last executing test programs:

4.028506766s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$unix(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r4], 0x18}, 0x0)
sendmsg$unix(r2, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@rights={{0x14, 0x1, 0x1, [r4]}}], 0x18}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r4)
close(r5)

3.840831887s ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001840)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c8b07b09b5089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b971e800120b196b70b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a00639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a863fbd713acebc5b014e61a54045a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000243b000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda796b87a667aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e3000000000000000000000000000033719139434ddc258efe88d10fc1c93822ca11bc5bfd629e679141dca942bee88a0d96b20c3f4a1f8238f036d771b2eea804936018915c3c298a7ea5bac9c683c08ecabc0fe72d46f9d434e7b20f4e291a9291e48008ebf5761a41914cf0abf83f8c75a207f3db3e145f6b69e3cb420aa5fe4ce444d8501f8bd8de2cdd434e29a4d186ea95ea802beed403fa12fab9fff17a32ec70b90cbe2339b227bd929d87929f499b2ae1574e539d53ea452bc55a6ae8e47ccd1a6194a1e03cff1de20b71d12326ae06a525349a3e9a4079b413ee45e4a7b814db337875c40fad4adb54fd07302ab0b5e6f6227e6e74fa3f0f4cfe76ec3db95f57a535e3ebb8898afa0ea0338b0bd64cf3ac6357c5e3e74d22de4790b86e333fef3fa1d529c42699fd8f0510811f71418950d7e207039e4e3b7ea9244e145197f4041a492921782666bb51267ac7e5e2a07f6c0c7d983457241e0cb0a11a7cf359c94e50afa3863e0d5e5741482ea55bb03593029d07e6e935b979d0f7e687e4de36a0730e407e9f7cfd29fd50341751f4730262c2e20dc537f859afbf013ca3a487a99670aa2455d91285f8a3cf76cc8b0dcdcafdae76686500be8414c8f6e9698ef80d263560bb3aafaa35db34070310819e8377f35f95fc4d38e5c525042ffe52f7e4d6bc4b9ef318c4e26e2cfaf01f25c738c59682fb04e5a2f44fd53b2da2ee50c6877e1361d19a971a6a0fbeb95d65727fa3fd833f3004d3aac1e2189e84c952e85b2e522aa3a2f6c234b7be1d9d69d429e91517"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000380)='consume_skb\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0xe102})

3.614313806s ago: executing program 1:
r0 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
futex(0x0, 0x80, 0x0, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
readv(r1, 0x0, 0x0)
close(r1)
rt_sigreturn()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mlockall(0x1)
r2 = memfd_create(&(0x7f0000000640)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G4\xd7;\xedZ\x98\"\xf2\xe8\xb3\xf75\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\x99\xa8HOA\xc8\x80kR\xfc\xcb%u3\xec\xde%\x00\xb1\x9aF\xe2\xba[\xc7%\x88 \xeeQR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11)W\x9c\x82\x91\x17\xd8\xda@4\x9f\xc5\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9d\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D\x82`\xea\x16\xc6\xcef\xab\x05\x19\x96\xb9_6*-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xad\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Pu\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x929\t&\xbdq\x06`T\xc8\x92\xaf\xad#\xd8bY^\xfe\x00\x9f\xd5\xfa\x8b\r\xb8\xf4\xe6\xfd\xcbO_\x90\xeb\x05\x9f\t5\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xc8\xf6\xcaAvT\x1b\xe6\xb9\xe7\xff\xc5HUlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x01\x00\x00\x00{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[\xc5\xeb\xb1ux\x94\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00RXN9L\xc0\xcc=+\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00+q:3\xfa*\x98o\'f\xbcY\x8e?\xf9\x84y\x89Y\x1c]\xad$\x7fp\xf1\xa3\x99[\xff\x1f\x94\xc2\xdb\xbaG\xa6UD\x88Y6\x11Y\xd4\xd1\xde\x9a{]\xe2\x98W\xb9\x1b\x17<\x8b!?\x8e\xbc\xae\xf9\xcc\b\x90n\x15\x7f\xd5WS\xfbN\xec)B\xe7Rl\xfc.\x93\xe74\xab>\x9e\xd4%\x86z\xca\xad\x82\xd9IRV5\xa77\'\x1a\x1c\x89\xef:\xee\x10\xb2\xd6\xc8\xf4\xb5\xdd\xd8c!@JRY\xa3|Pjk\xdc\xa5d\xc2\xecn\xc9X\xfc\xd4D\x1b\"\xb2\x06\xbd&\xf86\xddXv\xc9\x1322L\xd6\x99\xf6\t\x9d\xbeZ\x02\xc0\xa41\xf9sNG\x02\x83\xe6Bl\xd2D\x9be&\xb5g\xc1\xf2o\x02\xfb[\x82\xc0I\xb7\xf6\xe5Z\xa1}\xee}\x8b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcd4\x94\x00\x15\xd1@\xf2\x0f}\x94)\xc5qc\xef\x87\x89c\xa4\"\xab3\xae\xbbqc\xf4m\x9dY\xb0\x11\x1e\x87B\xea\xf2\xe3RM2\xb4\b\xe5g\xeb~\xc3jX3\x1a\xa8r<\xca\xc6\x81}~O\x90\x0f\xb5\xa7\xf5\xaea)Mi}!^a\xd4\x82\xcc\xa6\xb5\xe9\xf8\x8b\x86\xdd~\x9aE\xd7\'z\x10\x93\xd2\x9e\xb8\x05(J\x06\x04\xaa\xecH\xa87\x00\x00\x00\x00\x00\x00D\xaef,\x00\x83\xec\xd5a\v\x86\xa5\x15\x19\x8a\x10\\TI\xd9z\xcc\x96\x81T\x86\xd0\xe0\x85\x1f\xbe\x00\xa4$\xed\x18RU \xaa\r\x19\xb1\xb5\xec\x16GTW\xa2\xc0\xcf\xf7;=\\s\xe5Y\xfdJ\x01\x9e\b\xf2\fKT\\.\xdc\xd1\x17oC9\x04h\xa4\x8f\xd309\a_\x96\xaff1@MW\xd1?\a\x8bg\xb7\xfc\"\x97\xe0\x88\xb5\xfb\x9e)\x13L\\>F>T\xfb\x1e\x13\xd3\x17`\xc1l\xaa\x9d\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
r3 = eventfd2(0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r2, 0x0)
fallocate(r2, 0x0, 0x0, 0x800000b)
fsetxattr(r3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0)
ioctl$TIOCSISO7816(0xffffffffffffffff, 0x5450, 0x0)

3.003964176s ago: executing program 2:
r0 = msgget$private(0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x40002021)
msgrcv(r0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r2, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
write$P9_RLOPEN(r2, 0x0, 0x0)
rt_sigreturn()
msgsnd(r0, &(0x7f0000000140)=ANY=[@ANYRESDEC], 0x28, 0x0)
write$9p(r2, 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0)

2.990776401s ago: executing program 3:
r0 = msgget$private(0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x22)
msgrcv(r0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r2, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
write$P9_RLOPEN(r2, 0x0, 0x0)
rt_sigreturn()
msgctl$IPC_RMID(r0, 0x0)
write$P9_RGETATTR(r2, 0x0, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x0)

2.773680785s ago: executing program 2:
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
poll(0x0, 0x0, 0x64)
pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r1, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
r2 = dup(r1)
write$P9_RGETATTR(r2, 0x0, 0x0)
close(r2)
openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x120001, 0x0)
rt_sigreturn()
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
fallocate(r3, 0x0, 0x0, 0x8020003)
fchown(r3, 0x0, 0x0)

2.684889793s ago: executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x541b, 0x0)

2.550463589s ago: executing program 4:
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
poll(0x0, 0x0, 0x100)
pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r1, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
write$cgroup_int(r3, &(0x7f0000000380), 0xffffff8d)
rt_sigreturn()
r4 = socket$unix(0x1, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000880)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
dup3(r5, r4, 0x0)
write$cgroup_freezer_state(r4, &(0x7f0000000080)='FROZEN\x00', 0xffffff5a)
socket$unix(0x1, 0x0, 0x0)

2.549616448s ago: executing program 3:
r0 = msgget$private(0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20)
r2 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
msgrcv(r0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r3, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
write$P9_RLOPEN(r3, 0x0, 0x0)
rt_sigreturn()
msgctl$IPC_RMID(r0, 0x0)
write$P9_RFLUSH(r3, 0x0, 0x0)
ioctl$TIOCSERGETLSR(r2, 0x5459, 0x0)

2.252617658s ago: executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
write$binfmt_script(r1, &(0x7f0000000340), 0xffffff46)
sendmsg$unix(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000001c0)='D', 0x1}], 0x1}, 0x0)
close(r1)
rt_sigreturn()
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x8020003)
futimesat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)

2.234146912s ago: executing program 4:
futex(&(0x7f0000000140)=0x2, 0x0, 0x2, &(0x7f0000000180)={0x0, 0x3938700}, 0x0, 0x0)
rt_sigreturn()
syz_read_part_table(0x4019, &(0x7f0000000000)="$eJzszzEOAUEAheE3G1FwA5fQqInSUbbRSTQaV1E5hkTjIC7gBBqSJRNBu99XzUtm/mTG1+MySZlu1u02L5rOedEkJcnssUv65/3Pl2R+SjL6JTLsjvZWvTP4WNjta6lvPdurw+T8z3sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLMDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQwAAACAMH/rPNoPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwUAAD//xe4ClM=")
syz_open_procfs(0x0, &(0x7f0000003080)='cmdline\x00')
r0 = semget$private(0x0, 0x2, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0x5}, {}], 0x2)

2.081040543s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000080))
r4 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_G_MODULATOR(r4, 0xc0445636, &(0x7f0000000040)={0x8, "ee22f67dc829c0c3d3e6c348a52d1f485cf6ad827da723359d4602397835a388"})
dup(r3)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000240)={0x1})

2.057858095s ago: executing program 4:
r0 = msgget$private(0x0, 0x0)
msgrcv(r0, 0x0, 0x0, 0x0, 0x0)
rt_sigreturn()
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x1c)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
msgsnd(r0, &(0x7f00000011c0)=ANY=[@ANYBLOB="02"], 0x28, 0x0)

1.778446037s ago: executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
memfd_create(0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000600)={<r1=>0x0, <r2=>0x0})
timerfd_settime(0xffffffffffffffff, 0x2, &(0x7f0000000700)={{r1, r2+10000000}}, &(0x7f0000000740))
r3 = memfd_create(&(0x7f0000000040)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o84I\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HO\x00\x00@\x00R\xfc\xcb%u3\xec\xde%\x9d\xe4\x1d\rD\x82S\x17?\xd6\xb1\x9aF\xe2\xba[\xc7QR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11\x17\xd8B@4\x9f\xc5*T\x1e^\xf7o\xff\xff\xff\xffw\x02\xf3\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\xa5\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\xae\xb8\x89>\xd6L/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D-\xf3\x8c\x9a\x15\x9c\x7f\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1$)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91\xec9\t&\xbdq\x06`\xe2\b\x00\x00\xad\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\xf1\x1b\xe6\xb9\xe7\xff\xc5H\x04\x93\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94\xfe2.{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[z\xb6>\xd3\xe7Y*\xdb\xa7h\nt\xddP\n\xc5\xeb\xb1ux\x94@\x00\x00g\x02D9\x83\xa7\x97\xf4\xb25wL\x97\xfb\xb9\xccj\xb3\x96\xc1!\xee`{\x87\xa8]\x86\x9cjF^+\xcc1l\xcbmA,5\xc4J\xcab\xa6\x91\xa0\xeaU\x92\x01\x1f,\xfa\x10\"+\x01\x00\x91\xe9\x1cz\xd1f\x901\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc6o\"\x85np\xba\x0e<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb8V\xe4\xa1C\x90\x17\xccCu\x1aY+\xa3c\xe4{\x9d\xf1\xbd\xb0\xca\x03\x96\x85h}\x8f\x1c)X\xc83rA\x90r\xb6\xba!;\x95\xaf\xe0\xcb\xec\xcf$\x02f\x8c4\x1aH\x8fC\xbfr\xd39\x92\x1fShu\x9e\b\xd4m\xa8\x16\x89\xd5\xae\xcb\x03ofQ\"\xf7F\x06\xe8$\xf1\xe5\x92\xe2O}.\x95A\x9bH\x8d\xa1\x80\x1b\x14u\xfdK\xce\xaf\x94i\xf1s\xf7\xb8Jq\xcb3=M\x84\x7f\x181/\x9bQ|4\xaf\xcf\r\xcfz Z\x19\xad_\x13\x99\xf7\xfd5D\xd3\x9d\x9d\xb8d5g\xf1\x84\xbd\xe5\xa2\xb3\xda\x82\x10n1\xed\xba\xe3\x96\x85\"\xb6\xa6n\xe7\xfd\xd4\a\x97\x85\x810/\xc4o\x11\xc8\x1b\xc0\f\xeec\xa4\x7f|P\x00\x00\x00\x000p\xaf\xfdk\xac\xcc\xac`\xc9\a<\xadIt\x9b\xeb\x8a\xfe\x9b\aO\xa5?h\xe1B\xa8C\b\x00\x00\x00\x94\x1bs\xf0\xa9>\x9e\xff\xc9\xd2\x00h\xcb\xfb\xb6Y\xbfp\xd8\x90\b\x00\x00\x00\x00\x00\x00\x00\xb6\x16Y\xf8sU\xae\xa2\b\x8cLq\n\x1f\x99t\xb6\xffozu\xa0B(\xe9?\xcdA\xba\xa8\x13Qc\xda\x16?\xe8z\x8f\x862!\xbf\xa4\xb8\x9bC\xe9Od\xe8\xd32m\x06RX\x7f\xf7\xc2\n\x94\xe5P:l\xd9\xd5\xbd\rH6-\x8a\x12m\xff\xe9\xa0\r\tk\xda\xa4q(\xae\\\xb6\x14I\xf7\xe0z\xf1<cN\xb6p\xd5\rb\xfa\xdf\v\x00X9\xcd\x00\x00\x83Fn\x9a{\x8e\x8c\xb9\xf7\xca`\xfc\xc2\xc7\xb6\xd5Ei\xed\x9f;\x00l\x02\xe9Y\b\xed-s\x8c\x0f\xf5\x90\x1a\x06c\xab\xa0\xc4\f\xc9Ws\xef8\x9f\x10O\xff:;\xdf\xa0\xc0\x16\xed\xb6\xfe4K\x11\x03(\xc9\xdeZhv}\xfc\x8d', 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r3, 0x0)
fallocate(r3, 0x0, 0x0, 0x8000007)
r4 = syz_open_procfs(0x0, &(0x7f00000040c0)='comm\x00')
ioctl$sock_SIOCSPGRP(r4, 0x8902, &(0x7f0000001280))
fdatasync(r0)

