number 0
[  334.049770][ T5830] usb 1-1: New USB device found, idVendor=16d5, idProduct=650a, bcdDevice=83.b1
[  334.059716][ T5830] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.076840][ T5830] usb 1-1: Product: syz
[  334.087065][ T5830] usb 1-1: Manufacturer: syz
[  334.101385][T14800] ntfs3: loop2: Failed to initialize $Extend/$ObjId.
[  334.127348][ T5830] usb 1-1: SerialNumber: syz
[  334.140391][ T5830] usb 1-1: config 0 descriptor??
[  334.160544][ T5830] qmi_wwan 1-1:0.172: bogus CDC Union: master=0, slave=0
[  334.257644][T14808] netlink: 72 bytes leftover after parsing attributes in process `syz.3.4074'.
[  334.351503][T14810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4075'.
[  334.384039][ T5830] qmi_wwan: probe of 1-1:0.172 failed with error -22
[  334.444281][T14812] loop3: detected capacity change from 0 to 256
[  334.643646][ T5772] usb 1-1: USB disconnect, device number 20
[  334.685953][T14816] loop2: detected capacity change from 0 to 4096
[  334.716375][T14816] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  334.810813][T14816] ntfs: (device loop2): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  334.841942][T14816] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing.
[  334.868161][T14816] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  334.898455][T14816] ntfs: (device loop2): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  334.936396][T14816] ntfs: volume version 3.1.
[  335.055395][T14816] ntfs: (device loop2): ntfs_nlstoucs(): Name is too long (maximum length for a name on NTFS is 255 Unicode characters.
[  335.513694][T14825] loop3: detected capacity change from 0 to 32768
[  335.947330][ T5772] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  336.129796][ T5772] usb 1-1: Using ep0 maxpacket: 16
[  336.137731][ T5772] usb 1-1: config index 0 descriptor too short (expected 1068, got 27)
[  336.155543][ T5772] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  336.205471][ T5772] usb 1-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=7d.f9
[  336.230813][ T5772] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.247078][ T5772] usb 1-1: Product: syz
[  336.257482][ T5772] usb 1-1: Manufacturer: syz
[  336.267358][ T5772] usb 1-1: SerialNumber: syz
[  336.276448][T14862] comedi comedi0: fl512: I/O port conflict (0x3,16)
[  336.279336][ T5772] usb 1-1: config 0 descriptor??
[  336.472480][T14857] loop3: detected capacity change from 0 to 32768
[  336.591250][   T23] usb 1-1: USB disconnect, device number 21
[  336.969574][T14877] loop1: detected capacity change from 0 to 8
[  337.092945][T14879] loop1: detected capacity change from 0 to 64
[  337.156090][T14879] 
[  337.158468][T14879] ======================================================
[  337.165500][T14879] WARNING: possible circular locking dependency detected
[  337.172544][T14879] syzkaller #0 Not tainted
[  337.176979][T14879] ------------------------------------------------------
[  337.184009][T14879] syz.1.4111/14879 is trying to acquire lock:
[  337.190260][T14879] ffff888079d920b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0
[  337.200452][T14879] 
[  337.200452][T14879] but task is already holding lock:
[  337.207835][T14879] ffff88805c2f68f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380
[  337.218653][T14879] 
[  337.218653][T14879] which lock already depends on the new lock.
