last executing test programs:

12.532776777s ago: executing program 3 (id=2342):
r0 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000004c0)=ANY=[@ANYBLOB="186300000900000000000000810000009500000000000000bd550000080000001856000005000000000000000000000018280000", @ANYRES32=r1, @ANYBLOB='\x00\x00}\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r0, @ANYBLOB="0000000002000000185300000f000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000184900000100"/24], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x48801)
writev(0xffffffffffffffff, &(0x7f00000011c0)=[{&(0x7f0000000100)="0e044fa389d2dd6ff4f2f414b5b963a9b4e79c414f7170e1", 0x18}, {0x0, 0x2}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r8 = socket$inet6(0xa, 0x80803, 0x87)
connect$inet6(r8, &(0x7f00000003c0)={0xa, 0x2, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}, 0x1c)
write$binfmt_script(r8, &(0x7f0000000140)={'#! ', './file0'}, 0xfda6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="180000005c83995f000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x80)
r9 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="280000005200018000000000000000000a000000120001002b292d7b2a252a5b2d23d9262df8ff004bc1a0a343fa75521585f747f9767782bc1fecfaea71497394a0b70e728838cdb371017f0823c5d6f82735f38d8c875b9c760701368ac02b812e37900302312e93b6305db7cec49fc5a24a10ebc938d0a179341cb8c7750d941c2bd278"], 0x28}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r10 = getpid()
syz_pidfd_open(r10, 0x0)

10.371824342s ago: executing program 3 (id=2344):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x1}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
memfd_create(&(0x7f0000000000)='rootmode', 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r3, &(0x7f0000001100)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000010c0)=""/17, 0x11}}], 0x1, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @loopback, 0x0, 0x0, 'wrr\x00', 0x1}, 0x2c)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r4, &(0x7f0000001680)=[{&(0x7f0000000000)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000100)=[{0x0}], 0x1}], 0x1, 0xfc)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x0, "a8407a73"}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0xb, "7488dffc"}]}}, 0x0}, 0x0)
r6 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGREPORT(r6, 0x4805, 0x0)
ioctl$HIDIOCGPHYS(r6, 0x80404812, &(0x7f0000000080))
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000006940)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0x2, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x8, 0x2, [@TCA_FLOW_ACT={0x4}]}}]}, 0x38}}, 0x0)