1.738005457s ago: executing program 4:
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x2, 0x0, 0x0)
syz_mount_image$jfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x208080, &(0x7f00000007c0)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0, @ANYBLOB=',resize,nodiscard,usrquota,errors=remount-ro,discard,resize=0x0000000000000000,gid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=continue,iocharset=macgaelic,uid=', @ANYRESHEX=0x0, @ANYBLOB=',noquota,grpquota,nointegrity,uid=', @ANYRESOCT=0x0, @ANYBLOB=',smackfstransmute=noquota,uid=', @ANYRESDEC=0x0, @ANYBLOB=',permit_directio,id=\x00\x00', @ANYRESDEC=0xee01, @ANYBLOB="2c6f626a5f757365723df326265b275d242c412c00"], 0x1, 0x61ac, &(0x7f0000006a80)="$eJzs3UtvHWf9B/DfnJsv+TeNuqj6jxBy23AppbmWECjQZAELNixQtihR6lYRKaAkoLSKiCtvWPAiQEgsEWLJihfQBVt2vAAi2UigrjpofJ7HGU/OybHr+ozt+XwkZ+Z3nhmfZ/I9cy6emfMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA//MGPLxQRceNX6YZTEf8X/YhexFJVr0TE0sqpvPwgIl6KreZ4MSKGCxHV+lv/PB/xZkR8fDLdFrF2cZf9+P6f//GHn5z40d//NDz337/c7781bbkHD377n78+2s8WAwAAQPeUZVkW6WP+6fT5vtd2pwCAuciv/2WSb1er1Wq1Wn386rpyskf1IiLW6utU7xkcjgeAI2YtPmm7C7RI/p02iIgTbXcCONSKtjvAgdjYfHirSPkW9deDlXF7PhdkR/5rxdZ6ef1J01ma55jM6/G1Hv14YUp/lubUh8Mk599r5n9j3D5Kyx10/vMyLf/R+NKnzsn595v5Nxyf/HsT8++qnP9gT/n35Q8AAAAAAIdY/vv/qZaP/y7sf1N25VnHf1fm1AcAAAAAAAAA+Lztd/y/bY3x//J5AMb/AwAAgPZVn9Urvzv55LZp38VW3X69iHiusTzQMelimeW2+wEAAAAAAAAAAAAAXTIYn8N7vYgYRsRzy8tlWVY/dc16r/a7/lHX9e2HLmv7SR4AAMY+Ptm4lr+IWIyI6+m7/obLy8tlubi0XC6XSwv5/exoYbFcqn2uzdPqtoXRLt4QD0Zl9csWa+vVzfq8PKu9+fuq+xqV/V10bD5aDBwAImL8arThFemYKcvno+13ORwNT+3/xdSvAOOIsP+zG20/TgEAAICDV5ZlWaSv8z6djvn32u4UADAX+fW/eVxArVar1Wr18avryske1YuIWKuvU71nMBw/ABwxa/FJ212gRfLvtEFEvNR2J4BDzQVBx9PG5sNbRcq3qL8epPHd87kgO/JfK7bWy+tPms7SPMdkXo+v9ejHC1P68+Kc+nCY5Px7zfxvjNtHabmDzn9epuVfbeepFvrTto3Na4Mq234z/4bjk39vYv5dlff/wZ7y7+86/ytT7lf+AAAAAABwcPLf/08dquO/o8+6OTM96/jvyoHdKwAAAAAAAAAcrI3Nh7fyda/5+P8XJizn+s/jKedfyL+Tcv69Rv5fbSzXr80/vvYk/39vPrz1x/v/+v883W3+C3mmSI+sIj0iinRPxSBN97N1T1sf9kfVPQ2LXn+Qzvkph+/G7bgTq3F+x7K99P/xpP3Cjvaqp8Ot9rI/br+4o32w3Z7Xv7SjfZjOdCqXcvvZuBU/jzvxzlZ71bYwY/sXZ7SXM9pz/n37fyfl/Ae1nyr/5dReNKaVxx/1ntrv69NJ93P19hd/c/7gN2em9ehvb1tdtX2vtNCfrf+TE6P45b3Vu2cf3Lx//+6FSJMdt16MNPmc5fyH6Wf7+f/VcXt+3q/vr48/Gu05/8NiPQZT83+1Nl9t72tz7lsbcv6j9JPzfye1T97/j3L+0/f/11voDwAAAAAAAAAAAAAAADxLWZZbl4he7UVcTtf/tHVtJgAwX1dj/PpfJvn2edX9Od+fWn3E6+KQ9Weu9afl4eqPWn0U67pysrfrRUT8rb5O9Z7h15N+GQBwmH0aEf9suxO0Rv4dlr/vr5qeabszwFzd++DDn968c2f17r22ewIAAAAAAAAAfFZ5/M+V2vjPZ8qyfNRYbsf4r9diZb/jfw7yzPYAo1MGqu7vfZueZb036vdqw42/HNPG/x5uzz1r/O/BjPsbzmgfzWhfmNG+OKN94oUeNTn/l2vjnZ+JiNON4de7MP5rc8z7Lsj5v1J7PFf5f6WxXD3/8vdHOf/ejvzP3X//F+fuffDhG7ffv/ne6nurP7t04cL5S5cvX7ly5dy7t++snh//22KPD1bOP4997TzQbsn558zl3y05/y+lWv7dkvP/cqrl3y05//x+T/7dkvPPn33k3y05/9dSLf9uyfl/LdXy75ac/+upln+35Py/nmr5d0vO/41Uy79bcv5nUy3/bsn5n0v1LvNfOuh+MR8bmw+3jrDnI1z2/27J+38+s0H+3ZLzv5hq+XdLzv9SquXfLTn/N1Mt/27J+X8j1fLvlpz/5VTLv1ty/t9Mtfy7Jed/JdXy75ac/7dSLf9uyfl/O9Xy75ac/1upln+35Py/k2r5d0vO/7upln+35Py/l2r5d0vO/+1Uy79bnnz/vxkzZszkmbafmQAAAAAAAAAAAACApnmcTtz2NgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb17jZHrrO8HfmZvXjshMRDyd/I3sHaMMc4mu77EF1oXE64NtxIIhV6wXe/aLPiG1y6BRrJRoETCqKiibXjRFhBq86bCqnhBq4DyArWqVIm0leANoqrEi6gKKCBVaivIVnPmeZ6dmT07s+sd2zPnfD5S/PPOnplz5swzs/td57sDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADTb8qbZz9WyLKv/l/+xMcturf99/cTG/LLX3+wjBAAAANbql/mfL9yeLji8gis1bfOPr/reNxcWFhayDw7/yeiXFhbSJyaybHRdluWfi67+x4dqzdsEj2fjtaGmj4e67H64y+dHunx+tMvnx7p8fl2Xz493+fySE7DE+sbPY/Ib25b/dWPjlGZ3ZKP557YVXOvx2rqhofiznFwtv87C6IlsLjuVzWbTLds3tq3l2z+9pb6vt2dxX0NN+9pcXyE/e+x4PIZaOMfbWva1eJvRT96YTfz8Z48d/6sLz99VNLuehpbbaxznjq314/xMuKRxrLVsXTon8TiHmo5zc8FjMtxynLX8evW/tx/nCys8zuHFw7yh2h/z8Wwo//uz+Xkaaf6xXjpPm8Nl/31PlmWXFw+7fZsl+8qGsg0tlwwtPj7jjRVZv436UnpZNrKqdbplBeu0Pme2ta7T9udEfPy3hOuNLHMMzQ/TTz491vS4/2LhWtZpVL/Xyz1X2tdgr58r/bIG47p4Nr/TTxSuwW3h/j+2ffk1WLh2CtZgut9Na3BrtzU4NDacH3N6EGr5dRbX4K6W7YfzPdXy+dz2zmtw6sLpc1Pzn/zUfXOnj52cPTl7Zs+uXdN79u07cODA1Im5U7PTjT+v8Wz3vw3ZUHoObA3nLj4HXtu2bfNSXfjq2JLX32t9Ho53eB5ubNu218/DkfY7V7sxT8ila7rx3Hh//aSPXxnKlnmO5Y/PzrU/D9P9bnoejjQ9Dwu/phQ8D0dW8Dysb3Nu58q+Zxlp+q/oGJb/WrC2NbixaQ22fz/SvgZ7/f1Iv6zB8bAufrhz+a8Fm8PxPjG52u9HhpeswXR3w2tP/ZL0/f74gXwUrcu765+4ZSy7OD97/v5Hj124cH5XFsYN8fKmtdK+Xjc03adsyXodWvV6PTz3qifuLrh8YzhX4/fV/xhf9rGqb7P3/s6PVf7Vrfh8tly6Owujx270+Sz6al4/n2NZ9uXvfvrhbz/25Tctez7refMzU2v/Xjzl0qbX39FlXn9j7n+xsb90U48Pj440nr/D6eyMtrwetz5UI/lrVy3f9wtTK3s9Hg3/3ejX4zs6vB5vatu216/Ho+13Lr4e17r9tGNt2h/P8bBOTk13fj2ub7Np92rX5EjH1+N7wqyF8/+6kBRSLmpaO8ut27SvkZHRcL9G4h5a1+melu1HQzar7+up3de2Tnfc07it4XTvFt2odTrRtm2v12n62ddy67TW7adv16b98RwP6+KOPZ3XaX2bZ/au/bVzffxr02vnWLc1ODo8Vj/m0bQI89f7bGF9XIP3Z8ezs9mpbCb/7Fi+nmr5viYfWNkaHAv/3ejXyk0d1uCOtm17vQbT17Hl1l5tZOmd74H2x3M8rIsnH+i8BuvbvHn/atbgQtfvXXeES9I2Td+7bmn6AXann3nd3XaartdaGQnH+d39nX82W9/m1IHV5szO5+necMktBeep/fm73HNqJlvpeaqt+TlVP87nDyx/nurHU9/mSwdXuJ4OZ1l26eMP5j/vDf++8rcXv//Nln93Kfo3nUsff/CnLznxD6s5fgAG34uNsaHxta7pX6ZW8u//AAAAwECIuX8ozET+BwAAgNKIuT/+X+GJ/A8AAAClEXP/SJhJRfL/pjc/P/fipSw18xeC+Pl0Gh5qbBc7rtPh44mFRfXLH/z67H/9/aWV7Xsoy7JfPPQHhdtveigeV8NEOM6rb2m9fIlv3reifR995FLab3N//Svh9uP9WekyKKrgTmdZ9vTtX8j3M/GhK/l85qGj+Xz48hOP17d54WDj43j9517e2P7PQ/n38IljLdd/LpyHH4c5/Y7i8xGv940rr9u8/wOL+4vXq229Lb/bT364cbvx9+R88fHG9vE8L3f83/78U9+ob//oa4qP/9JQ8fE/FW7362H+zysb2zc/BvWP4/U+G44/7i9e7/6vfafw+K9+rrH9ubc2tjsaZtz/jvDxtrc+P9d8vh6tHWu5X9nbGtvF/U9//4/yz8fbi7fffvzjR660nI/29fHMvzZuZ6pt+3h53E/0d237r99O8/qM+3/qD4+2nOdu+7/68HOvrN9u+/7vbdvu3Md35vtfvL3W39j0F5/9QuH+4vEc/ptzLffn8HvD8zjs/8kPh/UYPv+/Vxu31/7bFY6+t/X1J27/lY2XWu5P9PafN/Z/9Q0n87lufP2GW259yW2XX10/d1n27LrG7XXb/8m/PNty/F+9s3E+4udjR799/8uJ+z//ickzZ+cvzs2ks/rY7fnvznln43ji8d4eXlvbPz5y9sJHZs9PTE9MZ9lEeX+F3jX7Wpg/bYzLq73+zkfC43n3nz29Yfu/fD5e/oP3Ny6/8o7G163Xhu2+GC7fGB6/te7/yS135s/v2jONj1t67D2wedt/HljRhuH+t39fENf7uVd8JD8P9c/lXzfi83qNx/+jmcbtfCuc14Xwm5m33rm4v+bt4+9GuPK+xvN9zecvvMzFx/Wvw+P9rh83bj8eV7y/Pwrfx3xnU+vrXVwf37o01H77+W/xuBxeT7LLjc/HreL5vvLCnYWHF38PSXb5rvzjP063c9eq7uZy5j85P3Vq7szFR6cuzM5fmJr/5KeOnD578cyFI/nv8jzy0W7XX3x92pC/Ps3M7tub5a9WZxvjOrvZx3/ukeMz+6e3z8yeOHbxxIVHzs2eP3l8fv747Mz89mMnTsx+otv152YO7dp9cM/+3ZMn52YOHTh4cM/BybkzZ+uH0TioLvZNf2zyzPkj+VXmD+09uOuBB/ZOT54+OzN7aP/09OTFbtfPvzZN1q/9+5PnZ08duzB3enZyfu5Ts4d2Hdy3b3fX3wZ4+tyJ+Ymp8xfPTF2cnz0/1bgvExfyi+tf+7pdn3Ka//fG97Ptao1fxJe959596fez1n3908veVGOTtl8g+nz4XTT/9NJzB1byccz9o2EmFcn/AAAAUAUx94+Fmcj/AAAAUBox968LM5H/AQAAoDRi7h8PM6lI/i9d/3/TpRXtX/9f/7/5fOn/V6z//75+6/83Xi/0/3tD/78z/f8u9P+vpT8/Fv+i/6//r/9Pu37r/8fcvz7LKpn/AQAAoApi7t8QZiL/AwAAQGnE3H9LmMmq8v/CrT0+LAAAAKCHYu6/NcykIv/+r/+v/6//r/+v/1+8f/3/waT/35n+fxf6/1NZtd7//3Ivj1//X/+fpfqt/x9z/0vCTCqS/wEAAKAKYu6/LcxE/gcAAIDSiLn/9jAT+R8AAABKI+b+jWEmFcn/+v/6//r/+v/6/8X71/8fTPr/nen/d6H/f1PfP3/Qj1//X/+fpfqt/x9z/0vDTCqS/wEAAKAKYu5/WZiJ/A8AAAD9Z+TarhZz/8vDTJbk/2vcAQAAAHDTxdx/R9ZWBK/Iv//r/+v/6//r/+v/F+9/5f3/4Uz/v3/o/3em/9+F/r/+v/6//j891W/9/zz3Z+PZK8JMKpL/AQAAoApi7r8zzET+BwAAgNKIuf//hZnI/wAAAFAaMfdvCjOpSP7X/9f/1//X/9f/L96/9/8fTPr/nen/d6H/r/9f/v7/6x9e5vr6/1wP/db/j7n/rjCTiuR/AAAAqIKY++8OM5H/AQAAoDRi7v//YSbyPwAAAJRGzP2bw0wqkv/1//X/9f/1//X/i/ev/z+Y9P870//vQv9f/7/8/f9l6f9zPfRb/z/m/leGmVQk/wMAAEAVxNz/qjAT+R8AAABKI+b+V4eZyP8AAABQGjH3T4SZVCT/6//r/+v/6//r/xfv//r3/9els6r/3zv6/53p/3eh/6//r/+v/09P9Vv/P+b+LWEmFcn/AAAAUAUx928NM5H/AQAAoE+tW/U1Yu6/J8xE/gcAAIDSiLl/W5hJRfK//r/+v/6//r/+f/H+vf//YNL/70z/vwv9f/1//X/9f3qq3/r/Mfe/JsykIvkfAAAAqiDm/u1hJvI/AAAAlEbM/a8NM5H/AQAAoDRi7t8RZlKR/K//r/+v/6//r/9fvH/9/8Gk/9+Z/n8X+v/6//r/+v/0VL/1/2Puf12YSUXyPwAAAFRBzP07w0zkfwAAACiNmPvvDTOR/wEAAKA0Yu6fDDOpSP7X/9f/1//X/9f/L96//v9g0v/vTP+/C/1//X/9f/1/eqrf+v8x998XZlKR/A8AAABVEHP//WEm8j8AAACURsz9U2Em8j8AAACURsz902EmFcn/+v/6//r/+v+r6v+/evF29f8b9P/7i/5/Z8v3/9sOVf9f/1///yb1/0f1/ymVfuv/x9y/K8ykIvkfAAAAqiDm/t1hJvI/AAAAlEbM/XvCTOR/AAAAKI2Y+/eGmVQk/+v/6/9Xsv//A/1/7/+v/19W+v+d9f79/+Nd1P/X/9f/9/7/+v8s1W/9/5j7HwgzqUj+BwAAgCqIuX9fmIn8DwAAAKURc//+MBP5HwAAAEoj5v4DYSYVyf/6//r/lez/e/9//X/9/9LS/++s9/1/7/+v/79I/1//X/+fdv3W/4+5/2CYSUXyPwAAAFRBzP2vDzOR/wEAAKA0Yu7/lTAT+R8AAAAGz2jxxTH3/2qYSUXyv/6//r/+v/6//n/x/vX/B5P+f2f6/12suP//b5n+/1L6//r/+v+067f+f8z9h8JMKpL/AQAAoApi7v+1MBP5HwAAAEoj5v43hJnI/wAAAFAaMfcfDjOpSP7X/9f/1//X/9f/L97/Tez/H870/6+Z/n9n+v9deP9//X/9f/1/eqrf+v8x978xzKQi+R8AAACqIOb+B8NM5H8AAAAojZj73xRmIv8DAABAacTc/+Ywkyrk//rd1f/X/9f/1//X/y/cv/f/H0z6/53p/3eh/6//r/+v/09P9Vv/P+b+t4SZVCH/AwAAwECaWPU1Yu5/a5iJ/A8AAAClEXP/28JM5H8AAAAojZj73x5mUpH87/3/9f/1//X/9f+L96//P5jW2L9fqGWZ/n+m/6//r/+v/6//T2/0W/8/5v5fDzOpSP4HAACAKoi5/6EwE/kfAAAASiPm/neEmcj/AAAAUBox978zzKQi+V//X/9f/1//X/+/eP/6/4PJ+/93NmD9/1/eFi7X/2/Q/+/v4x+s/v/Cuvbr6/9zPfRb/z/m/neFmVQk/wMAAEAVxNz/7jAT+R8AAABKI+b+94SZyP8AAABQGjH3/0aYSUXyv/5//TgW28v6//r/+QX6//r/+v8DS/+/swHr/3v//zb6//19/IPV/1+qW/9/fZfr6/9TpN/6/zH3vzfMpCL5HwAAAKog5v6Hw0zkfwAAACiNmPvfF2Yi/wMAAEBpxNz//jCTiuR//X/v/6//r/+v/1+8f/3/waT/35n+fxf6//r/+v/e/5+e6rf+f8z9j4SZVCT/AwAAQBXE3P+BMBP5HwAAAEoj5v7fDDOR/wEAAKA0Yu7/YJhJRfK//v+g9P8n9P/1//X/2+6P/r/+fxH9/870/7vQ/9f/1//X/6en+q3/H3P/h8JMKpL/AQAAoApi7v+tMBP5HwAAAEoj5v7fDjOR/wEAAKA0Yu7/nTCTiuR//f9B6f97//9M/1//v+3+6P/r/xe5cf3/+Mqj/6//X9r+f31X+v9l7/+PLv5V/5/rod/6/zH3/26YSUXyPwAAAFRBzP0fDjOR/wEAAGAgFP0/2e1i7j8SZiL/AwAAQGnE3H80zKQi+V//X/9f/79P+/9/uvWff/i9dx/dpf+v/6//vyo39P3/60/+a37///WFl+r/6//3Uf/f+/9Xof/fRP+f66Hf+v8x9x8LM6lI/gcAAIAqiLn/98JM5H8AAAAojZj7j4eZyP8AAABQGjH3z4SZVCT/6//r/+v/92n/f4Df/z+ejwHo/w/f+P7/8Nr7//FFV/+/0A3t/39gsSfu/f9X2/8fK7xU/1//f5CPX/9f/5+l+q3/H3P/bJhJRfI/AAAAVEHI/UMnGnPxE/I/AAAAlEbM/SfDTOR/AAAAKI2Y+z8SZlKR/K//r/+v/6//7/3/i/fv/f8Hk/5/Z/3T/y+m/6//P8jHr/+v/89S/db/j7l/LsykIvkfAAAAqiDm/o+Gmcj/AAAAUBox938szET+BwAAgNKIuf9UmElF8r/+v/6//r/+v/5/8f71/weT/n9n+v9d6P/r/+v/6//TU/3W/4+5/3SYSUXyPwAAAFRBzP1nwkzkfwD+j707a7asPus4fhoburt4AV54470vgYvmWl+AF3hhFVpleSEq4qyA84jzPKDirGgCCSETmSfIRELmkHmeQ8hEUtUp+jzP02dYZ+1zuvfuXvv/fD43jx44rC11hPzS/a0FAMAwcvffFrfY/wAAADCM3P0/Gbc02f/6f/3/Cfv/O85sS/9/Xv9/1PP1//r/ken/5+n/V9D/6//1//p/1mpp/X/u/p+KW5rsfwAAAOggd/9Pxy32PwAAAAwjd//tcYv9DwAAAMPI3f8zcUuT/X+g/z+107P/z4xX/+/9//p//b/+f8td3f7/7mf/ybeR/v/W+P9z/f/u1/X/u/T/y/78+n/9P4ctrf/P3X9H3NJk/wMAAEAHuft/Nm6x/wEAAGAYuft/Lm6x/wEAAGAYuft/Pm5psv+9/9/7//X/+n/9//Tz9f/byfv/53Xq/29/4safeOqh73n4JM/fVP9/+tJfX/+/Qdf68+v/9f8ctrT+P3f/L8QtTfY/AAAAdJC7/xfjFvsfAAAAhpG7/5fiFvsfAAAAhpG7/5fjlib7X/+v/9f/6//1/9PP1/9vJ/3/vE79/+U83/v/9f8rP/+Zo79f/6//57Cl9f+5+38lbmmy/wEAAKCD3P2/GrfY/wAAADCM3P13xi32PwAAAAwjd/9dcUuT/a//1//r//X/+v/p5+v/t5P+f57+fwX9v/7f+//1/6zV0vr/3P13xy1N9j8AAAB0kLv/1+IW+x8AAACGkbv/1+MW+x8AAACGkbv/N+KWJvtf/6//1//r//X/08/X/28n/f88/f8K+v8r7eev1//r//X/7HXC/v+ZmX9sr6X/z93/m3FLk/0PAAAAHeTu/624xf4HAACAYeTu/+24xf4HAACAYeTu/524pcn+1//r//X/+n/9//Tz9f/bSf8/bzH9/6nTk1/W/299/+/9//p//T/7LO39/7n7fzduabL/AQAAoIPc/b8Xt9j/AAAAMIzc/b8ft9j/AAAAMIzc/X8QtzTZ/5vs/w82vAfp//X/+v9R+v8b9n29Q///8J7Pp/9fFv3/vMX0/0fQ/+v/t/nz6//1/xy2tP4/d/8fxi1N9j8AAAB0kLv/nrjF/gcAAIBh5O7/o7jF/gcAAIBh5O7/47ilyf6f7v8v/XHv/z8e/f/+z6//n/75WFf/n3/FTff/z9ri9//f7P3/Pen/5+n/V9D/6//1/0f1/+dWfb/+nylL6/9z9/9J3NJk/wMAAEAHufv/NG6x/wEAAGAYufv/LG6x/wEAAGAYufv/PG5psv83+f7/VfT/+v9m/X9l7eO9/3+/hfT/G33//85V7/9P6/+PSf8/T/+/gv5f/6//9/5/1mpp/X/u/r+IW5rsfwAAAOggd/9fxi32PwAAAGyHvb934OBvKA25+/8qbrH/AQAAYBi7u7/q3Ut/oMn+1//r//X/2/f+f/3/rl79v/f/H5f+f57+fwX9/yb6+dOD9f/3HvX9S+j/79T/szD7+v9HLn39WvX/f33xu87u/E3c0mT/AwAAQAe5+/82brH/AQAAYBi5+/8ubrH/AQAAYBi5+/8+bmmy/zfe/587+tn6f/2//l//r//X/6/bQP3/xR8R/f/u1/X/u7a0//f+f+//1/83tq//3+Na9f+5+/8hbmmy/wEAAKCD3P3/GLfY/wAAADCM3P33xi32PwAAAAwjd/8/xS1N9r/3/+v/9f/6f/3/9PP1/9tpoP7/Iv3/7tf1/7v0/8v+/Pp//T+HLa3/z93/z3FLk/0PAAAAHeTu/5e4xf4HAACAYeTuvy9usf8BAABgGLn7/zVuabL/9f+b7f/z6/p//f+O/v84/f/N+n/9/5Vq2/+fmvo30WFH9P+P/dhdP7D/K336//1/4/T/+n/9v/6ftVpE/3/h0n+6zN3/b3FLk/0PAAAAgzgz9wdz9/973GL/AwAAwDBy9/9H3GL/AwAAwDBy9/9n3NJk/+v/vf9f/6//X1D/7/3/+v8r1rb/Pybv/19B/6//1//r/1mrRfT/e/733P3/Fbc02f8AAADQQe7+/45b7H8AAAAYRu7+/4lb7H8AAAAYRu7+/41bmux//b/+X/+v/9f/Tz9f/7+d9P/z9P8r6P/1//p//T9rtbT+P3f//XFLk/0PAAAAHeTu/7+4xf4HAACAYeTu//+4xf4HAACAYeTuf07c0mT/6//1//p//b/+f/r5+v/tpP+fp//f2dl5YOYDTPX/F87o//X/+n/9P5dpaf1/7v7nxi1N9j8AAAB0kLv/gbjF/gcAAIBh5O5/MG6x/wEAAGAYufufF7c02f/6f/2//l//r/+ffr7+fzvp/+fp/1cY/f3/K34i9/bzT995y3n9v/5f/8+VWlr/n7v/+XFLk/0PAAAAHeTufyhusf8BAABgGLn7XxC32P8AAAAwjNz9D8ctTfa//l//r//X/+v/p5+v/99Om+v/d/T/Lfr/Gy6eYfv/Fa51P3+VPv/5TX1+/b/+n8OW1v/n7n9h3NJk/wMAAEAHuftfFLfY/wAAADCM3P0vjlvsfwAAABhG7v6XxC1N9r/+X/+v/9f/6/+nn6//307e/z9P/7/C6O//X6FJ/7+xz6//1/9z2NL6/9z9L41bmux/AAAA6CB3/yNxi/0PAAAAw8jd/7K4xf4HAACAYeTuf3nc0mT/r+j/L/0N0f/P0v/v//z6/+mfD/2//v9A/392R/+/dvr/efr/FfT/Y/b/1+0M1P+fO/L7r27/f/bQ9+v/mbK0/j93/yvilib7HwAAADrI3f/KuMX+BwAAgGHk7n9V3GL/AwAAwDBy9786bmmy/73/X/+v/9f/6/+nn+/9/9tJ/z9P/7+C/n/M/t/7/73/n2tmaf1/7v7XxC1N9j8AAAB0kLv/tXGL/Q8AAABbYvVvu8vd/7q4xf4HAACAYeTuf33c0mT/6//1//p//b/+f/r5+v/tpP+fp/9fQf+v/9f/6/9Zq6X1/7n73xC3NNn/AAAA0EHu/kfjFvsfAAAAhpG7/7G4xf4HAACAYeTuf2Pc0mT/6//1//r/7ez/z+r/9f/6/0lL6f9vuun7H9f/z33++26d+qr+X/+/zZ9f/6//57CN9f/xDSft/3P3vyluabL/AQAAoIPc/W+OW+x/AAAAWLzzx/zzcve/JW6x/wEAAGAYufvfGrc02f+H+//rd3YL1V1T/X80avr/PfT/+z+//n/658P7//X/+v/NW0r/7/3/l/f59f/6/23+/Cfq/7/38Pfr/xnR0t7/n7v/8bilyf4HAACADnL3vy1usf8BAABgGLn73x632P8AAAAwjNz9T8QtTfa/9//r//X/+n/9//Tz9f/bSf8/T/+/gv5f/+/9/7f9yHfp/1mfpfX/ufvfEbccY/hdt/pPAQAAABYgd/8745bp/T/1y7wAAADAwuXuf1fc0uT3/wMAAEAHufvfHbc02f/6f/2//l//r/+ffr7+fzvp/+fp/1fQ/+v/9f/e/89aLa3/z93/nrilyf4HAACADnL3vzdusf8BAABgGLn73xe32P8AAAAwjNz9749bmux//b/+f/z+/4f1/weer//X/49M/5//Rp+m/19B/6//1//r/1mrpfX/ufufjFua7H8AAADoIHf/B+IW+x8AAACGkbv/g3GL/Q8AAADDyN3/obilyf7X//fq/0/tdOz/vf9f/6//70T/P0//v4L+X/+v/9f/s1ZL6/9z9384bmmy/wEAAGBb/eD3/fiTx/1zc/d/JG6x/wEAAGAYufs/GrfY/wAAADCM3P0fi1ua7H/9f6/+v+f7//X/+n/9fyf6/3n6/xX0//p//b/+n7VaWv+fu//jccue4Xf6xP9XAgAAAEuSu/8TcUuTX/8HAACADnL3fzJuObT/Lxzzd7UDAAAAS5O7/1NxS5Nf/9f/L7z/39H/6//1//p//f9J6P/nXWH/f+GU/l//P0P/r//X/3PQ0vr/3P2fjlua7H8AAAAY1L7/RiF3/2fiFvsfAAAAhpG7/7Nxi/0PAAAAw8jd/7m4pcn+1/8vvP+/rPf/n6v/Sf/fvP+/5+zk8/X/+v+R6f/nef//Cvp//f+G+/8fmnmxuP6fES2t/8/d//m4pcn+BwAAgA5y938hbpnb/2c2/akAAACAdcrd/8W4xa//AwAAwDBy938pbmmy//X/I/b/3v+v/59//jj9/3ffeNejt/zog/fr/7nkavb/+bOg/9f/6/936f+9/1//z0FL6/9z9385bmmy/wEAAKCD3P1PxS32PwAAAAwjd/9X4hb7HwAAAIaRu//puKXJ/tf/6//1/9vY/2dT3L3/9/5//f9h3v8/T/+/gv5f/6//1/+zVkvr/3P3fzVuabL/AQAAoIPc/V+LW+x/AAAAGEbu/q/HLfY/AAAADCN3/zfilib7X/+v/9f/L7X/P+X9/0H/r/8/Cf3/PP3/Cvp//b/+X//PWi2t/8/d/824pcn+BwAAgA5y9z8Tt9j/AAAAMIzc/d+KW+x/AAAAGEbu/m/HLU32v/5f/7+O/n/nwOfX/0//fKzv/f/6/x39v/7/CPr/efr/FfT/+n/9v/6ftVpa/5+7/zsBAAD//wkKcjU=")
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
getresuid(&(0x7f0000000080), &(0x7f0000000240), &(0x7f0000000280)=<r1=>0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {}, 0x2c, {[{}]}})
mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x101800, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r2, &(0x7f0000002140)={0x2020}, 0x2100)