[  337.218653][T14879] 
[  337.229851][T14879] 
[  337.229851][T14879] the existing dependency chain (in reverse order) is:
[  337.239308][T14879] 
[  337.239308][T14879] -> #1 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}:
[  337.248531][T14879]        __mutex_lock+0x136/0xcc0
[  337.253583][T14879]        hfs_extend_file+0xff/0x1380
[  337.258901][T14879]        hfs_bmap_reserve+0x107/0x430
[  337.264464][T14879]        __hfs_ext_write_extent+0x1fa/0x470
[  337.270566][T14879]        hfs_ext_write_extent+0x17f/0x210
[  337.276310][T14879]        hfs_write_inode+0xdc/0x880
[  337.281526][T14879]        __writeback_single_inode+0x705/0xec0
[  337.287619][T14879]        writeback_sb_inodes+0x7cd/0xf50
[  337.293292][T14879]        wb_writeback+0x46a/0xbf0
[  337.298333][T14879]        wb_workfn+0x400/0xe60
[  337.303306][T14879]        process_scheduled_works+0xa5d/0x15d0
[  337.309463][T14879]        worker_thread+0xa55/0xfc0
[  337.314589][T14879]        kthread+0x2fa/0x390
[  337.319175][T14879]        ret_from_fork+0x48/0x80
[  337.324210][T14879]        ret_from_fork_asm+0x11/0x20
[  337.329500][T14879] 
[  337.329500][T14879] -> #0 (&tree->tree_lock/1){+.+.}-{3:3}:
[  337.337458][T14879]        __lock_acquire+0x2df1/0x7d40
[  337.342818][T14879]        lock_acquire+0x19e/0x420
[  337.347840][T14879]        __mutex_lock+0x136/0xcc0
[  337.352858][T14879]        hfs_find_init+0x17e/0x1f0
[  337.358083][T14879]        hfs_extend_file+0x361/0x1380
[  337.363550][T14879]        hfs_bmap_reserve+0x107/0x430
[  337.368918][T14879]        hfs_cat_create+0x1fe/0x6b0
[  337.374113][T14879]        hfs_mkdir+0x6c/0xe0
[  337.378694][T14879]        vfs_mkdir+0x296/0x440
[  337.383448][T14879]        do_mkdirat+0x1dc/0x450
[  337.388295][T14879]        __x64_sys_mkdirat+0x89/0xa0
[  337.393585][T14879]        do_syscall_64+0x55/0xa0
[  337.398523][T14879]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  337.405448][T14879] 
[  337.405448][T14879] other info that might help us debug this:
[  337.405448][T14879] 
[  337.415671][T14879]  Possible unsafe locking scenario:
[  337.415671][T14879] 
[  337.423112][T14879]        CPU0                    CPU1
[  337.428732][T14879]        ----                    ----
[  337.434171][T14879]   lock(&HFS_I(tree->inode)->extents_lock);
[  337.440152][T14879]                                lock(&tree->tree_lock/1);
[  337.447359][T14879]                                lock(&HFS_I(tree->inode)->extents_lock);
[  337.455935][T14879]   lock(&tree->tree_lock/1);
[  337.460703][T14879] 
[  337.460703][T14879]  *** DEADLOCK ***
[  337.460703][T14879] 
[  337.469002][T14879] 4 locks held by syz.1.4111/14879:
[  337.474180][T14879]  #0: ffff888029328418 (sb_writers#29){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  337.483413][T14879]  #1: ffff88805c2f7138 (&type->i_mutex_dir_key#13/1){+.+.}-{3:3}, at: filename_create+0x20c/0x480
[  337.494116][T14879]  #2: ffff88802c36e0b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0
[  337.503679][T14879]  #3: ffff88805c2f68f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380
[  337.515067][T14879] 
[  337.515067][T14879] stack backtrace:
[  337.520940][T14879] CPU: 1 PID: 14879 Comm: syz.1.4111 Not tainted syzkaller #0
[  337.528389][T14879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  337.538438][T14879] Call Trace:
[  337.541728][T14879]  <TASK>
[  337.544655][T14879]  dump_stack_lvl+0x18c/0x250