9.340643698s ago: executing program 1 (id=2347):
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x0, &(0x7f0000005240), 0x1, 0x51b8, &(0x7f0000005280)="$eJzs3V+IVNcdB/Azu65uXepOoRQLQlcoLS0+LIVSi5RuS9X6sDJV+lBbdfuHQvFlFR8qfeiGBIPkIesKEvMQNwQiSUAXMcQQIasSDSGQByEo8cGEJWwwD0LyvISde8/szLnenXGjWaOfT9i9c+Z3zrlnhvsw343nTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAQwu3PawMz//vJSFl94vTFubnZ7T0TNw/1bT2//0YIlfrzlby+9/d/3PHvnXuHe+OAkT9lx2q1bMps6K2ssbLlyflxrT9/DyH0JBN058fNfU1jK+kJwoHihIvatmv3hd7J4Y2HD264NHn01FjxpTOvd7kXsFzy62pm4Voaqv/uSno02k2XXqXlEs3GpxfcN/IiAIB7MlirHxofR/OPuI32WFpP2kNJezxpx08I482NpcjmXVm2zoG0vkzrHMqiwqrSdSb1/P1vtGvp+KSdRI17WGdr1zzS9JatczSpL9c6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4me87N/Pf2u1dOltUnTl+cm5vd3jNx81Df1vP7b4RQrT9fycqV6yfXHfvVP7cMvHl8+GeD//rDju58XDyuaOocrscHv+4P4R9NlZk47WdrQqi1FurNcKJY+E/9wbZYAAAA4FHyw/rvrkY7i4M9Le1KPU1W6v9FeVjctftC7+TwxsMHN1yaPHpqbOnz1UrmG7rrfI12deGn0hSMY/xN51uox64HCvMsLp0xzfNXLm+8uOXqnqNl4wv5v7p4/o/vnPwPAADA1yH/p/Msrl3+f/XIE7MDT539adn4Qv4faDllIf/HFcf83xWWlv8BAADgYfag8/9QYZ7Ftcv/f91z4ncfbukdKhtfyP+DneX/Fc3Ljk++Hxe8rz+EwXZLBwAAAErE/+++8KeFmNeziJ/m9TMvH5u+9vFvNpXNV8j/Q53l/577/soAAACApfr57ls/ePHt786W1Qv5v9ZZ/l/1wFcOAAAAdGr9mc1vVV+oPFdWL+T/kc7y/+r8mO98yAZdif8K4Vh/CL3zD0azwtUw/ttGAQAAALhPYk7//7NX33m6+8/fKetXyP+ji9//P97pIO7/b7n/X2H/f1Mhu+vfJjcGAAAA4HFU3M8fb4+ffXNB2ffvd7r//5N1517/5bXp58vOX8j/Y53l/+7m4/38/j8AAABYgm/b9//9pTDP4trd///T77/23pdzP7pcNr6Q/8c7y//x2Nf88qbj+/Nkfwhr5x/kdxN8JZ5uX1KY6mkqZG98MmJnHJEXplY1FepGkxG/6A9h/fyDsaTwvVgYTwp31uSFyaTwQSzk10OjcDopTMcr7fiafLlp4Y1YyDdYTMUdFH2NLRHJiC/KRswX7jrio8bJAQAAHisxPOdZtqe1GdIoO1Vp12F1uw5d7Tp0t+uwIumQdix7Poy0FuLzf3vp7Ooj1Us/DiUK+X+ys/wf34qV2aFs/3+I+//zLyBs7P8fiYVqUpiKhVp6x4BaPEcWdp+J56jW8hF31jYKAAAA8EiLfxfoXuZ1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFfs3X+QXVV9APCzP96+7GazWcRBVAZWqGDqsNkkpojSMdgo1h+4KK1jHWtCsuCaxQQSOoShnQWs/cHYUkDaaa2Eto7CWJrBKZDWlkgbbAc6Bdo6QNTRIiN2qg5Di7UgdN7ee97ed+7evJdkN2Tp5/PHvvPe9/y878e+c+995wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8/HHfHvtoHf/Dw+6vi19/+leeff/Lc2vVf37n0nLsveTSE8ZnHu7Jw1yM3n3DDGZvePrLnpvesGNu8/n19ebk8HpY2/nTndz4Ra/3OshDu6gqhNw2cPpgFavn9wVjfCYMhHBNmA80SEwNZibThsK8/hF1hNtCsak9/CIOFwPkP33vPpxqJG/tDeG0IoZ628Y161kZ/Gji1LwsMpIGtvVngRy9kmoG7u7MAHLb4Zmi+6HePt2YYnrtcxeuvNm8de3Glw+uJieHqfN8/e4E7VdCXPjB+WE9bqToWROntsde7bRG820rb+TpPW/GLVP4N5YXZUD10b564cONlUzviI91hdLSnqqYFep4fferKTQeTXjSvw9iB4Xl5He578KH+49a+e89ta+9cv+f+xx463G4+UtikxfRCq4f8Nbdonsdonc+TRfD2K31LGvGlK4Rw12umT/mlC558Y1W8NP8fPvD8P76c4213S+5Y67ND2dw8PjIYEz8cyubmAAAAsGgshr2m+//w6eEPvPd3bq+qrzT/H+ns+H885J9P5rPR7g1h3UzimuUhHD/zeBa4NTZ3wfIQXjOTGm8NnJ0E9obwypnEimZVSYklscRIEvjuUB5YlwTui4HxJPC5GLguCXwiBnYngU0xsDcJvDUGwmTrOH56KB9Hx4H+GNiQbcTd8SyEp4dia8m22t+sCgAAYJ7ks8Na693CuQ6HmyFOL3f3t8sQz8CuzFBPakhnsM1pVWUNve1q6G5XQ3Pc0wcefqnmrnY1l07D6GrN0PPmdfse3/b460KF0vx/7MDz//ocHekqHf8P4byZvzF3dx6ZasY3jLdkAAAAAA7Dg3//2T//1zPfeUNVvDT/X9fZ+f9xn0hPIXN4IO6G2LI8hLHWQFbtm8uB7Kj30jwAAAAAi0HzeHzzWPhkfpudop3Op8v5xw8yfzzwv27O/J8597tf/tnPvuGcqv6W5v/jnZ3/P9B6m3XivtiLG5aHsKQQ+GrsZSMwYyQGvvWW1kA+/vviBrg2VpWfmNCs6tpYYkMMjCWBXVUlHmyWOL41kD9ZzcavaY5jMi9RCAAAAMARF3cHxOPy8fz/tZ/75avXPPLEB6vKleb/Gw7u/P+ZeXDp9P6ppSGs7A2hJ/1hwAMD2cKAMTDYlSf+ZiCrqyet6qqBEM5qDCyt6tv5+v+96RqDD/dnVcXA8Sd/4alTG4k/7Q9hZTHwtQ/dsraR2JEEmo3/Qn8IJzVGmzb+l0uyxmtp47+/JIQTC4FmVRcsCaHRWF9a1b31/DoGaVV/UQ/h2EKgWdXP1EPYGQBYpOK/0s3FB7fvvGLLxqmpiUsXMBH34feHCyenJkY3bZ3aXK/o0+akzy3LGF1VHlN3h2Pfny9R9NzbTh7uJN38neBYsS/5fvzSiYP5/fhdqDYzztW1lrtr0iG/7pRyE+mQ5hpypz9hPNQhDxQrmX0SK/vRF5aGJZdtn7h09PKNO3Zcuir722n21dnfeJgp21ar0m01MFffOnh5VK6WlTjUbXVasZKVOy7etnL7zitOn7x440UTF018fNWasbE3rl51xplrVzZGNZb9bTPU0+aqOhnqC7d0OK55HOqreguVHIlPDQkJicWWWHHnm37xi//x+ElVHz+l+f+2A8//46dO/OTP12eoOv4/HA/zZ4/PHubfEAO7Oj3+P1x1NL95YsBIEpiOgWmH+QEAAHhpiLsj497MuNf6ye9dcd2xt5z09apypfn/dGe//5+n9f+bS9e/s2qZ/xWxxFjV+v/pMv/N9f+nq9b/T5f5b67/v+tFWP//smYg2SRPW/8fAAB4KThy6/+3Xd4/vUBAKUPb5f3TCwSUMrRdxr/TCwQc9Pr/T/xg65LjX3brhlChNP+/rrP5v4X7AQAA4Ojx6Qc27zrtJz+pPCpcmv/v6mz+f+TX/wtV5/+PVAXGqxYGtP4fAAAAi1TV+n8fe/2WZZP/NnZBVbnS/H93Z/P/eNpFd0vuWOuzQ9madiFd0+6HQ82fDAAAAMDi0B1GR2sd5m1ZGfXsQ2/z0Xwp0AOli87a/Sc/33PldZUtlub/ezub/7f8LmPfgw/1H7f23XuevW3tnev33P/YQ7PH/wEAAICF0+l+CQAAAAAAAAAAAAAA4MW3/m8/+hsfvuezb6iKl37/H86bebzq9//xun/x9wUvb8kda22//l9+//x33b5zZsnCB4ZCOKUY2HL1lmNCfm3+04qBez684hWNxNVpiS9/861PNBIfSQPvOP1lzzQSZyWBDXGRxFemgXhVxWeWJYG4vOK/pIG4PXangb488FvLsnF0pdvqe4PZtupKt9VjgyEsLwSa2+quwayNrnSANyaB5gAvSQNxgOfmge60V7cvzXoVA4Ox6M1Ls14BAHDUit8Ca+HCyamJsfgVPt6+qrf1NmpZsuyqcrVdHTa/P1+a7Lm3nTzcSbon/S46e63xWqg3hrCq9HW1mKVrZpTzU0ubTffyiiG3W+2tu6Jc6mA3XV/1iPqzEY1u2jq1udZ24GvaZ1nd2zbLqtJkp5ile2aTdlBLB33pYEQdbpsOuhzvd4fR0Z4k15ticDi0aPeK6PT3+sV1/qpeBcU8oyf+6hXTE3c8WVVfaf4/3Nn8v14c1zP5xQCm45X1rlkeQuUlBwEAAIBDtP+vH1m99Y8++cX09jff9Sv/e9dPXflMVbnS/H+ks/l/3IOVHwrO9nbsjdf/b87/h7PArbG5C5aH8JqZ1HgskV1Q/52xxFgWuDXuMFkRS2wYb61qSQzsTgLfHcoDe5PAfTGQ76X4Qsh35fzeUAhrZ1LntZbYFksMJ4H3xsBIEhiNgbEksCwG1iWB/1yWB8aTwP0xECZbt9WXltm7AgAAHIJ8nlVrvRvSed7u3nYZutplGGiXobtdhnq7DFWjiPfviBlqyckrXYVMtbTW/qSWUoZ4MfyD7lcpQ3iwNWdasNR0PP+geb5BV2uGUz7/+g+EZb99c6hQmv+PdTb/H2i9zVq/L87/Z6//lwW+Grt3Qzx1fCQGvvWW1kC+Y+C+ONm9tlnVeF4in7RfG0usi4GRJLAtBtYlgQ3n5YFdr2gN5DPtZuPXNBufzEsUAgAAAHDExR0EcTdNnP9f/tzbl3/6i7/+31XlSvP/dZ3N/2N7S4uNfSLW+p1lIdzVNdubZuD0wSwQ92MMxp/HnzAYwjGFHRzNEhMDWYm+pOGwrz/7hXpfWtWe/myNgXj//IfvvedTjcSN/SG8trD3pdnGN+pZG/1p4NS+LDCQBrb2ZoG456cZuLs7C8Bha+4VjC+o/FSXpuG5y1W8/l4q1wRNh1faBzpHvrl+c7VQ6ukD+T7VpoN72krVsSBKb4+93m2L8d027N1W/CKVf0N5YTZUD92bJy7ceNnUjvhI8ZesJQv0PBd/pdpJeh5eh9OH3tv26mkHxpKPj7G5y839OuyK1e178KH+49a+e89ta+9cv+f+xx7quBsV4g+FX/2j24YfKWzehVYP+Wtu0X2ejPs8WYz/BkY8bSGEf1p/4eXPhr/rr4qX5v/jnc3/e5PbGT+OG3P78hBeV9i4D8TN/3PLs8/BQiD7lDy2HMgOuT8+VPnJCQAAAPOtubujub9gMr/NTghP58nl/OMHmT/ur1g3Z/5O+/2GPztz1VdO3P7HVfHS/H/Dgef/S5JuOv7v+D8LxPH/OR3tu6KXpA9MH9au6FJ1LAjH/+d0tL/bHP+fk+P/jv/PxfH/Nhz/n9PR/rSVviVt86WrMR/9nw9+8t/PHjylKl6a/2/rbP5v/b+5F+1rrv+3oWr9v21V6/9NW/8PAABYUBULzaXzvNLqfaUM6ep9pQxtFwhsu8Sg9f8Oev2/Nw/0vv93+29aESqU5v/Tnc3/48thabH1xbL+38h5FVVdFwPbLAwIAADA0ahqBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrpvuHdn3Dz/+0glV8etv/8rzzz95bu36r+9ces7dlzwawuTM411ZuOuRm0+44YxNbx/Zc9N7VoxtXv++el6ult++uiV3rPXZoRB2FR4ZjIkfDjXuzAbOf9ftO3sbiQeGQjilGNhy9ZZjGonPDYVwWjFwz4dXvKKRuDot8eVvvvWJRuIjaeAdp7/smUbirDzQlXb3M8uy7nal3f3UshCWFwLN7n5sWWtVzTbOyQPdaRufH8zaiIHBWPQPBrM2YmAqlphcEsLK3hB60qr+sZ5V1ZNW9Vf1rKqetKpfq4dwVgihN63qm31ZVb3pyP+5L6sqBo4/+QtPndpI7OoLYWUx8LUP3bK2kbgkCTQbf19fCCc1XjJp43fUssZraeM31kI4MYTQl5b4r96sRF9a4tu9IRxbCDQb/2hvCDsDLwnxw2dz8cHtO6/YsnFqauLSBUz05W31hwsnpyZGN22d2lxP+lSlq5B+4aoDxw9k/1NXbmrcPve2k4c7Sffm5WozXV5da7m7Zr56X1ug3sd+DRQrmX0+SvXH/H1haVhy2faJS0cv37hjx6Wrsr+dZl+d/e1pDq6xrVbN17bq1KFuq9OKlazccfG2ldt3XnH65MUbL5q4aOLjq9aMjb1x9aozzly7sjGqsezvfAz1liM/1Ff1Fio5Eh8AEhISiy3R3fLpNna0f5CXvujPdrQW6jMf0KVpRTFL18wo52PQZx/iiA/le0rbEa0qTRxKWVa3z7KmNJmYzdKfZZn5XleaHBZr6p7ZpPF+dxgd7anaDsOtd4ub9/uHsXkfzTddp2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//HB8mtQ==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
fallocate(r0, 0x0, 0x0, 0x1001f0)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
syz_mount_image$xfs(&(0x7f0000009600), &(0x7f0000009640)='./file0\x00', 0x840, &(0x7f00000000c0)={[{@lazytime}, {@uqnoenforce}, {@quota}, {@filestreams}, {@grpquota}, {@allocsize={'allocsize', 0x3d, [0x30, 0x39, 0x6d]}}, {@largeio}]}, 0x4, 0x968d, &(0x7f000001c300)="$eJzs3Am4pnMBuP/3DGOXMVRSaiqiRdYsUWYGMxSSJdqRJWUpqdCmRUoqItqzb9nKEsrWSrK3UEKoZIm02Ib5X2fmDGPcpF+//+VX931f1znv+z7v8zzn+34/z3KO5mrzSRtPHAzmGkxv3GDWzr1m8pQxV21w+5FbLXjMcqfcvf8jV1x8/MjjhJHHiYPBYNTI20PTl40dnHraqMHs05Y/3LxzzzM0/2Cw/MjLkf0MVp7+MP/lM9abOkuzDnTo4W/7TP+a1gLDP2L4yWH773X4YDAYM9P2Q4PB0J6P+qDSNp8wedLDVg+5DVuNHnk+89cc07/mv2gwmP+MAR8fM6879CR8pOGfueeLzhm9wZPws//r2nzC5HVn8R8+F2cbWbby8Dk+6zlobNbj/NYltlh1ZAqnHW+DwfAl7hHnyn9Fm0+YtN7gsa/zgyNXu2CfqdOvm3MOpt8o5h4MBvOMXF/ne7Jd6j9rwsQVpt2zZ7weYZ9xLO9Jx8XxbznpweGb9GAwWGgwGLvOjHtBVVVV/Xc0YeIKa8L9f67Hu/+ffPKiZ3T/r6qq+u9t3QkTVxi+189y/5/v8e7/uyx64cem/7f/8StP3+rBJ/dDVFVV1b/VpHXx/j/m8e7/K6956Xrd/6uqqv5722j9aff/+Wa5/y/8ePf/N5602mIj6834veGBmXY5NNP/nnD/TMtnm2n5fTMtHz3TfmZef46Zlt8z0/I5h9+D9ccNBmNn/HvBKQ8vHjtu+L2R5ffOtHz8w/9OZ/G1Zlo+Yablk2ZaPnFkrMPLJ8+0fPJM66/zOFNdVVX1/0wbrTBpzcFM/85+ZPEiM96n+//5Z1679JM13qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvrv7MHbzzpnMBgMDQaDUYPBlMHI85kfB1OnTp06/Prk8y677Ekb6P8bDZ17zeQpY67a4PYjt1rwmOVOuXv/h2fpv7b//k9Q/0nD/nMdN24w2GnTJ3so9STU+e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7iHrz9rHNGjoFRg8GUwcjzPWc8nrnfG940suqqm51y50EPb7n4+O1Hnp17zeQp2z8JY38SGhr+rGOu2uD2I7da8JjlTrl7//+Bs+e//xPUf9I0/+2HBoOR83vM8Lm8wYSNNllqMBgcdOcpm600eOi9VYbfW23sbIPZpm261LTvay/OO95znemP44e/LfzQPk6etv91px4629Asg5ipV5x7w5Fv3/zuFWd9XPKxP8eoGU8Ov+70u6ZOnTr1EQtHmusxNp6x/xmfZdbzfGTsSw2PfZldd3zXMu/ZfY+lt99xy+222W6bnZZbYZUVV1p+uZVWfdky226/wzbLTv/+GHM2btr3NZ/InM0365zdPmHmOZv1sz3WnI17/DmbtscpewxtMmPOZv8352zNx5+zcduP/KDFx48ebDFtaoYGg8XXGj3YbfjFcnMOBouvPbLuIsPrrj521GCw38MfdPjZnA8dg0N7Dq+z+aSNJz48skd/wkddpx+x4uLjRx4njDxOnD7EcYOHD8Wxg1NPGzU8F4+Y5nnnnmdo/sFg+ZGXI/sZrDry7iEz1ps6S7MOdOjhb/tM/5rWAsM7GX7yjmXPunr4XJxl+/8/+j+6/j/Ka5WhhyZqaORrZJ3pXhMmr/vwz5o2DcNzN9vIspWHTWads/+bPWq842YfjHmc8U5ad+IKw4tnmf8Zm+DxdccSF3xg+rE1fuXpWz34f4xC453vcca77gQc73yPN97jPnjJadN39X9tvLNc69ab9n38E7nWDR7/Wjcb7WCbixeb9Vr36sce4iPO4xlzNOcsKz3WtW63g5ffc3j/4x//Wrfe8NhHP+JaN2owWHzNGde64QvfpNGD/YZfLD/8YvLowTHDL1aY9mLuwXnDL176tp132Hp4wToz5mTZ4f2OHzs0zf2ClW9ZcuoBU6euNTKW8WMfOdaR42PczPfzCWOnT+aMbWfsd3jVGfu9+enT35s0st8J/8Z+Z2xL471zgenvTR7Z78RZ9jv6cfY7Y9tHnQ9LDT104XqM682kWa43I3/jzPhxj/iaY/rX/BcNBvOfQb6zrPsvr5l0/s71OOOdMHGFNYfHN8v5+9DhSOfvJZOvGr5XzD8YDBYaDMauM2Ps/2ZDjzXe2R9/vBNhvLM/3nivOHbH9f8vjHcw03gfcZxtvtH0Y2WdkeNs8r9x/M7Ydtbr2Ohp706/7K/zRK5j4x51HfvobKNmmeyZeqzf2baG9ac/X+Th33OvOfHoGXM/epb9/qvf2Wb6LENwHRszy9/zo9a5fjBEc77ncatfOnTg48/56MEj/7aYMecztn28OZ/8ROb8WY8/50/09+Slnj/9/dGzjH/mOd9w32d+ZsaczzHLfv/VnE9+/HvHo+d8/GA0zfmy902ft8e7nj7WnM/YdsacD3/E1cbOPlh7+J41MueTnsicL/J/5zifB9af/nybhxadfeQpr5sx57PO8b+a80n/7pyPe+g4X3zae88bNZhjjsFuW+666y7LTf8+4+Xy07/zteiea6bP8+PdSx/LaMa2j3derPVEjMY8IaOhf2W06OyPZfTwqXXEzrs87f/0WrTWv2s04GvRVUdPn7fH+73oseZ8xrZ0H1x4pu1n/Tt0o/Wn/d493yz3wRmb4H3w7DPX23vGLkc2e2CWYc64r94/0/LZZlp+30zLR8+0n5nXn2Om5ffMtHz4I8wx0/ozWMcN/807snzKw6uPHf7ladzI8ntnWj7+4W0XX2um5RNmWj5ppuUTHz40Fp880/LJM62/zuDfbMZ/k95+1ot8PdH677/u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zFPXj7WeeMHAOjBoMpg+nPh0YeB3sObXjbGsOPg8Fg9MonTN3wyR7vk9zQuddMnjLmqg1uP3KrBY9Z7pS79/8fOHv++z9B/SdN899+aDAYOb/HbD8YDDaYsNEmSw0Ggw2nnrDyqMFD7y0y/N7qY0cNBvsNPWIHcz60ztCew+tsPmnjiYPBXCNrjHvUD33UefSIFRcfP/I4YeRx4vTr07jBw8fr2MGpp40azD5t+cPNO/c8Q/MPBsuPvBzZz2Dl6Q/zXz5jvamzNOtAhx7+ts/0r2ktMPwjhp/stt3kZw/P1Szb/z/TjGv19qP+5aqd/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93/55/R8v/Wom6y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u3/ff+7/X8ZRT06d/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8tf3IO3n3XOyDEwajCYMpj+fGjPkcfB0EmnvnDkEBm9+5VHHfpkj/dJbujcayZPGXPVBrcfudWCxyx3yt37/w+cPf/9n6D+k6b5bz80GIyc32O2HwwGG0zYaJOlBoPBoUddufuowUPvLTL83upjRw0G+w09YgdzPrTO0J7D62w+aeOJg8FcI2uMe9QPfdR59IgVFx8/8jhh5HHi9OvTuMHDx+vYwamnjRrMPm35w8079zxD8w8Gy4+8HNnPYOXpD/NfPmO9qbM060CHHv62z/SvaS0w/COGn+w13zUnDc/VLNv/P9OMa/X2o/7lqp3/7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+7B2886Z+QYGDUYTBlMfz5q5HFoz5tu/PAmw4/DrxdcZ+9rnuzxPskNnXvN5Cljrtrg9iO3WvCY5U65e///gbPnv/8T1H/SsP9cx40bDHba9MkeSj0Jdf67y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/uAdvP+uckaejHl46as+OC2zo3GsmTxlz1Qa3H7nVgscsd8rd+z/ZA/pPewz/j+aPWfw/lj9m8f94/pjF/xP5Yxb/vfLHLP6fzB+z+O+dP2bx/1T+mMX/0/ljFv998scs/p/JH7P475s/ZvH/bP6Yxf9z+WMW/8/nj1n898sfs/jvnz9m8f9C/pjF/4D8MYv/gfljFv8v5o9Z/A/KH7P4H5w/ZvH/Uv6Yxf/L+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/2/kj1n8v5k/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi/+38scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/2/ljFv/v5I9Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/7v5Yxb/M/LHLP5n5o9Z/M/KH7P4fy9/zOL//fwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bx/0H+mMX/h/ljFv8f5Y9Z/H+cP2bx/0n+mMX/p/ljFv8L8scs/hfmj1n8f5Y/ZvG/KH/M4v/z/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/xf5Yxb/X+aPWfx/lT9m8f91/pjF/6r8MYv/1fljFv/f5I9Z/H+bP2bxvyZ/zOL/u/wxi/+1+WMW/+vyxyz+1+ePWfx/nz9m8b8hf8zif2P+mMX/pvwxi/8f8scs/n/MH7P4/yl/zOJ/c/6Yxf/P+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bx/0v+mMX/jvwxi/+d+WMW/7/mj1n878ofs/j/LX/M4v/3/DGL/z/yxyz+/8wfs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/yn5Yxb/B/LHLP4P5o9Z/Kfmj0n8Zxvkj1n8h/LHLP6j8scs/rPlj1n8Z88fs/iPzh+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4PyV/zOK/QP6YxX9M/pjFf8H8MYv/2Pwxi/9C+WMW/4Xzxyz+T80fs/g/LX/M4v/0/DGL/yL5Yxb/Z+SPWfwXzR+z+D8zf8zi/6z8MYv/YvljFv9n549Z/J+TP2bxH5c/ZvF/bv6Yxf95+T+q2UceDf7Pzx+znP+L549Z/JfIH7P4vyB/zOK/ZP6YxX+p/DGL/wvzxyz+L8ofs/i/OH/M4v+S/DGL/9L5Yxb/l+aPWfyXyR+z+C+bP2bxXy5/zOK/fP6YxX+F/DGL/4r5Yxb/l+WPWfxXyh+z+K+cP2bxXyV/zOK/av6Yxf/l+WMW/9Xyxyz+q+ePWfxfkT9m8X9l/pjFf438MYv/+Pwxi/+E/DGL/8T8MYv/mvljFv+18scs/mvnj1n8J+WPWfwnq/xne8JrWvzXUfk/8Sz+6+aPWfxflT9m8X91/pjFf738MYv/+vljFv8N8scs/q/JH7P4b5g/ZvF/bf6YxX+j/DGL/8b5Yxb/TfLHLP6b5o9Z/F+XP2bx3yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8zi/5n8MYv/vvljFv/P5o9Z/D+XP2bx/3z+mMV/v/wxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/6D8MYv/wfljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/m/ljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+H8rf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfy/nT9m8f9O/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8v5s/ZvE/I3/M4n9m/pjF/6z8MYv/9/LHLP7fzx+z+J+dP2bxPyf/aR042yNfW/zPzR+z+J+XP2bxPz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/9P88cs/hfkj1n8L8wfs/j/LH/M4n9R/pjF/+f5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/L/LHLP6/zB+z+P8qf8zi/+v8MYv/VfljFv+r88cs/r/JH7P4/zZ/zOJ/Tf6Yxf93+WMW/2vzxyz+1+WPWfyvzx+z+P8+f8zif0P+mMX/xvwxi/9N+WMW/z/kj1n8/5g/ZvH/U/6Yxf/m/DGL/5/zxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOL/l/wxi/8d+WMW/zvzxyz+f80fs/jflT9m8f9b/pjF/+/5Yxb/f+SPWfz/mT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+U/LHLP4P5I9Z/B/MH7P4T80fk/jPPsgfs/gP5Y9Z/Eflj1n8Z8sfs/jPnj9m8R+dP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvF/Sv6YxX+B/DGL/5j8MYv/gvljFv+x+WMW/4Xyxyz+C+ePWfyfmj9m8X9a/pjF/+n5Yxb/RfLHLP7PyB+z+C+aP2bxf2b+mMX/WfljFv/F8scs/s/OH7P4Pyd/zOI/Ln/M4v/c/DGL//Pyxyz+z88fs/gvnj9m8V8if8zi/4L8MYv/kvljFv+l8scs/i/MH7P4vyh/zOL/4vwxi/9L8scs/kvnj1n8X5o/ZvFfJn/M4r9s/pjFf7n8MYv/8vljFv8V8scs/ivmj1n8X5Y/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv+X549Z/FfLH7P4r54/ZvF/Rf6Yxf+V+WMW/zXyxyz+4/PHLP4T8scs/hPzxyz+a+aPWfzXyh+z+K+dP2bxn5Q/ZvGfnD9m8V8nf8ziv27+mMX/VfljFv9X549Z/NcT+q/xBNax+K8v9H8iWfw3yB+z+L8mf8ziv2H+mMX/tYPL8ocs/ht1/mMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/6EH+mMV/KH/M4j8qf8ziP1v+mMV/9vwxi//o/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/U/LHLP4L5I9Z/Mfkj1n8F8wfs/iPzR+z+C+UP2bxXzh/zOL/1Pwxi//T8scs/k/PH7P4L5I/ZvF/Rv6YxX/R/DGL/zPzxyz+z8ofs/gvlj9m8X92/pjF/zn5Yxb/cfljFv/n5o9Z/J+XP2bxf37+mMV/8fwxi/8S+WMW/xfkj1n8l8wfs/gvlT9m8X9h/pjF/0X5Yxb/F+ePWfxfkj9m8V86f8zi/9L8MYv/MvljFv9l88cs/svlj1n8l88fs/ivkD9m8V8xf8zi/7L8MYv/SvljFv+V88cs/qvkj1n8V80fs/i/PH/M4r9a/pjFf/X8MYv/K/LHLP6vzB+z+K+RP2bxH58/ZvGfkD9m8Z+YP2bxXzN/zOK/Vv6YxX/t/DGL/6T8MYv/5Pwxi/86+WMW/3Xzxyz+r8ofs/i/On/M4r9e/pjFf/38MYv/BvljFv/X5I9Z/DfMH7P4vzZ/zOK/Uf6YxX/j/DGL/yb5Yxb/TfPHLP6vyx+z+G+WP2bx3zx/zOL/+vwxi/8b8scs/m/MH7P4vyl/zOL/5vwxi/9b8scs/m/NH7P4b5E/ZvHfMn/M4r9V/pjF/235Yxb/rfPHLP7b5I9Z/LfNH7P4b5c/ZvF/e/6YxX/7/DGL/zvyxyz+78wfs/jvkD9m8d8xf8ziv1P+mMV/5/wxi/+78scs/u/OH7P475I/ZvF/T/6YxX/X/DGL/3vzxyz+78sfs/i/P3/M4r9b/pjFf/f8MYv/HvljFv8P5I9Z/D+YP2bx/1D+mMX/w/ljFv+P5I9Z/PfMH7P4fzR/zOL/sfwxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8f9M/pjFf9/8MYv/Z/PHLP6fyx+z+H8+f8ziv1/+mMV///wxi/8X8scs/gfkj1n8D8wfs/h/MX/M4n9Q/pjF/+D8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1/LHLP5fzx+z+H8jf8zi/838MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfy/lT9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+384fs/h/J3/M4n9K/pjF/9T8MYv/afljFv/T88cs/t/NH7P4n5E/ZvE/M3/M4n9W/pjF/3v5Yxb/7+ePWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/w/yxyz+P8wfs/j/KH/M4v/j/DGL/0/yxyz+P80fs/hfkD9m8b8wf8zi/7P8MYv/RfljFv+f549Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/r/IH7P4/zJ/zOL/q/wxi/+v88cs/lflj1n8r84fs/j/Jn/M4v/b/DGL/zX5Yxb/3+WPWfyvzR+z+F+XP2bxvz5/zOL/+/wxi/8N+WMW/xvzxyz+N+WPWfz/kD9m8f9j/pjF/0/5Yxb/m/PHLP5/zh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/1/yxyz+d+SPWfzvzB+z+P81f8zif1f+mMX/b/ljFv+/549Z/P+RP2bx/2f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+E/JH7P4P5A/ZvF/MH/M4j81f0ziP8cgf8ziP5Q/ZvEflT9m8Z8tf8ziP3v+mMV/dP6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/yn5Yxb/BfLHLP5j8scs/gvmj1n8x+aPWfwXyh+z+C+cP2bxf2r+mMX/afljFv+n549Z/BfJH7P4PyN/zOK/aP6Yxf+Z+WMW/2flj1n8F8sfs/g/O3/M4v+c/DGL/7j8MYv/c/PHLP7Pyx+z+D8/f8ziv3j+mMV/ifwxi/8L8scs/kvmj1n8l8ofs/i/MH/M4v+i/DGL/4vzxyz+L8kfs/gvnT9m8X9p/pjFf5n8MYv/svljFv/l8scs/svnj1n8V8gfs/ivmD9m8X9Z/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8X54/ZvFfLX/M4r96/pjF/xX5Yxb/V+aPWfzXyB+z+I/PH7P4T8gfs/hPzB+z+K+ZP2bxXyt/zOK/dv6YxX9S/pjFf3L+mMV/nfwxi/+6+WMW/1flj1n8X50/ZvFfL3/M4r9+/pjFf4P8MYv/a/LHLP4b5o9Z/F+bP2bx3yh/zOK/cf6YxX+T/DGL/6b5Yxb/1+WPWfw3yx+z+G+eP2bxf33+mMX/DfljFv835o9Z/N+UP2bxf3P+mMX/LfljFv+35o9Z/LfIH7P4b5k/ZvHfKn/M4v+2/DGL/9b5Yxb/bfLHLP7b5o9Z/LfLH7P4vz1/zOK/ff6Yxf8d+WMW/3fmj1n8d8gfs/jvmD9m8d8pf8ziv3P+mMX/XfljFv93549Z/HfJH7P4vyd/zOK/a/6Yxf+9+WMW//flj1n8358/ZvHfLX/M4r97/pjFf4/8MYv/B/LHLP4fzB+z+H8of8zi/+H8MYv/R/LHLP575o9Z/D+aP2bx/1j+mMX/4/ljFv9P5I9Z/PfKH7P4fzJ/zOK/d/6Yxf9T+WMW/0/nj1n898kfs/h/Jn/M4r9v/pjF/7P5Yxb/z+WPWfw/nz9m8d8vf8ziv3/+mMX/C/ljFv8D8scs/gfmj1n8v5g/ZvE/KH/M4n9w/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfy/kT9m8f9m/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+38ofs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/2/nj1n8v5M/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv/v5o9Z/M/IH7P4n5k/ZvE/K3/M4v+9/DGL//fzxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW/5/mj1n8L8gfs/hfmD9m8f9Z/pjF/6L8MYv/z/PHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv9f5I9Z/H+ZP2bx/1X+mMX/1/ljFv+r8scs/lfnj1n8f5M/ZvH/bf6Yxf+a/DGL/+/yxyz+1+aPWfyvyx+z+F+fP2bx/33+mMX/hvwxi/+N+WMW/5vyxyz+f8gfs/j/MX/M4v+n/DGL/835Yxb/P+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf8v+WMW/zvyxyz+d1r95378ty3+f7X6/4ss/nflj1n8/5Y/ZvH/e/6Yxf8f+WMW/3/mj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/+U/DGL/wP5Yxb/B/PHLP5T88ck/nMO8scs/kP5Yxb/UfljFv/Z8scs/rPnj1n8R+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/J+SP2bxXyB/zOI/Jn/M4r9g/pjFf2z+mMV/ofwxi//C+WMW/6fmj1n8n5Y/ZvF/ev6YxX+R/DGL/zPyxyz+i+aPWfyfmT9m8X9W/pjFf7H8MYv/s/PHLP7PyR+z+I/LH7P4Pzd/zOL/vPwxi//z88cs/ovnj1n8l8gfs/i/IH/M4r9k/pjFf6n8MYv/C/PHLP4vyh+z+L84f8zi/5L8MYv/0vljFv+X5o9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv+X5Y9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/+X5Yxb/1fLHLP6r549Z/F+RP2bxf2X+mMV/jfwxi//4/DGL/4T8MYv/xPwxi/+a+WMW/7Xyxyz+a+ePWfwn5Y9Z/Cfnj1n818kfs/ivmz9m8X9V/pjF/9X5Yxb/9fLHLP7r549Z/DfIH7P4vyZ/zOK/Yf6Yxf+1+WMW/43yxyz+G+ePWfw3yR+z+G+aP2bxf13+mMV/s/wxi//m+WMW/9fnj1n835A/ZvF/Y/6Yxf9N+WMW/zfnj1n835I/ZvF/a/6YxX+L/DGL/5b5Yxb/rfLHLP5vyx+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/9vzxyz+2+ePWfzfkT9m8X9n/pjFf4f8MYv/jvljFv+d8scs/jvnj1n835U/ZvF/d/6YxX+X/DGL/3vyxyz+u+aPWfzfmz9m8X9f/pjF//35Yxb/3fLHLP67549Z/PfIH7P4fyB/zOL/wfwxi/+H8scs/h/OH7P4fyR/zOK/Z/6Yxf+j+WMW/4/lj1n8P54/ZvH/RP6YxX+v/DGL/yfzxyz+e+ePWfw/lT9m8f90/pjFf5/8MYv/Z/LHLP775o9Z/D+bP2bx/1z+mMX/8/ljFv/98scs/vvnj1n8v5A/ZvE/IH/M4n9g/pjF/4v5Yxb/g/LHLP4H549Z/L+UP2bx/3L+mMX/K/ljFv+v5o9Z/L+WP2bx/3r+mMX/G/ljFv9v5o9Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zi/638MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8f92/pjF/zv5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvH/bv6Yxf+M/DGL/5n5Yxb/s/LHLP7fyx+z+H8/f8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfx/kD9m8f9h/pjF/0f5Yxb/H+ePWfx/kj9m8f9p/pjF/4L8MYv/hfljFv+f5Y9Z/C/KH7P4/zx/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvH/Rf6Yxf+X+WMW/1/lj1n8f50/ZvG/Kn/M4n91/pjF/zf5Yxb/3+aPWfyvyR+z+P8uf8zif23+mMX/uvwxi//1+WMW/9/nj1n8b8gfs/jfmD9m8b8pf8zi/4f8MYv/H/PHLP5/yh+z+N+cP2bx/3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfz/kj9m8b8jf8zif2f+mMX/r/ljFv+78scs/n/LH7P4/z1/zOL/j/wxi/8/88cs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMV/Sv6Yxf+B/DGL/4P5Yxb/qfljEv+5BvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP5PyR+z+C+QP2bxH5M/ZvFfMH/M4j82f8ziv1D+mMV/4fwxi/9T88cs/k/LH7P4Pz1/zOK/SP6Yxf8Z+WMW/0Xzxyz+z8wfs/g/K3/M4r9Y/pjF/9n5Yxb/5+SPWfzH5Y9Z/J+bP2bxf17+mMX/+fljFv/F88cs/kvkj1n8X5A/ZvFfMn/M4r9U/pjF/4X5Yxb/F+WPWfxfnD9m8X9J/pjFf+n8MYv/S/PHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/y/LHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9a+WMW/7Xzxyz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/3IP8MYv/UP6YxX9U/pjFf7b8MYv/7PljFv/R+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/p+SPWfwXyB+z+I/JH7P4L5g/ZvEfmz9m8V8of8ziv3D+mMX/qfljFv+n5Y9Z/J+eP2bxXyR/zOL/jPwxi/+i+WMW/2fmj1n8n5U/ZvFfLH/M4v/s/DGL/3Pyxyz+4/LHLP7PzR+z+D8vf8zi//z8MYv/4vljFv8l8scs/i/IH7P4L5k/ZvFfKn/M4v/C/DGL/4vyxyz+L84fs/i/JH/M4r90/pjF/6X5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvFfIX/M4r9i/pjF/2X5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvF/ef6YxX+1/DGL/+r5Yxb/V+SPWfxfmT9m8V8jf8ziPz5/zOI/IX/M4j8xf8ziv2b+mMV/rfwxi//a+WMW/0n5Yxb/yfljFv918scs/uvmj1n8X5U/ZvF/df6YxX+9/DGL//r5Yxb/DfLHLP6vyR+z+G+YP2bxf23+mMV/o/wxi//G+WMW/03yxyz+m+aPWfxflz9m8d8sf8ziv3n+mMX/9fljFv835I9Z/N+YP2bxf1P+mMX/zfljFv+35I9Z/N+aP2bx3yJ/zOK/Zf6YxX+r/DGL/9vyxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/9vwxi//2+WMW/3fkj1n835k/ZvHfIX/M4r9j/pjFf6f8MYv/zvljFv935Y9Z/N+dP2bx3yV/zOL/nvwxi/+u+WMW//fmj1n835c/ZvF/f/6YxX+3/DGL/+75Yxb/PfLHLP4fyB+z+H8wf8zi/6H8MYv/h/PHLP4fyR+z+O+ZP2bx/2j+mMX/Y/ljFv+P549Z/D+RP2bx3yt/zOL/yfwxi//e+WMW/0/lj1n8P50/ZvHfJ3/M4v+Z/DGL/775Yxb/z+aPWfw/lz9m8f98/pjFf7/8MYv//vljFv8v5I9Z/A/IH7P4H5g/ZvH/Yv6Yxf+g/DGL/8H5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfy/nj9m8f9G/pjF/5v5Yxb/Q/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/h/K3/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8v50/ZvH/Tv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/L+bP2bxPyN/zOJ/Zv6Yxf+s/DGL//fyxyz+388fs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/x/kj1n8f5g/ZvH/Uf6Yxf/H+WMW/5/kj1n8f5o/ZvG/IH/M4n9h/pjF/2f5Yxb/i/LHLP4/zx+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/H+RP2bx/2X+mMX/V/ljFv9f549Z/K/KH7P4X50/ZvH/Tf6Yxf+3+WMW/2vyxyz+v8sfe6T/6Cd7OP95j+F/bf6Y5fy/Ln/M4n99/pjF//f5Yxb/G/LHLP435o9Z/G/KH7P4/yF/zOL/x/wxi/+f8scs/jfnj1n8/5w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv+/5I9Z/O/IH7P435k/ZvH/a/6Yxf+u/DGL/9/yxyz+f88fs/j/I3/M4v/P/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvGfkj9m8X8gf8zi/2D+mMV/av6YxH+eQf6YxX8of8ziPyp/zOI/W/6YxX/2/DGL/+j8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz/2v+8/10Nv5f/o/vf9pzXPfPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/isp/ad+5F+tYfFfWen/r7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9a+WMW/7Xzxyz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+bmf2HOhhmZPH/beSYxf+a/DGL/+/yxyz+1+aPWfyvyx+z+F+fP2bx/33+mMX/hvwxi/+N+WMW/5vyxyz+f8gfs/j/MX/M4v+n/DGL/835Yxb/P+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf8v+WMW/zvyxyz+d+aPWfz/mj9m8b8rf8zi/7f8MYv/3/PHLP7/yB+z+P8zf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfyn5I9Z/B/IH7P4P5g/ZvGfmj8m8Z93kD9m8e//8o2z+I/KH7P4z5Y/ZvGfPX/M4j86f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOL/lPwxi/8C+WMW/zH5Yxb/BfPHLP5j88cs/gvlj1n8F84fs/g/NX/M4v+0/DGL/9Pzxyz+i+SPWfyfkT9m8V80f8zi/8z8MYv/s/LHLP6L5Y9Z/J+dP2bxf07+mMV/XP6Yxf+5+WMW/+flj1n8n58/ZvFfPH/M4r9E/pjF/wX5Yxb/JfPHLP5L5Y9Z/F+YP2bxf1H+mMX/xfljFv+X5I9Z/JfOH7P4vzR/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vyx/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vzx+z+K+WP2bxXz1/zOL/ivwxi/8r88cs/mvkj1n8x+ePWfwn5I9Z/Cfmj1n818wfs/ivlT9m8V87f8ziPyl/zOI/OX/M4r9O/pjFf938MYv/q/LHLP6vzh+z+K+XP2bxXz9/zOK/Qf6Yxf81+WMW/w3zxyz+r80fs/hvlD9m8d84f8ziv0n+mMV/0/yx/2X/qR95aOm8r8sf+1/2n/n83yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8zi/5n8MYv/vvljFv/P5o9Z/D+XP2bx/3z+mMV/v/wxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/6D8MYv/wfljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/m/ljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+H8rf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfy/nT9m8f9O/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8v5s/ZvE/I3/M4n9m/pjF/6z8MYv/9/LHLP7fzx+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfx/mj9m8b8gf8zif2H+mMX/Z/ljFv+L8scs/j/PH7P4X5w/ZvG/JH/M4n9p/pjF/zKf/9xPZCWL/+U+/yeUxf+K/DGL/5X5Yxb/X+SPWfx/mT9m8f9V/pjF/9f5Yxb/q/LHLP5X549Z/H+TP2bx/23+mMX/mvwxi//v8scs/tfmj1n8r8sfs/hfnz9m8f99/pjF/4b8MYv/jfljFv+b8scs/n/IH7P4/zF/zOL/p/wxi//N+WMW/z/nj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/L/ljFv878scs/nfmj1n8/5o/ZvG/K3/M4v+3/DGL/9/zxyz+/8gfs/j/M3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8p+SPWfwfyB+z+D+YP2bxn5o/JvGfb5A/ZvEfyh+z+I/KH7P4z5Y/ZvGfPX/M4j86f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOL/lPwxi/8C+WMW/zH5Yxb/BfPHLP5j88cs/gvlj1n8F84fs/g/NX/M4v+0/DGL/9Pzxyz+i+SPWfyfkT9m8V80f8zi/8z8MYv/s/LHLP6L5Y9Z/J+dP2bxf07+mMV/XP6Yxf+5+WMW/+flj1n8n58/ZvFfPH/M4r9E/pjF/wX5Yxb/JfPHLP5L5Y9Z/F+YP2bxf1H+mMX/xfljFv+X5I9Z/JfOH7P4vzR/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vyx/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vzx+z+K+WP2bxXz1/zOL/ivwxi/8r88cs/mvkj1n8x+ePWfwn5I9Z/Cfmj1n818wfs/ivlT9m8V87f8ziPyl/zOI/OX/M4r9O/pjFf938MYv/q/LHLP6vzh+z+K+XP2bxXz9/zOK/Qf6Yxf81+WMW/w3zxyz+r80fs/hvlD9m8d84f8ziv0n+mMV/0/wxi//r8scs/pvlj1n8N88fs/i/Pn/M4v+G/DGL/xvzxyz+b8ofs/i/OX/M4v+W/DGL/1vzxyz+W+SPWfy3zB+z+G+VP2bxf1v+mMV/6/wxi/82+WMW/23zxyz+2+WPWfzfnj9m8d8+f8zi/478MYv/O/PHLP475I9Z/HfMH7P475Q/ZvHfOX/sIf9tT/qf9n9X/pjl/H93/pjFf5f8MYv/e/LHLP675o9Z/N+bP2bxf1/+mMX//fljFv/d8scs/rvnj1n898gfs/h/IH/M4v/B/DGL/4fyxyz+H84fs/h/JH/M4r9n/pjF/6P5Yxb/j+WPWfw/nj9m8f9E/pjFf6/8MYv/J/PHLP57549Z/D+VP2bx/3T+mMV/n/wxi/9n8scs/vvmj1n8P5s/ZvH/XP6Yxf/z+WMW//3yxyz+++ePWfy/kD9m8T8gf8zif2D+mMX/i/ljFv+D8scs/gfnj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6Yxf8b+WMW/2/mj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOL/rfwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bx/3b+mMX/O/ljFv9T8scs/qfmj1n8T8sfs/ifnj9m8f9u/pjF/4z8MYv/mfljFv+z8scs/t/LH7P4fz9/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/H+QP2bx/2H+mMX/R/ljFv8f549Z/H+SP2bx/2n+mMX/gvwxi/+F+WMW/5/lj1n8L8ofs/j/PH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8f9F/pjF/5f5Yxb/X+WPWfx/nT9m8b8qf8zif3X+mMX/N/ljFv/f5o9Z/K/JH7P4/y5/zOJ/bf6Yxf+6/DGL//X5Yxb/3+ePWfxvyB+z+N+YP2bxvyl/zOL/h/wxi/8f88cs/n/KH7P435w/ZvH/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/P+SP2bxvyN/zOJ/Z/6Yxf+v+WMW/7vyxyz+f8sfs/j/PX/M4v+P/DGL/z/zxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6YxX9K/pjF/4H8MYv/g/ljFv+p+WMS//kH+WMW/6H8MYv/qPwxi/9s+WMW/9nzxyz+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOK/Rv6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1r5Yxb/tfPHLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj1n8P5I/ZvHfM3/M4v/R/DGL/8fyxyz+H88fs/h/In/M4r9X/pjF/5P5Yxb/vfPHLP6fyh+z+H86f8ziv0/+mMX/M/ljFv9988cs/p/NH7P4fy5/zOL/+fwxi/9++WMW//3zxyz+X8gfs/gfkD9m8T8wf8zi/8X8MYv/QfljFv+D88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOL/jfwxi/8388cs/ofkj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bx/1b+mMX/+Pwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+H87f8zi/538MYv/KfljFv9T88cs/qflj1n8T88fs/h/N3/M4n9G/pjF/8z8MYv/WfljFv/v5Y9Z/L+fP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4/yB+z+P8wf8zi/6P8MYv/j/PHLP4/yR+z+P80f8zif0H+mMX/wvwxi//P8scs/hflj1n8f54/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/j/In/M4v/L/DGL/6/yxyz+v84fs/hflT9m8b86f8zi/5v8MYv/b/PHLP7X5I9Z/H+XP2bxvzZ/zOJ/Xf6Yxf/6/DGL/+/zxyz+N+SPWfxvzB+z+N+UP2bx/0P+mMX/j/ljFv8/5Y9Z/G/OH7P4/zl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP5/yR+z+N+RP2bxvzN/zOL/1/wxi/9d+WMW/7/lj1n8/54/ZvH/R/6Yxf+f+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOI/JX/M4v9A/pjF/8H8MYv/1Pwxif9TBvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP5PyR+z+C+QP2bxH5M/ZvFfMH/M4j82f8ziv1D+mMV/4fwxi/9T88cs/k/LH7P4Pz1/zOK/SP6Yxf8Z+WMW/0Xzxyz+z8wfs/g/K3/M4r9Y/pjF/9n5Yxb/5+SPWfzH5Y9Z/J+bP2bxf17+mMX/+fljFv/F88cs/kvkj1n8X5A/ZvFfMn/M4r9U/pjF/4X5Yxb/F+WPWfxfnD9m8X9J/pjFf+n8MYv/S/PHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/y/LHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9aIv+5/o11Lf5ri/z/nSz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/AoP8MYv/UP6YxX9U/pjFf7b8MYv/7Pk/otlGHi3+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOK/Rv6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1r5Yxb/tfPHLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj/1/7NGzFiCGAkXRZ79kYtu2bdu2bWdi27Zt27Zt254UqbLW/YLcvbtTn5b/A/2PWv7v5n/U8n93/6OW/3v4H7X839P/qOX/Xv5HLf/39j9q+b+P/1HL/339j1r+7+d/1PJ/f/+jlv8H+B+1/D/Q/6jl/0H+Ry3/D/Y/avl/iP9Ry/9D/Y9a/h/mf9Ty/3D/o5b/R/gftfw/0v+o5f9R/kct/4/2P2r5f4z/Ucv/Y/2PWv4f53/U8v94/6OW/yf4H7X8P9H/qOX/Sf5HLf9P9j9q+X+K/1HL/1P9j1r+n+Z/1PL/dP+jlv9n+B+1/D/T/6jl/1n+Ry3/z/Y/avl/jv9Ry/9z/Y9a/p/nf9Ty/3z/o5b/F/gftfy/0P+o5f9F/kct/y/2P2r5f4n/Ucv/S/2PWv5f5n/U8v9y/6OW/1f4H7X8v9L/qOX/Vf5HLf+v9j9q+X+N/1HL/2v9j1r+X+d/1PL/ev+jlv83+B+1/L/R/6jl/03+Ry3/b/Y/avl/i/9Ry/9b/Y9a/t/mf9Ty/3b/o5b/d/gftfy/0/+o5f9d/kct/+/2P2r5f4//Ucv/e/2PWv7f53/U8v9+/6OW/w/4H7X8f9D/qOX/Q/5HLf8f9j9q+f+I/1HL/0f9j1r+P+Z/1PL/cf+jlv9P+B+1/H/S/6jl/1P+Ry3/n/Y/avn/jP9Ry/9n/Y9a/j/nf9Ty/3n/o5b/L/gftfx/0f+o5f9L/kct/1/2P2r5/4r/Ucv/V/2PWv6/5n/U8v91/6OW/2/4H7X8f9P/qOX/W/5HLf/f9j9q+f+O/1HL/3f9j1r+v+d/1PL/ff+jlv8f+B+1/P/Q/6jl/0f+Ry3/P/Y/avn/if9Ry/9P/Y9a/n/mf9Ty/3P/o5b/X/gftfz/0v+o5f9X/kct/7/2P2r5/43/Ucv/b/2PWv5/53/U8v97/6OW/z/4H7X8/9H/qOX/T/5HLf9/9j9q+f+L/1HL/0H+RyX/B/zJ/6jl/5/9j1r+/8X/qOX/X/2PWv7/zf+o5f/f/Y9a/v/D/6jl/z/9j1r+/8v/qOX/v/2PWv7/x/+o5f9//Y9a/v/P/6jl///9j1r+D+Z/1PJ/cP+jlv8D/I9a/g/hf9Tyf0j/o5b/Q/kftfwf2v+o5f8w/kct/4f1P2r5P5z/Ucv/4f2PWv6P4H/U8n9E/6OW/yP5H7X8H9n/qOX/KP5HLf9H9T9q+T+a/1HL/9H9j1r+j+F/1PJ/TP+jlv9j+R+1/B/b/6jl/zj+Ry3/x/U/avk/nv9Ry//x/Y9a/k/gf9Tyf0L/o5b/E/kftfyf2P+o5f8k/kct/yf1P2r5P5n/Ucv/yf2PWv5P4X/U8n9K/6OW/1P5H7X8n9r/qOX/NP5HLf+n9T9q+T+d/1HL/+n9j1r+z+B/1PJ/Rv+jlv8z+R+1/J/Z/6jl/yz+Ry3/Z/U/avk/m/9Ry//Z/Y9a/s/hf9Tyf07/o5b/c/kftfyf2/+o5f88/kct/+f1P2r5P5//Ucv/+f2PWv4v4H/U8n9B/6OW/wv5H7X8X9j/qOX/Iv5HLf8X9T9q+b+Y/1HL/8X9j1r+L+F/1PJ/Sf+jlv9L+R+1/F/a/6jl/zL+Ry3/l/U/avm/nP9Ry//l/Y9a/q/gf9Tyf0X/o5b/K/kftfxf2f+o5f8q/kct/1f1P2r5v5r/Ucv/1f2PWv6v4X/U8n9N/6OW/2v5H7X8X9v/qOX/Ov5HLf/X9T9q+b+e/1HL//X9j1r+b+B/1PJ/Q/+jlv8b+R+1/N/Y/6jl/yb+/2bQ77Pl/6b+Ry3/N/M/avm/uf9Ry/8t/I9a/m/pf9Tyfyv/o5b/W/sftfzfxv+o5f+2/kct/7fzP2r5v73/Ucv/HfyPWv7v6H/U8n8n/6OW/zv7H7X838X/qOX/rv5HLf8H+h/94f4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/Mq+/cd4XRdwHP8ccIBkGy5mDGuDfFu6pXTHj+EfTkgELvTA34gaAncgeAd0HHacGj/+IJfOH7mRYytXwrCctHnLNZ1dmlmzWLXV7IeapStrkeks2GJd+95977z7dtz6vs/3m5WPxx/3/X4+X14f4LYnnw9TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9dDY0LjoytGXJq7OCDDx9u7n2dfXTFTQd+331B/2v546XDXHLM4IOenp6e2c/O2lE+nFAUReln21k+nlg5Ll1/Z/2XOvqOwvzuFxcfn/zLxiMH1pz2cF3X0ftqe8/WFjeu29DS/IkxRREuqi06Sgd1NUURFtUW95YO6ksHi2uLh0sHs3oPTim+Wzo4b+3mlqbSiSXR3zP4f9HQuLMYO6TYYsifBoP731n/nTv6X0e4ZP/VxhXl/i/v/OGbFZ/1O0H//dcPCyr7r/o3CJxQdf0/P7//dYRL/sf9f9KTK18e7rMT999//fBJ/UM6wzz/D2m08rm/4vl/+jCXHNhfWdN5vNT/Jbc+M6N8atx/8/z/zvXDRZX9jxny/F96jl/Y//w/oSjCxaP8dsB7SkPjriMj3f9H7n/ctIpNzeD+T2/bvL/U/2OLf/B4+VRtlf0vHOH+P2ZJxa8VqE5D41d7Ku7/VfRffGyYSw70/9bjv32o1P+jf7z/jEGfVdP/xZX9z2xv3TJz6/bOcze0rl7fvL55U92sebPn1tfNPX/OzN5Hgr6vo/yuwHvD6O7/xaSKTU1RNA/sr+468FSp/zkPPDC7fGpilf0vGvH+P939H4b1kTHF+PFFx+r29ra6vq/9h/V9X/t+2DD9V/H3/zPPLv+w2vJrTVFMHdjfecZdy0v9v33omd3lU+Or7H/xiP3PH/h5gQijvP83VWyG9H/w0Iu9z/9L7zl4evlUtX//XzJi/6+4/8NoNDRW/A8/77JS/7uKSyM7DQ3++x+kk6P/R9++vjtuHT6lf0gnR/9/+MLRc+LWYan+IZ0c/Y/beP9zcetwif4hnRz9L5syb3ncOlyqf0gnR/9rXznnr3Hr0Kh/SCdH/2d/ZXdH3Dos0z+kk6P/B9tmb4tbh+X6h3Ry9P/zUx98NW4dLtM/pJOj/2PH7r4hbh0u1z+kk6P/rj1n/ShuHa7QP6STo//L1i0Icetwpf4hnRz9T5v658fi1uEq/UM6Ofqf+5d/nhq3DlfrH9LJ0f/tX1y+L24drtE/pJOj/7HXvfxC3Dqs0D+kk6P/JWdtWxC3DtfqH9LJ0X/Tz5p64tZhZbn/CYX+4V2Xo/+Z3/zJhrh1uM79H9LJ0f/hZY/siVuH6/UP6eTof09dMTluHW7QP6STo/9vfP+0Q3Hr8Gn9Qzo5+v/dk0/Mi1uHVfqHdHL0/+yHbvtW3DrcqH9IJ0f/96x54cy4dVitf0gnR/8P7X3uy3HrsEb/kE6O/l9/vfV9ceuwVv+QTo7+J0085bW4dWjSP6STo/8Ft3ytLW4dmvUP6eTov3V314/j1mGd/iGdHP1/9PjUlXHrsF7/kE6O/lfM2fvBuHW4Sf+QTo7+P7D0gl1x67BB/5BOjv4v7P74hXHrsFH/kE6O/tuf/vzX49bhZv1DOjn63zvj1UVx69Cif0gnR/8vrVry07h1aNU/pJOj/zcfuXZT3Dps0j+kk6P/J37x1rG4ddisf0gnR//vP3/h3+PWYYv+IZ0c/S9a/MbauHX4jP4hnRz9b+z610tx69Cmf0gnR/8zDl+1NG4dtuof0snR//fOrdsftw7t+od0cvR/xxX76uPWYZv+IZ0c/e8/eOddcetwi/4hnRz9v/Gr6dPi1uGz+od0cvR/3+RD18StQ4f+IZ0c/f96U+3TceuwXf+QTo7+/7Fvyo64dejUP6STo/+nXuv+U9w63Kp/SCdH/6vG/WZ83Drcpn9IJ0f/Uzq33Bu3DrfrH9LJ0f+8u1efF7cOn9M/pJOj/61/e/7bceuwQ/+QztbtnTevbmlpbvPGG2+8GXhzsv9kAlJ7J/qT/SsBAAAAAAAAAAAAAABOJMc/JzrZv0cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5WwfRuwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBXAAAA//9O+OOp")
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000001f00)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00?\x00\x00\x00\x00'])