1.317000323s ago: executing program 1:
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
rt_sigreturn()
syz_read_part_table(0x401f, &(0x7f0000000000)="$eJzs0DEOAUEUBuB/NqKgUbuERk2UjrKNTqLRuIrKMSQaB3EBJ9CMZElIVuv7mvlnMjMv741vp1WSMttu2l1eNJ28bJKSZF73Jf/nvedrsjgnGfX5pDvUtPcvNycfzveHGoZ96j4N6ro+Ti+/vAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAwAAACDM3zqP9gMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEsBAAD//4IoCls=")
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RREADDIR(r0, &(0x7f0000000080), 0x10027)

1.171902749s ago: executing program 0:
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f00000000c0)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
memfd_create(0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000300)='./file0\x00', 0x40402, &(0x7f0000000180)=ANY=[@ANYRESOCT, @ANYRES32, @ANYRESDEC=r1, @ANYBLOB="94f0e94463ef380394768bf47d76f02961c7a610d47ebe029d", @ANYRES32], 0xfc, 0x0, 0xfffffffffffffffe)
ioctl$GIO_UNIMAP(0xffffffffffffffff, 0x5451, 0x0)

1.031067517s ago: executing program 0:
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0x8901, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r0 = mq_open(&(0x7f0000000000)=',\x00', 0x40, 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, 0x0)
close(r0)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000002000), 0x0, 0x0)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000002080))

928.065853ms ago: executing program 0:
r0 = msgget$private(0x0, 0x0)
msgrcv(r0, 0x0, 0x0, 0x0, 0x0)
rt_sigreturn()
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
futex(&(0x7f0000000000)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
fallocate(r1, 0x0, 0x0, 0x8020003)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
poll(0x0, 0x0, 0x64)
r2 = creat(&(0x7f0000000540)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x8020003)
r3 = open$dir(&(0x7f0000000080)='.\x00', 0x0, 0x0)
utimensat(r3, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
msgctl$IPC_RMID(r0, 0x0)

771.132597ms ago: executing program 0:
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004}, &(0x7f0000000200))
poll(0x0, 0x0, 0x64)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
futex(0x0, 0x6, 0x0, 0x0, &(0x7f0000000300), 0x0)

616.421463ms ago: executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000))
r1 = eventfd(0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
write$FUSE_ATTR(r2, &(0x7f00000000c0)={0x78, 0xfffffffffffffff5}, 0x78)
write$cgroup_devices(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="01202a3a8a"], 0x8)
close(r2)
socket$unix(0x1, 0x5, 0x0)
rt_sigreturn()
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
lsetxattr$security_evm(0x0, 0x0, 0x0, 0x0, 0x0)

614.171144ms ago: executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/47, 0x2f}], 0x1}, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
poll(0x0, 0x0, 0x64)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
write$binfmt_script(r3, &(0x7f0000000340), 0xffffff46)
dup3(r3, r2, 0x0)
sendmsg$netlink(r2, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=ANY=[], 0x10}], 0x1}, 0x0)
close(r2)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x3938700}}, 0x0)
msgget$private(0x0, 0x0)
rt_sigreturn()
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)

425.442663ms ago: executing program 2:
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
poll(0x0, 0x0, 0x401)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
poll(0x0, 0x0, 0x401)

255.953672ms ago: executing program 2:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = epoll_create(0xef02)
dup2(r0, r1)
ioctl$GIO_CMAP(r1, 0x541b, 0x0)

224.318647ms ago: executing program 0:
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r1 = shmget(0x3, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
io_submit(0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock2(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000))
getgid()
getpgrp(0x0)
shmctl$IPC_SET(r1, 0x1, &(0x7f00000003c0)={{0x3}, 0x0, 0x1485, 0x1})
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x0, 0x0, {0x0, 0x1}, {0x49, 0x2}, @period={0x0, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0}})
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
openat(0xffffffffffffff9c, 0x0, 0x404002, 0x2c)
syz_open_procfs(0x0, &(0x7f0000000180)='loginuid\x00')
memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appr\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xd1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8\x04\xd1)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\xd8|\x85\x87\xb1=e\x8e\xce\x8b\x19\xea\x02\xe3\x00'/123, 0xf)
fanotify_mark(0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0)

181.35858ms ago: executing program 1:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

157.928194ms ago: executing program 2:
timer_create(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x15)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_int(r2, &(0x7f0000000240)='memory.swap.max\x00', 0x2, 0x0)
gettid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='track_foreign_dirty\x00', r5}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r6, &(0x7f0000000180), 0x40001)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f00000002c0)=r6, 0x4)
write$cgroup_type(r3, &(0x7f0000000000), 0x248800)

120.996395ms ago: executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
write$binfmt_script(r1, &(0x7f0000000340), 0xffffff46)
sendmsg$unix(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000001c0)='D', 0x1}], 0x1}, 0x0)
close(r1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
rt_sigreturn()
poll(0x0, 0x0, 0x64)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r2 = semget$private(0x0, 0x5, 0x0)
semtimedop(r2, &(0x7f0000000140)=[{0x0, 0xfff9}], 0x1, 0x0)

74.750382ms ago: executing program 1:
r0 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = eventfd(0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
write$FUSE_ATTR(r2, &(0x7f00000003c0)={0x78, 0xffffffffffffffda, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x78)
write$cgroup_devices(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="01202a3a8a"], 0x8)
close(r2)
signalfd4(0xffffffffffffffff, &(0x7f0000000180), 0x8, 0x0)
rt_sigreturn()
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
poll(0x0, 0x0, 0x0)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
fallocate(r3, 0x0, 0x0, 0x801ffff)
chmod(&(0x7f0000000040)='./file0\x00', 0x0)

0s ago: executing program 3:
r0 = msgget$private(0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20)
clock_gettime(0x0, 0x0)
msgrcv(r0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r2, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
write$P9_RLOPEN(r2, 0x0, 0x0)
rt_sigreturn()
msgctl$IPC_RMID(r0, 0x0)
io_setup(0x0, 0x0)
write$P9_RFLUSH(r2, 0x0, 0x0)
ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, 0x0)

kernel console output (not intermixed with test programs):