[  337.549327][T14879]  ? load_image+0x400/0x400
[  337.554044][T14879]  ? show_regs_print_info+0x20/0x20
[  337.559319][T14879]  ? print_circular_bug+0x12b/0x1a0
[  337.564542][T14879]  check_noncircular+0x2fc/0x400
[  337.569586][T14879]  ? look_up_lock_class+0x75/0x140
[  337.574963][T14879]  ? print_deadlock_bug+0x5d0/0x5d0
[  337.580299][T14879]  ? lockdep_lock+0xf5/0x230
[  337.584914][T14879]  ? _find_first_zero_bit+0xd3/0x100
[  337.590207][T14879]  __lock_acquire+0x2df1/0x7d40
[  337.595062][T14879]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  337.600946][T14879]  ? verify_lock_unused+0x140/0x140
[  337.606133][T14879]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  337.612022][T14879]  ? _raw_spin_unlock+0x40/0x40
[  337.616869][T14879]  ? stack_trace_save+0xaa/0x100
[  337.621794][T14879]  ? stack_trace_snprint+0xf0/0xf0
[  337.626892][T14879]  lock_acquire+0x19e/0x420
[  337.631386][T14879]  ? hfs_find_init+0x17e/0x1f0
[  337.636167][T14879]  ? hfs_extend_file+0x361/0x1380
[  337.641366][T14879]  ? hfs_bmap_reserve+0x107/0x430
[  337.646839][T14879]  ? do_syscall_64+0x55/0xa0
[  337.651439][T14879]  ? __might_sleep+0xe0/0xe0
[  337.656021][T14879]  ? read_lock_is_recursive+0x20/0x20
[  337.661398][T14879]  __mutex_lock+0x136/0xcc0
[  337.665999][T14879]  ? hfs_find_init+0x17e/0x1f0
[  337.671540][T14879]  ? hfs_find_init+0x17e/0x1f0
[  337.676386][T14879]  ? mutex_lock_nested+0x20/0x20
[  337.683251][T14879]  ? __kmem_cache_alloc_node+0x13a/0x250
[  337.689328][T14879]  ? hfs_find_init+0xa7/0x1f0
[  337.694197][T14879]  ? hfs_find_init+0xa7/0x1f0
[  337.698884][T14879]  ? __kmalloc+0xe2/0x230
[  337.703260][T14879]  hfs_find_init+0x17e/0x1f0
[  337.707857][T14879]  hfs_extend_file+0x361/0x1380
[  337.712705][T14879]  ? hfs_get_block+0xc50/0xc50
[  337.717635][T14879]  ? rcu_is_watching+0x15/0xb0
[  337.722392][T14879]  ? trace_contention_end+0x39/0xe0
[  337.727839][T14879]  ? __mutex_lock+0x315/0xcc0
[  337.733307][T14879]  ? mutex_lock_nested+0x20/0x20
[  337.738258][T14879]  hfs_bmap_reserve+0x107/0x430
[  337.743113][T14879]  hfs_cat_create+0x1fe/0x6b0
[  337.748562][T14879]  ? hfs_cat_build_key+0x170/0x170
[  337.753673][T14879]  ? _raw_spin_unlock+0x28/0x40
[  337.758526][T14879]  ? hfs_new_inode+0x92d/0xc00
[  337.763545][T14879]  hfs_mkdir+0x6c/0xe0
[  337.767601][T14879]  vfs_mkdir+0x296/0x440
[  337.771844][T14879]  do_mkdirat+0x1dc/0x450
[  337.776335][T14879]  ? vfs_mkdir+0x440/0x440
[  337.780749][T14879]  __x64_sys_mkdirat+0x89/0xa0
[  337.785706][T14879]  do_syscall_64+0x55/0xa0
[  337.791790][T14879]  ? clear_bhb_loop+0x40/0x90
[  337.796579][T14879]  ? clear_bhb_loop+0x40/0x90
[  337.801246][T14879]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  337.807220][T14879] RIP: 0033:0x7f82cdb9ae57
[  337.811659][T14879] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  337.831883][T14879] RSP: 002b:00007f82cbdf5e58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  337.840288][T14879] RAX: ffffffffffffffda RBX: 00007f82cbdf5ee0 RCX: 00007f82cdb9ae57
[  337.848776][T14879] RDX: 00000000000001ff RSI: 0000200000000080 RDI: 00000000ffffff9c
[  337.856742][T14879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  337.864784][T14879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000080
[  337.872741][T14879] R13: 00007f82cbdf5ea0 R14: 0000000000000000 R15: 0000000000000000
[  337.880807][T14879]  </TASK>