9.174268966s ago: executing program 4 (id=2348):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
socket(0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r2, {}, 0xa}}, 0x26)
sendmmsg$inet(r3, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299", 0x12}], 0x1}}], 0x1, 0x8040)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
getpgid(0x0)
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
pipe2$watch_queue(&(0x7f0000000080), 0x80)
socket$rxrpc(0x21, 0x2, 0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
clock_getres(0x2, 0x0)
syz_io_uring_setup(0x110, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0)
ioctl$VIDIOC_G_SELECTION(r0, 0xc040565e, &(0x7f00000002c0)={0x2, 0x102})

8.592833308s ago: executing program 0 (id=2352):
socket$igmp(0x2, 0x3, 0x2)
socket$kcm(0x10, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x3d, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8}, 0x1c)
epoll_create(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000240)={0x18, 0x0, {0x3, @dev, 'syz_tun\x00'}}, 0x1e)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="34020000020000000580000000000000010000000000000000000000000000000000000000000000000000000000000000001b00046e6f6465767b65766f6f7e0539c60005000037d93a8b920000003800704a86cec602007dfa673effeb09b5351f5bde05"], 0x234)

7.958100488s ago: executing program 4 (id=2354):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1a, 0x4, 0x0, 0x0, 0x68, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@private}, {@multicast1}, {@remote}, {@dev}, {@broadcast, 0x8000}, {@multicast1, 0xffd200}]}, @ra={0x94, 0x4}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80000c, &(0x7f00000002c0)=ANY=[@ANYBLOB='nobarrier,decompose,gid=', @ANYRESHEX, @ANYBLOB=',barrier,gid=', @ANYRESHEX=0x0, @ANYRES32=0x0, @ANYRESHEX, @ANYRES64, @ANYRESHEX=0x0, @ANYBLOB="2c6e6c733d64656661756c742c001bb4a4447bd69aa8532125707aa318f1e60d28086a88ef2208cc30839fc1be7ad88539fad2c027aca664454d7bf988a9fa9f5f0cab42326f5c70febc7902ce02b8ec0adb23bef1c917d0bd"], 0x1, 0x6e3, &(0x7f00000009c0)="$eJzs3c1rHOcZAPBnVqvVrgqOnPgjLYEsMaSlorZkobTqpW4pRYdQQnroebHlWHgtB0kpSii10vYP6CGnntKDbqGHkt4N7bkhUHLVMVDIJSfdVGZ2ZrWr/bS1luTk9zMz8868H/POMzszml3MG8C31up8lB9HEqvzb+6k6/t7S82pvaWZPLsZEZWIKEWUW4tINiLLvZVP8d10Y14+GbSfj9ZX3v7i6/0vW2vlfMrKl4bV66PSu2k3n6IeEVP5stf0gBY/Pb77rvZuD2xvXEn7CNOAXSsCF389UatwYoc9dtt5n/w3mw+r/iTXLXBOJa3nZo+5iNmIqEa0nvr53aF0ur2bvN2z7gAAAAA8qdqoAr2v6y8cxEHsxIVn1SUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4JsrH/0/yqVSk65EU4/9X8m2Rp59Ln8+0lo/PuiMAAAAAAAAAMAGvHsRB7MSFYv0wyX7zf63jN/7vxHuxFWuxGddjJxqxHduxGYsRMdfRUGWnsb29uZjVjLg0pObN+KxPzZuD+3hrwscMAAAAAAAAAOdcdUT+/enebX+M1aPf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DxIIqZai2y6VKTnolSOiGpEVNJyuxGfFennRNJv4+PT7wcAAACcSLV7NamOUeeFR3EQO3GhWD9Msnf+K9n7cjXei43YjvXYjmasxZ38HTp96y/t7y019/eWHqRTb7s//+qJup61GK3vHvrv+eWsRC3uxnq25XrcjiQOM6W8lZf395bS5YP9vaRPvz5M+5T8LDekN1Md6Tvp7OqnWfov3d8ilJ/oEJ9SaWDOXJY73Y7IQt63tMbF4sz0P0Mjz0556J4Wo9T+5ufS8D31j/mHw/c+e6xU329uzsTxSNyMUvsMXRkeiYjv//OT395rbty/d3dr/vwcUl+PRpY4Homljkhc/QZFYrSFLBKX2+ur8av4TczHVzNvxWasx++iEduxVi/yG/nnOZ3PDY/U57Oda2+N6kl6Tdbb969+fapHV5+iHr/MUo14LTunF2I9kngYMb0Wb2T/bsZi+25wdIYvj3HVl8a403a49oNs0Q5T1AaX/ft4TU5KGteLHXHtvOfOZXmdW46i9GLfKBXPuvGfRx3K38sTaQt/Gvp8OG3HI7HYEYmXBn1eWiH922E632pu3N+813h3zP29ni+LT+f5uZGkZ/jFqOYHdzGbp71LPx1p3kvtXnfHq5L/4tJS6sm73K7XulJ/HQ/jTnReqT+O5ViOlaz0laz0dM8TK8272m6p+x6e5qV/aZXbP+x0/r31MJqtv4cAON9mfzhbqf2v9p/ax7U/1+7V3qz+YuYnM69UYvrf0z8tL0y9Xnol+Ud8HH84ev8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACe3tb7H9xvNJtrm/0Tpf5ZyfBajeZhPpDYsDJdiSQfKmeMwslYDQ5PzOSHf9J2uhL1p2qwGK1xdOH65Lrak0h28xPW3lIdfS6yUZ4ejXWWk56Ap5Wfus/F+FLPKBoTStQn12DxgR1WZuRVWYys1pU1FRH9Co+4cUxN6g4EnJUb2w/evbH1/gc/Wn/QeGftnbWN6eXllYWV5TeWbtxdb64ttOYdFU5l8FvgNBw99Du3liJeHV13yECtAAAAAAAAAAAAwDN0Gv8X4qyPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHi+rc5H+XEksbhwfSFd399baqZTkT4qWY6IUkQkv49I/hVxK1pTzHU0lwzaz0frK29/8fX+l0dtlYvypYjdgfXGs5tPUY+IqXw5qfZuj26vcpSc6ZOdtCOTBuxaETg4a/8PAAD//8uX63A=")
socketpair$unix(0x1, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)

7.147785601s ago: executing program 1 (id=2355):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @private1}, 0x1c)

7.094599083s ago: executing program 3 (id=2356):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018239c91", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000000200000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0xff7, &(0x7f0000001e00)=""/4087}, 0x90)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x42042)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
fcntl$getflags(r1, 0x401)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0)=0x2, 0x4)
r2 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10101}, &(0x7f00000001c0), &(0x7f0000000140))
io_uring_enter(r2, 0x22, 0x0, 0x7, 0x0, 0x0)

6.936302526s ago: executing program 4 (id=2357):
unshare(0x68040200)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = socket$unix(0x1, 0x5, 0x0)
r2 = dup2(r1, r0)
close_range(r2, 0xffffffffffffffff, 0x0)

6.932744763s ago: executing program 3 (id=2358):
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x5)
ioctl$TCFLSH(r1, 0x8924, 0x0)
r2 = creat(&(0x7f0000000180)='./file0\x00', 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x2, [@const={0x0, 0x0, 0x0, 0x9, 0x4}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @restrict={0x0, 0x0, 0x0, 0xb, 0x3}]}}, 0x0, 0x5a}, 0x20)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.net/syz0\x00', 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x12)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x800}, &(0x7f0000000200)=0x8)
openat$cgroup_int(r5, 0x0, 0x2, 0x0)
mbind(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000000)=0x6, 0x1f, 0x0)
unshare(0x400)
unshare(0x30000f00)
r6 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
r7 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x1ff, 0x8bcc0c0000000000, 0x0, 0x0, 0x0, 0x3})
syz_usb_control_io(r7, 0x0, &(0x7f00000011c0)={0x84, &(0x7f0000000180)=ANY=[@ANYBLOB="00000d0000006a10a066b224df247f0030f3b3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$LOOP_CHANGE_FD(r6, 0x301, 0xffffffffffffffff)
socket$kcm(0x2, 0x200000000000001, 0x106)

6.244063234s ago: executing program 4 (id=2359):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062430bc068829afff36b31fa7e35ce95d04"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x44}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000000, 0xe, 0x0, &(0x7f0000000300)="5cdd3086ddff0066b3c9bbac88a8", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6.200720044s ago: executing program 2 (id=2360):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='siox_set_data\x00', r2}, 0x10)
connect$unix(r4, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="3002000010000100000000000000fc8f652b00000000000000000000000000bbff0200000000000000000000000000010f00"/64, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="000000000000000000000000000000000000000032000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002bbd70000000000002000000af0000000000000048000200656362286369706865725f6e756c6c2900"/209, @ANYRES32=0x0, @ANYRES8], 0x230}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r6 = socket(0x10, 0x80803, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00010200"/20, @ANYRES32=0x0, @ANYBLOB="bf"], 0x1c}}, 0x0)
recvmmsg(r6, &(0x7f0000001bc0)=[{{0x0, 0x0, 0x0}}], 0x7, 0x0, 0x0)

6.083772937s ago: executing program 4 (id=2361):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@broadcast, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@dev}, 0x0, @in=@private}]}]}, 0xfc}}, 0x0)
syz_emit_ethernet(0x2fd, &(0x7f0000000d80)=ANY=[], 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000400)={[{@i_version}, {@bsdgroups}]}, 0x2, 0x53a, &(0x7f0000000540)="$eJzs3c9vHFcdAPDvjH82desEeoAKSIFCQFF2400bVb00uYBQVQlRcUAcUmNvLJPdrPGuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IBixQjATSopkdu1t7XW/j9S71fj7SaObN23nf9+LMvJm39rwAxtZzEbETEdMR8UZEzBf7k2KJO50l+9yjve2l/b3tpSTa7df/nuT52b7oOibzZFHmbER846sR30mOx21ubj1YrNWq60W63KqvlZubWzdW64sr1ZXqw0rl9sLtmy/derEysLZerf9y9yurr37zN7/+9Lu/3/nyD7JqzRV53e0YpE7Tpw7jZCYj4tXzCDYCE8V6esT14PGkEfGxiPhcfv7Px0T+vxMAuMja7floz3enAYCLLs3HwJK0VIwFzEWalkqdMbxn4lJaazRb1+83Nh4ud8bKLsdUen+1Vr15ZeaP38vvGKaSLL2Q5+X5ebpyJH0rIq5ExI9nnsjTpaVGbXl0tz0AMNaePNL//2um0//3oce3egDAR8bsqCsAAAyd/h8Axo/+HwDGTx/9f/Fl/8651wUAGA7P/wAwfvT/ADB+9P8AMFa+/tpr2dLeL95/vfzm5saDxps3lqvNB6X6xlJpqbG+VlppNFbyd/bUTyuv1misLbwQG2+VW9Vmq9zc3LpXb2w8bN3L3+t9rzo1lFYBAB/kytV3/pBExM7LT+RLdM3loK+Giy0ddQWAkZkYdQWAkTHbF4yv/p/xf3eu9QBGp+fLvGd7br7fTz9EEL9nBP9Xrn2y//F/czzDxWL8H8bX443/vzLwegDDZ/wfxle7nRyd83/6MAsAuJDO8Dv+7R8O6iYEGKnTJvMeyPf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMHMRcR3I0lLxVzgc5GmpVLEUxFxOaaS+6u16s2IeDquRsTUTJZeGHWlAYAzSv+aFPN/XZt/fu5o7nTy75l8HRHf/9nrP3lrsdVaX8j2/+Nw/8zB9GGV9447w7yCAECfnuvzc3n/XSnWXQ/yj/a2lw6W7s+nA67nUbt347/FVMRL+3vb+dLJmYzJfD2b30tc+mdSpDtzkT4bERMDiL/zdkR8olf7k3xs5HIx82l3/ChiPzXU+On74qd5Xmed3Xx9fAB1gXHzzt2IuNPr/EuLa2rv8382v0Kd3e7dTmEH1779rvgH17+JHvGTD3HN333ht187trM938l7O+LZyV7xk8P4yQnxn+8z/p8+9ZkfvXJCXvvnEdeid/zuWOVWfa3c3Ny6sVpfXKmuVB9WKrcXbt986daLlXI+Rl0+GKk+7m8vX3/6pLpl7b90QvzZnu2fPjz2C322/xf/eePbn/2A+F/6fO+f/zM943dkfeIX+4y/eOlXJ07fncVfPqH9p/38r/cZ/92/bC33+VEAYAiam1sPFmu16vqZNrKn0EGUc2wjq+JACzxl488xyALvnO3wqfP6Vz33jcnDe8XBlvytrMQhNycdeCvOtPGosxHnHmu01yXg/L130o+6JgAAAAAAAAAAAAAAwEmG8adLo24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9f/AgAA//91qMwl")
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000680)={'filter\x00', 0x7, 0x4, 0x408, 0x110, 0x110, 0x0, 0x320, 0x320, 0x320, 0x4, &(0x7f0000000000), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @empty, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x8}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @empty, @broadcast, @multicast2, 0x2, 0x1}}}, {{@uncond, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0xc, 0xa, {0xffffffff}}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x458)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