oint 0x8B has invalid maxpacket 32
[  542.654113][ T5163] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  542.672066][ T5163] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  542.686662][ T5163] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  542.730800][ T9758] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  542.740471][ T9758] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  542.751091][ T5163] usb 4-1: usb_control_msg returned -71
[  542.762489][ T5163] usbtmc 4-1:16.0: can't read capabilities
[  542.772726][   T29] audit: type=1800 audit(1718420802.252:47): pid=9760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=1953 res=0 errno=0
[  542.799768][ T5163] usb 4-1: USB disconnect, device number 12
[  542.959376][ T9764] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  543.039178][ T5165] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  543.112007][ T9769] loop0: detected capacity change from 0 to 512
[  543.214036][ T9770] loop3: detected capacity change from 0 to 128
[  543.253384][ T9769] EXT4-fs (loop0): bad block size 8192
[  543.260728][ T9770] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  543.271760][ T9770] FAT-fs (loop3): FAT read failed (blocknr 255)
[  544.900483][ T5165] usb 5-1: Using ep0 maxpacket: 32
[  544.922842][ T5165] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.934156][ T5165] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  544.944738][   T52] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  544.952653][ T5165] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  544.964347][ T5165] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.968108][ T9780] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  544.999267][ T9780] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  545.009342][ T5165] usb 5-1: config 0 descriptor??
[  545.024578][ T5165] hub 5-1:0.0: USB hub found
[  545.149970][   T52] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  545.168418][   T52] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  545.177644][   T52] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  545.188903][   T52] usb 3-1: config 0 interface 0 has no altsetting 0
[  545.200157][   T52] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  545.209371][   T52] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  545.447847][   T52] usb 3-1: config 0 interface 0 has no altsetting 0
[  545.459207][   T52] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  545.473997][   T52] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  545.500057][   T52] usb 3-1: config 0 interface 0 has no altsetting 0
[  545.513571][   T52] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  545.526241][   T52] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  545.649412][   T52] usb 3-1: config 0 interface 0 has no altsetting 0
[  546.038317][ T5165] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  546.106796][ T5165] usbhid 5-1:0.0: can't add hid device: -71
[  546.119639][   T52] usb 3-1: unable to read config index 4 descriptor/start: -71
[  546.248304][ T5165] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  546.260859][   T52] usb 3-1: can't read configurations, error -71
[  547.046239][ T5165] usb 5-1: USB disconnect, device number 13
[  547.092438][ T9793] loop3: detected capacity change from 0 to 512
[  547.124762][ T9793] EXT4-fs (loop3): bad block size 8192
[  547.281703][ T9796] loop2: detected capacity change from 0 to 1024
[  547.355972][ T9800] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  547.393872][ T9802] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  547.450047][ T2429] hfsplus: b-tree write err: -5, ino 4
[  547.492738][ T5195] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  548.459136][ T5195] usb 2-1: Using ep0 maxpacket: 8
[  548.485043][ T5195] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  548.514368][ T5195] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  548.562205][ T5195] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  548.616907][ T9815] loop2: detected capacity change from 0 to 1024
[  548.636295][ T5195] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  548.767073][ T5195] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  548.776392][ T5195] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.899440][  T931] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  549.190748][ T5195] usb 2-1: usb_control_msg returned -71
[  549.196360][ T5195] usbtmc 2-1:16.0: can't read capabilities
[  549.205086][ T5195] usb 2-1: USB disconnect, device number 20
[  550.461137][ T9824] loop3: detected capacity change from 0 to 2048
[  550.571960][  T931] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  550.595194][ T9824] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  550.644075][  T931] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  550.667863][  T931] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  550.727901][  T931] usb 1-1: config 0 interface 0 has no altsetting 0
[  550.801685][  T931] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  550.836946][  T931] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  550.850078][ T9827] loop4: detected capacity change from 0 to 512
[  550.865860][  T931] usb 1-1: config 0 interface 0 has no altsetting 0
[  550.872993][ T9827] EXT4-fs (loop4): bad block size 8192
[  550.881031][  T931] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  550.896032][  T931] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  550.910037][  T931] usb 1-1: config 0 interface 0 has no altsetting 0
[  550.935632][  T931] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  550.953105][  T931] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  550.992593][  T931] usb 1-1: config 0 interface 0 has no altsetting 0
[  551.012538][  T931] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  551.029822][  T931] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  551.047776][  T931] usb 1-1: config 0 interface 0 has no altsetting 0
[  551.055798][  T931] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  551.070282][  T931] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  551.099206][  T931] usb 1-1: config 0 interface 0 has no altsetting 0
[  551.113300][  T931] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  551.151495][  T931] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  551.165581][ T9836] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  551.176105][  T931] usb 1-1: config 0 interface 0 has no altsetting 0
[  551.242547][  T931] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  551.267804][  T931] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  551.287942][  T931] usb 1-1: config 0 interface 0 has no altsetting 0
[  551.315647][  T931] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  551.329794][  T931] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  551.347502][  T931] usb 1-1: Product: syz
[  551.373738][  T931] usb 1-1: Manufacturer: syz
[  551.499450][  T931] usb 1-1: SerialNumber: syz
[  551.520295][  T931] usb 1-1: config 0 descriptor??
[  551.525716][ T9839] loop1: detected capacity change from 0 to 1024
[  551.525937][  T931] usb 1-1: can't set config #0, error -71
[  551.546407][  T931] usb 1-1: USB disconnect, device number 15
[  553.173736][ T2429] hfsplus: b-tree write err: -5, ino 4
[  553.412424][ T9862] loop1: detected capacity change from 0 to 1024
[  556.043168][ T9879] loop2: detected capacity change from 0 to 512
[  556.058018][ T9879] EXT4-fs (loop2): bad block size 8192
[  556.158066][   T29] audit: type=1326 audit(1718420815.552:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f24cda7cea9 code=0x0
[  556.512322][   T52] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  556.781034][   T52] usb 1-1: Using ep0 maxpacket: 8
[  556.937103][   T52] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  556.979231][   T52] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  557.030831][   T52] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  557.079818][   T52] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  557.144327][   T52] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  557.179273][   T52] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  557.411978][   T52] usb 1-1: usb_control_msg returned -32
[  557.445098][   T52] usbtmc 1-1:16.0: can't read capabilities
[  557.454206][ T9895] loop3: detected capacity change from 0 to 1024
[  557.476701][ T9898] loop4: detected capacity change from 0 to 512
[  557.477573][   T52] usb 1-1: USB disconnect, device number 16
[  557.512386][ T9898] EXT4-fs (loop4): bad block size 8192
[  557.775197][ T9888] loop1: detected capacity change from 0 to 32768
[  557.837896][ T9888] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  557.897811][ T9888] XFS (loop1): Ending clean mount
[  557.952644][   T11] hfsplus: b-tree write err: -5, ino 4
[  557.962689][ T9888] XFS (loop1): Quotacheck needed: Please wait.
[  558.096314][ T9888] XFS (loop1): Quotacheck: Done.
[  559.155003][ T5111] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  559.231937][ T9923] loop3: detected capacity change from 0 to 512
[  559.304804][ T9923] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  559.339994][ T9923] EXT4-fs (loop3): orphan cleanup on readonly fs
[  559.395238][ T9923] EXT4-fs warning (device loop3): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  559.417044][ T9909] loop0: detected capacity change from 0 to 32768
[  559.426277][ T9909] xfs: Unknown parameter 'obj_user'
[  559.440180][ T9923] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  559.452135][ T9923] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz-executor.3: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  559.475680][ T9923] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 13 (err -117)
[  559.499564][ T9923] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  559.569531][   T29] audit: type=1326 audit(1718420819.042:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9922 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f24cda7cea9 code=0x0
[  559.768688][ T9927] Invalid ELF section header overflow
[  560.018017][ T5117] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.127192][   T29] audit: type=1326 audit(1718420820.602:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2982e7cea9 code=0x0
[  561.149394][    C1] vkms_vblank_simulate: vblank timer overrun
[  561.931893][ T9946] loop4: detected capacity change from 0 to 1024
[  562.030543][ T9950] loop1: detected capacity change from 0 to 8
[  562.605912][  T784] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  563.062863][  T784] usb 3-1: Using ep0 maxpacket: 8
[  563.077087][  T784] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  563.087127][  T784] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  563.097339][  T784] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  563.131222][  T784] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  563.166926][ T2858] hfsplus: b-tree write err: -5, ino 4
[  563.197542][  T784] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  563.209705][ T9960] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  563.222622][  T784] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  563.237282][ T9960] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'.
[  563.275378][ T9963] Cannot find add_set index 0 as target
[  563.285608][ T9966] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  563.346002][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  563.353013][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  563.452303][  T784] usb 3-1: usb_control_msg returned -32
[  563.458760][  T784] usbtmc 3-1:16.0: can't read capabilities
[  563.470838][ T9968] loop4: detected capacity change from 0 to 512
[  563.487808][ T9968] EXT4-fs (loop4): bad block size 8192
[  563.504479][  T784] usb 3-1: USB disconnect, device number 21
[  563.597265][ T9966] loop0: detected capacity change from 0 to 8192
[  563.628800][ T9966] REISERFS warning (device loop0): super-6508 reiserfs_parse_options: bad value 0x8000000000000000 for -ocommit
[  563.628800][ T9966] 
[  563.671332][ T9974] loop3: detected capacity change from 0 to 1024
[  564.156782][ T9979] loop1: detected capacity change from 0 to 128
[  564.181619][ T9979] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  564.192488][ T9979] FAT-fs (loop1): FAT read failed (blocknr 255)
[  565.022549][ T9983] loop0: detected capacity change from 0 to 8
[  566.906870][ T9995] loop1: detected capacity change from 0 to 512
[  567.079802][ T9995] EXT4-fs (loop1): bad block size 8192
[  568.156700][T10005] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  568.252717][T10005] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.4'.
[  568.484115][T10015] loop2: detected capacity change from 0 to 1024
[  568.909331][ T5163] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  569.869136][ T5163] usb 1-1: Using ep0 maxpacket: 8
[  569.887131][ T5163] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  569.907432][ T5163] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  569.927483][ T5163] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  569.950345][ T5163] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  570.056005][ T5163] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  570.129126][ T5163] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.184618][T10009] loop3: detected capacity change from 0 to 40427
[  570.309766][T10009] F2FS-fs (loop3): invalid crc value
[  570.323662][T10009] F2FS-fs (loop3): Found nat_bits in checkpoint
[  570.425191][ T5163] usb 1-1: usb_control_msg returned -32
[  570.432337][ T5163] usbtmc 1-1:16.0: can't read capabilities
[  570.517005][T10009] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  570.540690][ T5163] usb 1-1: USB disconnect, device number 17
[  572.837259][   T29] audit: type=1326 audit(1718420832.312:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10048 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e6587cea9 code=0x0
[  573.271013][T10055] loop3: detected capacity change from 0 to 164
[  573.289964][T10055] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  573.316954][T10055] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  574.092363][T10058] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  574.116477][T10058] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  574.338902][T10063] loop3: detected capacity change from 0 to 1024
[  574.523201][T10067] loop4: detected capacity change from 0 to 512
[  574.656435][T10067] EXT4-fs (loop4): bad block size 8192
[  576.571762][T10084] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.3'.
[  578.065439][   T29] audit: type=1326 audit(1718420837.542:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10094 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2982e7cea9 code=0x0
[  578.183872][T10100] loop3: detected capacity change from 0 to 164
[  578.204997][T10100] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  578.232319][T10100] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  579.060178][T10102] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  579.197129][T10106] loop1: detected capacity change from 0 to 1024
[  580.530281][T10111] loop3: detected capacity change from 0 to 8
[  582.152332][T10126] loop2: detected capacity change from 0 to 8
[  583.620644][T10146] loop3: detected capacity change from 0 to 164
[  583.809406][T10146] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  583.833372][T10146] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  584.040377][   T29] audit: type=1326 audit(1718420843.512:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10143 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f881867cea9 code=0x0
[  586.650345][T10153] loop0: detected capacity change from 0 to 40427
[  586.683204][T10153] F2FS-fs (loop0): invalid crc value
[  586.695947][T10153] F2FS-fs (loop0): Found nat_bits in checkpoint
[  586.838725][T10153] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  586.902601][T10172] loop4: detected capacity change from 0 to 8
[  588.308903][T10185] loop3: detected capacity change from 0 to 8
[  589.214016][T10194] loop1: detected capacity change from 0 to 164
[  589.719819][T10194] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  589.747995][T10194] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  590.040952][T10195] loop4: detected capacity change from 0 to 164
[  590.078469][T10195] iso9660: Unknown parameter ''
[  590.102959][T10197] loop3: detected capacity change from 0 to 8
[  592.723958][T10223] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  593.872658][T10231] loop2: detected capacity change from 0 to 1024
[  594.111060][T10235] loop3: detected capacity change from 0 to 8
[  594.213069][T10239] loop0: detected capacity change from 0 to 164
[  594.910206][T10239] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  594.926664][T10238] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  596.006091][T10246] loop2: detected capacity change from 0 to 512
[  596.092020][T10246] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  596.390925][T10246] EXT4-fs (loop2): orphan cleanup on readonly fs
[  596.511903][T10246] EXT4-fs warning (device loop2): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  596.768218][T10246] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  596.819662][T10246] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz-executor.2: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  596.917743][T10256] loop3: detected capacity change from 0 to 8
[  596.946121][T10246] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 13 (err -117)
[  596.982020][T10246] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  602.515891][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  603.345398][T10280] loop1: detected capacity change from 0 to 164
[  603.850696][T10280] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  603.867263][T10278] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  604.019513][T10287] loop0: detected capacity change from 0 to 8
[  604.096979][T10277] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  604.179613][T10288] loop2: detected capacity change from 0 to 1024
[  608.523191][T10314] loop2: detected capacity change from 0 to 512
[  608.570027][T10311] loop4: detected capacity change from 0 to 128
[  608.604565][T10314] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  608.717902][T10314] EXT4-fs (loop2): orphan cleanup on readonly fs
[  608.769387][T10314] EXT4-fs warning (device loop2): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  608.822044][T10314] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  608.859454][T10314] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz-executor.2: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  608.911414][T10314] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 13 (err -117)
[  609.140394][T10314] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  609.222308][T10321] loop0: detected capacity change from 0 to 512
[  609.228804][T10326] loop1: detected capacity change from 0 to 512
[  609.529755][T10329] loop4: detected capacity change from 0 to 164
[  609.568482][T10329] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  609.593263][T10329] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  609.955910][T10321] EXT4-fs (loop0): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  609.975104][T10326] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  609.997459][T10326] EXT4-fs (loop1): orphan cleanup on readonly fs
[  610.016479][T10326] EXT4-fs warning (device loop1): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  610.076353][T10326] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  610.096384][T10326] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz-executor.1: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  610.155165][   T29] audit: type=1326 audit(1718420869.632:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0203c7cea9 code=0x0
[  610.204158][T10326] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 13 (err -117)
[  610.266329][T10326] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  610.283090][T10334] loop3: detected capacity change from 0 to 1024
[  610.357402][T10331] Invalid ELF section header overflow
[  610.362479][   T29] audit: type=1326 audit(1718420869.832:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10324 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2982e7cea9 code=0x0
[  610.578107][T10341] Invalid ELF section header overflow
[  610.600220][T10343] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  610.645672][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.780294][ T5111] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.872122][T10350] loop0: detected capacity change from 0 to 512
[  610.899315][T10350] EXT4-fs (loop0): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  613.812074][T10376] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  614.253259][T10385] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  614.296970][T10385] bridge0: entered promiscuous mode
[  614.325297][T10385] macvtap1: entered promiscuous mode
[  614.350264][T10385] macvtap1: entered allmulticast mode
[  614.380191][T10385] bridge0: entered allmulticast mode
[  614.400014][T10387] loop0: detected capacity change from 0 to 128
[  614.438054][T10387] affs: Unrecognized mount option "M�8��H" or missing value
[  614.446125][T10386] loop3: detected capacity change from 0 to 128
[  614.447466][T10386] affs: Unrecognized mount option "M�8��H" or missing value
[  614.469205][T10387] affs: Error parsing options
[  614.469225][T10386] affs: Error parsing options
[  614.784942][T10393] loop2: detected capacity change from 0 to 512
[  614.833956][T10374] loop4: detected capacity change from 0 to 40427
[  614.862948][T10367] loop1: detected capacity change from 0 to 32768
[  614.886819][T10374] F2FS-fs (loop4): invalid crc value
[  614.893681][T10367] xfs: Unknown parameter 'obj_user'
[  614.941586][T10374] F2FS-fs (loop4): Found nat_bits in checkpoint
[  614.947924][T10393] EXT4-fs (loop2): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  615.126298][T10374] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  616.127768][T10399] loop2: detected capacity change from 0 to 1024
[  617.429779][T10408] loop0: detected capacity change from 0 to 512
[  617.502481][T10408] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  617.520173][T10408] EXT4-fs (loop0): orphan cleanup on readonly fs
[  617.609299][T10408] EXT4-fs warning (device loop0): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  617.657749][T10416] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  617.709195][T10408] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  617.720502][T10413] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  617.762394][T10408] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  617.871821][T10408] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 13 (err -117)
[  617.951147][T10408] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  617.959294][T10419] loop2: detected capacity change from 0 to 8
[  618.017454][   T29] audit: type=1326 audit(1718420877.492:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10407 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f881867cea9 code=0x0
[  618.242971][T10427] Invalid ELF section header overflow
[  618.503739][ T5115] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  618.556273][T10430] loop2: detected capacity change from 0 to 512
[  618.595463][T10430] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  618.705617][T10430] EXT4-fs (loop2): orphan cleanup on readonly fs
[  618.726908][T10430] EXT4-fs warning (device loop2): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  618.817133][T10430] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  619.079241][ T5195] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  619.657044][T10439] loop3: detected capacity change from 0 to 256
[  619.669898][T10430] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz-executor.2: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  619.693761][T10430] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 13 (err -117)
[  619.749720][T10439] FAT-fs (loop3): Unrecognized mount option "uni_xlate=0��l8=0" or missing value
[  619.768468][T10441] loop0: detected capacity change from 0 to 1024
[  619.795890][T10430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  619.881138][   T29] audit: type=1326 audit(1718420879.362:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10429 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0203c7cea9 code=0x0
[  620.910751][   T35] hfsplus: b-tree write err: -5, ino 4
[  620.937363][T10445] Invalid ELF section header overflow
[  620.950716][ T5195] usb 5-1: device descriptor read/all, error -71
[  621.253453][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  621.391357][T10453] loop3: detected capacity change from 0 to 1024
[  621.523263][T10457] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  621.678827][T10464] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  621.843712][T10468] loop0: detected capacity change from 0 to 128
[  621.880586][T10468] udf: Unknown parameter '�Im������	��[�����{������ֺV_zح��  �ˆ���y}З��嶉��|)� zV	i	�8�g��}r��MOȫ|q�B�(���*�dS���݀{YԳ��RH�`1T�d�@eM'S%�ҩ�NÒ��@�g����Ϙ��	jfZ�p(x�~��>�`u+K?@�DCsJ�:T�6�&3��/�.Hg��
�<�_$��l�;��Kd��_�>д�'
[  623.795003][T10476] loop0: detected capacity change from 0 to 512
[  626.090529][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  626.096922][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  626.305917][T10476] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  626.324979][T10476] EXT4-fs (loop0): 1 truncate cleaned up
[  626.332230][T10476] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  626.833707][ T5115] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  626.976193][   T29] audit: type=1800 audit(1718420886.452:58): pid=10485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="memory.events" dev="sda1" ino=1957 res=0 errno=0
[  627.143218][   T29] audit: type=1804 audit(1718420886.562:59): pid=10485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir204984687/syzkaller.lzcRgM/285/memory.events" dev="sda1" ino=1957 res=1 errno=0
[  627.521524][T10496] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  627.649432][T10499] loop0: detected capacity change from 0 to 8
[  628.758130][T10501] loop3: detected capacity change from 0 to 512
[  628.803091][T10501] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  628.993781][T10487] loop1: detected capacity change from 0 to 32768
[  629.038627][T10487] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (10487)
[  629.099867][T10487] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  629.139503][T10487] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  629.171704][T10487] BTRFS info (device loop1): using free-space-tree
[  631.239303][T10487] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  631.305566][   T29] audit: type=1800 audit(1718420890.732:60): pid=10525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="memory.events" dev="sda1" ino=1959 res=0 errno=0
[  631.408124][T10487] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  631.433131][T10487] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  631.643833][T10487] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  631.659862][T10534] loop3: detected capacity change from 0 to 1024
[  631.762639][T10487] BTRFS error (device loop1): open_ctree failed
[  632.723741][T10544] hfsplus: xattr searching failed
[  632.904343][T10546] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  633.027792][   T11] hfsplus: b-tree write err: -5, ino 4
[  633.035731][T10548] loop0: detected capacity change from 0 to 8
[  633.247192][   T52] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  633.409203][   T52] usb 5-1: device descriptor read/64, error -71
[  633.745349][   T52] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  634.108677][T10539] loop2: detected capacity change from 0 to 32768
[  634.204258][T10539] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  634.280918][   T52] usb 5-1: device descriptor read/64, error -71
[  634.404581][   T52] usb usb5-port1: attempt power cycle
[  634.651467][T10539] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop2": -EINTR
[  634.655819][T10539] XFS (loop2): log mount failed
[  634.872082][   T52] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  634.991941][   T52] usb 5-1: device descriptor read/8, error -71
[  635.326161][   T29] audit: type=1800 audit(1718420894.652:61): pid=10576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1960 res=0 errno=0
[  636.729452][T10594] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  636.734202][T10593] loop2: detected capacity change from 0 to 128
[  636.755839][T10592] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  636.768906][T10593] udf: Unknown parameter '�Im������	��[�����{������ֺV_zح��  �ˆ���y}З��嶉��|)� zV	i	�8�g��}r��MOȫ|q�B�(���*�dS���݀{YԳ��RH�`1T�d�@eM'S%�ҩ�NÒ��@�g����Ϙ��	jfZ�p(x�~��>�`u+K?@�DCsJ�:T�6�&3��/�.Hg��
�<�_$��l�;��Kd��_�>д�'
[  637.235270][T10600] loop2: detected capacity change from 0 to 512
[  637.256901][T10600] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  638.424818][T10600] EXT4-fs (loop2): 1 truncate cleaned up
[  638.440438][T10600] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  639.032525][T10596] loop3: detected capacity change from 0 to 512
[  639.107219][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  639.129892][T10596] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  639.189154][T10596] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (1540000)
[  639.211436][T10596] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  639.291484][T10584] loop1: detected capacity change from 0 to 32768
[  639.307282][T10584] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (10584)
[  639.481393][T10608] loop0: detected capacity change from 0 to 4096
[  639.514157][T10608] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  639.599214][T10608] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  640.444897][T10608] ntfs3: loop0: ino=21, The size of extended attributes must not exceed 64KiB
[  640.630086][T10618] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  641.684480][T10611] loop4: detected capacity change from 0 to 32768
[  641.866870][T10622] loop1: detected capacity change from 0 to 512
[  641.886227][T10622] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  641.895904][T10622] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (1540000)
[  642.115526][T10611] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  642.646605][T10611] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop4": -EINTR
[  642.658308][T10622] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  642.677572][T10611] XFS (loop4): log mount failed
[  642.998830][T10644] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  643.035600][T10644] bridge0: entered promiscuous mode
[  643.046810][T10644] macvtap1: entered promiscuous mode
[  643.052450][T10644] macvtap1: entered allmulticast mode
[  643.058124][T10644] bridge0: entered allmulticast mode
[  643.084589][T10646] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  643.156205][T10649] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  643.725809][T10658] loop4: detected capacity change from 0 to 512
[  643.794365][T10658] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  643.843729][T10658] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (1540000)
[  643.859214][T10658] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  643.887226][ T5165] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  644.111285][ T5165] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  644.143718][ T5165] usb 4-1: config 0 has no interfaces?
[  644.161353][ T5165] usb 4-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  644.204175][ T5165] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  644.253097][ T5165] usb 4-1: config 0 descriptor??
[  645.484567][T10676] loop2: detected capacity change from 0 to 4096
[  645.498281][T10676] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[  645.507780][T10654] loop1: detected capacity change from 0 to 32768
[  645.526508][T10676] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  645.557978][  T783] usb 4-1: USB disconnect, device number 13
[  645.569410][T10654] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  645.586850][T10676] ntfs3: loop2: ino=21, The size of extended attributes must not exceed 64KiB
[  645.614798][T10654] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  645.669390][T10654] BTRFS info (device loop1): using free-space-tree
[  645.699306][ T5165] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  645.831744][T10654] BTRFS info (device loop1): rebuilding free space tree
[  645.949847][ T5165] usb 5-1: Using ep0 maxpacket: 32
[  645.957196][ T5165] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  645.982959][ T5165] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  645.999085][ T5165] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  646.011638][ T5165] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  646.046423][ T5165] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  646.069229][ T5165] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  646.100533][  T784] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  646.150355][ T5165] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  646.162652][ T5165] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  646.196689][ T5165] usb 5-1: config 0 descriptor??
[  646.304173][  T784] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  646.348648][  T784] usb 1-1: config 0 has no interfaces?
[  646.379202][  T784] usb 1-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  646.411231][  T784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  646.443937][ T5165] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 20 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  646.514933][  T784] usb 1-1: config 0 descriptor??
[  646.710185][ T5165] usb 5-1: USB disconnect, device number 20
[  646.732346][ T5165] usblp0: removed
[  648.551594][  T783] usb 1-1: USB disconnect, device number 18
[  648.704357][T10713] loop3: detected capacity change from 0 to 512
[  648.740760][ T5111] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  648.753753][T10713] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  649.907435][T10725] loop2: detected capacity change from 0 to 2048
[  651.075341][T10725] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  651.160486][T10729] loop0: detected capacity change from 0 to 8
[  652.333898][T10730] loop4: detected capacity change from 0 to 4096
[  652.341573][T10730] ntfs3: Unknown parameter ':net'
[  652.885675][T10749] loop2: detected capacity change from 0 to 128
[  652.922389][T10748] loop3: detected capacity change from 0 to 4096
[  652.930841][T10749] affs: Unrecognized mount option "M�8��H" or missing value
[  652.938163][T10749] affs: Error parsing options
[  652.956410][T10748] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  653.076127][T10748] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  653.224644][T10748] ntfs3: loop3: ino=21, The size of extended attributes must not exceed 64KiB
[  653.697390][T10745] loop1: detected capacity change from 0 to 40427
[  653.730256][T10745] F2FS-fs (loop1): heap/no_heap options were deprecated
[  653.776373][T10745] F2FS-fs (loop1): invalid crc value
[  653.844580][T10745] F2FS-fs (loop1): Found nat_bits in checkpoint
[  654.239362][T10745] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  654.376359][   T29] audit: type=1800 audit(1718420913.852:62): pid=10745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="loop1" ino=10 res=0 errno=0
[  654.409208][T10766] loop3: detected capacity change from 0 to 512
[  654.423586][T10766] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  654.471192][ T5111] syz-executor.1: attempt to access beyond end of device
[  654.471192][ T5111] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  654.485979][ T5111] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  654.506821][T10771] netlink: 'syz-executor.0': attribute type 11 has an invalid length.
[  657.629657][T10787] loop3: detected capacity change from 0 to 164
[  657.660361][T10787] iso9660: Unknown parameter ''
[  657.999486][T10793] loop3: detected capacity change from 0 to 128
[  658.008503][T10793] ufs: Invalid option: "�~" or missing value
[  658.177620][T10798] loop1: detected capacity change from 0 to 2048
[  658.530781][T10798] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  658.784745][T10793] ufs: wrong mount options
[  658.906950][T10800] loop0: detected capacity change from 0 to 8
[  660.080771][T10804] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  660.140094][T10804] bridge0: entered promiscuous mode
[  660.173338][T10789] loop2: detected capacity change from 0 to 32768
[  660.176831][T10804] macvtap2: entered promiscuous mode
[  660.299762][T10804] macvtap2: entered allmulticast mode
[  660.305196][T10804] bridge0: entered allmulticast mode
[  660.332187][T10789] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (10789)
[  660.352677][T10789] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  660.367200][T10807] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  660.395610][T10789] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  660.621064][T10789] BTRFS info (device loop2): using free-space-tree
[  660.700981][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  660.701738][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  660.720057][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  660.736269][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  660.782077][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  660.816647][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  660.874422][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  661.181531][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  661.216105][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  661.344506][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  661.372208][T10789] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  661.611122][T10789] BTRFS error (device loop2): open_ctree failed
[  663.744307][T10846] loop3: detected capacity change from 0 to 40427
[  663.770058][T10846] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  663.777869][T10846] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  663.822708][T10846] F2FS-fs (loop3): Found nat_bits in checkpoint
[  663.885370][T10846] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  663.892660][T10846] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  664.015009][   T29] audit: type=1804 audit(1718420923.492:63): pid=10853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3257899829/syzkaller.Xf4nIK/238/bus/file0" dev="sda1" ino=1963 res=1 errno=0
[  664.689416][   T29] audit: type=1800 audit(1718420923.882:64): pid=10861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file1" dev="loop3" ino=10 res=0 errno=0
[  664.710223][    C1] vkms_vblank_simulate: vblank timer overrun
[  664.958811][   T29] audit: type=1804 audit(1718420924.012:65): pid=10861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir204984687/syzkaller.lzcRgM/304/bus/file1" dev="loop3" ino=10 res=1 errno=0
[  664.965887][T10866] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  664.984248][    C1] vkms_vblank_simulate: vblank timer overrun
[  665.135268][T10867] loop0: detected capacity change from 0 to 2048
[  665.170231][T10867] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  667.874505][T10876] loop4: detected capacity change from 0 to 32768
[  667.919588][T10876] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (10876)
[  668.048013][T10876] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  668.058646][T10876] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  668.068188][T10876] BTRFS info (device loop4): using free-space-tree
[  669.807663][T10876] BTRFS info (device loop4): rebuilding free space tree
[  669.833041][T10906] loop1: detected capacity change from 0 to 8
[  669.979521][ T5110] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  670.184558][   T29] audit: type=1804 audit(1718420929.632:66): pid=10908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3257899829/syzkaller.Xf4nIK/242/bus/file0" dev="sda1" ino=1954 res=1 errno=0
[  671.322506][T10917] loop3: detected capacity change from 0 to 8
[  672.482259][T10918] loop2: detected capacity change from 0 to 512
[  672.499516][T10918] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  672.840311][T10921] loop4: detected capacity change from 0 to 512
[  672.849660][T10921] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  672.874290][T10921] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (1540000)
[  672.926572][T10921] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  673.311489][T10935] loop2: detected capacity change from 0 to 40427
[  673.330087][T10935] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  673.337864][T10935] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  673.357834][T10935] F2FS-fs (loop2): Found nat_bits in checkpoint
[  673.402444][T10935] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  673.409615][T10935] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  673.970015][   T29] audit: type=1800 audit(1718420933.172:67): pid=10941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=10 res=0 errno=0
[  674.073765][   T29] audit: type=1804 audit(1718420933.182:68): pid=10941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3257899829/syzkaller.Xf4nIK/244/bus/file1" dev="loop2" ino=10 res=1 errno=0
[  674.133342][T10943] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  676.851412][   T29] audit: type=1804 audit(1718420936.322:69): pid=10964 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1739405882/syzkaller.S9ISJE/302/bus/file0" dev="sda1" ino=1952 res=1 errno=0
[  679.340102][T10974] loop3: detected capacity change from 0 to 40427
[  679.371316][T10974] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  679.379196][T10974] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  679.429516][T10982] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.0'.
[  679.445717][T10974] F2FS-fs (loop3): Found nat_bits in checkpoint
[  679.493327][T10974] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  679.501416][T10974] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  679.589996][T10989] loop1: detected capacity change from 0 to 8
[  681.104067][   T29] audit: type=1804 audit(1718420940.582:70): pid=11009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1739405882/syzkaller.S9ISJE/307/bus/file0" dev="sda1" ino=1966 res=1 errno=0
[  682.040258][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.041634][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.111615][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.136644][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.192311][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.272123][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.287134][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.300163][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.301789][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.311753][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.328545][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.354587][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.361607][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.373574][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.381694][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.391752][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.409241][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.427880][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.452640][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.461912][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.472280][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.486978][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.501606][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.511621][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.521636][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.531614][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.545348][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.551604][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.567819][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.572773][T11007] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  682.687008][ T5162] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  682.933076][ T5162] usb 1-1: Using ep0 maxpacket: 32
[  683.065320][ T5162] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  683.091588][ T5162] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  683.914706][ T5162] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  684.067033][ T5162] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  684.939033][ T5162] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  684.950749][ T5162] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  684.996803][ T5162] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  685.027675][ T5162] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  685.068754][ T5162] usb 1-1: config 0 descriptor??
[  685.283150][ T5162] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 19 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  685.438926][ T5162] usb 1-1: USB disconnect, device number 19
[  685.520243][ T5162] usblp0: removed
[  685.795355][T11043] loop0: detected capacity change from 0 to 40427
[  685.870547][T11043] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  685.878322][T11043] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  685.919866][T11043] F2FS-fs (loop0): Found nat_bits in checkpoint
[  685.960535][T11043] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  685.967697][T11043] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  686.225863][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  686.233583][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  686.551881][T11054] loop4: detected capacity change from 0 to 8
[  689.083243][T11050] loop3: detected capacity change from 0 to 32768
[  689.365480][   T29] audit: type=1804 audit(1718420948.712:71): pid=11073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1739405882/syzkaller.S9ISJE/311/bus/file0" dev="sda1" ino=1961 res=1 errno=0
[  690.775189][T11087] loop0: detected capacity change from 0 to 512