4.219503415s ago: executing program 2 (id=2362):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)=ANY=[], 0x398}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000080)={0x0, @in6={{0xa, 0x0, 0x0, @mcast2}}}, &(0x7f0000000000)=0x9c)

4.182966124s ago: executing program 1 (id=2363):
r0 = socket$inet(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

3.901306672s ago: executing program 0 (id=2364):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
socket(0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r2, {}, 0xa}}, 0x26)
sendmmsg$inet(r3, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6", 0x15}], 0x1}}], 0x1, 0x8040)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
getpgid(0x0)
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
pipe2$watch_queue(&(0x7f0000000080), 0x80)
socket$rxrpc(0x21, 0x2, 0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
clock_getres(0x2, 0x0)
syz_io_uring_setup(0x110, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0)
ioctl$VIDIOC_G_SELECTION(r0, 0xc040565e, &(0x7f00000002c0)={0x2, 0x102})

3.900314044s ago: executing program 4 (id=2365):
syz_open_dev$evdev(&(0x7f0000000a00), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$EVIOCGRAB(r0, 0x400445a0, &(0x7f0000000440))
r1 = creat(0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="c80000000002010400000000000000000a0000003c0001800c00028005000100010000002c00018014000300fc00000000000000000000000000000014000400fe8800000000000000000000000000013c0003800c00028005000100000000002c00018014000300fc00000000000000000000000000000014000400000000000000000000000000000000013c0002800c00028005000100000000002c00018014000300fe8000000000000000000000000000bb14000400ff020000000000000000000000000001dca434bda38c8debb471848e24273996e2a4ec02935b7ea8d361fbb01c76227bdd4d47049e886493583398d423b4633090904a7c31f64bd68c751592360c55f877cc16795ada1d90a2816d118cbaffbc3d5097910ce7fb88c17c609fb87d670d69ba84e3a6f843d978c8ccc6a54321c6b2c4707692b2da6564c48918495276ee184885c5f3357168b4d3aa97c14baf27e537446655354950883a471d94c4bb4abbdad3ab13731e400d5853cec460859b666f6f4cb427c3e16cfb3ba88c49021a768a6579482607f9625e8d071d2fe846948630b76f012c11d929163c0d49e212b59274cca6fabc8aa1591b8a440b22de9e1b232222b3a8b6618a0e92ef8f1e0fc29d1f251c81e79952a8ec10006335623bfb5f9370a87d881033f364d685255ac14b6c9cddd342406f82d2c21774ec27357856eed7ec90429e77531af246960266c754b0b50bfe228b289474041ca12f715db62b25970a5c8dc9bb90d4c359e1855e0de8d8d9"], 0xc8}}, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x45c, 0x0, &(0x7f0000000140)="2b7393b7c6347cd49978d5023a81022d1e7baeea09c5d463b04397f7a66a0f0b769bc097d48d09754d7e15e59224486b3df2c3fc8b3379a1a30fee142bb1a32d4c3b32006571f5de9d846e7e8b8e64c79a66e2ba19f7eca5d0e0517dcd4eba1ab882af481e477e362ceb1fd11c9d50b5e3afd7f60aa6881b2681c53ee87badeeba28eba948324721a382f000917a4a6f6f76d04e0b19396feccdbae7795aaa45818dce2d1f7b4642b09dd40bf4bef9854b631eb821b13a7e475d5c9a9d4bbb3fd9b07650683a35d9557d1e7e6496dd6f6f5ca57a5c43b9863819829430e1607ebf0dbb2308a8181ef5ccdcf1eb157470d54635a1a5b7075c77dfdb97155af8fa282fcc5ca5bad36839e0cad1304c542be170a44da4089a32bc3f35a85a6e30b8d233809335a4274938505517a26728b643c2f04917afe55c68759adea3bb70f5b5c3c59fc24d6e3835c110420cfd6de096f8dec90f5f577744d2d0f3ec21819253cdb102d50678293328726f1c4f7163e28e79ab4767e3054dfa9a11b1fdafb8757b2a91f8283ad01712062048b52b5cfcaf648fe760a98ee82fbb1836c88434e0b36f9b56c4d3cd8b42566cba88ddb7418762cd8495a4ec8de7952789c2a6d37cdbbecde53ffea86db893181d9b5c7d4663d1bd78c9cb87af7cbfa54a1b2c98432ef5ba6f43c358ae873495f46850d56d83f3d7d376b3b6120ffe93c8ab6b6f214316d8c3376a5a65d173b6e4243326c729163050547d49338a737bc894f487bc9b51e75ac2031ea714ed6c917f13e3cc0ee85a75e9a98a42f9aad6f1e244c1daa06ee55b205e11aa3a2982387210bccd26c5108f2a548b06dd0a0520ca8f99532ab0a4fd8c33f0f01ad40b74ef4e9f0d01b7bbc8aa69296cca1f19d92c5be8ffa3264e3951dd318363e02d36fa69ecaa3978b6c471c9dde0052632d1ebe277982fb0c900dd3f461257ad46a69b8f1e9bc36d8992426aa4adddc024bb74a39539f1cf801502cbd0d7acb8b2c5d9778a8253d2c8746d5b252a32f67c94cb8916a6310c1af0c0eb6f09a07d5020948a9c0f147c01d4a8b3af25686eadef9eaed2623cb012521ab86453e71bf351c130b6d33ffc388afdb5b2b7c16c1002a0640dd73e7a7e6a852dd2c75209d711a50363e46116ad2a14483c3729a81e4ef2fed2f18732f0038e079e561eea96eb665219070f42139c627dd5f185d23fdc316d38eb99826bcb63938d6cd1af3b5274f57009f87854ad98bef03025c32e7aa4a721d28e94ec5feff3a279c2e1c18002e39eaaefec3dfd1eae45a61e4283e8a7ef1eaf70d93a0333a9ff9ef048332f3fcc797076f8c02858548418e34a9967282de2eb4cc6438f0b6c9dcc204cdd732dd88624b39c16e8f80819cb72be6ab07492ed05ade4caf1ae3d723830523e32c02786c50ac1f47b994ed49fc4b9b318a4c86b4f7fb0d3c6a8763ef27cd52936cc55ef5ac50935a7f706464be90ea4b5f894ad92910de17889a6236a4bda8aac5e1daa70a8fcf248360cdd4e86f854f23e3e4792d91c85f1ed6cf7c36bbe9d879fc86b55e55e0566b6451aad55b1b2"})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0xc0a85322, &(0x7f0000000100)={{0x0, 0x80}})
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f00000006c0)=0x1, 0x4)
tkill(0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCDELDLCI(r4, 0x8981, &(0x7f0000000040)={'pimreg0\x00'})
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r1, &(0x7f00000005c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x8800)
r6 = socket$inet6(0xa, 0x800000000000002, 0x0)
open(&(0x7f0000000740)='./file0\x00', 0x12000, 0x12)
sendto$inet6(r6, 0x0, 0x0, 0x400ad00, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @dev}, 0x1c)
sendto$inet6(r6, 0x0, 0x2, 0x0, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x93, &(0x7f0000000780)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x81, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6, 0x24, 0x1a, 0x9c4c}, [@country_functional={0x10, 0x24, 0x7, 0x80, 0x0, [0x0, 0xfffe, 0x0, 0x0, 0x6]}, @mdlm={0x15, 0x24, 0x12, 0xe36b}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x0, 0x1}}}}}}}]}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x6}]}, @NFT_MSG_NEWSETELEM={0x60, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x24, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xe4}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r8=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000640)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf20000000000000070000000f0000002d030100000000007300ffb1000000006926000000000000bf67000000000000150002000fff52004507000010000000d60600000ee60000bf0500000000000073700000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8473e2060d60bb39d0af449deaa27ea949e8f9000d885dfea2783835e29eb532ba8546fc020c196738b5f32b095f5d5b196b9e8d897e461c01c697671d1000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r8, @ANYBLOB="d506330080000000ffffffffffff08021100"], 0x6f4}}, 0x0)

3.885297303s ago: executing program 2 (id=2366):
dup(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-ssse3\x00'}, 0x58)
r4 = accept4$alg(r3, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f00000014c0), 0x0, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0x13)
r5 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff56})
io_uring_enter(r5, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r8 = syz_io_uring_setup(0x6908, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000100)=<r9=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000003c0)={0x0, 0xc453, 0x400, 0x1fffd, 0xde}, &(0x7f00000002c0)=<r10=>0x0, &(0x7f0000000280))
syz_io_uring_submit(r10, r9, &(0x7f00000001c0)=@IORING_OP_SHUTDOWN={0x22, 0x48, 0x0, r2, 0x0, 0x0, 0x1, 0x0, 0x1})
io_uring_enter(r8, 0x184c, 0x0, 0x0, 0x0, 0x0)

3.760154179s ago: executing program 1 (id=2367):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c0000001100130400"/20, @ANYRES32=0x0], 0x3c}}, 0x0)

2.743069569s ago: executing program 2 (id=2368):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018239c91", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000000200000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0xff7, &(0x7f0000001e00)=""/4087}, 0x90)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x42042)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0)=0x2, 0x4)
r1 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10101}, &(0x7f00000001c0), &(0x7f0000000140))
io_uring_enter(r1, 0x22, 0x0, 0x7, 0x0, 0x0)

2.631579715s ago: executing program 3 (id=2369):
unshare(0x68040200)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = socket$unix(0x1, 0x5, 0x0)
r2 = dup2(r1, r0)
close_range(r2, 0xffffffffffffffff, 0x0)

2.595923611s ago: executing program 1 (id=2370):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000440)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x400002d, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair(0x0, 0x0, 0x2, 0x0)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='.\x00', 0xa1008a, &(0x7f00000003c0)=ANY=[], 0x21, 0x150f, &(0x7f0000000480)="$eJzs3AuYjtX6MPD7Xms9DE16m+QwrLXuhzcNliFJDklySJJkS5JTQmiSJCExzpKGJMlxkhyGkBymMWmcz4eckyRpkiQkJFnfNW199t7tvfv2/9/3ub7/3L/rei7rfp/3Xu/9vPfzeg7v9c63PUfXbV6vVlMigv8W/Os/yQAQAwDDAeA6AAgAoFJcpbic9fkkJv/3XoT9uR5Ku9oVsKuJ+5+7cf9zN+5/7sb9z924/7kb9z934/7nbtx/xnKz7XOKXs9L7l34/n9uxsf//0Gyy03+cmO5G3v9Bync/9yN+5+7cf9zN+5/7sb9z924/7kb9z934/4zlpv91+8d83cH/xOWq73/McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLHc77KxQA/Da+2nUxxhhjjDHGGGPsz+PzXu0KGGOMMcYYY4wx9n8fggAJCgLIA3khBvJBfrgGYuFaKADXQQSuhzi4AQrCjVAICkMRKArxUAyKgwYDFghCKAElIQo3QSm4GRKgNJSBsuCgHCRCeagAt0BFuBUqwW1QGW6HKlAVqkF1uANqwJ1QE+6CWnA31IY6UBfqwT1QH+6FBnAfNIT7oRE8AI3hQWgCf4Gm8BA0g4ehOTwCLeBRaAmtoDW0gbb/pfwXoC+8CP2gPyTDABgIg2AwDIGhMAyGw0swAl6GkfAKpMAoGA2vwhh4DcbC6zAO3oDx8CZMgIkwCSbDFJgKqfAWTIO3YTq8AzNgJsyC2ZAGc2AuvAvzYD4sgPdgIbwPi2AxLIGlkA4fQAYsg0z4EJbDR5AFK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A4fww7YCbtgN+yBvbAPPoH98CkcgM/gIHz+H+af+4f8XggIKFCgQoV5MA/GYAzmx/wYi7FYAAtgBCMYh3FYEAtiISyERbAIxmM8FsfiaNAgIaG6vCeVwlKYgAlYBsugQ4eJmIgV8BasiBWxElbCylgZq2BVrIrVsTrWwBpYE2tiLayFtbE21sW6eA/eg/diA2yADbEhNsJG2BgbYxNsgk2xKTbDZtgcm2MLbIEtsSW2xtbYFttiO2yH7bE9dsSO2Ak7YRfsgkmYhF2xK3bDbtgdu2MP7IE9sSf2wt7YG1/AF/BFfBH7Y20xAAfiQByMg3EoDsNh+BKOwJfxZXwFU3AUjsZX8VV8DcfiWRyHb+B4HI81xESchJORxFRMxVSchtNwOk7HGTgTZ+JsTMM5OBfn4jycj/PxPVyI7+P7uBgX41JMx3TMwGWYiZm4HM9hFq7AlbgKV+MaXI3rcD2uw424CTfiFtyC23Abfowf407cibtxN+7Nea/xE/wUP8UUPIgH8RAewsN4GI/gEczGbDyKR/EYHsPjeBxP4Ak8iafwNJ7CM3gGz+I5PI/n8QJewIv4XPzXzfaW3pACIocSSuQReUSMiBH5RX4RK2JFAVFARERExIk4UVAUFIVEIVFEFBHxIl4UF8WFEUaQCEUJUUJERVSUEqVEgkgQZUQZ4YQTiSJRVBAVREVRUVQSt4nK4nZRRVQVHVx1UV3UEB1dTXGXqCVqidqijqgr6ol6or6oLxqIBqKhaCgaiUaisXhQNBEDcCg+JHI601yMwhZiNLYUrURr0Ua8ho+JdmIsthcdREfxhHgDx2EX0c4liadEVzEJu4lnxGR8VvQQU7GneF70Er1FH/GC6Cvau36iv5iBA8RAMRsHiyFiqBgm5mEdkdOxuuIVkSJGidHiVbEUXxO/7ePjxZtigpgoJonJYoqYKlLFW2KaeFtMF++IGWKmmCVmizQxR8wV74p5Yr5YIN4TC8X7YpFYLJaIpSJdfCAyxDKRKT4Uy8VHIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCx2iJ1il9gt9oi9Yp/4ROwXn4oD4jNxUHwuDokvxGHxpTgivhLZ4mtxVHwjjolvxXHxnTghvhcnxSlxWvwgzogfxVlxTpwXP4kL4mdxUfwiLgkvQKIUUkolA5lH5pUxMp/ML6+RsfJaWUBeJyPyehknb5AF5Y2ykCwsi8iiMl4Wk8WllkZaSTKUJWRJGZU3yVLyZpkgS8sysqx0spxMlOVlBXmLrChvlZXkbbKyvF1WkVVlNVld3iFryDtlTXmXrCXvlrVlHVlX1pP3yPryXtlA3icbyvtlI/mAbCwflE3kX2RT+ZBsJh+WzeUjsoV8VLaUrWRr2Ua2lY/JdvJx2V52kB3lE7KT7Cy7yCdlknxKdpVPy27yGdldPit7yOdkT/m87CV7yz7yF3lJetlP9pfJcoAcKAfJwXKIHCqHyeHyJTlCvixHyldkSgwAyFflGPmaHCtfl+PkG3K8fFNOkBPlJDlZTpFTZap8S06Tb8vp8h05Q86Us+RsmSbnyKGXZ1rwf5D/9j/JHylT5Ci5TW6XH8sdcqfcJXfLPXKv3Cf3yf1yvzwgD8iD8qA8JA/Jw/KwPCKPyGyZLY/Ko/KYPCaPy+PyhDwhT8pT8if5gzwjf5Rn5Tl5Tv4kL8gL8uLl9wAUKqGkUipQeVReFaPyqfzqGhWrrlUF1HUqoq5XceoGVVDdqAqpwqqIKqriVTFVXGlllFWkQlVClVRRdRNe/oioMqqscqqcSlTl/5N8VUrdrBJU6b/L/6P62qq2qp1qp9qr9qqj6qg6qU6qi+qiklSS6qq6qm6qm+quuqseqofqqXqqXqqX6qP6qL6qr+qn+qlklawGqkFqsBqihqphavgAUCPUCDVSjVQpKkWNVqPVGDVGjVVj1Tg1To1X49UENUFNUpPUFDVFpapUNU1NU9PVdDVDzVCz1CyVptLUXDVXzVPz1AK1QC1UC9UitUgtUUtUukpXGSpDZapMtVwtV1lqhVqhVqlVao1ao9apdWqD2qA2qU1qi9qistR2tV3tUDvULrVL7VF71D61T+1X+9UBdUAdVAfVIXVIHVaH1RF1RGWrbHVUHVXH1DF1XB1XJ9QJdVKdVKfVaXVGnVFn1Vl1Xp1XF9QFdVFdVJfUpZzTvkAEIlCBCvIEeYKYICbIH+QPYoPYoEBQIIgEkSAuiAsKBjcGhYLCQZGgaBAfFAuKBzowgQ0oCIMSQckgGtwUlApuDhKC0kGZoGzggnJBYlA+qBDcElQMbg0qBbcFlYPbgypB1aBaUD24I6gR3BnUDO4KagV3B7WDOkHdoF5wT1A/uDdoENwXNAzuDxoFDwSNgweDJsFfgqbBQ0Gz4OGgefBI0CJ4NGgZtApaB22Ctn/q/N6fLfy466f762Q9QA/Ug/RgPUQP1cP0cP2SHqFf1iP1KzpFj9Kj9at6jH5Nj9Wv63H6DT1ev6kn6Il6kp6sp+ipOlW/pafpt/V0/Y6eoWfqWXq2TtNz9Fz9rp6n5+sF+j29UL+vF+nFeoleqtP1BzpDL9OZ+kO9XH+ks/QKvVKv0qv1Gr1Wr9Pr9Qa9UW/Sm/UWvVVv09v1x3qH3ql36d16j96r9+lP9H79qT6gP9MH9ef6kP5CH9Zf6iP6K52tv9ZH9Tf6mP5WH9ff6RP6e31Sn9Kn9Q/6jP5Rn9Xn9Hn9k76gf9YX9S/6kvY5J/c5h3ejjDJ5TB4TY2JMfpPfxJpYU8AUMBETMXEmzhQ0BU0hU8gUMUVMvIk3xU1xk4MMmRKmhImaqCllSpkEk2DKmDLGGWcSTaKpYCqYiqaiqWQqmcqmsqliqphqppq5w9xh7jR3mrvMXeZuc7epY+qYeqaeqW/qmwamgWloGppGppFpbBqbJqaJaWqammammWlumpsWpoVpaVqa1qa1aWvamnamnWlv2puOpqPpZDqZLqaLSTJJpqvparqZbqa76W56mB6mp+lpeplepo/pY/qavqaf6WeSTbIZaAaawWawGWqGmuFmuBlhRpiRZqRJMSlmtBltxpgxZqwZa8aZN8x486aZYCaaSWaymWKmmlSTaqaZaWa6mW5mmBlmlpll0kyamWvmmnlmnllgFpiFZqFZZBaZJWaJSTfpJsNkmEyTaZab5SbLZJmVZqVZbVabtWatWW/Wm41mo9lsNputZqvZbrabHWaH2WV2mT1mj9ln9pn9Zr85YA6Yg+agOWQOeQQwR8wRk22yzVFz1Bwzx8xxc9ycMCfMSXPSnDanzRlzxpw1Z815c95cMD+bi+YXc8l4E2Pz2fz2Ghtrr7UF7HX2H+MitqiNt8VscattIVv472JjrU2wpW2Z3y4xbXmbkHMstWWts+Vsoi1vq9iqtpqtbu+wNeydtubv4vr2XtvA3mcb2vttPXvP38WN7AO2sX3ENrGP2qa2lW1m29jm9hHbwj5qW9pWtrVtYzvZzraLfdIm2adsV/v07+IMu8yutxvsRrvJ7ref2vP2J3vMfmsv2J9tP9vfDrcv2RH2ZTvSvmJT7KjfxePtm3aCnWgn2cl2ip36u3iWnW3T7Bw7175r59n5v4vT7Qd2oc20i+xiu8Qu/TXOqSnTfmiX249sll1hV9pVdrVdY9fadf+71lV2i91qt9l99hO7w+60u+xuu8fu/TXO2Y4D9jN70H5uj9pv7GH7pT1ij9ts+/Wvcc72Hbff2RP2e3vSnrKn7Q/2jP3RnrXncrbf52z7D/YXe8l6C4QkSJKigPJQXoqhfJSfrqFYupYK0HUUoespjm6ggnQjFaLCVISKUjwVo+KkyZAlopBKUEmK0k1Uim6mBCpNZagsOSpHiVSeKtAtVJFupUp0G1Wm26kKVaVqVJ3uoBp0J9Wku6gW3U21qQ7VpXp0D9Wne6kB3UcN6X5qRA9QY3qQmtBfqCk9RM3oYWpOj1ALepRaUitqTW2oLT1G7ehxak8dqCM9QZ2oM3WhJymJnqKu9DR1o2eoOz1LPeg56knPUy/qTX3oBepLL1I/6k/JNIAG0iAaTENoKA2j4fQSjaCXaSS9Qik0ikbTqzSGXqOx9DqNozdoPL1JE2giTaLJNIWmUiq9RdPobZpO79AMmkmzaDal0RyaS+/SPJpPC+g9Wkjv0yJaTEtoKaXTB5RByyiTPqTl9BFl0QpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTx7SDdtIu2k17aC/to09oP+W7/IH7nA7RF3SYvqQj9BVl09d0lL6hY/QtHafv6AR9TyfpFJ2mH+gM/Uhn6Rydp5/oAv1MF+kXukSeIMRQhDJUYRDmCfOGMWG+MH94TRgbXhsWCK8LI+H1YVx4Q1gwvDEsFBYOi4RFw/iwWFg81KEJbUhhGJYIS4bR8KawVHhzmBCWDsuEZUMXlgsTw/JhhfCWsGJ4a1gpvC2sHN4eVgmrho/cXz28I6wR3hnWDO8Ka4V3h7XDOmHdsF54T1g/vDdsEN4XNgzvDyuGD4SNwwdDuPx7lWbhw2Hz8JGwRfho2DJsFbYO24Rtw8fCduHjYfuwQ9gxfCLsFHYOu4RPhknhU2HX8Ok/XJ8cDggHhoPCQaH398kl0aXR9OgH0Yzosmhm9MPo8uhH0azoiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lao9/XygkMnnHTKBS6Py+tiXD6X313jYt21roC7zkXc9S7O3eAKuhtdIVfYFXFFXbwr5oo77YyzjlzoSriSLupucqXczS7BlXZlXFnnXDmX6Nq4tq6ta+ced+1dB9fRPeGecJ1dZ/eke9I95bq6p10394zr7p51Pdxz7jn3vOvlers+7gXX173o+rn+Ltklu4FuoBvsBruhbqgb7oa7EW6EG+lGuhSX4ka70W6MG+PGurFunBvnxrvxboKb4Ca5SW6Km+JSXaqb5qa56W66CwBglpvl0lyam+vmunlunlvgFriFCQvdIrfILXFLXLpLdxkuw2W6TLfcLXdZLsutdCvdarfarXVr3Xq33m10G91mt9ltdVvddrfd7XA73C63y+1xe9w+t8/td/vdAXfAHXQH3SF3yB12h90R95XLdl+7o+4bd8x9646779wJ97076U650+4Hd8b96M66c+68+8ldcD+7i+4Xd8l5lxp5KzIt8nZkeuSdyIzIzMisyOxIWmROZG7k3ci8yPzIgsh7kYWR9yOLIosjSyJLI+mRDyIZkWWRzMiHkeWRjyJZkRWRlZFVkdWRNQp8sR2hL+FL+qi/yZfyN/sEX9qX8WW98+V8oi/vK/hbfEV/q6/kb/OV/e2+iq/qq/lHfUvfyrf2bXxb/5hv5x/37X0H39E/4Tv5zr6Lf9In+ad8V/+07+af8d39s76Hf8739M/7Xr637+Nf8H39i76f7++T/QA/0A/yg/0QP9QP88P9S36Ef9mP9K/4FD/Kj/av+jH+NT/Wv+7H+Tf8eP+mn+An+kl+sp/ip/pU/5af5t/20/07foaf6Wf52T7Nz/Fz/bt+np/vF/j3/EL/vl/kF/slfqlP9x/4DL/MZ/oP/XL/kc/yK/xKv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWv81v9x/7HX6n3+V3+z1+r9/nP/H7/af+gP/MH/Sf+0P+C3/Yf+mP+K98tv/aH836xh/z3/rj/jt/wn/vT/pT/rT/wZ/xP/qz/pw/73/yF/zP/qL/xV/6D3+zVufPuHXOGGOMMfb/oUF/sH7AP3lMAYC4PP7Ze3/tzqLZf7teAsDmQn8dDxHxnSIA8FT/ng/9ttSunZycfPm5WRKCkosBIPIPL3A5XgEdoTMkQQeo8E/rGyJ6X6B/M3/GWJoSvQ0g/9/kxMCV+Mr8X/yL+R97YnxG5fB83L+uP7oYIKHklZycq/Df4hXQ8devDjtAxX8xf+F2/67+LAn5vkwFaP83ObEA0D7fP9afCI/D05D0d89kjDHGGGOMMcb+aoio1v0Prj9/vT6PV1dy8sKV+I+uzxljjDHGGGOMMXb1Pdu7z5OPJSV16M4DHvAglw06/5vnXO3/mRhjjDHGGGN/tisn/Vcey3c1C2KMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxnKh/xd/aexqbyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2vAAAA///aYjRz")