[  690.787438][T11087] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[  691.407313][T11081] loop2: detected capacity change from 0 to 40427
[  691.474704][T11081] F2FS-fs (loop2): invalid crc value
[  691.492960][T11081] F2FS-fs (loop2): Found nat_bits in checkpoint
[  691.590071][T11090] loop4: detected capacity change from 0 to 4096
[  691.591637][T11081] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  691.642182][T11090] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  692.042559][T11090] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  692.430945][T11096] vivid-000: kernel_thread() failed
[  692.545404][ T5769] syz-executor.2: attempt to access beyond end of device
[  692.545404][ T5769] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  692.602747][ T5769] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  692.701494][T11090] ntfs3: loop4: ino=21, The size of extended attributes must not exceed 64KiB
[  692.849179][ T8859] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  692.986900][T11102] loop1: detected capacity change from 0 to 8
[  693.175393][ T8859] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  693.188579][ T8859] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  693.210730][ T8859] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  693.396968][ T8859] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  693.406496][ T8859] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  693.427976][ T8859] usb 1-1: config 0 descriptor??
[  693.982029][T11100] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  694.312606][T11113] loop2: detected capacity change from 0 to 256
[  695.246428][T11117] loop3: detected capacity change from 0 to 512
[  695.273684][T11117] EXT4-fs: Ignoring removed orlov option
[  695.315379][   T29] audit: type=1800 audit(1718420954.772:72): pid=11113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=1048953 res=0 errno=0
[  695.343912][T11117] EXT4-fs (loop3): Test dummy encryption mode enabled
[  695.395608][T11117] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a040e01c, mo2=0102]
[  695.409337][T11117] System zones: 1-12
[  695.421091][T11117] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz-executor.3: casefold flag without casefold feature
[  695.562335][T11109] loop1: detected capacity change from 0 to 32768
[  695.573985][T11117] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117)
[  695.611942][T11117] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  695.630438][T11109] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  695.726570][   T11] kworker/u8:0: attempt to access beyond end of device
[  695.726570][   T11] loop2: rw=1, sector=256, nr_sectors = 96 limit=256
[  695.750015][T11109] XFS (loop1): Ending clean mount
[  695.776278][T11109] XFS (loop1): Quotacheck needed: Please wait.
[  695.783095][   T11] kworker/u8:0: attempt to access beyond end of device
[  695.783095][   T11] loop2: rw=1, sector=384, nr_sectors = 160 limit=256
[  695.815317][   T11] kworker/u8:0: attempt to access beyond end of device
[  695.815317][   T11] loop2: rw=1, sector=608, nr_sectors = 416 limit=256
[  695.876768][   T11] kworker/u8:0: attempt to access beyond end of device
[  695.876768][   T11] loop2: rw=1, sector=1056, nr_sectors = 424 limit=256
[  695.885103][T11109] XFS (loop1): Quotacheck: Done.
[  696.127145][   T52] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  696.180806][ T8859] usbhid 1-1:0.0: can't add hid device: -71
[  696.780937][ T8859] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  696.816901][ T8859] usb 1-1: USB disconnect, device number 20
[  697.843967][   T52] usb 4-1: Using ep0 maxpacket: 32
[  697.876101][ T5111] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  697.878929][T11144] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  697.885005][   T52] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  697.885040][   T52] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  697.909987][T11145] loop2: detected capacity change from 0 to 256
[  697.939214][   T52] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  697.993871][   T52] usb 4-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  698.019044][   T52] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  698.031063][   T52] usb 4-1: Product: syz
[  698.039065][   T52] usb 4-1: Manufacturer: syz
[  698.043745][   T52] usb 4-1: SerialNumber: syz
[  698.066662][   T52] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input11
[  698.134636][   T29] audit: type=1800 audit(1718420957.612:73): pid=11145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=1048954 res=0 errno=0
[  698.247975][   T52] usb 4-1: USB disconnect, device number 14
[  698.306812][ T5117] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  698.323329][   T52] appletouch 4-1:1.0: input: appletouch disconnected
[  698.518291][T11151] loop4: detected capacity change from 0 to 32768
[  698.525591][T11151] xfs: Unknown parameter 'obj_user'
[  698.858870][   T35] kworker/u8:2: attempt to access beyond end of device
[  698.858870][   T35] loop2: rw=1, sector=256, nr_sectors = 160 limit=256
[  698.859862][   T35] kworker/u8:2: attempt to access beyond end of device
[  698.859862][   T35] loop2: rw=1, sector=448, nr_sectors = 96 limit=256
[  698.860597][   T35] kworker/u8:2: attempt to access beyond end of device
[  698.860597][   T35] loop2: rw=1, sector=608, nr_sectors = 416 limit=256
[  698.861392][   T35] kworker/u8:2: attempt to access beyond end of device
[  698.861392][   T35] loop2: rw=1, sector=1056, nr_sectors = 232 limit=256
[  700.194942][T11159] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  701.329192][  T784] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  701.351726][T11193] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_bridge, syncid = 0, id = 0
[  701.585568][  T784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  701.642043][  T784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  701.699188][  T784] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  701.749298][  T784] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  701.799089][  T784] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.834637][  T784] usb 5-1: config 0 descriptor??
[  701.865853][T11185] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  702.366142][T11199] loop2: detected capacity change from 0 to 32768
[  702.373831][T11199] xfs: Unknown parameter 'obj_user'
[  702.612046][T11179] loop3: detected capacity change from 0 to 32768
[  702.722804][T11179] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  703.098669][T11179] XFS (loop3): Ending clean mount
[  703.151864][T11179] XFS (loop3): Quotacheck needed: Please wait.
[  704.201977][  T784] usbhid 5-1:0.0: can't add hid device: -71
[  704.216737][  T784] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  704.250595][  T784] usb 5-1: USB disconnect, device number 21
[  704.332660][T11179] XFS (loop3): Quotacheck: Done.
[  704.421925][ T5117] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  704.438639][T11219] loop2: detected capacity change from 0 to 4096
[  704.487643][T11219] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[  704.587674][T11219] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  704.711914][T11219] ntfs3: loop2: ino=21, The size of extended attributes must not exceed 64KiB
[  704.859842][ T5195] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  704.905268][T11231] loop3: detected capacity change from 0 to 1024
[  704.966286][T11231] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  704.986024][T11204] loop1: detected capacity change from 0 to 40427
[  705.020498][T11204] F2FS-fs (loop1): invalid crc value
[  705.029434][ T5195] usb 5-1: device descriptor read/64, error -71
[  705.052963][T11204] F2FS-fs (loop1): Found nat_bits in checkpoint
[  705.116995][T11233] loop0: detected capacity change from 0 to 512
[  705.128885][T11233] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  705.138254][T11233] EXT4-fs (loop0): couldn't mount RDWR because of unsupported optional features (1540000)
[  705.149863][T11233] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  705.161597][T11204] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  705.299114][ T5195] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  706.131755][ T5111] syz-executor.1: attempt to access beyond end of device
[  706.131755][ T5111] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  706.157864][ T5111] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  706.189254][    T8] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  706.197584][ T5195] usb 5-1: device descriptor read/64, error -71
[  708.069495][ T5195] usb usb5-port1: attempt power cycle
[  708.110332][    T8] usb 4-1: device descriptor read/all, error -71
[  708.182590][ T5117] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.286573][T11269] loop4: detected capacity change from 0 to 512
[  709.467118][T11272] loop2: detected capacity change from 0 to 40427
[  709.485076][T11272] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  709.493052][T11272] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  709.518650][T11272] F2FS-fs (loop2): Found nat_bits in checkpoint
[  709.559755][T11272] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  709.566842][T11272] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  709.591878][T11269] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  709.629270][T11269] EXT4-fs (loop4): orphan cleanup on readonly fs
[  709.647077][T11269] EXT4-fs warning (device loop4): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  709.694828][T11269] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  709.702728][T11269] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz-executor.4: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  709.727556][T11269] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 13 (err -117)
[  709.742325][T11269] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  709.941433][   T29] audit: type=1800 audit(1718420969.342:74): pid=11279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=10 res=0 errno=0
[  710.204280][   T29] audit: type=1326 audit(1718420969.472:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11268 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e6587cea9 code=0x0
[  710.386420][T11282] loop1: detected capacity change from 0 to 32768
[  710.393918][T11282] xfs: Unknown parameter 'obj_user'
[  710.509484][   T29] audit: type=1804 audit(1718420969.932:76): pid=11280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3257899829/syzkaller.Xf4nIK/263/bus/file1" dev="loop2" ino=10 res=1 errno=0
[  710.582251][   T29] audit: type=1800 audit(1718420970.062:77): pid=11280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="file1" dev="loop2" ino=10 res=0 errno=0
[  710.619351][   T29] audit: type=1804 audit(1718420970.062:78): pid=11278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir3257899829/syzkaller.Xf4nIK/263/bus/file1" dev="loop2" ino=10 res=1 errno=0
[  710.621885][T11284] Invalid ELF section header overflow
[  710.743472][ T5769] syz-executor.2: attempt to access beyond end of device
[  710.743472][ T5769] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  710.793401][ T5769] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  710.977574][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  711.286209][T11267] loop3: detected capacity change from 0 to 40427
[  711.334167][T11267] F2FS-fs (loop3): invalid crc value
[  711.348623][T11267] F2FS-fs (loop3): Found nat_bits in checkpoint
[  711.521255][T11267] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  711.785294][T11295] loop4: detected capacity change from 0 to 4096
[  711.793951][T11295] ntfs3: Unknown parameter ':net'
[  712.393713][T11298] vivid-000: kernel_thread() failed
[  712.531498][ T5117] syz-executor.3: attempt to access beyond end of device
[  712.531498][ T5117] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  712.612888][ T5117] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  712.787261][T11295] loop4: detected capacity change from 0 to 512
[  712.797507][T11295] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[  712.926553][T11307] loop2: detected capacity change from 0 to 4096
[  712.940673][T11307] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[  712.994140][T11307] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  713.066752][ T8859] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  713.100950][T11307] ntfs3: loop2: ino=21, The size of extended attributes must not exceed 64KiB
[  713.269268][ T8859] usb 1-1: device descriptor read/64, error -71
[  713.437725][T11312] loop3: detected capacity change from 0 to 8
[  715.515165][ T8859] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  716.448272][ T8859] usb 1-1: device descriptor read/64, error -71
[  716.609422][ T8859] usb usb1-port1: attempt power cycle
[  716.821715][T11328] loop0: detected capacity change from 0 to 40427
[  716.829510][T11328] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  716.837251][T11328] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  717.035663][T11328] F2FS-fs (loop0): Found nat_bits in checkpoint
[  717.094427][T11328] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  717.101594][T11328] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  717.364708][   T29] audit: type=1800 audit(1718420976.842:79): pid=11350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="loop0" ino=10 res=0 errno=0
[  717.503544][T11350] syz-executor.0: attempt to access beyond end of device
[  717.503544][T11350] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  717.552553][T11350] syz-executor.0: attempt to access beyond end of device
[  717.552553][T11350] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  717.575032][   T29] audit: type=1804 audit(1718420977.052:80): pid=11351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1739405882/syzkaller.S9ISJE/322/bus/file1" dev="loop0" ino=10 res=1 errno=0
[  719.934699][   T29] audit: type=1800 audit(1718420979.412:81): pid=11351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="file1" dev="loop0" ino=10 res=0 errno=0
[  720.283226][ T5115] syz-executor.0: attempt to access beyond end of device
[  720.283226][ T5115] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  720.314643][ T5115] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  720.973878][T11362] loop1: detected capacity change from 0 to 8
[  722.181649][T11357] loop3: detected capacity change from 0 to 40427
[  722.308038][T11370] loop1: detected capacity change from 0 to 256
[  722.317091][T11357] F2FS-fs (loop3): invalid crc value
[  722.352454][T11371] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  722.386605][T11371] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  722.404799][   T29] audit: type=1800 audit(1718420981.882:82): pid=11370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=1048981 res=0 errno=0
[  722.428294][T11357] F2FS-fs (loop3): Found nat_bits in checkpoint
[  722.603374][T11357] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  724.579033][T11379] vivid-000: kernel_thread() failed
[  724.789629][ T5117] syz-executor.3: attempt to access beyond end of device
[  724.789629][ T5117] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  724.811523][ T5117] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  724.968295][   T11] kworker/u8:0: attempt to access beyond end of device
[  724.968295][   T11] loop1: rw=1, sector=256, nr_sectors = 288 limit=256
[  725.012791][   T11] kworker/u8:0: attempt to access beyond end of device
[  725.012791][   T11] loop1: rw=1, sector=608, nr_sectors = 288 limit=256
[  725.028756][   T11] kworker/u8:0: attempt to access beyond end of device
[  725.028756][   T11] loop1: rw=1, sector=928, nr_sectors = 96 limit=256
[  725.104053][   T11] kworker/u8:0: attempt to access beyond end of device
[  725.104053][   T11] loop1: rw=1, sector=1056, nr_sectors = 1768 limit=256
[  725.502678][T11395] loop0: detected capacity change from 0 to 2048
[  725.554689][T11395] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  725.578273][T11395] ext4 filesystem being mounted at /root/syzkaller-testdir1739405882/syzkaller.S9ISJE/323/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  725.680074][T11395] fs-verity: sha512 using implementation "sha512-avx2"
[  725.947139][ T5115] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  725.996115][T11388] loop2: detected capacity change from 0 to 40427
[  726.027755][T11388] F2FS-fs (loop2): invalid crc value
[  726.051631][T11388] F2FS-fs (loop2): Found nat_bits in checkpoint
[  726.190411][    T8] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  726.215067][T11388] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  726.519593][    T8] usb 4-1: device descriptor read/64, error -71
[  727.061381][    T8] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  727.328058][T11393] loop1: detected capacity change from 0 to 40427
[  727.332837][ T5769] syz-executor.2: attempt to access beyond end of device
[  727.332837][ T5769] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  727.352029][T11393] F2FS-fs (loop1): invalid crc value
[  727.376018][ T5769] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  727.380151][T11393] F2FS-fs (loop1): Found nat_bits in checkpoint
[  727.439175][    T8] usb 4-1: device descriptor read/64, error -71
[  727.572121][    T8] usb usb4-port1: attempt power cycle
[  727.636013][T11393] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  728.049223][    T8] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  728.099896][    T8] usb 4-1: device descriptor read/8, error -71
[  728.389091][    T8] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  728.443261][    T8] usb 4-1: device descriptor read/8, error -71
[  728.767460][T11434] loop0: detected capacity change from 0 to 2048
[  728.827547][T11434]  loop0: p1 < > p3
[  728.851395][T11434] loop0: p3 size 134217728 extends beyond EOD, truncated
[  728.999177][   T29] audit: type=1804 audit(1718420988.442:83): pid=11433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1496476275/syzkaller.jOIRIR/308/file0" dev="sda1" ino=1956 res=1 errno=0
[  729.386363][    T8] usb usb4-port1: unable to enumerate USB device
[  731.220420][T11465] loop0: detected capacity change from 0 to 2048
[  731.920889][T11465]  loop0: p1 < > p3
[  731.927069][T11465] loop0: p3 size 134217728 extends beyond EOD, truncated
[  732.259954][   T29] audit: type=1804 audit(1718420991.742:84): pid=11470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1739405882/syzkaller.S9ISJE/329/bus/file0" dev="sda1" ino=1961 res=1 errno=0
[  733.035034][T11477] loop1: detected capacity change from 0 to 128
[  733.049970][T11477] udf: Unknown parameter '�Im������	��[�����{������ֺV_zح��  �ˆ���y}З��嶉��|)� zV	i	�8�g��}r��MOȫ|q�B�(���*�dS���݀{YԳ��RH�`1T�d�@eM'S%�ҩ�NÒ��@�g����Ϙ��	jfZ�p(x�~��>�`u+K?@�DCsJ�:T�6�&3��/�.Hg��
�<�_$��l�;��Kd��_�>д�'
[  733.851021][T11486] loop1: detected capacity change from 0 to 512
[  735.246667][T11487] loop4: detected capacity change from 0 to 2048
[  735.491204][T11486] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  736.105891][T11486] EXT4-fs (loop1): 1 truncate cleaned up
[  736.114160][T11486] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  737.636558][ T5111] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  738.521499][   T29] audit: type=1800 audit(1718420998.002:85): pid=11501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1942 res=0 errno=0
[  738.610835][T11503] loop0: detected capacity change from 0 to 1024
[  739.087450][T11509] loop4: detected capacity change from 0 to 2048
[  739.781547][T11509]  loop4: p1 < > p3
[  739.786845][T11509] loop4: p3 size 134217728 extends beyond EOD, truncated
[  740.019008][   T29] audit: type=1804 audit(1718420999.492:86): pid=11512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3257899829/syzkaller.Xf4nIK/272/bus/file0" dev="sda1" ino=1954 res=1 errno=0
[  741.269108][  T784] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  741.496083][T11541] loop1: detected capacity change from 0 to 2048
[  743.093993][  T784] usb 4-1: config 0 has an invalid interface number: 18 but max is 0
[  743.125000][  T784] usb 4-1: config 0 has no interface number 0
[  743.152501][  T784] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  743.184855][  T784] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  743.199848][T11552] loop4: detected capacity change from 0 to 1024
[  743.230829][  T784] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10
[  743.269074][  T784] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  743.299310][  T784] usb 4-1: Manufacturer: syz
[  743.321020][  T784] usb 4-1: config 0 descriptor??
[  743.878837][  T784] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.18/0003:054C:03D5.0006/input/input12
[  743.915930][T11548] loop0: detected capacity change from 0 to 32768
[  743.926755][T11548] bcachefs (/dev/loop0): error reading default superblock: Unsupported superblock version 63.1023: (unknown version) (min 0.9: (unknown version), max 1.9: disk_accounting_v2)
[  743.970834][T11548] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section journal_v2: journal bucket 9 before first bucket 256
[  743.970834][T11548] journal_v2 (size 40):
[  743.970834][T11548] Buckets:  9-16 24-25
[  743.970834][T11548] 
[  744.033677][  T784] sony 0003:054C:03D5.0006: input,hidraw0: USB HID v0.00 Joystick [syz] on usb-dummy_hcd.3-1/input18
[  744.154812][  T784] usb 4-1: USB disconnect, device number 21
[  744.567816][T11565] loop4: detected capacity change from 0 to 2048
[  745.234299][T11565]  loop4: p1 < > p3
[  745.254324][T11565] loop4: p3 size 134217728 extends beyond EOD, truncated
[  745.592167][   T29] audit: type=1804 audit(1718421005.062:87): pid=11570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1739405882/syzkaller.S9ISJE/335/bus/file0" dev="sda1" ino=1966 res=1 errno=0
[  746.041693][T11576] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  746.197367][T11578] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  746.576785][T11583] loop2: detected capacity change from 0 to 8
[  746.976356][T11586] SQUASHFS error: Failed to read block 0x1ec: -5
[  746.983255][T11586] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  747.666012][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  747.672585][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  747.895266][T11595] loop1: detected capacity change from 0 to 1024
[  748.779002][  T784] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  748.869869][T11605] loop4: detected capacity change from 0 to 1024
[  749.059238][  T784] usb 4-1: Using ep0 maxpacket: 32
[  749.088111][  T784] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  750.239126][T11609] hfsplus: xattr searching failed
[  750.403947][  T784] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  750.414841][  T784] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  750.419557][ T2429] hfsplus: b-tree write err: -5, ino 4
[  750.433493][  T784] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  750.465187][  T784] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  750.482389][  T784] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  750.492319][  T784] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  750.527386][  T784] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  750.551595][  T784] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  750.573269][  T784] usb 4-1: config 0 descriptor??