2.302540491s ago: executing program 0 (id=2371):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000699100007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0xf3a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x5412, &(0x7f00000006c0)=0x5f)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)

2.295922634s ago: executing program 2 (id=2372):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='siox_set_data\x00', r2}, 0x10)
connect$unix(r4, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="3002000010000100000000000000fc8f652b00000000000000000000000000bbff0200000000000000000000000000010f00"/64, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="000000000000000000000000000000000000000032000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002bbd70000000000002000000af0000000000000048000200656362286369706865725f6e756c6c2900"/209, @ANYRES32=0x0, @ANYRES8], 0x230}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r6 = socket(0x10, 0x80803, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00010200"/20, @ANYRES32=0x0, @ANYBLOB="bf"], 0x1c}}, 0x0)
recvmmsg(r6, &(0x7f0000001bc0)=[{{0x0, 0x0, 0x0}}], 0x7, 0x0, 0x0)

655.882056ms ago: executing program 1 (id=2373):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @private1}, 0x1c)

635.512952ms ago: executing program 0 (id=2374):
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10)
r0 = syz_open_dev$vcsu(0x0, 0xed, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
sendmsg$nl_route_sched(r0, &(0x7f0000000600)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@getqdisc={0x34, 0x26, 0x100, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xc, 0xe}, {0x4, 0x39bf875529bb675e}, {0x4, 0x6}}, [{0x4}, {0x4}, {0x4}, {0x4}]}, 0x34}}, 0x80)
r2 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000500)={'syz', 0x2}, 0x0, 0x0, r1)
r3 = add_key$keyring(&(0x7f0000000140), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, r2)
request_key(&(0x7f0000000240)='keyring\x00', &(0x7f0000000200)={'syz', 0x2}, 0x0, r3)
socket$packet(0x11, 0x2, 0x300)
r4 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='erofs_lookup\x00', r6}, 0x10)
fstat(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0, <r8=>0x0})
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000280)=ANY=[@ANYRES32=r8, @ANYBLOB="091e21b81dfc6fb0feb157135f914b110011504efbf790845429946409a9244bffb818fbbc5ead98aeff6a5549e74cef0600", @ANYRESOCT, @ANYRES16=r7, @ANYRESHEX=r4, @ANYRES16=r6, @ANYRESOCT=r7, @ANYRES64], 0x2, 0x1d8, &(0x7f0000000840)="$eJzsmb/L00AYx793SdNaRHFxcHGwYEWbJqlKlw4VHAWhFXUsNpZq2koboS0IFhcXRwfB1X/AwaGTg5ubqw4qCA52dI7kck3Oxhb7/oDC+3zgvXzv7rnnnruXfjMEBEEcWb5/+/31xbVq8xKA4yggK8d/akkMV+K/vHp88WXt+uu3n9986J94Ml/NxwAEwf/vbwB4X9eApydFPwj+Xl2QzyZ4rG+B44LUt8FgLmsNktUuGO7K4QeKHhyTwnPNewOvfb/ruVbY2GHjhE1F3V8HsJgxtAHk5BZMmR9Npg9bHjCMhOcuRSZY7pOa2lZsuj9RX52jplxB+P+68/zZLOybctxS7s8Ghy11BQwNqavIwjTN5EqU85/Rk/xa6vwHcMjDEKdKO1EGid0SbHUk/EHHI6cX84/pVT92pfg9CGFcAFJTn/Ked2MfmQ1pAv+MSfyJ6cB5xZ906LF/lP3eo/JoMi11e62O23H7jlO5al22rCtOWRhR1G7wv5zwp7ySP7Mm1mAGxi3fH9pjwB/acd+JWsVxG+8Gv8QaLvyPo3guysHkOyt+Ua7A5B8Xz1AVtbXFEwRBEARBEARBEARBEARBbMVZsOhDWPShKliDc1NE/wkAAP//X9JszA==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001440)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
syz_open_dev$evdev(&(0x7f0000000440), 0x0, 0x80)

552.180719ms ago: executing program 2 (id=2375):
socket$igmp(0x2, 0x3, 0x2)
socket$kcm(0x10, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x3d, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8}, 0x1c)
epoll_create(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000240)={0x18, 0x0, {0x3, @dev, 'syz_tun\x00'}}, 0x1e)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="34020000020000000580000000000000010000000000000000000000000000000000000000000000000000000000000000001b00046e6f6465767b65766f6f7e0539c60005000037d93a8b920000003800704a86cec602007dfa673effeb09b5351f5bde05"], 0x234)

191.988435ms ago: executing program 0 (id=2376):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)=ANY=[@ANYRES64], 0x398}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000080)={0x0, @in6={{0xa, 0x0, 0x0, @mcast2}}}, &(0x7f0000000000)=0x9c)

101.565449ms ago: executing program 3 (id=2377):
socketpair$unix(0x1, 0x0, 0x0, 0x0)
epoll_create(0x0)
r0 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
chdir(0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r4 = syz_open_pts(r2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000018c0))
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, "1fee2a24e19ad98c39d82a1b34af8a9e36fc0a"})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180200002020702500000000002020207b0af8ff00000000bda100000000000026010000f8ffffffb702000008000000b703000000000000850000004b00000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$cgroup_ro(r0, 0x0, 0x275a, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x800, @fixed, 0x0, 0x2}, 0xe)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @none, 0x4}, 0xe)
connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x0, @none, 0x0, 0x2}, 0xe)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r6, 0x6, 0x1, 0x0, &(0x7f0000000180))

0s ago: executing program 0 (id=2378):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1a, 0x4, 0x0, 0x0, 0x68, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@private}, {@multicast1}, {@remote}, {@dev}, {@broadcast, 0x8000}, {@multicast1, 0xffd200}]}, @ra={0x94, 0x4}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80000c, &(0x7f00000002c0)=ANY=[@ANYBLOB='nobarrier,decompose,gid=', @ANYRESHEX, @ANYBLOB=',barrier,gid=', @ANYRESHEX=0x0, @ANYRES32=0x0, @ANYRESHEX, @ANYRES64, @ANYRESHEX=0x0, @ANYBLOB="2c6e6c733d64656661756c742c001bb4a4447bd69aa8532125707aa318f1e60d28086a88ef2208cc30839fc1be7ad88539fad2c027aca664454d7bf988a9fa9f5f0cab42326f5c70febc7902ce02b8ec0adb23bef1c917d0bd"], 0x1, 0x6e3, &(0x7f00000009c0)="$eJzs3c1rHOcZAPBnVqvVrgqOnPgjLYEsMaSlorZkobTqpW4pRYdQQnroebHlWHgtB0kpSii10vYP6CGnntKDbqGHkt4N7bkhUHLVMVDIJSfdVGZ2ZrWr/bS1luTk9zMz8868H/POMzszml3MG8C31up8lB9HEqvzb+6k6/t7S82pvaWZPLsZEZWIKEWUW4tINiLLvZVP8d10Y14+GbSfj9ZX3v7i6/0vW2vlfMrKl4bV66PSu2k3n6IeEVP5stf0gBY/Pb77rvZuD2xvXEn7CNOAXSsCF389UatwYoc9dtt5n/w3mw+r/iTXLXBOJa3nZo+5iNmIqEa0nvr53aF0ur2bvN2z7gAAAAA8qdqoAr2v6y8cxEHsxIVn1SUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4JsrH/0/yqVSk65EU4/9X8m2Rp59Ln8+0lo/PuiMAAAAAAAAAMAGvHsRB7MSFYv0wyX7zf63jN/7vxHuxFWuxGddjJxqxHduxGYsRMdfRUGWnsb29uZjVjLg0pObN+KxPzZuD+3hrwscMAAAAAAAAAOdcdUT+/enebX+M1aPf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DxIIqZai2y6VKTnolSOiGpEVNJyuxGfFennRNJv4+PT7wcAAACcSLV7NamOUeeFR3EQO3GhWD9Msnf+K9n7cjXei43YjvXYjmasxZ38HTp96y/t7y019/eWHqRTb7s//+qJup61GK3vHvrv+eWsRC3uxnq25XrcjiQOM6W8lZf395bS5YP9vaRPvz5M+5T8LDekN1Md6Tvp7OqnWfov3d8ilJ/oEJ9SaWDOXJY73Y7IQt63tMbF4sz0P0Mjz0556J4Wo9T+5ufS8D31j/mHw/c+e6xU329uzsTxSNyMUvsMXRkeiYjv//OT395rbty/d3dr/vwcUl+PRpY4Homljkhc/QZFYrSFLBKX2+ur8av4TczHVzNvxWasx++iEduxVi/yG/nnOZ3PDY/U57Oda2+N6kl6Tdbb969+fapHV5+iHr/MUo14LTunF2I9kngYMb0Wb2T/bsZi+25wdIYvj3HVl8a403a49oNs0Q5T1AaX/ft4TU5KGteLHXHtvOfOZXmdW46i9GLfKBXPuvGfRx3K38sTaQt/Gvp8OG3HI7HYEYmXBn1eWiH922E632pu3N+813h3zP29ni+LT+f5uZGkZ/jFqOYHdzGbp71LPx1p3kvtXnfHq5L/4tJS6sm73K7XulJ/HQ/jTnReqT+O5ViOlaz0laz0dM8TK8272m6p+x6e5qV/aZXbP+x0/r31MJqtv4cAON9mfzhbqf2v9p/ax7U/1+7V3qz+YuYnM69UYvrf0z8tL0y9Xnol+Ud8HH84ev8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACe3tb7H9xvNJtrm/0Tpf5ZyfBajeZhPpDYsDJdiSQfKmeMwslYDQ5PzOSHf9J2uhL1p2qwGK1xdOH65Lrak0h28xPW3lIdfS6yUZ4ejXWWk56Ap5Wfus/F+FLPKBoTStQn12DxgR1WZuRVWYys1pU1FRH9Co+4cUxN6g4EnJUb2w/evbH1/gc/Wn/QeGftnbWN6eXllYWV5TeWbtxdb64ttOYdFU5l8FvgNBw99Du3liJeHV13yECtAAAAAAAAAAAAwDN0Gv8X4qyPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHi+rc5H+XEksbhwfSFd399baqZTkT4qWY6IUkQkv49I/hVxK1pTzHU0lwzaz0frK29/8fX+l0dtlYvypYjdgfXGs5tPUY+IqXw5qfZuj26vcpSc6ZOdtCOTBuxaETg4a/8PAAD//8uX63A=")
socketpair$unix(0x1, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

7295 subj=unconfined pid=11984 comm="syz.2.1799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e34975bd9 code=0x7ffc0000
[  584.825642][T11961] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  584.865073][T10837] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  584.886247][   T29] audit: type=1326 audit(1720507263.976:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.1799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f8e34975bd9 code=0x7ffc0000
[  584.917786][ T4491] Bluetooth: hci1: command 0x041b tx timeout
[  585.005752][T11864] bridge0: port 1(bridge_slave_0) entered blocking state
[  585.012946][T11864] bridge0: port 1(bridge_slave_0) entered disabled state
[  585.034860][   T29] audit: type=1326 audit(1720507263.976:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.1799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e34975bd9 code=0x7ffc0000
[  585.042001][T11864] bridge_slave_0: entered allmulticast mode
[  585.137698][T11864] bridge_slave_0: entered promiscuous mode
[  585.173169][T11864] bridge0: port 2(bridge_slave_1) entered blocking state
[  585.205233][T11864] bridge0: port 2(bridge_slave_1) entered disabled state
[  585.269864][T11864] bridge_slave_1: entered allmulticast mode
[  585.323268][T11864] bridge_slave_1: entered promiscuous mode
[  585.625877][ T5151] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  586.015595][ T5151] usb 4-1: device descriptor read/64, error -71
[  586.243486][T12009] loop2: detected capacity change from 0 to 1024
[  586.271515][T11864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  586.316610][T12009] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  586.327820][ T5151] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  586.346062][T12009] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  586.358899][T11864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  586.385658][T12009] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  586.416386][ T9393] udevd[9393]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  586.436025][T12009] JBD2: no valid journal superblock found
[  586.455609][T12009] EXT4-fs (loop2): Could not load journal inode
[  586.525584][ T5151] usb 4-1: device descriptor read/64, error -71
[  586.631749][ T1092] hsr_slave_0: left promiscuous mode
[  586.654785][ T1092] hsr_slave_1: left promiscuous mode
[  586.669131][ T5151] usb usb4-port1: attempt power cycle
[  586.690095][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  586.706712][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0
[  586.728242][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  586.738699][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1
[  586.828447][ T1092] veth1_macvtap: left promiscuous mode
[  586.842251][ T1092] veth0_macvtap: left promiscuous mode
[  586.874895][ T1092] veth1_vlan: left promiscuous mode
[  586.890624][ T1092] veth0_vlan: left promiscuous mode
[  586.939881][T12025] loop2: detected capacity change from 0 to 128
[  587.049170][ T9393] udevd[9393]: symlink '../../loop2' '/dev/disk/by-label/SYZKALLER.tmp-b7:2' failed: Read-only file system
[  587.095560][ T5151] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  587.272231][ T9393] udevd[9393]: symlink '../../loop2' '/dev/disk/by-uuid/1DD0-AF77.tmp-b7:2' failed: Read-only file system
[  587.876527][ T5151] usb 4-1: device descriptor read/8, error -71
[  588.165708][ T5151] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  588.436407][ T5151] usb 4-1: device not accepting address 32, error -71
[  588.505982][ T5151] usb usb4-port1: unable to enumerate USB device
[  590.139662][ T1092] team0 (unregistering): Port device team_slave_1 removed
[  590.310558][ T1092] team0 (unregistering): Port device team_slave_0 removed
[  590.707256][   T25] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  590.892082][T12045] loop0: detected capacity change from 0 to 40427
[  590.899091][   T25] usb 4-1: Using ep0 maxpacket: 16
[  590.908187][   T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  590.918616][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  590.940106][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  590.943122][T12045] F2FS-fs (loop0): Found nat_bits in checkpoint
[  590.956817][   T25] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  590.966935][   T25] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  590.997342][   T25] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  591.009299][   T25] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  591.027770][   T25] usb 4-1: Manufacturer: syz
[  591.034187][ T9393] udevd[9393]: symlink '../../loop0' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:0' failed: Read-only file system
[  591.050870][   T25] usb 4-1: config 0 descriptor??
[  591.068993][T11864] team0: Port device team_slave_0 added
[  591.125522][T12045] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  591.140189][T12028] netlink: 'syz.2.1807': attribute type 4 has an invalid length.
[  591.272100][T11864] team0: Port device team_slave_1 added
[  591.547801][T11864] batman_adv: batadv0: Adding interface: batadv_slave_0
[  591.565249][T11864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  591.635495][T11864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  592.316063][T11864] batman_adv: batadv0: Adding interface: batadv_slave_1
[  592.323078][T11864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  592.535882][T11864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  592.786961][T11864] hsr_slave_0: entered promiscuous mode
[  592.816357][T11864] hsr_slave_1: entered promiscuous mode
[  593.031575][T12076] loop0: detected capacity change from 0 to 2048
[  593.055840][ T5199] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  593.070046][T12076] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  593.124113][ T9393] udevd[9393]: symlink '../../loop0' '/dev/disk/by-label/LinuxUDF.tmp-b7:0' failed: Read-only file system
[  593.171903][ T9393] udevd[9393]: symlink '../../loop0' '/dev/disk/by-uuid/1234567812345678.tmp-b7:0' failed: Read-only file system
[  593.227169][ T5199] usb 3-1: device descriptor read/64, error -71
[  593.953099][ T5199] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  594.149737][ T5199] usb 3-1: device descriptor read/64, error -71
[  594.163279][ T4491] Bluetooth: hci5: SCO packet for unknown connection handle 200
[  594.170816][ T4491] Bluetooth: hci5: ACL packet for unknown connection handle 0
[  594.195729][   T25] rc_core: IR keymap rc-hauppauge not found
[  594.265108][   T25] Registered IR keymap rc-empty
[  594.286524][ T5199] usb usb3-port1: attempt power cycle
[  594.313890][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.375777][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.444570][   T25] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  594.491187][   T25] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input21
[  594.530756][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.552334][T12097] libceph: resolve '.
[  594.552334][T12097] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  594.552334][T12097] ' (ret=-3): failed
[  594.582256][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.645841][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.690397][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.735646][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.755601][ T5199] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  594.798772][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.806848][ T5199] usb 3-1: device descriptor read/8, error -71
[  594.816501][T12097] dummy0: entered promiscuous mode
[  594.835894][T12097] dummy0: left promiscuous mode
[  594.845698][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.875691][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.915967][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  594.955606][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  595.004389][   T25] mceusb 4-1:0.0: Registered  with mce emulator interface version 1
[  595.026040][   T25] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  595.055782][ T5149] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  595.076714][ T5199] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  595.107169][   T25] usb 4-1: USB disconnect, device number 33
[  595.136216][ T5199] usb 3-1: device descriptor read/8, error -71
[  595.262386][ T5149] usb 2-1: Using ep0 maxpacket: 16
[  595.268415][ T5199] usb usb3-port1: unable to enumerate USB device
[  595.285539][ T5149] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  595.306218][ T5149] usb 2-1: config 0 has no interfaces?
[  595.321578][ T5149] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  595.353635][ T5149] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.391113][ T5149] usb 2-1: config 0 descriptor??
[  595.435406][T11864] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  595.473329][T11864] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  595.523652][T11864] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  595.589776][T11864] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  596.038938][T12118] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  596.068731][T12118] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  596.081238][T11864] 8021q: adding VLAN 0 to HW filter on device bond0
[  596.154642][T11864] 8021q: adding VLAN 0 to HW filter on device team0
[  596.180900][T11181] bridge0: port 1(bridge_slave_0) entered blocking state
[  596.188069][T11181] bridge0: port 1(bridge_slave_0) entered forwarding state
[  596.230506][T11181] bridge0: port 2(bridge_slave_1) entered blocking state
[  596.237764][T11181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  597.543435][T11181] usb 2-1: USB disconnect, device number 26
[  597.818691][T12145] loop1: detected capacity change from 0 to 1024
[  597.837571][T11864] 8021q: adding VLAN 0 to HW filter on device batadv0
[  597.869190][T12145] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  597.895616][T12145] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  597.925012][T12145] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  597.942008][ T9393] udevd[9393]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  597.986231][T12145] JBD2: no valid journal superblock found
[  598.034683][T12145] EXT4-fs (loop1): Could not load journal inode
[  598.079336][   T25] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  598.296888][   T25] usb 4-1: Using ep0 maxpacket: 16
[  598.329507][   T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  598.386220][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  598.427310][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  598.458169][   T25] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  598.487152][   T25] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  598.547396][   T25] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  598.570011][   T25] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  598.596192][   T25] usb 4-1: Manufacturer: syz
[  598.636680][   T25] usb 4-1: config 0 descriptor??
[  598.686159][T12116] loop2: detected capacity change from 0 to 40427
[  598.782325][T12116] F2FS-fs (loop2): Found nat_bits in checkpoint
[  598.789106][ T4491] Bluetooth: hci0: unexpected event 0x04 length: 11 > 10
[  598.826866][T11864] veth0_vlan: entered promiscuous mode
[  598.877503][T11878] udevd[11878]: symlink '../../loop2' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:2' failed: Read-only file system
[  598.919313][T11864] veth1_vlan: entered promiscuous mode
[  598.926227][T12171] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1833'.
[  599.106424][T11864] veth0_macvtap: entered promiscuous mode
[  599.147142][T11864] veth1_macvtap: entered promiscuous mode
[  599.194475][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  599.214813][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.238903][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  599.259034][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.272707][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  599.308061][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.335307][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  599.353623][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.399095][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  599.415897][ T5151] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  599.452475][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.490792][T11864] batman_adv: batadv0: Interface activated: batadv_slave_0
[  599.511291][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.523808][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.536223][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.557097][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.570015][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.583570][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.596685][ T5151] usb 1-1: device descriptor read/64, error -71
[  599.603195][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.614127][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.624738][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.636936][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.650143][T11864] batman_adv: batadv0: Interface activated: batadv_slave_1
[  599.671495][T11864] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  599.695589][T11864] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  599.704546][T11864] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  599.714681][T11864] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  599.815756][T11181] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  599.876666][ T5151] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  599.957010][ T8329] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  599.983305][ T8329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  600.016119][T11181] usb 2-1: Using ep0 maxpacket: 32
[  600.025003][T11181] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  600.045594][ T5151] usb 1-1: device descriptor read/64, error -71
[  600.077082][T11181] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  600.138849][   T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  600.151734][T11181] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  600.173996][   T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  600.204837][ T5151] usb usb1-port1: attempt power cycle
[  600.213219][T11181] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  600.831925][ T4491] Bluetooth: hci0: command tx timeout
[  600.966278][T11181] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  600.980665][T11181] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  600.990199][T11181] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  601.017587][T11181] usb 2-1: Product: syz
[  601.021809][T11181] usb 2-1: Manufacturer: syz
[  601.036712][T11181] usb 2-1: SerialNumber: syz
[  601.085549][   T25] rc_core: IR keymap rc-hauppauge not found
[  601.091511][   T25] Registered IR keymap rc-empty
[  601.122120][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.175756][T12206] loop2: detected capacity change from 0 to 1024
[  601.178402][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.209656][T12206] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  601.231122][T12206] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  601.261262][   T25] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  601.272636][T11877] udevd[11877]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  601.301054][T12206] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  601.301682][   T25] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input22
[  601.329802][T11181] cdc_ncm 2-1:1.0: bind() failure
[  601.350141][T12206] JBD2: no valid journal superblock found
[  601.356745][ T5151] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  601.380080][T11181] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  601.399245][T12206] EXT4-fs (loop2): Could not load journal inode
[  601.416245][T11181] cdc_ncm 2-1:1.1: bind() failure
[  601.426856][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.436184][ T5151] usb 1-1: device descriptor read/8, error -71
[  601.448452][T11181] usb 2-1: USB disconnect, device number 27
[  601.515371][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.565943][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.595628][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.637240][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.678053][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.718442][ T5151] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  601.725706][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.786101][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.788486][ T5151] usb 1-1: device descriptor read/8, error -71
[  601.837906][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.846737][ T4491] Bluetooth: hci1: unexpected event 0x04 length: 11 > 10
[  601.879315][   T25] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  601.993386][   T25] mceusb 4-1:0.0: Registered  with mce emulator interface version 1
[  602.725741][ T5151] usb usb1-port1: unable to enumerate USB device
[  602.802099][   T25] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  602.885995][T12235] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1845'.
[  602.903595][   T25] usb 4-1: USB disconnect, device number 34
[  603.195692][ T5199] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  603.204851][T12239] loop1: detected capacity change from 0 to 8192
[  603.213234][T12243] mkiss: ax0: crc mode is auto.
[  603.340840][T11878] udevd[11878]: symlink '../../loop1' '/dev/disk/by-uuid/1DE1-D756.tmp-b7:1' failed: Read-only file system
[  603.405864][ T5199] usb 3-1: Using ep0 maxpacket: 16
[  603.417586][T12239] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  603.445998][ T5199] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  603.464071][T12239] FAT-fs (loop1): Filesystem has been set read-only
[  603.476435][ T5199] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  603.498160][T12239] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  603.509531][ T5199] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  603.525291][ T5199] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  603.640688][ T5199] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  603.661834][ T5199] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  603.679112][ T5199] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  603.688072][ T5199] usb 3-1: Manufacturer: syz
[  603.707401][ T5199] usb 3-1: config 0 descriptor??
[  603.866248][ T4491] Bluetooth: hci1: command 0x041b tx timeout
[  604.662907][T12259] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1853'.
[  604.912854][T12265] loop4: detected capacity change from 0 to 1024
[  604.926140][T12265] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  604.938418][T12265] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  604.963019][T12265] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  604.994279][T12265] JBD2: no valid journal superblock found
[  605.014303][T12265] EXT4-fs (loop4): Could not load journal inode
[  605.021617][T11878] udevd[11878]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  605.422287][T12272] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1858'.
[  605.570776][T12276] loop3: detected capacity change from 0 to 1024
[  605.668573][T11878] udevd[11878]: symlink '../../loop3' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:3' failed: Read-only file system
[  605.963849][ T4491] Bluetooth: hci1: command 0x041b tx timeout
[  606.203840][ T5199] rc_core: IR keymap rc-hauppauge not found
[  606.209804][ T5199] Registered IR keymap rc-empty
[  606.222757][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  606.402158][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  606.474790][ T5199] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  606.595893][ T5199] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input23
[  607.044875][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  607.153236][ T4491] Bluetooth: hci5: SCO packet for unknown connection handle 200
[  607.171372][ T4491] Bluetooth: hci5: ACL packet for unknown connection handle 0
[  607.184249][T12300] loop0: detected capacity change from 0 to 1024
[  607.197383][T12300] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  607.209183][T12300] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  607.241622][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  607.282590][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  607.302695][T12300] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  607.333206][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  607.523531][T12295] libceph: resolve '.
[  607.523531][T12295] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  607.523531][T12295] ' (ret=-3): failed
[  607.551552][T12300] JBD2: no valid journal superblock found
[  607.575238][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  607.604662][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  607.689637][T12307] 9pnet_virtio: no channels available for device 
[  608.284282][T12300] EXT4-fs (loop0): Could not load journal inode
[  608.292671][   T29] audit: type=1326 audit(1720507287.412:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12304 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5194975bd9 code=0x7ffc0000
[  608.324088][ T4491] Bluetooth: hci1: command 0x041b tx timeout
[  608.359999][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  608.379321][T11878] udevd[11878]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  608.400632][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  608.441431][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  608.456155][   T29] audit: type=1326 audit(1720507287.422:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12304 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5194975bd9 code=0x7ffc0000
[  608.496114][ T5199] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  608.547653][ T5199] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  608.571057][ T5199] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  608.599122][   T29] audit: type=1326 audit(1720507287.422:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12304 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f5194975bd9 code=0x7ffc0000
[  608.630103][ T5199] usb 3-1: USB disconnect, device number 35
[  608.700191][T12295] dummy0: entered promiscuous mode
[  608.708463][T12311] loop4: detected capacity change from 0 to 1024
[  608.718398][   T29] audit: type=1326 audit(1720507287.422:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12304 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5194975bd9 code=0x7ffc0000
[  608.754423][T12295] dummy0: left promiscuous mode
[  608.793111][   T29] audit: type=1326 audit(1720507287.422:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12304 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5194975bd9 code=0x7ffc0000
[  608.868853][   T29] audit: type=1326 audit(1720507287.432:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12304 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f5194975bd9 code=0x7ffc0000
[  608.924238][ T5145] udevd[5145]: symlink '../../loop4' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:4' failed: Read-only file system
[  608.961116][   T29] audit: type=1326 audit(1720507287.442:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12304 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5194975bd9 code=0x7ffc0000
[  609.216420][T12320] MTD: Couldn't look up '': -22
[  611.361478][ T5102] Bluetooth: hci3: command 0x0406 tx timeout
[  611.442456][ T5102] Bluetooth: hci6: command 0x0406 tx timeout
[  611.554451][T12339] fuse: Bad value for 'fd'
[  612.709125][   T29] audit: type=1326 audit(1720507291.791:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.2.1880" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e34975bd9 code=0x0
[  613.128577][T12356] loop1: detected capacity change from 0 to 1024
[  613.256406][ T9393] udevd[9393]: symlink '../../loop1' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:1' failed: Read-only file system
[  613.396990][T12354] MTD: Couldn't look up '': -22
[  613.695270][T12366] loop3: detected capacity change from 0 to 512
[  613.860258][T12366] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  613.902816][T12366] ext4 filesystem being mounted at /339/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  613.910030][T12372] team0: Device gtp0 is of different type
[  614.012908][ T9393] udevd[9393]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  614.226436][ T6911] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  614.261417][ T5152] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  614.513088][ T5152] usb 3-1: Using ep0 maxpacket: 32
[  614.538995][ T5152] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  614.578692][ T5152] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  614.607615][ T5152] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  614.620702][ T5152] usb 3-1: config 1 has no interface number 0
[  614.627376][ T5152] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  614.643787][ T5152] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  614.673133][ T5152] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  614.692967][ T5152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.745124][ T5199] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  614.756457][ T5152] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  614.958429][ T5199] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  615.135734][ T5199] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  615.167992][ T5199] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  615.188324][ T5199] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  615.204878][ T5199] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  615.227095][ T5199] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  615.246626][ T5199] usb 1-1: Product: syz
[  615.251485][ T5199] usb 1-1: Manufacturer: syz
[  615.256210][ T5199] usb 1-1: SerialNumber: syz
[  615.269348][ T5199] cdc_ncm 1-1:1.0: skipping garbage
[  615.384586][T12393] loop3: detected capacity change from 0 to 128
[  615.665256][ T5152] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached
[  616.445690][ T5112] Bluetooth: hci0: command 0x0406 tx timeout
[  616.591454][T12398] loop4: detected capacity change from 0 to 1024
[  616.687670][   T25] snd_usb_pod 3-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  616.695166][ T4491] Bluetooth: hci5: SCO packet for unknown connection handle 200
[  616.768297][ T4491] Bluetooth: hci5: ACL packet for unknown connection handle 0
[  616.834113][ T5145] udevd[5145]: symlink '../../loop4' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:4' failed: Read-only file system
[  616.921372][ T5199] cdc_ncm 1-1:1.0: bind() failure
[  616.955086][ T5199] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[  617.007149][ T5199] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[  617.054703][ T5199] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[  617.127647][ T5199] usb 1-1: USB disconnect, device number 29
[  617.210534][T12402] libceph: resolve '.
[  617.210534][T12402] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  617.210534][T12402] ' (ret=-3): failed
[  617.691966][T12412] dummy0: entered promiscuous mode
[  617.728179][T12412] dummy0: left promiscuous mode
[  617.834013][T11182] usb 3-1: USB disconnect, device number 36
[  617.847627][T11182] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  619.238516][T12436] MTD: Couldn't look up '': -22
[  619.337323][T12408] loop4: detected capacity change from 0 to 40427
[  619.348772][T12408] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  619.367690][T12408] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  619.382747][T12408] F2FS-fs (loop4): invalid crc value
[  619.428460][T12408] F2FS-fs (loop4): Found nat_bits in checkpoint
[  619.657492][ T9393] udevd[9393]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  619.879343][T12408] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  619.902223][T12444] loop2: detected capacity change from 0 to 1024
[  619.908934][T12408] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  620.066856][ T9393] udevd[9393]: symlink '../../loop2' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:2' failed: Read-only file system
[  620.531689][ T5145] udevd[5145]: inotify_add_watch(7, /dev/loop16, 10) failed: No such file or directory
[  620.910205][T12454] loop2: detected capacity change from 0 to 1024
[  621.001211][ T9393] udevd[9393]: symlink '../../loop2' '/dev/disk/by-label/untitled.tmp-b7:2' failed: Read-only file system
[  621.035473][ T9393] udevd[9393]: symlink '../../loop2' '/dev/disk/by-uuid/3de3d207-fc4e-3c3b-aa08-7cb07cd064ab.tmp-b7:2' failed: Read-only file system
[  621.053453][   T82] hfsplus: b-tree write err: -5, ino 4
[  621.206755][T10765] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  621.408529][T10765] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  621.481584][T10765] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  621.537886][T10765] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  621.586359][T10765] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  621.645957][T10765] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  621.839169][T10765] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.861337][T10765] usb 2-1: Product: syz
[  622.576053][T10765] usb 2-1: Manufacturer: syz
[  622.613844][T10765] usb 2-1: SerialNumber: syz
[  622.635050][T10765] cdc_ncm 2-1:1.0: skipping garbage
[  622.874536][T12477] loop3: detected capacity change from 0 to 4096
[  622.901855][T12484] loop2: detected capacity change from 0 to 1024
[  622.919549][T11878] udevd[11878]: symlink '../../loop2' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:2' failed: Read-only file system
[  623.033834][ T5145] udevd[5145]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  623.078489][ T5145] udevd[5145]: symlink '../../loop3' '/dev/disk/by-uuid/0B506D495F2D248F.tmp-b7:3' failed: Read-only file system
[  623.579277][ T5149] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  623.674117][T10765] cdc_ncm 2-1:1.0: bind() failure
[  623.728478][   T29] audit: type=1326 audit(1720507302.741:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12487 comm="syz.0.1926" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb3e9375bd9 code=0x0
[  623.760582][T10765] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[  623.782313][T10765] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[  623.790606][ T5149] usb 3-1: Using ep0 maxpacket: 32
[  623.812331][ T5149] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  623.833779][T10765] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[  623.843377][ T5149] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  623.864163][T10765] usb 2-1: USB disconnect, device number 28
[  623.881008][ T5149] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  623.913475][ T5149] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  623.944058][ T5149] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  623.965055][ T5149] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  623.994632][ T5149] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  624.013815][ T5149] usb 3-1: Product: syz
[  624.018040][ T5149] usb 3-1: Manufacturer: syz
[  624.035566][ T5149] usb 3-1: SerialNumber: syz
[  624.758049][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  624.797764][T12505] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1930'.
[  624.836789][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  624.885941][ T5152] IPVS: starting estimator thread 0...
[  625.027660][ T5149] cdc_ncm 3-1:1.0: bind() failure
[  625.108198][ T5149] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  625.170243][ T5149] cdc_ncm 3-1:1.1: bind() failure
[  625.307884][ T5149] usb 3-1: USB disconnect, device number 37
[  625.460055][T12507] IPVS: using max 19 ests per chain, 45600 per kthread
[  625.586584][T12525] mkiss: ax0: crc mode is auto.
[  625.745801][T12532] loop1: detected capacity change from 0 to 1024
[  625.848303][ T9393] udevd[9393]: symlink '../../loop1' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:1' failed: Read-only file system
[  628.286453][   T25] IPVS: starting estimator thread 0...
[  628.380437][T12546] IPVS: using max 16 ests per chain, 38400 per kthread
[  628.541567][ T5152] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  628.749242][ T5152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  628.785784][ T5152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  628.798327][ T5152] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  628.811942][ T5152] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  628.821255][ T5152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.840137][ T5152] usb 3-1: config 0 descriptor??
[  629.189656][   T29] audit: type=1326 audit(1720507308.171:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12548 comm="syz.3.1942" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x0
[  629.312633][ T5152] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  629.365111][ T5152] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  629.416381][ T5152] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  630.857525][T12570] loop4: detected capacity change from 0 to 1024
[  632.270816][T12570] EXT4-fs: Ignoring removed orlov option
[  632.332846][ T9393] udevd[9393]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  632.689753][T12570] EXT4-fs (loop4): Test dummy encryption mode enabled
[  632.715483][T12570] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  632.787632][T12570] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  632.894984][ T5149] usb 3-1: USB disconnect, device number 38
[  633.167685][T11864] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.326364][   T29] audit: type=1326 audit(1720507313.264:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12605 comm="syz.1.1957" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8936975bd9 code=0x0
[  635.087390][ T5152] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  635.340244][ T5152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  635.374772][ T5152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  635.412171][ T5152] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  635.452254][ T5152] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  635.471866][ T5152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.494868][ T5152] usb 3-1: config 0 descriptor??
[  635.922214][ T5152] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0
[  635.956988][ T5152] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  636.007564][ T5152] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  636.685708][T12636] loop0: detected capacity change from 0 to 4096
[  636.723280][T12638] input: syz0 as /devices/virtual/input/input24
[  636.824800][T11878] udevd[11878]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  636.905237][T11878] udevd[11878]: symlink '../../loop0' '/dev/disk/by-uuid/0B506D495F2D248F.tmp-b7:0' failed: Read-only file system
[  637.650130][T11181] usb 3-1: USB disconnect, device number 39
[  638.747266][T12630] loop1: detected capacity change from 0 to 40427
[  638.777854][T12630] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  638.821438][T12630] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  638.866663][ T9393] udevd[9393]: symlink '../../loop1' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:1' failed: Read-only file system
[  638.954199][T12630] F2FS-fs (loop1): invalid crc value
[  638.982732][T12630] F2FS-fs (loop1): Failed to start F2FS issue_checkpoint_thread (-4)
[  640.767910][   T29] audit: type=1326 audit(1720507319.601:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12658 comm="syz.4.1973" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5194975bd9 code=0x0
[  641.279963][ T4491] Bluetooth: hci6: unexpected event 0x09 length: 8 > 3
[  641.326045][T12696] input: syz0 as /devices/virtual/input/input25
[  641.653580][ T5152] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  641.860414][ T5152] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  641.917995][ T5152] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  641.943904][ T5152] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  641.977817][ T5152] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  642.020136][ T5152] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.041126][ T5152] usb 4-1: config 0 descriptor??