[  750.677723][  T784] usb 4-1: USB disconnect, device number 22
[  750.735064][   T52] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  750.955093][T11617] loop3: detected capacity change from 0 to 32768
[  750.962393][T11617] xfs: Unknown parameter 'obj_user'
[  750.967906][ T5195] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  751.079916][   T52] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  751.109169][   T52] usb 3-1: config 1 has an invalid descriptor of length 110, skipping remainder of the config
[  751.139732][   T52] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  751.269164][ T5195] usb 5-1: Using ep0 maxpacket: 32
[  751.282264][ T5195] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  751.299178][   T52] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 101, changing to 10
[  751.325392][ T5195] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  751.325565][   T52] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 10100, setting to 1024
[  751.352848][T11624] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  751.365292][   T52] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  751.382148][ T5195] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  751.396527][T11624] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  751.406758][   T52] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  751.424372][   T52] usb 3-1: Product: syz
[  751.430904][   T52] usb 3-1: Manufacturer: syz
[  751.779740][ T5195] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  751.780058][T11610] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  751.808695][   T52] cdc_wdm 3-1:1.0: skipping garbage
[  751.814542][   T52] cdc_wdm 3-1:1.0: skipping garbage
[  751.923288][   T52] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  751.930050][   T52] cdc_wdm 3-1:1.0: Unknown control protocol
[  751.945192][ T5195] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  751.984927][ T5195] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  752.009297][ T5195] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  752.024301][ T5195] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  752.091597][ T5195] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  752.103885][ T5195] usb 5-1: config 0 descriptor??
[  752.156308][   T52] usb 3-1: USB disconnect, device number 22
[  752.449258][   T29] audit: type=1800 audit(1718421011.922:88): pid=11639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1952 res=0 errno=0
[  753.305328][T11646] loop2: detected capacity change from 0 to 1024
[  754.284810][  T784] usb 5-1: USB disconnect, device number 25
[  754.713025][T11657] loop4: detected capacity change from 0 to 32768
[  754.720320][T11657] xfs: Unknown parameter 'obj_user'
[  754.994161][   T29] audit: type=1804 audit(1718421014.472:89): pid=11661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1496476275/syzkaller.jOIRIR/322/bus/file0" dev="sda1" ino=1966 res=1 errno=0
[  755.285161][T11659] loop1: detected capacity change from 0 to 4096
[  755.340247][T11659] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512).
[  755.521130][T11659] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  755.593766][T11659] ntfs3: loop1: ino=21, The size of extended attributes must not exceed 64KiB
[  755.891091][T11671] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  755.927171][T11671] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  756.055479][T11655] loop2: detected capacity change from 0 to 40427
[  756.077166][T11655] F2FS-fs (loop2): invalid crc value
[  756.096730][T11655] F2FS-fs (loop2): Found nat_bits in checkpoint
[  756.212375][T11655] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  757.015712][T11686] loop1: detected capacity change from 0 to 8
[  757.086341][T11688] loop4: detected capacity change from 0 to 1024
[  759.479009][T11696] hfsplus: xattr searching failed
[  760.321319][   T12] hfsplus: b-tree write err: -5, ino 4
[  760.518013][   T29] audit: type=1804 audit(1718421019.982:90): pid=11706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3647814119/syzkaller.BZfNAE/319/bus/file0" dev="sda1" ino=1958 res=1 errno=0
[  761.177553][T11717] loop1: detected capacity change from 0 to 8
[  761.853939][T11720] loop2: detected capacity change from 0 to 2048
[  762.626375][T11720] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  762.731072][T11720] ext4 filesystem being mounted at /root/syzkaller-testdir3257899829/syzkaller.Xf4nIK/281/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  762.778900][T11730] loop1: detected capacity change from 0 to 1024
[  763.037411][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  764.587286][T11736] hfsplus: xattr searching failed
[  764.783360][   T11] hfsplus: b-tree write err: -5, ino 4
[  765.736485][   T29] audit: type=1800 audit(1718421025.212:91): pid=11742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=1964 res=0 errno=0
[  765.900206][T11752] loop0: detected capacity change from 0 to 1024
[  765.970043][T11754] loop3: detected capacity change from 0 to 1024
[  766.107218][ T5247] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  767.459072][T11757] hfsplus: xattr searching failed
[  767.649113][ T5247] usb 3-1: Using ep0 maxpacket: 32
[  767.649739][ T2429] hfsplus: b-tree write err: -5, ino 4
[  767.677740][ T5247] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  767.714855][ T5247] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  767.729791][ T5247] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  767.747605][ T5247] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  767.789950][ T5247] usb 3-1: config 0 descriptor??
[  767.818295][ T5247] hub 3-1:0.0: USB hub found
[  768.003622][ T5247] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  768.018624][ T5247] usbhid 3-1:0.0: can't add hid device: -71
[  768.024803][ T5247] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  768.180888][ T5247] usb 3-1: USB disconnect, device number 23
[  768.217720][   T29] audit: type=1804 audit(1718421027.692:92): pid=11768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1739405882/syzkaller.S9ISJE/345/bus/file0" dev="sda1" ino=1956 res=1 errno=0
[  768.418192][T11772] loop2: detected capacity change from 0 to 1024
[  769.468079][T11779] hfsplus: xattr searching failed
[  769.685040][ T2429] hfsplus: b-tree write err: -5, ino 4
[  769.926520][T11782] loop1: detected capacity change from 0 to 40427
[  769.989978][T11782] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  769.997745][T11782] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  770.156875][T11782] F2FS-fs (loop1): Found nat_bits in checkpoint
[  770.187120][T11782] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  770.194997][T11782] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  770.703959][   T29] audit: type=1800 audit(1718421030.122:93): pid=11792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="loop1" ino=10 res=0 errno=0
[  770.756986][T11792] syz-executor.1: attempt to access beyond end of device
[  770.756986][T11792] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  770.771622][T11792] syz-executor.1: attempt to access beyond end of device
[  770.771622][T11792] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  773.379952][   T29] audit: type=1804 audit(1718421030.262:94): pid=11793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3647814119/syzkaller.BZfNAE/324/bus/file1" dev="loop1" ino=10 res=1 errno=0
[  774.792728][T11793] syz-executor.1: attempt to access beyond end of device
[  774.792728][T11793] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  774.905975][   T29] audit: type=1800 audit(1718421034.292:95): pid=11793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.1" name="file1" dev="loop1" ino=10 res=0 errno=0
[  775.295691][T11797] loop2: detected capacity change from 0 to 512
[  775.316959][T11797] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  775.374318][ T5111] syz-executor.1: attempt to access beyond end of device
[  775.374318][ T5111] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  775.420431][ T5111] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  775.524652][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.533011][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.563123][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.573031][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.596066][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.693034][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.733403][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.804785][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.839216][ T5195] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  775.853007][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.863025][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.923172][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  775.973033][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.003006][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.023121][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.043412][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.059563][ T5195] usb 5-1: Using ep0 maxpacket: 32
[  776.091103][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.123058][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.134579][ T5195] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  776.169257][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.171435][ T5195] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  776.172999][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.192018][ T5195] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  776.196702][T11809] loop2: detected capacity change from 0 to 1024
[  776.218780][ T5195] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  776.243040][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.253039][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.269110][ T5195] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  776.312069][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.323040][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.330753][ T5195] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  776.387637][T11800] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  776.405328][ T5195] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  776.452804][ T5195] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  776.484093][ T5195] usb 5-1: config 0 descriptor??
[  776.714653][ T5195] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 26 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  776.756811][ T5195] usb 5-1: USB disconnect, device number 26
[  776.795291][ T5195] usblp0: removed
[  777.213233][   T29] audit: type=1800 audit(1718421036.692:96): pid=11819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=1965 res=0 errno=0
[  777.550898][    T8] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  777.900042][    T8] usb 3-1: Using ep0 maxpacket: 32
[  777.990209][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  778.256732][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  778.267263][    T8] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  778.287692][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.307485][    T8] usb 3-1: config 0 descriptor??
[  778.330526][    T8] hub 3-1:0.0: USB hub found
[  779.153600][    T8] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  779.179397][    T8] usbhid 3-1:0.0: can't add hid device: -71
[  779.191514][    T8] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  779.234118][    T8] usb 3-1: USB disconnect, device number 24
[  779.370311][T11830] usb usb8: usbfs: process 11830 (syz-executor.4) did not claim interface 0 before use
[  779.452353][T11830] loop4: detected capacity change from 0 to 512
[  779.506569][T11830] EXT4-fs: Ignoring removed orlov option
[  779.546393][T11830] EXT4-fs (loop4): Test dummy encryption mode enabled
[  779.577989][T11830] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a040e01c, mo2=0102]
[  779.586752][T11830] System zones: 1-12
[  779.632442][T11830] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #15: comm syz-executor.4: casefold flag without casefold feature
[  779.707861][T11830] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117)
[  779.773932][T11830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  780.799740][    T8] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  780.991348][    T8] usb 5-1: Using ep0 maxpacket: 32
[  781.001674][    T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  781.013166][    T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  781.025231][    T8] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  781.044816][    T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  781.054518][    T8] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  781.063225][    T8] usb 5-1: Product: syz
[  781.067577][    T8] usb 5-1: Manufacturer: syz
[  781.072310][    T8] usb 5-1: SerialNumber: syz
[  781.088241][    T8] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input13
[  781.277923][T11833] loop0: detected capacity change from 0 to 40427
[  781.341123][T11833] F2FS-fs (loop0): invalid crc value
[  781.406734][T11833] F2FS-fs (loop0): Found nat_bits in checkpoint
[  781.510466][T11833] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  781.744665][T11855] usb usb8: usbfs: process 11855 (syz-executor.3) did not claim interface 0 before use
[  781.784477][T11855] loop3: detected capacity change from 0 to 512
[  781.800520][T11855] EXT4-fs: Ignoring removed orlov option
[  781.844755][T11855] EXT4-fs (loop3): Test dummy encryption mode enabled
[  781.894025][T11855] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a040e01c, mo2=0102]
[  781.955183][T11855] System zones: 1-12
[  782.008613][T11855] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz-executor.3: casefold flag without casefold feature
[  782.044797][T11855] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117)
[  782.130601][T11855] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  782.529162][  T784] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  782.536805][   T52] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  782.749115][   T52] usb 4-1: Using ep0 maxpacket: 32
[  782.768595][  T784] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  782.879368][  T784] usb 3-1: config 0 has no interfaces?
[  782.889139][   T52] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  782.901409][  T784] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  782.916627][   T52] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  782.926698][  T784] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.937754][   T52] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  782.960607][  T784] usb 3-1: config 0 descriptor??
[  782.967624][   T52] usb 4-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  782.976977][   T52] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  782.985518][   T52] usb 4-1: Product: syz
[  783.005770][   T52] usb 4-1: Manufacturer: syz
[  783.029199][   T52] usb 4-1: SerialNumber: syz
[  783.083081][   T52] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input14
[  783.112255][    T8] usb 5-1: USB disconnect, device number 27
[  783.146695][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  783.177716][    T8] appletouch 5-1:1.0: input: appletouch disconnected
[  783.318738][T11864] loop4: detected capacity change from 0 to 1024
[  783.332784][   T52] usb 3-1: USB disconnect, device number 25
[  783.677496][T11869] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  783.787027][T11869] loop1: detected capacity change from 0 to 2048
[  784.621308][T11873] loop1: detected capacity change from 0 to 512
[  784.656263][T11873] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  784.705665][T11873] EXT4-fs (loop1): orphan cleanup on readonly fs
[  784.723792][T11873] EXT4-fs warning (device loop1): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  784.893755][T11873] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  784.906255][    T8] usb 4-1: USB disconnect, device number 23
[  784.930931][ T5117] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  784.943694][T11873] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz-executor.1: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  785.071851][    T8] appletouch 4-1:1.0: input: appletouch disconnected
[  785.191021][T11873] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 13 (err -117)
[  785.306341][T11873] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  785.809629][   T29] audit: type=1326 audit(1718421045.282:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11872 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2982e7cea9 code=0x0
[  787.434786][T11895] Invalid ELF section header overflow
[  787.500895][ T5115] syz-executor.0: attempt to access beyond end of device
[  787.500895][ T5115] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  787.516055][ T5115] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  787.901834][ T5111] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  787.981733][T11899] usb usb8: usbfs: process 11899 (syz-executor.4) did not claim interface 0 before use
[  788.005918][T11897] loop3: detected capacity change from 0 to 4096
[  788.035421][T11897] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  788.043839][T11899] loop4: detected capacity change from 0 to 512
[  788.079785][T11899] EXT4-fs: Ignoring removed orlov option
[  788.094895][T11897] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  788.108887][T11899] EXT4-fs (loop4): Test dummy encryption mode enabled
[  788.179499][T11899] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a040e01c, mo2=0102]
[  788.187553][T11899] System zones: 1-12
[  788.196153][T11899] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #15: comm syz-executor.4: casefold flag without casefold feature
[  788.216543][T11899] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117)
[  788.257802][T11899] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  788.292354][T11897] ntfs3: loop3: ino=21, The size of extended attributes must not exceed 64KiB
[  788.349259][    T8] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  788.573456][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  788.589150][   T52] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  788.640622][    T8] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  788.694254][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  788.725167][    T8] usb 2-1: config 0 descriptor??
[  788.775700][T11914] loop0: detected capacity change from 0 to 1024
[  788.789146][   T52] usb 5-1: Using ep0 maxpacket: 32
[  788.800587][   T52] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  789.093550][T11917] loop3: detected capacity change from 0 to 32768
[  789.106191][   T52] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  789.117060][   T52] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  789.139793][   T52] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  789.149266][   T52] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  789.157720][   T52] usb 5-1: Product: syz
[  789.163869][   T52] usb 5-1: Manufacturer: syz
[  789.168986][   T52] usb 5-1: SerialNumber: syz
[  789.184154][   T52] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input15
[  789.208903][T11901] loop1: detected capacity change from 0 to 512
[  789.254651][T11918] loop2: detected capacity change from 0 to 128
[  789.277255][T11918] affs: Unrecognized mount option "M�8��H" or missing value
[  789.285069][T11918] affs: Error parsing options
[  789.301170][T11901] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: casefold flag without casefold feature
[  789.850554][T11901] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117)
[  789.927666][T11901] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  790.337047][T11925] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  790.416669][T11923] loop0: detected capacity change from 0 to 1231
[  790.470601][T11923] ntfs3: Unknown parameter ':net'
[  790.739818][T11923] loop0: detected capacity change from 0 to 512
[  790.760050][T11923] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[  791.143786][T11928] loop3: detected capacity change from 0 to 32768
[  791.788076][ T5163] usb 5-1: USB disconnect, device number 28
[  791.862251][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  791.896806][ T5163] appletouch 5-1:1.0: input: appletouch disconnected
[  791.961736][T11930] loop0: detected capacity change from 0 to 128
[  792.594443][T11935] loop4: detected capacity change from 0 to 164
[  794.948648][    T8] usbhid 2-1:0.0: can't add hid device: -32
[  794.959142][    T8] usbhid 2-1:0.0: probe with driver usbhid failed with error -32
[  794.979309][T11935] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  794.993075][T11934] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  795.363365][T11940] loop4: detected capacity change from 0 to 512
[  795.449168][T11940] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  795.496273][T11940] EXT4-fs (loop4): orphan cleanup on readonly fs
[  795.603449][T11940] EXT4-fs warning (device loop4): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  795.665984][   T52] usb 2-1: USB disconnect, device number 21
[  795.757075][ T5111] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  795.786356][T11940] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  795.815077][T11940] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz-executor.4: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  795.892145][T11940] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 13 (err -117)
[  795.996364][T11940] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  796.190951][   T29] audit: type=1326 audit(1718421055.622:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11939 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e6587cea9 code=0x0
[  796.395071][T11950] Invalid ELF section header overflow
[  796.604257][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  796.873029][T11961] loop2: detected capacity change from 0 to 1024
[  796.904071][T11946] loop1: detected capacity change from 0 to 32768
[  797.893979][T11966] loop4: detected capacity change from 0 to 128
[  797.913826][T11966] udf: Unknown parameter '�Im������	��[�����{������ֺV_zح��  �ˆ���y}З��嶉��|)� zV	i	�8�g��}r��MOȫ|q�B�(���*�dS���݀{YԳ��RH�`1T�d�@eM'S%�ҩ�NÒ��@�g����Ϙ��	jfZ�p(x�~��>�`u+K?@�DCsJ�:T�6�&3��/�.Hg��
�<�_$��l�;��Kd��_�>д�'
[  798.362277][T11971] loop4: detected capacity change from 0 to 512
[  801.130494][T11971] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  801.140493][T11971] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  801.142823][T11971] EXT4-fs: failed to create workqueue
[  801.157712][T11971] EXT4-fs (loop4): mount failed
[  801.440583][T11978] usb usb8: usbfs: process 11978 (syz-executor.4) did not claim interface 0 before use
[  801.458012][T11976] loop0: detected capacity change from 0 to 512
[  801.489802][T11976] EXT4-fs (loop0): bad block size 8192
[  801.529781][T11978] loop4: detected capacity change from 0 to 512
[  801.548400][T11978] EXT4-fs: Ignoring removed orlov option
[  801.590081][T11978] EXT4-fs (loop4): Test dummy encryption mode enabled