[  642.495655][ T5152] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  642.515380][ T5152] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[  642.559730][ T5152] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  642.983489][T10765] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  643.203284][T10765] usb 3-1: Using ep0 maxpacket: 16
[  643.228941][T10765] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  643.278063][T10765] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  643.306640][T10765] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  643.324946][T10765] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  643.342288][T10765] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  643.481152][T10765] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  643.528888][T10765] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  643.558944][T10765] usb 3-1: Manufacturer: syz
[  643.578753][T10765] usb 3-1: config 0 descriptor??
[  644.262499][ T5152] usb 4-1: USB disconnect, device number 35
[  645.579939][T12743] input: syz0 as /devices/virtual/input/input26
[  645.980183][T10765] rc_core: IR keymap rc-hauppauge not found
[  645.989086][T12750] loop0: detected capacity change from 0 to 512
[  646.010195][T10765] Registered IR keymap rc-empty
[  646.040561][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  646.049614][T12750] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  646.111008][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  646.127655][T11878] udevd[11878]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  646.169967][T12750] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2856: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  646.200017][T12750] EXT4-fs (loop0): 1 truncate cleaned up
[  646.213675][T10765] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  646.235574][T12750] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  646.320092][T10765] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input27
[  646.430587][T12750] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  646.483048][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  646.543469][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  646.602561][T12741] loop4: detected capacity change from 0 to 32768
[  646.635740][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  646.837397][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  646.904681][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  646.946131][ T5145] udevd[5145]: symlink '../../loop4' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:4' failed: Read-only file system
[  646.971302][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  647.026207][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  647.074648][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  647.157560][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  647.207646][T10765] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  647.250863][T10765] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  647.273938][T10765] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  647.294324][   T29] audit: type=1326 audit(1720507326.150:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12762 comm="syz.3.2000" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x0
[  647.338741][T10765] usb 3-1: USB disconnect, device number 40
[  648.021576][ T5152] IPVS: starting estimator thread 0...
[  648.145240][T12778] IPVS: using max 18 ests per chain, 43200 per kthread
[  649.010568][ T5199] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  649.212963][ T5199] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  649.250420][ T5199] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  649.264665][ T5199] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  649.281045][ T5199] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  649.305221][ T5199] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.328393][ T5199] usb 5-1: config 0 descriptor??
[  650.661791][ T5199] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  650.692761][T12791] input: syz0 as /devices/virtual/input/input28
[  650.703171][ T5199] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  650.738638][   T12] bridge_slave_1: left allmulticast mode
[  650.744324][   T12] bridge_slave_1: left promiscuous mode
[  650.758129][ T5199] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  650.858018][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  650.914374][ T5199] usb 5-1: USB disconnect, device number 17
[  650.951469][   T12] bridge_slave_0: left allmulticast mode
[  650.983431][   T12] bridge_slave_0: left promiscuous mode
[  651.001425][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  651.022096][T12806] loop2: detected capacity change from 0 to 512
[  651.065579][T12806] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  651.078308][T12806] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  651.099624][   T46] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  652.025046][T10832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  652.104979][   T46] usb 1-1: Using ep0 maxpacket: 16
[  652.124178][   T46] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  652.155856][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  652.191295][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  652.221527][   T46] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  652.250317][   T46] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  652.293508][   T46] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  652.317430][   T46] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  652.328446][T12821] EXT4-fs (sda1): shut down requested (2)
[  652.337570][   T46] usb 1-1: Manufacturer: syz
[  652.346881][T12821] Aborting journal on device sda1-8.
[  652.357208][   T46] usb 1-1: config 0 descriptor??
[  653.317431][   T29] audit: type=1326 audit(1720507332.047:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12822 comm="syz.2.2018" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e34975bd9 code=0x0
[  653.455870][   T12] hsr_slave_0: left promiscuous mode
[  653.501371][   T12] hsr_slave_1: left promiscuous mode
[  653.537742][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  653.581531][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  653.639361][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  653.677549][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  653.781000][T12819] loop1: detected capacity change from 0 to 32768
[  653.974216][   T12] veth1_macvtap: left promiscuous mode
[  654.033850][   T12] veth0_macvtap: left promiscuous mode
[  654.047028][T11878] udevd[11878]: symlink '../../loop1' '/dev/disk/by-uuid/bfdc47fc-10d8-4eed-a562-11a831b3f791.tmp-b7:1' failed: Read-only file system
[  654.507510][   T12] veth1_vlan: left promiscuous mode
[  654.512934][   T12] veth0_vlan: left promiscuous mode
[  654.529810][T12819] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  654.536172][   T46] rc_core: Couldn't load IR keymap rc-hauppauge
[  654.578023][   T46] Registered IR keymap rc-empty
[  654.583032][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  654.674515][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  654.805601][   T46] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  654.865652][T12827] loop4: detected capacity change from 0 to 40427
[  654.885476][   T46] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input29
[  654.943700][T12827] F2FS-fs (loop4): Found nat_bits in checkpoint
[  654.956277][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  654.986639][T12819] XFS (loop1): Ending clean mount
[  655.005810][T11878] udevd[11878]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  655.015665][T12819] XFS (loop1): Quotacheck needed: Please wait.
[  655.032382][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  655.070318][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  655.110931][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  655.138358][T12819] XFS (loop1): Quotacheck: Done.
[  655.150859][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  655.199623][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  655.222209][T12827] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  655.255751][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  655.307317][T12819] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  655.318952][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  655.361877][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  655.406873][T12827] syz.4.2019: attempt to access beyond end of device
[  655.406873][T12827] loop4: rw=2049, sector=53248, nr_sectors = 112 limit=40427
[  655.409291][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  655.496090][T12853] syz.4.2019: attempt to access beyond end of device
[  655.496090][T12853] loop4: rw=2049, sector=53360, nr_sectors = 8 limit=40427
[  655.549751][   T46] mceusb 1-1:0.0: Registered  with mce emulator interface version 1
[  655.594823][   T46] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  655.664963][   T46] usb 1-1: USB disconnect, device number 30
[  655.688554][T11864] syz-executor: attempt to access beyond end of device
[  655.688554][T11864] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  655.763852][T11864] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  656.877763][   T12] team0 (unregistering): Port device team_slave_1 removed
[  656.899297][T12875] loop2: detected capacity change from 0 to 32768
[  656.939156][T12875] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2028 (12875)
[  656.985110][ T9393] udevd[9393]: symlink '../../loop2' '/dev/disk/by-uuid/ed167579-eb65-4e76-9a50-61ac97e9b59d.tmp-b7:2' failed: Read-only file system
[  656.997510][T12875] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  657.013110][T12883] udevd[12883]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  657.037772][   T12] team0 (unregistering): Port device team_slave_0 removed
[  657.045262][T12875] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  657.212846][T12875] BTRFS info (device loop2): rebuilding free space tree
[  657.276545][T12875] BTRFS info (device loop2): disabling free space tree
[  657.283813][T12875] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  657.295985][T12875] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  657.364235][ T9393] udevd[9393]: symlink '../../loop2' '/dev/disk/by-uuid/ed167579-eb65-4e76-9a50-61ac97e9b59d.tmp-b7:2' failed: Read-only file system
[  657.420490][T12899] udevd[12899]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  657.432461][   T29] audit: type=1800 audit(1720507336.236:177): pid=12870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2028" name="bus" dev="loop2" ino=263 res=0 errno=0
[  657.473673][   T29] audit: type=1800 audit(1720507336.275:178): pid=12870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2028" name="bus" dev="loop2" ino=263 res=0 errno=0
[  657.995088][   T46] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  658.429593][   T46] usb 5-1: Using ep0 maxpacket: 16
[  658.436985][   T46] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  658.449506][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  658.461253][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  658.471666][   T46] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  659.110537][   T29] audit: type=1326 audit(1720507337.907:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12911 comm="syz.1.2035" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8936975bd9 code=0x0
[  660.075578][   T46] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  660.144000][   T46] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  660.194200][   T46] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  660.225915][   T46] usb 5-1: Manufacturer: syz
[  660.238952][   T46] usb 5-1: config 0 descriptor??
[  660.521614][T12941] team0: Device gtp0 is of different type
[  660.858943][ T5199] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  660.889120][ T5152] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  661.030110][T11181] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  661.043001][T10832] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  661.082841][ T5199] usb 1-1: Using ep0 maxpacket: 32
[  661.101721][ T5152] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  661.117989][ T5152] usb 4-1: config 0 has no interfaces?
[  661.124478][ T5152] usb 4-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  661.133936][ T5199] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  661.143153][ T5199] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  661.155446][ T5152] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  661.170986][ T5199] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  661.187776][ T5152] usb 4-1: config 0 descriptor??
[  661.194335][ T5199] usb 1-1: config 1 has no interface number 0
[  661.214379][ T5199] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  661.226475][ T5199] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  661.240706][T11181] usb 2-1: Using ep0 maxpacket: 32
[  661.246914][ T5199] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  661.256658][ T5199] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  661.263110][T11181] usb 2-1: unable to get BOS descriptor or descriptor too short
[  661.295507][T11181] usb 2-1: New USB device found, idVendor=05ac, idProduct=0254, bcdDevice=ca.76
[  661.306089][ T5199] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  661.323184][T11181] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  661.348788][T11181] usb 2-1: Product: syz
[  661.369501][T11181] usb 2-1: Manufacturer: syz
[  661.381626][T11181] usb 2-1: SerialNumber: syz
[  661.412806][T11181] usb 2-1: config 0 descriptor??
[  661.447639][T11181] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input30
[  661.523279][   T46] rc_core: Couldn't load IR keymap rc-hauppauge
[  661.544081][   T46] Registered IR keymap rc-empty
[  661.549222][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  661.595285][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  661.674216][   T46] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  661.720330][   T46] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input31
[  661.742276][T11181] usb 2-1: USB disconnect, device number 29
[  661.759746][T11877] udevd[11877]: Error opening device "/dev/input/event4": No such file or directory
[  661.779286][T11877] udevd[11877]: Unable to EVIOCGABS device "/dev/input/event4"
[  661.790833][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  661.802514][T11877] udevd[11877]: Unable to EVIOCGABS device "/dev/input/event4"
[  661.811683][T11877] udevd[11877]: Unable to EVIOCGABS device "/dev/input/event4"
[  661.820227][T11877] udevd[11877]: Unable to EVIOCGABS device "/dev/input/event4"
[  661.828307][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  661.862209][ T5199] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached
[  661.870249][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  661.934152][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  661.964212][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  662.006491][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  662.054662][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  662.086969][   T29] audit: type=1326 audit(1720507340.873:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12952 comm="syz.4.2047" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5194975bd9 code=0x0
[  662.102816][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  662.165189][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  662.215428][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  662.257251][   T46] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  662.298083][   T46] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  662.326267][   T46] usb 5-1: USB disconnect, device number 18
[  662.936226][ T4491] Bluetooth: hci1: command 0x041b tx timeout
[  663.492995][ T5152] snd_usb_pod 1-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  663.815897][T11181] usb 1-1: USB disconnect, device number 31
[  663.835119][T11181] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  663.844366][   T46] usb 4-1: USB disconnect, device number 36
[  664.033622][T12976] loop1: detected capacity change from 0 to 1024
[  664.125852][ T9393] udevd[9393]: symlink '../../loop1' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:1' failed: Read-only file system
[  664.260776][T12955] loop2: detected capacity change from 0 to 40427
[  664.342839][T12955] F2FS-fs (loop2): Found nat_bits in checkpoint
[  664.418131][T11878] udevd[11878]: symlink '../../loop2' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:2' failed: Read-only file system
[  664.583540][T12955] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  664.632473][T12955] F2FS-fs (loop2): Unrecognized mount option "�����������	Z*��� m�.Dc�8�'�@��C9G�9���?�9�S�{�1��J���լ��5æ�Ԍ�����qq���Y�糔����" or missing value
[  664.719199][   T46] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  664.758230][T10832] syz-executor: attempt to access beyond end of device
[  664.758230][T10832] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  664.807230][T10832] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  664.816075][T10832] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  664.922363][   T46] usb 5-1: Using ep0 maxpacket: 16
[  664.940074][   T46] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  664.977800][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  665.009920][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  665.048220][   T46] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  665.068805][   T46] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  665.134488][   T46] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  665.160720][T12972] loop0: detected capacity change from 0 to 32768
[  665.169089][   T46] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  665.210560][   T46] usb 5-1: Manufacturer: syz
[  665.249275][   T46] usb 5-1: config 0 descriptor??
[  665.537493][T11878] udevd[11878]: symlink '../../loop0' '/dev/disk/by-uuid/35307472-fd4b-42de-878f-83186a645fa6.tmp-b7:0' failed: Read-only file system
[  666.352367][T13006] team0: Device gtp0 is of different type
[  666.509846][T13011] loop2: detected capacity change from 0 to 512
[  666.557226][T13011] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  666.583408][T13011] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  666.609093][T11878] udevd[11878]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  666.647641][T11878] udevd[11878]: symlink '../../loop2' '/dev/disk/by-uuid/00000000-0000-0000-0000-000000d40000.tmp-b7:2' failed: Read-only file system
[  666.709645][ T5199] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  666.805446][   T29] audit: type=1326 audit(1720507345.562:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13007 comm="syz.1.2064" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8936975bd9 code=0x0
[  666.928121][ T5199] usb 4-1: Using ep0 maxpacket: 32
[  666.970843][ T5199] usb 4-1: config index 0 descriptor too short (expected 35577, got 27)
[  666.988053][ T5199] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  667.031843][ T5199] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92
[  667.059765][T10832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  667.078978][ T5199] usb 4-1: config 1 has no interface number 0
[  667.099119][ T5199] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  667.153700][ T5199] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  667.229081][ T5199] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  667.285390][ T5199] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  667.334369][ T5199] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found
[  667.522319][   T46] rc_core: Couldn't load IR keymap rc-hauppauge
[  667.545785][T13028] loop2: detected capacity change from 0 to 1024
[  667.574022][   T46] Registered IR keymap rc-empty
[  667.591472][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  667.649828][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  667.660318][T11878] udevd[11878]: symlink '../../loop2' '/dev/disk/by-label/untitled.tmp-b7:2' failed: Read-only file system
[  667.680329][T13033] netlink: 'syz.4.2070': attribute type 14 has an invalid length.
[  667.702505][   T35] hfsplus: b-tree write err: -5, ino 4
[  667.709533][   T46] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  667.717707][T11878] udevd[11878]: symlink '../../loop2' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:2' failed: Read-only file system
[  667.783734][   T46] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input32
[  667.848492][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  668.126548][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  668.143628][ T5199] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now attached
[  668.171765][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  669.121879][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  669.175990][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  669.236294][ T5152] snd_usb_pod 4-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  669.256419][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  669.316767][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  669.376424][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  669.457201][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  669.521396][   T46] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  669.600256][   T46] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  669.645115][   T46] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  669.705547][   T46] usb 5-1: USB disconnect, device number 19
[  671.033179][T13070] loop4: detected capacity change from 0 to 1024
[  671.199346][ T9393] udevd[9393]: symlink '../../loop4' '/dev/disk/by-label/untitled.tmp-b7:4' failed: Read-only file system
[  671.235102][ T1116] hfsplus: b-tree write err: -5, ino 4
[  671.257502][ T9393] udevd[9393]: symlink '../../loop4' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:4' failed: Read-only file system
[  671.284146][T11181] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  671.400585][ T5199] usb 4-1: USB disconnect, device number 37
[  671.431326][ T5199] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected
[  671.497843][T11181] usb 3-1: Using ep0 maxpacket: 16
[  671.514568][T11181] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  671.546553][T11181] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  671.600174][T11181] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  671.645385][T11181] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  671.698163][T10765] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  671.721382][T11181] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  671.779483][T11181] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  671.799490][T11181] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  671.826071][T11181] usb 3-1: Manufacturer: syz
[  671.860123][T11181] usb 3-1: config 0 descriptor??
[  671.927873][T10765] usb 5-1: Using ep0 maxpacket: 32
[  671.954939][T10765] usb 5-1: unable to get BOS descriptor or descriptor too short
[  672.012306][T10765] usb 5-1: New USB device found, idVendor=05ac, idProduct=0254, bcdDevice=ca.76
[  672.050166][T10765] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  672.085257][T10765] usb 5-1: Product: syz
[  672.123546][T10765] usb 5-1: Manufacturer: syz
[  672.139546][T10765] usb 5-1: SerialNumber: syz
[  672.200175][T10765] usb 5-1: config 0 descriptor??
[  672.243146][T10765] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input33
[  673.600790][ T5199] usb 5-1: USB disconnect, device number 20
[  673.684322][ T5145] udevd[5145]: Error opening device "/dev/input/event4": No such file or directory
[  673.709215][ T5145] udevd[5145]: Unable to EVIOCGABS device "/dev/input/event4"
[  673.755830][ T5145] udevd[5145]: Unable to EVIOCGABS device "/dev/input/event4"
[  673.774575][ T5145] udevd[5145]: Unable to EVIOCGABS device "/dev/input/event4"
[  673.782268][ T5145] udevd[5145]: Unable to EVIOCGABS device "/dev/input/event4"
[  673.799486][T13072] loop0: detected capacity change from 0 to 32768
[  674.202938][T11181] rc_core: Couldn't load IR keymap rc-hauppauge
[  674.225106][T13100] veth1_macvtap: left promiscuous mode
[  674.233159][T11181] Registered IR keymap rc-empty
[  674.263945][ T5145] udevd[5145]: symlink '../../loop0' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:0' failed: Read-only file system
[  674.286572][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  674.326850][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  674.400006][T11181] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  674.415931][T13106] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2092'.
[  674.456396][T11181] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input34
[  674.524266][T13107] loop1: detected capacity change from 0 to 1024
[  674.565534][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  674.617846][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  674.680932][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  674.688594][T13102] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2092'.
[  674.741996][   T52] hfsplus: b-tree write err: -5, ino 4
[  674.747607][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  674.772953][T11878] udevd[11878]: symlink '../../loop1' '/dev/disk/by-label/untitled.tmp-b7:1' failed: Read-only file system
[  674.810780][T11878] udevd[11878]: symlink '../../loop1' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:1' failed: Read-only file system
[  674.838796][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  674.872210][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  674.940591][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  674.990270][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  676.113633][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  676.164368][T11181] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  676.226979][T11181] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  676.261217][T11181] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  676.324696][T10765] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  676.353299][T11181] usb 3-1: USB disconnect, device number 41
[  676.586106][T10765] usb 5-1: Using ep0 maxpacket: 16
[  676.610251][T10765] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  676.624498][T10765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  676.655442][T10765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  676.696510][T10765] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  676.735795][T10765] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  676.763420][T10765] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  676.773702][T10765] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  676.790888][T10765] usb 5-1: Manufacturer: syz
[  676.803343][T10765] usb 5-1: config 0 descriptor??
[  677.372058][T13135] loop0: detected capacity change from 0 to 32768
[  677.462463][ T9393] udevd[9393]: symlink '../../loop0' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:0' failed: Read-only file system
[  678.300749][T10765] rc_core: Couldn't load IR keymap rc-hauppauge
[  678.331698][T10765] Registered IR keymap rc-empty
[  678.336743][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  678.418751][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  678.493333][T10765] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  678.526925][T13147] loop2: detected capacity change from 0 to 32768
[  678.549102][T10765] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input35
[  678.576673][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  678.611331][T13147] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  678.630234][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  678.633912][T13169] loop0: detected capacity change from 0 to 1024
[  678.693065][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  678.883983][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  679.656749][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  679.691157][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  679.696209][T13175] loop1: detected capacity change from 0 to 256
[  679.728545][T13175] exfat: Deprecated parameter 'utf8'
[  679.739084][T11877] udevd[11877]: symlink '../../loop0' '/dev/disk/by-label/untitled.tmp-b7:0' failed: Read-only file system
[  679.754594][T13175] exfat: Deprecated parameter 'namecase'
[  679.766809][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  679.781485][   T52] hfsplus: b-tree write err: -5, ino 4
[  679.783716][T11877] udevd[11877]: symlink '../../loop0' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:0' failed: Read-only file system
[  679.808661][T13175] exfat: Deprecated parameter 'utf8'
[  679.817248][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  679.817407][ T5145] udevd[5145]: symlink '../../loop2' '/dev/disk/by-uuid/ed37bf6e-74ea-4e01-afba-5fee274b0f3a.tmp-b7:2' failed: Read-only file system
[  679.824595][T13147] XFS (loop2): Ending clean mount
[  679.883271][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  679.937426][T10765] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  679.959460][T10832] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  679.984342][T10765] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  680.038683][T10765] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  680.079957][T10765] usb 5-1: USB disconnect, device number 21
[  680.086781][T13175] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  680.440052][T13175] syz.1.2112: attempt to access beyond end of device
[  680.440052][T13175] loop1: rw=524288, sector=34359738488, nr_sectors = 1 limit=256
[  680.664688][T13175] syz.1.2112: attempt to access beyond end of device
[  680.664688][T13175] loop1: rw=0, sector=34359738488, nr_sectors = 1 limit=256
[  682.409577][T13175] exFAT-fs (loop1): error, tried to truncate zeroed cluster.
[  682.423208][   T29] audit: type=1800 audit(1720507361.112:182): pid=13175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2112" name="file1" dev="loop1" ino=1048698 res=0 errno=0
[  682.458735][T13201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2119'.
[  682.499917][T13201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2119'.
[  682.647393][T13206] 9pnet_fd: Insufficient options for proto=fd
[  682.688207][T13206] netlink: 'syz.3.2122': attribute type 10 has an invalid length.
[  682.820368][T13209] mkiss: ax0: crc mode is auto.
[  682.877616][   T46] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  683.157942][   T46] usb 1-1: Using ep0 maxpacket: 16
[  683.458561][   T46] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  683.661112][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  683.672506][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  685.333014][   T46] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  685.423251][   T46] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  685.527980][   T46] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  685.559357][T13223] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2126'.
[  685.561612][   T46] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  685.597635][   T46] usb 1-1: Manufacturer: syz
[  685.651828][   T46] usb 1-1: config 0 descriptor??
[  685.695328][   T46] usb 1-1: can't set config #0, error -71
[  685.742343][   T46] usb 1-1: USB disconnect, device number 32
[  685.780143][T13224] bridge0: port 3(macvlan2) entered blocking state
[  685.799126][T13224] bridge0: port 3(macvlan2) entered disabled state
[  685.813214][T13224] macvlan2: entered allmulticast mode
[  685.823738][T13224] macvlan2: entered promiscuous mode
[  685.842432][T13225] macvlan2 (unregistering): left allmulticast mode
[  685.851472][T13225] macvlan2 (unregistering): left promiscuous mode
[  685.858281][T13225] bridge0: port 3(macvlan2) entered disabled state
[  686.217510][T13232] dccp_close: ABORT with 32 bytes unread
[  686.436745][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  686.449576][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  686.545807][T13244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2133'.
[  686.742507][T13246] 9pnet_fd: Insufficient options for proto=fd
[  686.762726][T13246] netlink: 'syz.4.2134': attribute type 10 has an invalid length.
[  686.784090][T13246] bond0: (slave bond_slave_0): Releasing backup interface
[  686.816063][T13248] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2133'.
[  687.906459][T13260] loop0: detected capacity change from 0 to 1024
[  688.072535][ T9393] udevd[9393]: symlink '../../loop0' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:0' failed: Read-only file system
[  688.171664][T13267] mkiss: ax0: crc mode is auto.
[  688.639637][T13277] dccp_close: ABORT with 32 bytes unread
[  689.968390][T13284] loop1: detected capacity change from 0 to 256
[  689.986393][T13294] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  689.992939][T13294] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  690.007322][T13294] vhci_hcd vhci_hcd.0: Device attached
[  690.017202][T13295] usbip_core: unknown command
[  690.026179][T13284] exfat: Deprecated parameter 'utf8'
[  690.038618][T13293] pim6reg1: entered promiscuous mode
[  690.054321][T13295] vhci_hcd: unknown pdu 589373486
[  690.059475][T13293] pim6reg1: entered allmulticast mode
[  690.077109][T13295] usbip_core: unknown command
[  690.095826][T13284] exfat: Deprecated parameter 'namecase'
[  690.110049][ T5112] Bluetooth: hci1: unexpected event for opcode 0x2040
[  690.118685][T13284] exfat: Deprecated parameter 'utf8'
[  690.128511][   T82] vhci_hcd: stop threads
[  690.138874][   T82] vhci_hcd: release socket
[  690.144741][   T82] vhci_hcd: disconnect device
[  690.159288][   T29] audit: type=1326 audit(1720507368.809:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.4.2148" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5194975bd9 code=0x0
[  690.212748][T11181] vhci_hcd: vhci_device speed not set
[  690.260552][T13284] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  690.433893][   T46] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  690.470905][T13284] syz.1.2145: attempt to access beyond end of device
[  690.470905][T13284] loop1: rw=524288, sector=34359738488, nr_sectors = 1 limit=256
[  690.542925][T13284] syz.1.2145: attempt to access beyond end of device
[  690.542925][T13284] loop1: rw=0, sector=34359738488, nr_sectors = 1 limit=256
[  690.622850][   T29] audit: type=1800 audit(1720507369.266:184): pid=13284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2145" name="file1" dev="loop1" ino=1048700 res=0 errno=0
[  690.667787][T13284] exFAT-fs (loop1): error, tried to truncate zeroed cluster.
[  690.709010][   T46] usb 3-1: config 1 has an invalid descriptor of length 139, skipping remainder of the config
[  690.722126][   T46] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  690.751487][   T46] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  690.792064][   T46] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  690.808320][   T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  691.092596][   T46] cdc_ncm 3-1:1.0: skipping garbage
[  691.120070][   T46] cdc_ncm 3-1:1.0: skipping garbage
[  691.125326][   T46] cdc_ncm 3-1:1.0: skipping garbage
[  691.154011][   T46] cdc_ncm 3-1:1.0: skipping garbage
[  691.182906][   T46] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  691.214426][   T46] cdc_ncm 3-1:1.0: bind() failure
[  691.271801][   T46] usb 3-1: USB disconnect, device number 42
[  691.302157][T13310] loop3: detected capacity change from 0 to 1024
[  691.415967][ T5145] udevd[5145]: symlink '../../loop3' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:3' failed: Read-only file system
[  691.967642][T13318] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2157'.
[  692.007232][T13320] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2155'.
[  693.282115][   T29] audit: type=1326 audit(1720507371.906:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x7ffc0000
[  693.292296][ T5112] Bluetooth: hci1: unexpected event for opcode 0x2040
[  693.346429][T13341] mkiss: ax0: crc mode is auto.
[  693.453161][   T29] audit: type=1326 audit(1720507371.906:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x7ffc0000
[  693.493945][   T29] audit: type=1326 audit(1720507371.956:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadaaf75bd9 code=0x7ffc0000
[  693.579265][   T29] audit: type=1326 audit(1720507371.956:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x7ffc0000
[  693.672953][   T29] audit: type=1326 audit(1720507371.975:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x7ffc0000
[  693.746902][   T29] audit: type=1326 audit(1720507371.985:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7fadaaf75bd9 code=0x7ffc0000