[  801.771979][T11978] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a040e01c, mo2=0102]
[  802.004871][T11979] loop2: detected capacity change from 0 to 512
[  802.009284][T11978] System zones: 1-12
[  802.027791][T11979] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  802.059864][T11978] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #15: comm syz-executor.4: casefold flag without casefold feature
[  802.162473][T11978] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117)
[  802.279566][T11978] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  802.567639][T11991] loop1: detected capacity change from 0 to 164
[  803.280113][T11991] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  803.295328][T11988] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  803.377563][T11994] loop3: detected capacity change from 0 to 512
[  803.409827][T11994] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  803.599598][T11994] EXT4-fs (loop3): orphan cleanup on readonly fs
[  803.632222][T11994] EXT4-fs warning (device loop3): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  803.648621][T11994] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  803.668096][T11994] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz-executor.3: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  803.691645][  T784] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  803.694758][T11994] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 13 (err -117)
[  803.717247][T11994] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  803.749926][T11999] loop1: detected capacity change from 0 to 512
[  803.771208][T11999] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  803.797163][T11999] EXT4-fs (loop1): orphan cleanup on readonly fs
[  803.826571][T11999] EXT4-fs warning (device loop1): ext4_enable_quotas:7076: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  803.828413][   T29] audit: type=1326 audit(1718421063.302:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11992 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f24cda7cea9 code=0x0
[  803.867943][T11999] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  803.893415][T11990] loop0: detected capacity change from 0 to 40427
[  803.895843][T11999] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz-executor.1: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  803.931270][T11999] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 13 (err -117)
[  803.951233][  T784] usb 5-1: Using ep0 maxpacket: 32
[  803.957713][T11990] F2FS-fs (loop0): invalid crc value
[  803.962884][  T784] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  803.978214][T11990] F2FS-fs (loop0): Found nat_bits in checkpoint
[  803.982683][T11999] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  804.007621][  T784] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  804.018535][  T784] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  804.041559][  T784] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  804.057518][T12005] Invalid ELF section header overflow
[  804.072556][  T784] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  804.098324][   T29] audit: type=1326 audit(1718421063.572:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11998 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2982e7cea9 code=0x0
[  804.098843][  T784] usb 5-1: Product: syz
[  804.136234][T11990] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  804.138105][  T784] usb 5-1: Manufacturer: syz
[  804.156162][  T784] usb 5-1: SerialNumber: syz
[  804.185798][  T784] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input16
[  804.303601][T12008] Invalid ELF section header overflow
[  804.313900][ T5117] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  804.445865][T12010] loop3: detected capacity change from 0 to 8
[  804.641022][ T5111] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  806.558061][T12023] loop3: detected capacity change from 0 to 1024
[  806.577349][T12022] loop1: detected capacity change from 0 to 128
[  806.595217][ T5165] usb 5-1: USB disconnect, device number 29
[  806.633195][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  806.644772][T12022] udf: Unknown parameter '�Im������	��[�����{������ֺV_zح��  �ˆ���y}З��嶉��|)� zV	i	�8�g��}r��MOȫ|q�B�(���*�dS���݀{YԳ��RH�`1T�d�@eM'S%�ҩ�NÒ��@�g����Ϙ��	jfZ�p(x�~��>�`u+K?@�DCsJ�:T�6�&3��/�.Hg��
�<�_$��l�;��Kd��_�>д�'
[  806.677902][ T5165] appletouch 5-1:1.0: input: appletouch disconnected
[  807.106064][T12029] loop1: detected capacity change from 0 to 512
[  809.259850][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  809.266237][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  809.803077][T12029] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  809.812120][T12029] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  809.812567][T12029] EXT4-fs: failed to create workqueue
[  809.828134][T12029] EXT4-fs (loop1): mount failed
[  809.996098][T12036] loop3: detected capacity change from 0 to 512
[  810.007712][T12036] EXT4-fs (loop3): bad block size 8192
[  811.148462][T12031] loop2: detected capacity change from 0 to 32768
[  811.172640][T12045] loop3: detected capacity change from 0 to 1024
[  811.299497][T12045] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  811.369985][T12045] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  811.389118][T12045] EXT4-fs (loop3): orphan cleanup on readonly fs
[  811.411811][T12045] EXT4-fs error (device loop3): ext4_free_blocks:6590: comm syz-executor.3: Freeing blocks not in datazone - block = 0, count = 4096
[  811.545417][ T5115] syz-executor.0: attempt to access beyond end of device
[  811.545417][ T5115] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  811.599142][ T5115] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  811.621119][T12045] EXT4-fs (loop3): 1 orphan inode deleted
[  811.645744][T12038] loop1: detected capacity change from 0 to 32768
[  811.649224][T12045] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  812.123700][T12053] loop4: detected capacity change from 0 to 40427
[  812.199033][T12053] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  812.206816][T12053] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  812.228764][T12053] F2FS-fs (loop4): Found nat_bits in checkpoint
[  812.285314][T12053] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  812.292764][T12053] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  812.783633][   T29] audit: type=1800 audit(1718421072.012:101): pid=12060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="loop4" ino=10 res=0 errno=0
[  812.869633][   T29] audit: type=1804 audit(1718421072.352:102): pid=12060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1496476275/syzkaller.jOIRIR/344/bus/file1" dev="loop4" ino=10 res=1 errno=0
[  812.944940][   T29] audit: type=1800 audit(1718421072.382:103): pid=12060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="file1" dev="loop4" ino=10 res=0 errno=0
[  813.070414][ T5110] syz-executor.4: attempt to access beyond end of device
[  813.070414][ T5110] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  813.108259][ T5117] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  813.112488][ T5110] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  813.477410][   T29] audit: type=1804 audit(1718421072.782:104): pid=12065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir204984687/syzkaller.lzcRgM/357/bus/file0" dev="sda1" ino=1965 res=1 errno=0
[  813.600437][T12068] loop0: detected capacity change from 0 to 164
[  815.463287][T12068] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  815.478664][T12067] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  815.614721][T12071] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  815.695845][T12073] loop3: detected capacity change from 0 to 1024
[  816.229836][  T783] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  816.821015][  T783] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  816.869271][  T783] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  816.893136][  T783] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  816.894557][T12081] loop2: detected capacity change from 0 to 512
[  816.949564][  T783] usb 1-1: config 0 descriptor??
[  816.953421][T12081] EXT4-fs (loop2): bad block size 8192
[  817.744879][T12098] loop0: detected capacity change from 0 to 512
[  818.025697][T12098] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: casefold flag without casefold feature
[  818.118157][T12098] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117)
[  818.188413][T12098] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  818.266293][T12107] loop3: detected capacity change from 0 to 128
[  818.401334][T12107] affs: Unrecognized mount option "M�8��H" or missing value
[  818.409398][T12098] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  818.449170][T12107] affs: Error parsing options
[  819.559534][T12109] loop1: detected capacity change from 0 to 32768
[  819.700247][T12111] loop2: detected capacity change from 0 to 32768
[  820.462110][T12121] loop3: detected capacity change from 0 to 256
[  820.796169][T12121] netlink: 'syz-executor.3': attribute type 72 has an invalid length.
[  820.804602][T12121] netlink: 1016 bytes leftover after parsing attributes in process `syz-executor.3'.
[  821.071416][T12122] loop4: detected capacity change from 0 to 1024
[  821.162495][T12122] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  821.249653][T12122] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  821.327892][T12122] EXT4-fs (loop4): orphan cleanup on readonly fs
[  821.395990][T12122] EXT4-fs error (device loop4): ext4_free_blocks:6590: comm syz-executor.4: Freeing blocks not in datazone - block = 0, count = 4096
[  821.513239][T12122] EXT4-fs (loop4): 1 orphan inode deleted
[  821.548717][  T783] usbhid 1-1:0.0: can't add hid device: -71
[  821.562000][  T783] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  821.575218][T12122] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  821.597628][  T783] usb 1-1: USB disconnect, device number 24
[  821.606970][ T5115] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  821.635602][T12128] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  821.938206][T12135] loop1: detected capacity change from 0 to 164
[  821.962680][T12135] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  821.989123][T12135] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  822.625791][T12134] geneve2: entered promiscuous mode
[  822.653501][T12134] geneve2: entered allmulticast mode
[  823.012181][T12147] geneve2: entered promiscuous mode
[  823.057155][T12147] geneve2: entered allmulticast mode
[  823.562983][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  824.194253][T12177] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  824.379542][   T29] audit: type=1326 audit(1718421083.862:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24cda7cea9 code=0x7ffc0000
[  824.428137][   T29] audit: type=1326 audit(1718421083.862:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24cda7cea9 code=0x7ffc0000
[  824.525595][   T29] audit: type=1326 audit(1718421083.862:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f24cda7cea9 code=0x7ffc0000
[  824.576800][   T29] audit: type=1326 audit(1718421083.862:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24cda7cea9 code=0x7ffc0000
[  824.647048][   T29] audit: type=1326 audit(1718421083.862:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f24cda7cea9 code=0x7ffc0000
[  824.718016][   T29] audit: type=1326 audit(1718421083.862:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24cda7cea9 code=0x7ffc0000
[  824.833659][   T29] audit: type=1326 audit(1718421083.862:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24cda7cea9 code=0x7ffc0000
[  824.909283][   T29] audit: type=1326 audit(1718421083.862:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f24cda7cea9 code=0x7ffc0000
[  824.982430][   T29] audit: type=1326 audit(1718421083.862:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24cda7cea9 code=0x7ffc0000
[  825.043736][   T29] audit: type=1326 audit(1718421083.862:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24cda7cea9 code=0x7ffc0000
[  825.264389][T12192] loop2: detected capacity change from 0 to 1024
[  825.303766][T12192] hfsplus: unable to parse mount options
[  827.712324][T12246] pim6reg1: entered promiscuous mode
[  827.719116][T12246] pim6reg1: entered allmulticast mode
[  828.249301][T12257] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  830.631632][T12336] loop4: detected capacity change from 0 to 32768
[  830.820076][ T5110] read_mapping_page failed!
[  830.825033][ T5110] ERROR: (device loop4): txCommit: 
[  830.825033][ T5110] 
[  830.862007][ T5110] read_mapping_page failed!
[  830.875316][ T5110] ERROR: (device loop4): txCommit: 
[  830.875316][ T5110] 
[  831.424543][T11490] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  831.509080][T12375] ==================================================================
[  831.517179][T12375] BUG: KASAN: use-after-free in finish_fault+0xf87/0x1460
[  831.524324][T12375] Read of size 8 at addr ffff888069fe4000 by task syz-executor.0/12375
[  831.532577][T12375] 
[  831.534942][T12375] CPU: 0 PID: 12375 Comm: syz-executor.0 Not tainted 6.10.0-rc3-next-20240611-syzkaller #0
[  831.545022][T12375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  831.555094][T12375] Call Trace:
[  831.558386][T12375]  <TASK>
[  831.561325][T12375]  dump_stack_lvl+0x241/0x360
[  831.566021][T12375]  ? __pfx_dump_stack_lvl+0x10/0x10
[  831.571239][T12375]  ? __pfx__printk+0x10/0x10
[  831.575865][T12375]  ? _printk+0xd5/0x120
[  831.580043][T12375]  ? __virt_addr_valid+0x183/0x520
[  831.585178][T12375]  ? __virt_addr_valid+0x183/0x520
[  831.590319][T12375]  print_report+0x169/0x550
[  831.594837][T12375]  ? __virt_addr_valid+0x183/0x520
[  831.599967][T12375]  ? __virt_addr_valid+0x183/0x520
[  831.605100][T12375]  ? __virt_addr_valid+0x44e/0x520
[  831.610235][T12375]  ? __phys_addr+0xba/0x170
[  831.614774][T12375]  ? finish_fault+0xf87/0x1460
[  831.619560][T12375]  kasan_report+0x143/0x180
[  831.624058][T12375]  ? finish_fault+0xf87/0x1460
[  831.628822][T12375]  finish_fault+0xf87/0x1460
[  831.633424][T12375]  ? __pfx_finish_fault+0x10/0x10
[  831.638435][T12375]  ? __pfx_lock_release+0x10/0x10
[  831.643446][T12375]  ? pte_alloc_one+0x443/0x5d0
[  831.648196][T12375]  ? __do_fault+0x258/0x460
[  831.652687][T12375]  ? handle_pte_fault+0x2bf5/0x7130
[  831.657873][T12375]  handle_pte_fault+0x3db5/0x7130
[  831.662887][T12375]  ? mark_lock+0x9a/0x360
[  831.667202][T12375]  ? validate_chain+0x11e/0x5920
[  831.672128][T12375]  ? __lock_acquire+0x1359/0x2000
[  831.677138][T12375]  ? __pfx_handle_pte_fault+0x10/0x10
[  831.682500][T12375]  ? mark_lock+0x9a/0x360
[  831.686818][T12375]  ? __lock_acquire+0x1359/0x2000
[  831.691829][T12375]  ? __thp_vma_allowable_orders+0x7bf/0x860
[  831.697705][T12375]  handle_mm_fault+0x10df/0x1ba0
[  831.702634][T12375]  ? __pfx_handle_mm_fault+0x10/0x10
[  831.707902][T12375]  ? __pfx_find_vma+0x10/0x10
[  831.712564][T12375]  ? vma_is_secretmem+0xd/0x50
[  831.717311][T12375]  ? check_vma_flags+0x500/0x5a0
[  831.722241][T12375]  __get_user_pages+0x6ef/0x1590
[  831.727196][T12375]  ? mt_find+0x62d/0x850
[  831.731437][T12375]  ? __pfx___get_user_pages+0x10/0x10
[  831.736804][T12375]  populate_vma_page_range+0x264/0x330
[  831.742262][T12375]  ? __pfx_populate_vma_page_range+0x10/0x10
[  831.748260][T12375]  __mm_populate+0x27a/0x460
[  831.752862][T12375]  ? __pfx___mm_populate+0x10/0x10
[  831.757974][T12375]  __se_sys_remap_file_pages+0x7a1/0x9a0
[  831.763610][T12375]  ? __pfx___se_sys_remap_file_pages+0x10/0x10
[  831.769759][T12375]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  831.775732][T12375]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  831.782047][T12375]  ? do_syscall_64+0x100/0x230
[  831.786797][T12375]  ? __x64_sys_remap_file_pages+0x20/0xc0
[  831.792531][T12375]  do_syscall_64+0xf3/0x230
[  831.797024][T12375]  ? clear_bhb_loop+0x35/0x90
[  831.801686][T12375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.807563][T12375] RIP: 0033:0x7f881867cea9
[  831.812138][T12375] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  831.831734][T12375] RSP: 002b:00007f881934e0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  831.840138][T12375] RAX: ffffffffffffffda RBX: 00007f88187b4050 RCX: 00007f881867cea9
[  831.848095][T12375] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 00000000202ec000
[  831.856051][T12375] RBP: 00007f88186ebff4 R08: 0000000000000000 R09: 0000000000000000
[  831.864006][T12375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  831.871964][T12375] R13: 000000000000006e R14: 00007f88187b4050 R15: 00007ffcdb111f38
[  831.879927][T12375]  </TASK>
[  831.882928][T12375] 
[  831.885280][T12375] The buggy address belongs to the physical page:
[  831.891692][T12375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x69fe4
[  831.900444][T12375] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  831.907554][T12375] page_type: 0xbfffffff(buddy)
[  831.912305][T12375] raw: 00fff00000000000 ffffea0001aa7508 ffffea0001a7fc08 0000000000000000
[  831.920878][T12375] raw: 0000000000000000 0000000000000002 00000000bfffffff 0000000000000000
[  831.929443][T12375] page dumped because: kasan: bad access detected
[  831.935854][T12375] page_owner tracks the page as freed
[  831.941207][T12375] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5105, tgid 5105 (syz-executor.4), ts 61571023440, free_ts 831506619800
[  831.960655][T12375]  post_alloc_hook+0x1f3/0x230
[  831.965407][T12375]  get_page_from_freelist+0x2cbd/0x2d70
[  831.970938][T12375]  __alloc_pages_noprof+0x256/0x6c0
[  831.976122][T12375]  alloc_pages_mpol_noprof+0x3e8/0x680
[  831.981561][T12375]  __vmalloc_node_range_noprof+0x971/0x1460
[  831.987439][T12375]  vmalloc_user_noprof+0x74/0x80
[  831.992361][T12375]  kcov_ioctl+0x59/0x630
[  831.996586][T12375]  __se_sys_ioctl+0xfc/0x170
[  832.001173][T12375]  do_syscall_64+0xf3/0x230
[  832.005761][T12375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.011634][T12375] page last free pid 5105 tgid 5105 stack trace:
[  832.017952][T12375]  free_unref_page+0xd22/0xea0
[  832.022716][T12375]  vfree+0x186/0x2e0
[  832.026623][T12375]  kcov_close+0x2b/0x50
[  832.030769][T12375]  __fput+0x406/0x8b0
[  832.034736][T12375]  task_work_run+0x24f/0x310
[  832.039307][T12375]  do_exit+0xa27/0x28e0
[  832.043456][T12375]  do_group_exit+0x207/0x2c0
[  832.048034][T12375]  __x64_sys_exit_group+0x3f/0x40
[  832.053044][T12375]  do_syscall_64+0xf3/0x230
[  832.057527][T12375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.063402][T12375] 
[  832.065705][T12375] Memory state around the buggy address:
[  832.071314][T12375]  ffff888069fe3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  832.079356][T12375]  ffff888069fe3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  832.087394][T12375] >ffff888069fe4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  832.095431][T12375]                    ^
[  832.099476][T12375]  ffff888069fe4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  832.107512][T12375]  ffff888069fe4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  832.115548][T12375] ==================================================================
[  832.124238][T12375] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  832.131424][T12375] CPU: 0 PID: 12375 Comm: syz-executor.0 Not tainted 6.10.0-rc3-next-20240611-syzkaller #0
[  832.141395][T12375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  832.151465][T12375] Call Trace:
[  832.154731][T12375]  <TASK>
[  832.157647][T12375]  dump_stack_lvl+0x241/0x360
[  832.162310][T12375]  ? __pfx_dump_stack_lvl+0x10/0x10
[  832.167487][T12375]  ? __pfx__printk+0x10/0x10
[  832.172063][T12375]  ? vscnprintf+0x5d/0x90
[  832.176393][T12375]  panic+0x349/0x870
[  832.180363][T12375]  ? check_panic_on_warn+0x21/0xb0
[  832.185457][T12375]  ? __pfx_panic+0x10/0x10
[  832.189857][T12375]  ? mark_lock+0x9a/0x360
[  832.194170][T12375]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  832.200061][T12375]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  832.205936][T12375]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  832.212243][T12375]  ? print_report+0x502/0x550
[  832.216921][T12375]  check_panic_on_warn+0x86/0xb0
[  832.221862][T12375]  ? finish_fault+0xf87/0x1460
[  832.226644][T12375]  end_report+0x77/0x160
[  832.230901][T12375]  kasan_report+0x154/0x180
[  832.235430][T12375]  ? finish_fault+0xf87/0x1460
[  832.240208][T12375]  finish_fault+0xf87/0x1460
[  832.244804][T12375]  ? __pfx_finish_fault+0x10/0x10
[  832.249823][T12375]  ? __pfx_lock_release+0x10/0x10
[  832.254847][T12375]  ? pte_alloc_one+0x443/0x5d0
[  832.259617][T12375]  ? __do_fault+0x258/0x460
[  832.264120][T12375]  ? handle_pte_fault+0x2bf5/0x7130
[  832.269311][T12375]  handle_pte_fault+0x3db5/0x7130
[  832.274332][T12375]  ? mark_lock+0x9a/0x360
[  832.278652][T12375]  ? validate_chain+0x11e/0x5920
[  832.283579][T12375]  ? __lock_acquire+0x1359/0x2000
[  832.288602][T12375]  ? __pfx_handle_pte_fault+0x10/0x10
[  832.293966][T12375]  ? mark_lock+0x9a/0x360
[  832.298286][T12375]  ? __lock_acquire+0x1359/0x2000
[  832.303395][T12375]  ? __thp_vma_allowable_orders+0x7bf/0x860
[  832.309288][T12375]  handle_mm_fault+0x10df/0x1ba0
[  832.314225][T12375]  ? __pfx_handle_mm_fault+0x10/0x10
[  832.319511][T12375]  ? __pfx_find_vma+0x10/0x10
[  832.324190][T12375]  ? vma_is_secretmem+0xd/0x50
[  832.328949][T12375]  ? check_vma_flags+0x500/0x5a0
[  832.333896][T12375]  __get_user_pages+0x6ef/0x1590
[  832.338828][T12375]  ? mt_find+0x62d/0x850
[  832.343062][T12375]  ? __pfx___get_user_pages+0x10/0x10
[  832.348430][T12375]  populate_vma_page_range+0x264/0x330
[  832.353880][T12375]  ? __pfx_populate_vma_page_range+0x10/0x10
[  832.359858][T12375]  __mm_populate+0x27a/0x460
[  832.364445][T12375]  ? __pfx___mm_populate+0x10/0x10
[  832.369552][T12375]  __se_sys_remap_file_pages+0x7a1/0x9a0
[  832.375189][T12375]  ? __pfx___se_sys_remap_file_pages+0x10/0x10
[  832.381337][T12375]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  832.387327][T12375]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  832.393645][T12375]  ? do_syscall_64+0x100/0x230
[  832.398404][T12375]  ? __x64_sys_remap_file_pages+0x20/0xc0
[  832.404125][T12375]  do_syscall_64+0xf3/0x230
[  832.408619][T12375]  ? clear_bhb_loop+0x35/0x90
[  832.413293][T12375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.419175][T12375] RIP: 0033:0x7f881867cea9
[  832.423581][T12375] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  832.443174][T12375] RSP: 002b:00007f881934e0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  832.451588][T12375] RAX: ffffffffffffffda RBX: 00007f88187b4050 RCX: 00007f881867cea9
[  832.459561][T12375] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 00000000202ec000
[  832.467526][T12375] RBP: 00007f88186ebff4 R08: 0000000000000000 R09: 0000000000000000
[  832.475582][T12375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  832.483544][T12375] R13: 000000000000006e R14: 00007f88187b4050 R15: 00007ffcdb111f38
[  832.491515][T12375]  </TASK>
[  832.494633][T12375] Kernel Offset: disabled
[  832.498942][T12375] Rebooting in 86400 seconds..