[  693.855740][   T29] audit: type=1326 audit(1720507371.985:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x7ffc0000
[  693.992668][   T29] audit: type=1326 audit(1720507372.195:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13334 comm="syz.4.2161" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5194975bd9 code=0x0
[  694.509593][T13355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2169'.
[  694.530087][T13356] dccp_close: ABORT with 32 bytes unread
[  695.127050][T13349] loop3: detected capacity change from 0 to 32768
[  695.227159][T13349] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2166 (13349)
[  695.728230][T13349] BTRFS info (device loop3): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  695.752995][T13349] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  695.780916][T13349] BTRFS info (device loop3): using free-space-tree
[  695.855053][ T9393] udevd[9393]: symlink '../../loop3' '/dev/disk/by-uuid/92aec1fe-fee8-4e05-92dc-790b47b871d9.tmp-b7:3' failed: Read-only file system
[  696.157888][T13386] udevd[13386]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  696.644991][    T8] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  696.667041][ T6911] BTRFS info (device loop3): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  696.849057][    T8] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  696.928563][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  696.983902][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  697.047098][    T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  697.110181][ T5112] Bluetooth: hci5: unexpected event for opcode 0x2040
[  697.137331][T13400] overlayfs: failed to resolve './file2': -2
[  697.144502][   T29] audit: type=1326 audit(1720507375.723:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13401 comm="syz.3.2178" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x0
[  697.179193][    T8] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  697.245313][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  697.304708][    T8] usb 2-1: config 0 descriptor??
[  697.764660][    T8] wacom 0003:056A:0331.000B: unknown main item tag 0x0
[  697.771656][    T8] wacom 0003:056A:0331.000B: item fetching failed at offset 3/5
[  697.811080][    T8] wacom 0003:056A:0331.000B: parse failed
[  697.835147][    T8] wacom 0003:056A:0331.000B: probe with driver wacom failed with error -22
[  697.980528][T11182] usb 2-1: USB disconnect, device number 30
[  698.369918][T13423] mkiss: ax0: crc mode is auto.
[  699.559631][T13422] loop4: detected capacity change from 0 to 32768
[  699.589485][T13422] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2188 (13422)
[  699.671412][ T9393] udevd[9393]: symlink '../../loop4' '/dev/disk/by-uuid/92aec1fe-fee8-4e05-92dc-790b47b871d9.tmp-b7:4' failed: Read-only file system
[  699.689392][T13422] BTRFS info (device loop4): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  699.730209][T13438] udevd[13438]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  699.761342][T13422] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  699.799362][T13422] BTRFS info (device loop4): using free-space-tree
[  700.074916][ T9393] udevd[9393]: symlink '../../loop4' '/dev/disk/by-uuid/92aec1fe-fee8-4e05-92dc-790b47b871d9.tmp-b7:4' failed: Read-only file system
[  700.150752][   T29] audit: type=1804 audit(1720507378.723:194): pid=13422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2188" name="/newroot/74/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  700.154136][T13459] udevd[13459]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  700.263269][ T5112] Bluetooth: hci3: unexpected event for opcode 0x2040
[  700.306175][   T29] audit: type=1326 audit(1720507378.822:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13460 comm="syz.2.2195" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e34975bd9 code=0x0
[  700.480495][T11864] BTRFS info (device loop4): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  701.193128][T13477] netlink: 'syz.4.2196': attribute type 1 has an invalid length.
[  701.213297][T13477] netlink: 'syz.4.2196': attribute type 1 has an invalid length.
[  701.253451][T13477] netlink: 'syz.4.2196': attribute type 1 has an invalid length.
[  701.501272][T13477] netlink: 'syz.4.2196': attribute type 1 has an invalid length.
[  701.544534][T13477] netlink: 'syz.4.2196': attribute type 1 has an invalid length.
[  701.582361][T13477] netlink: 'syz.4.2196': attribute type 1 has an invalid length.
[  701.636106][T13477] netlink: 'syz.4.2196': attribute type 1 has an invalid length.
[  702.353715][T13477] netlink: 'syz.4.2196': attribute type 1 has an invalid length.
[  702.377580][T13477] netlink: 'syz.4.2196': attribute type 1 has an invalid length.
[  702.391939][T13486] loop0: detected capacity change from 0 to 16
[  702.577505][T13486] erofs: (device loop0): mounted with root inode @ nid 36.
[  702.609631][ T9393] udevd[9393]: symlink '../../loop0' '/dev/disk/by-uuid/dc99752b-953d-459c-b2db-a5c46e0e7dba.tmp-b7:0' failed: Read-only file system
[  703.420227][T13486] syz.0.2202: attempt to access beyond end of device
[  703.420227][T13486] loop0: rw=0, sector=14552337248, nr_sectors = 16 limit=16
[  704.065044][ T5199] usb 4-1: new full-speed USB device number 38 using dummy_hcd
[  704.235098][ T4491] Bluetooth: hci6: unexpected event for opcode 0x2040
[  704.253519][   T29] audit: type=1326 audit(1720507382.802:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13510 comm="syz.0.2212" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb3e9375bd9 code=0x0
[  704.321056][ T5199] usb 4-1: not running at top speed; connect to a high speed hub
[  704.349242][ T5199] usb 4-1: config 254 has an invalid interface number: 166 but max is 0
[  704.380215][ T5199] usb 4-1: config 254 has no interface number 0
[  704.400588][ T5199] usb 4-1: config 254 interface 166 altsetting 76 has an invalid descriptor for endpoint zero, skipping
[  704.429752][T13515] netlink: 'syz.2.2213': attribute type 3 has an invalid length.
[  704.439863][T13515] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2213'.
[  704.454814][ T5199] usb 4-1: config 254 interface 166 altsetting 76 endpoint 0x1 has invalid maxpacket 121, setting to 64
[  704.486516][ T5199] usb 4-1: config 254 interface 166 altsetting 76 has an invalid descriptor for endpoint zero, skipping
[  704.502548][ T5199] usb 4-1: config 254 interface 166 has no altsetting 0
[  704.523563][ T5199] usb 4-1: New USB device found, idVendor=0af0, idProduct=6800, bcdDevice=1e.e6
[  704.543058][ T5199] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  704.562890][ T5199] usb 4-1: Product: 萖䏴飑֝߄쿥咽璦榟널ኑ묵敵뻰䇸₻ꤣ⺿푽賚쮃쐋槗᜹눋͉ᇿꙧᔌ剺铟㴡㴊ῈⱭ箆ዛ匓蹶횇猻拑㶨遲晙ﮙỪ戋
[  704.580848][ T5199] usb 4-1: Manufacturer: 㠊
[  704.586380][ T5199] usb 4-1: SerialNumber: ဇ
[  705.515529][ T4491] Bluetooth: hci1: command 0x041b tx timeout
[  705.939988][T13497] loop1: detected capacity change from 0 to 32768
[  706.000605][T13497] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2206 (13497)
[  706.142535][ T5199] option 4-1:254.166: GSM modem (1-port) converter detected
[  706.160504][ T5199] usb 4-1: USB disconnect, device number 38
[  706.163172][T11877] udevd[11877]: symlink '../../loop1' '/dev/disk/by-uuid/92aec1fe-fee8-4e05-92dc-790b47b871d9.tmp-b7:1' failed: Read-only file system
[  706.172729][ T5199] option 4-1:254.166: device disconnected
[  706.226441][T13497] BTRFS info (device loop1): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  706.302580][T13497] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  706.400156][T13497] BTRFS info (device loop1): using free-space-tree
[  706.569411][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  706.647133][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  706.762550][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  706.780928][T13536] udevd[13536]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  706.855708][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  706.865843][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  706.954169][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  706.967664][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  706.977742][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  706.999706][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  707.011753][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  707.100481][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  707.130823][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  707.205374][T13553] mkiss: ax0: crc mode is auto.
[  707.205823][T13497] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  707.281698][T13497] BTRFS error (device loop1): open_ctree failed
[  707.848614][ T5112] Bluetooth: hci5: unexpected event for opcode 0x2040
[  707.869181][   T29] audit: type=1326 audit(1720507386.390:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13572 comm="syz.3.2226" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x0
[  708.236110][T13581] validate_nla: 1 callbacks suppressed
[  708.236304][T13581] netlink: 'syz.0.2227': attribute type 3 has an invalid length.
[  708.251760][T13581] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2227'.
[  708.270875][T13581] netlink: 'syz.0.2227': attribute type 4 has an invalid length.
[  711.619962][ T5112] Bluetooth: hci0: unexpected event for opcode 0x2040
[  711.747328][   T29] audit: type=1326 audit(1720507390.230:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13610 comm="syz.1.2238" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8936975bd9 code=0x0
[  711.927750][T13616] 9pnet_virtio: no channels available for device 
[  712.807677][T13627] netlink: 'syz.4.2241': attribute type 3 has an invalid length.
[  713.009817][T13627] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2241'.
[  714.933038][T13639] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2246'.
[  715.016179][T13639] bond_slave_0: entered promiscuous mode
[  715.021963][T13639] bond_slave_1: entered promiscuous mode
[  715.033291][T13639] macvtap1: entered promiscuous mode
[  715.039159][T13639] bond0: entered promiscuous mode
[  715.050098][T13639] macvtap1: entered allmulticast mode
[  715.062246][T13639] bond0: entered allmulticast mode
[  715.072877][T13639] bond_slave_0: entered allmulticast mode
[  715.082349][T13639] bond_slave_1: entered allmulticast mode
[  715.098975][T13639] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  715.130917][T13648] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2246'.
[  715.161641][T13648] bond0: left allmulticast mode
[  715.175877][T13648] bond_slave_0: left allmulticast mode
[  715.180832][ T5112] Bluetooth: hci6: unexpected event for opcode 0x2040
[  715.182251][T13648] bond_slave_1: left allmulticast mode
[  715.199309][T13648] bond0: left promiscuous mode
[  715.206168][T13648] bond_slave_0: left promiscuous mode
[  715.211700][T13648] bond_slave_1: left promiscuous mode
[  715.224781][T13648] macvtap1: left promiscuous mode
[  715.235271][T13648] macvtap1: left allmulticast mode
[  715.283350][   T29] audit: type=1326 audit(1720507393.754:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13651 comm="syz.0.2250" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb3e9375bd9 code=0x0
[  715.337507][T13650] mkiss: ax0: crc mode is auto.
[  715.988055][T13670] input: syz0 as /devices/virtual/input/input36
[  716.757446][ T5199] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  716.928235][T13665] loop3: detected capacity change from 0 to 32768
[  716.981985][ T5199] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  717.033348][ T5199] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  717.060844][ T5199] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  717.062376][ T9393] udevd[9393]: symlink '../../loop3' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:3' failed: Read-only file system
[  717.081152][ T5199] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  717.150132][ T5199] usb 1-1: SerialNumber: syz
[  717.155409][T13681] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2262'.
[  717.180690][T13681] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2262'.
[  717.379827][ T5199] usb 1-1: 0:2 : does not exist
[  717.451812][ T5199] usb 1-1: USB disconnect, device number 33
[  717.521283][T13677] loop2: detected capacity change from 0 to 32768
[  717.564316][T13677] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2260 (13677)
[  717.637629][T13677] BTRFS info (device loop2): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  717.655488][T11878] udevd[11878]: symlink '../../loop2' '/dev/disk/by-uuid/92aec1fe-fee8-4e05-92dc-790b47b871d9.tmp-b7:2' failed: Read-only file system
[  717.659494][T13686] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2263'.
[  717.688438][T13677] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  717.699593][T13677] BTRFS info (device loop2): using free-space-tree
[  717.746501][ T9393] udevd[9393]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  717.757782][T13690] udevd[13690]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  718.102926][   T29] audit: type=1804 audit(1720507396.552:200): pid=13677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2260" name="/newroot/124/file0/bus" dev="loop2" ino=263 res=1 errno=0
[  718.131009][T11878] udevd[11878]: symlink '../../loop2' '/dev/disk/by-uuid/92aec1fe-fee8-4e05-92dc-790b47b871d9.tmp-b7:2' failed: Read-only file system
[  718.232582][ T5112] Bluetooth: hci5: unexpected event for opcode 0x2040
[  718.257685][   T29] audit: type=1326 audit(1720507396.701:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13712 comm="syz.3.2268" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x0
[  718.288523][T13714] udevd[13714]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  718.412604][T10832] BTRFS info (device loop2): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  719.122669][T13725] input: syz0 as /devices/virtual/input/input37
[  719.876174][T13717] loop1: detected capacity change from 0 to 32768
[  719.910751][T13717] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2270 (13717)
[  720.010436][T13717] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  720.052821][T13717] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  720.068803][ T9393] udevd[9393]: symlink '../../loop1' '/dev/disk/by-uuid/395ef67a-297e-477c-816d-cd80a5b93e5d.tmp-b7:1' failed: Read-only file system
[  720.081188][T13717] BTRFS info (device loop1): using free-space-tree
[  720.168277][T13740] udevd[13740]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  720.357663][T13728] loop3: detected capacity change from 0 to 32768
[  720.395521][ T9393] udevd[9393]: symlink '../../loop1' '/dev/disk/by-uuid/395ef67a-297e-477c-816d-cd80a5b93e5d.tmp-b7:1' failed: Read-only file system
[  720.426912][T11878] udevd[11878]: symlink '../../loop3' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:3' failed: Read-only file system
[  720.848785][T10892] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  721.090333][T13730] loop2: detected capacity change from 0 to 32768
[  721.207369][T13730] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  721.310366][   T46] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  721.366340][T13730] XFS (loop2): Ending clean mount
[  721.563251][   T46] usb 1-1: Using ep0 maxpacket: 16
[  721.574559][   T46] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  721.593724][T10832] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  721.605574][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  721.636896][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  721.656889][   T46] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  721.660764][T13774] mkiss: ax0: crc mode is auto.
[  721.708853][   T46] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  721.752344][   T46] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  721.767710][   T46] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  721.792725][   T46] usb 1-1: Manufacturer: syz
[  721.815869][   T46] usb 1-1: config 0 descriptor??
[  722.603013][ T5112] Bluetooth: hci1: unexpected event for opcode 0x2040
[  722.628135][   T29] audit: type=1326 audit(1720507401.056:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13776 comm="syz.4.2283" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5194975bd9 code=0x0
[  723.603901][T13792] loop2: detected capacity change from 0 to 16
[  723.667971][T13792] erofs: (device loop2): mounted with root inode @ nid 36.
[  723.740017][T13792] syz.2.2286: attempt to access beyond end of device
[  723.740017][T13792] loop2: rw=0, sector=14552337248, nr_sectors = 16 limit=16
[  723.776038][T11878] udevd[11878]: symlink '../../loop2' '/dev/disk/by-uuid/dc99752b-953d-459c-b2db-a5c46e0e7dba.tmp-b7:2' failed: Read-only file system
[  724.082111][   T46] rc_core: Couldn't load IR keymap rc-hauppauge
[  724.137406][   T46] Registered IR keymap rc-empty
[  724.154750][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.256580][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.319851][   T46] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  724.343871][   T46] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input39
[  724.364913][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.408252][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.489000][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.543697][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.589323][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.629883][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.701032][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.738099][T13808] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2292'.
[  724.760007][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.800977][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.841566][   T46] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  724.885470][   T46] mceusb 1-1:0.0: Registered  with mce emulator interface version 1
[  724.906770][   T46] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  724.936729][   T46] usb 1-1: USB disconnect, device number 34
[  725.082974][T11181] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  725.262153][T13798] loop0: detected capacity change from 0 to 32768
[  725.290832][T13798] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2288 (13798)
[  725.295735][T11181] usb 5-1: Using ep0 maxpacket: 32
[  725.309432][ T5112] Bluetooth: hci5: unexpected event for opcode 0x2040
[  725.332062][T11181] usb 5-1: unable to get BOS descriptor or descriptor too short
[  725.336763][ T5199] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  725.346694][T11181] usb 5-1: New USB device found, idVendor=05ac, idProduct=0254, bcdDevice=ca.76
[  725.357779][T11181] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  725.375779][T11181] usb 5-1: Product: syz
[  725.382068][T11181] usb 5-1: Manufacturer: syz
[  725.388024][T11181] usb 5-1: SerialNumber: syz
[  725.416635][T13798] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  725.426060][T11181] usb 5-1: config 0 descriptor??
[  725.442680][   T29] audit: type=1326 audit(1720507403.715:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13819 comm="syz.3.2297" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x0
[  725.482210][T13798] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  725.490417][T11181] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input41
[  725.498384][T13798] BTRFS info (device loop0): using free-space-tree
[  725.612975][T11878] udevd[11878]: symlink '../../loop0' '/dev/disk/by-uuid/395ef67a-297e-477c-816d-cd80a5b93e5d.tmp-b7:0' failed: Read-only file system
[  725.681147][ T5199] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  725.706730][ T5199] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  725.719600][ T5199] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  725.741696][ T5199] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  725.767799][ T5199] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  725.784820][ T5145] udevd[5145]: Error opening device "/dev/input/event4": No such file or directory
[  725.798360][   T25] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  725.817319][ T5145] udevd[5145]: Unable to EVIOCGABS device "/dev/input/event4"
[  725.821049][T13839] udevd[13839]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  725.826960][ T5145] udevd[5145]: Unable to EVIOCGABS device "/dev/input/event4"
[  725.850625][ T5145] udevd[5145]: Unable to EVIOCGABS device "/dev/input/event4"
[  725.859493][ T5145] udevd[5145]: Unable to EVIOCGABS device "/dev/input/event4"
[  725.883926][ T5199] usb 3-1: config 0 descriptor??
[  725.892624][ T5145] udevd[5145]: Assertion 'close_nointr(fd) != -EBADF' failed at util.c:228, function safe_close(). Aborting.
[  725.918324][T11181] usb 5-1: USB disconnect, device number 22
[  725.992003][ T4547] udevd[4547]: worker [5145] terminated by signal 6 (Aborted)
[  726.000323][   T25] usb 2-1: Using ep0 maxpacket: 16
[  726.007829][   T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  726.019293][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  726.043093][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  726.054984][   T25] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  726.069923][   T25] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  726.086862][T10837] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  726.100649][   T25] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  726.141864][   T25] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  726.163049][   T25] usb 2-1: Manufacturer: syz
[  726.191779][   T25] usb 2-1: config 0 descriptor??
[  726.328882][ T5199] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  726.466289][ T5199] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving
[  726.512436][T13843] loop3: detected capacity change from 0 to 16
[  726.577146][ T5199] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  726.636748][T13843] erofs: (device loop3): mounted with root inode @ nid 36.
[  726.711020][T13843] syz.3.2300: attempt to access beyond end of device
[  726.711020][T13843] loop3: rw=0, sector=14552337248, nr_sectors = 16 limit=16
[  727.160905][T13853] mkiss: ax0: crc mode is auto.
[  727.437864][T13858] fuse: Unknown parameter '0x0000000000000004'
[  728.006054][    T8] usb 3-1: USB disconnect, device number 43
[  728.620428][   T25] rc_core: Couldn't load IR keymap rc-hauppauge
[  728.663015][   T25] Registered IR keymap rc-empty
[  728.693347][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  728.741798][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  728.778754][   T29] audit: type=1326 audit(1720507407.151:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13861 comm="syz.2.2306" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e34975bd9 code=0x0
[  728.804358][   T25] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  728.820942][   T25] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input42
[  728.858955][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  728.910699][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  728.918349][ T5112] Bluetooth: hci5: unexpected event for opcode 0x2040
[  728.935988][   T29] audit: type=1326 audit(1720507407.319:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13873 comm="syz.3.2310" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fadaaf75bd9 code=0x0
[  728.968511][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  729.000571][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  729.033181][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  729.081978][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  729.092360][T13878] netlink: 'syz.1.2311': attribute type 7 has an invalid length.
[  729.102952][T13878] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2311'.
[  729.151715][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  729.181865][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  729.208028][T13878] : entered promiscuous mode
[  729.213606][T13880] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2312'.
[  729.237096][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  729.292737][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  729.336686][   T25] mceusb 2-1:0.0: Registered  with mce emulator interface version 1
[  729.345526][   T25] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  729.394148][   T25] usb 2-1: USB disconnect, device number 31
[  730.341533][T13902] fuse: Unknown parameter '0x0000000000000004'
[  730.545507][ T5199] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  730.786710][ T5199] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  730.808207][ T5199] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  730.820569][ T5199] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  730.845178][ T5199] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  730.855312][ T5199] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  730.902421][ T5199] usb 4-1: config 0 descriptor??
[  731.314344][ T5112] Bluetooth: hci0: unexpected event for opcode 0x2040
[  731.347032][   T29] audit: type=1326 audit(1720507409.701:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.1.2324" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8936975bd9 code=0x0
[  731.374875][ T5199] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  731.412915][ T5199] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[  731.445343][ T5199] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  731.677925][T13922] loop4: detected capacity change from 0 to 2048
[  731.736350][T13922] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  731.739814][T11878] udevd[11878]: symlink '../../loop4' '/dev/disk/by-label/LinuxUDF.tmp-b7:4' failed: Read-only file system
[  731.820194][T11878] udevd[11878]: symlink '../../loop4' '/dev/disk/by-uuid/1234567812345678.tmp-b7:4' failed: Read-only file system
[  731.845043][T13926] netlink: 'syz.2.2327': attribute type 1 has an invalid length.
[  731.862003][T13926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2327'.
[  732.248346][T13933] mkiss: ax0: crc mode is auto.
[  732.815752][T13924] loop0: detected capacity change from 0 to 32768
[  732.845582][T13924] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2326 (13924)
[  732.899434][T13924] BTRFS info (device loop0): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  732.915996][T13924] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  732.923992][ T9393] udevd[9393]: symlink '../../loop0' '/dev/disk/by-uuid/92aec1fe-fee8-4e05-92dc-790b47b871d9.tmp-b7:0' failed: Read-only file system
[  732.926410][T13924] BTRFS info (device loop0): using free-space-tree
[  733.081726][T13957] udevd[13957]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  733.129162][ T5152] usb 4-1: USB disconnect, device number 39
[  733.346722][   T29] audit: type=1804 audit(1720507411.693:207): pid=13924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2326" name="/newroot/159/file0/bus" dev="loop0" ino=263 res=1 errno=0
[  733.684159][    T8] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  733.704516][T10837] BTRFS info (device loop0): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  733.920402][    T8] usb 3-1: Using ep0 maxpacket: 32
[  733.959574][    T8] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  734.000444][ T9393] udevd[9393]: symlink '../../loop0' '/dev/disk/by-uuid/92aec1fe-fee8-4e05-92dc-790b47b871d9.tmp-b7:0' failed: Read-only file system
[  734.004321][    T8] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  734.080942][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  734.139936][T13981] udevd[13981]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  734.164251][    T8] usb 3-1: config 0 descriptor??
[  734.286789][    T8] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  736.364730][ T5199] usb 3-1: USB disconnect, device number 44
[  737.049851][ T5199] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  737.296067][ T5199] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  737.333816][ T5199] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  737.404896][ T5199] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  737.448712][ T5199] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  737.481142][ T5199] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.544577][ T5199] usb 4-1: config 0 descriptor??
[  737.601667][T14003] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2346'.
[  738.008080][ T5199] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  738.027514][ T5199] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  738.087657][ T5199] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  738.166569][T14013] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2350'.
[  738.208057][T14013] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  738.248993][T14013] batman_adv: batadv0: Removing interface: batadv_slave_0
[  738.291794][T14013] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  738.333187][T14013] batman_adv: batadv0: Removing interface: batadv_slave_1
[  739.092952][T14005] loop1: detected capacity change from 0 to 32768
[  739.115038][T14005] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2347 (14005)
[  739.187694][T14005] BTRFS info (device loop1): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  739.205919][T14005] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  739.235885][ T5152] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  739.262442][T14005] BTRFS info (device loop1): using free-space-tree
[  739.307894][ T9393] udevd[9393]: symlink '../../loop1' '/dev/disk/by-uuid/92aec1fe-fee8-4e05-92dc-790b47b871d9.tmp-b7:1' failed: Read-only file system
[  739.342764][T14032] udevd[14032]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  739.511031][ T5152] usb 3-1: Using ep0 maxpacket: 32
[  739.531107][ T5152] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  739.545121][ T9393] udevd[9393]: symlink '../../loop1' '/dev/disk/by-uuid/92aec1fe-fee8-4e05-92dc-790b47b871d9.tmp-b7:1' failed: Read-only file system
[  739.575680][T14027] loop4: detected capacity change from 0 to 1024
[  739.599376][T14027] hfsplus: invalid gid specified
[  739.621069][T14027] hfsplus: unable to parse mount options
[  739.639033][   T29] audit: type=1804 audit(1720507417.936:208): pid=14005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2347" name="/newroot/150/file0/bus" dev="loop1" ino=263 res=1 errno=0
[  739.708007][ T5152] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  739.747686][ T5152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  739.758528][   T25] usb 4-1: USB disconnect, device number 40
[  739.777949][T14044] udevd[14044]: failed to execute '/usr/bin/udevadm' '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0': Input/output error
[  739.831408][ T5152] usb 3-1: config 0 descriptor??
[  739.858337][ T5152] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  739.878027][T10892] BTRFS info (device loop1): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  740.183204][T14052] mkiss: ax0: crc mode is auto.
[  740.729197][   T25] usb 3-1: USB disconnect, device number 45
[  741.085794][T14068] loop4: detected capacity change from 0 to 512
[  741.093210][T14068] EXT4-fs: Ignoring removed i_version option
[  742.730676][T14068] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  742.743336][T14068] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  742.779696][T11877] udevd[11877]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  742.918952][ T9393] udevd[9393]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  743.012898][T11864] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  744.228088][T14088] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2367'.
[  744.445916][T10765] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  744.726614][T14099] loop1: detected capacity change from 0 to 256
[  746.205745][T10765] usb 5-1: Using ep0 maxpacket: 32
[  746.218176][T10765] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  746.234062][T10765] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  746.259844][T10765] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  746.281766][T10765] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  746.346785][T10765] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  746.368877][T10765] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  746.382872][T10765] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  746.414662][T10765] usb 5-1: Product: syz
[  746.419305][T10765] usb 5-1: Manufacturer: syz
[  746.424160][T10765] usb 5-1: SerialNumber: syz
[  746.442046][T14111] loop0: detected capacity change from 0 to 16
[  746.494161][T14111] erofs: (device loop0): mounted with root inode @ nid 36.
[  746.544328][ T9393] udevd[9393]: symlink '../../loop0' '/dev/disk/by-uuid/dc99752b-953d-459c-b2db-a5c46e0e7dba.tmp-b7:0' failed: Read-only file system
[  746.572791][T14111] syz.0.2374: attempt to access beyond end of device
[  746.572791][T14111] loop0: rw=0, sector=14552337248, nr_sectors = 16 limit=16
[  746.766618][T10765] cdc_ncm 5-1:1.0: bind() failure
[  746.798334][T10765] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  746.848542][T10765] cdc_ncm 5-1:1.1: bind() failure
[  746.897336][T10765] usb 5-1: USB disconnect, device number 23
[  747.066212][T14123] ------------[ cut here ]------------
[  747.071867][T14123] WARNING: CPU: 1 PID: 14123 at net/core/filter.c:6596 bpf_lwt_seg6_adjust_srh+0x877/0xb30
[  747.071957][T14123] Modules linked in:
[  747.071981][T14123] CPU: 1 UID: 0 PID: 14123 Comm: syz.3.2377 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0
[  747.072007][T14123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  747.072021][T14123] RIP: 0010:bpf_lwt_seg6_adjust_srh+0x877/0xb30
[  747.072047][T14123] Code: 8f e2 28 f8 eb 05 e8 88 e2 28 f8 48 c7 c0 f2 ff ff ff e9 d1 fc ff ff e8 77 e2 28 f8 48 63 c3 e9 c4 fc ff ff e8 6a e2 28 f8 90 <0f> 0b 90 4d 85 f6 0f 85 0e f9 ff ff e9 46 fa ff ff e8 53 e2 28 f8
[  747.072065][T14123] RSP: 0018:ffffc90008e277a0 EFLAGS: 00010283
[  747.072084][T14123] RAX: ffffffff896aa176 RBX: 0000000000000000 RCX: 0000000000040000
[  747.072100][T14123] RDX: ffffc9001516f000 RSI: 0000000000000830 RDI: 0000000000000831
[  747.072114][T14123] RBP: ffffc90008e278d8 R08: ffffffff896a9a7b R09: 1ffffffff1f5ef4d
[  747.072130][T14123] R10: dffffc0000000000 R11: ffffffffa0001fd4 R12: 0000000000000000
[  747.072145][T14123] R13: ffff8880b953d1f0 R14: 0000000000000000 R15: dffffc0000000000
[  747.072160][T14123] FS:  00007fadabde96c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  747.072179][T14123] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  747.072194][T14123] CR2: 000000110c271029 CR3: 0000000040010000 CR4: 00000000003526f0
[  747.072212][T14123] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  747.072225][T14123] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  747.072238][T14123] Call Trace:
[  747.072246][T14123]  <TASK>
[  747.072255][T14123]  ? __warn+0x168/0x4e0
[  747.072276][T14123]  ? bpf_lwt_seg6_adjust_srh+0x877/0xb30
[  747.072304][T14123]  ? report_bug+0x2b3/0x500
[  747.072333][T14123]  ? bpf_lwt_seg6_adjust_srh+0x877/0xb30
[  747.072363][T14123]  ? handle_bug+0x3e/0x70
[  747.072383][T14123]  ? exc_invalid_op+0x1a/0x50
[  747.072405][T14123]  ? asm_exc_invalid_op+0x1a/0x20
[  747.072434][T14123]  ? 0xffffffffa0001fd4
[  747.072454][T14123]  ? bpf_lwt_seg6_adjust_srh+0x17b/0xb30
[  747.072476][T14123]  ? bpf_lwt_seg6_adjust_srh+0x876/0xb30
[  747.072503][T14123]  ? bpf_lwt_seg6_adjust_srh+0x877/0xb30
[  747.072533][T14123]  ? lockdep_hardirqs_on+0x99/0x150
[  747.072574][T14123]  ? __pfx_bpf_lwt_seg6_adjust_srh+0x10/0x10
[  747.072612][T14123]  bpf_prog_2088341bddeddc1d+0x40/0x42
[  747.072632][T14123]  bpf_test_run+0x4f0/0xa90
[  747.072663][T14123]  ? do_syscall_64+0xf3/0x230
[  747.072681][T14123]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.072711][T14123]  ? bpf_test_run+0x370/0xa90
[  747.072756][T14123]  ? __pfx_bpf_test_run+0x10/0x10
[  747.072798][T14123]  ? eth_type_trans+0x3d1/0x7a0
[  747.072847][T14123]  ? __pfx_eth_type_trans+0x10/0x10
[  747.072875][T14123]  ? convert___skb_to_skb+0x41/0x620
[  747.072910][T14123]  bpf_prog_test_run_skb+0xc97/0x1820
[  747.072970][T14123]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  747.073007][T14123]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  747.073040][T14123]  bpf_prog_test_run+0x33a/0x3b0
[  747.073073][T14123]  __sys_bpf+0x48d/0x810
[  747.073101][T14123]  ? __pfx___sys_bpf+0x10/0x10
[  747.073141][T14123]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  747.073171][T14123]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  747.073199][T14123]  ? do_syscall_64+0x100/0x230
[  747.073222][T14123]  __x64_sys_bpf+0x7c/0x90
[  747.073247][T14123]  do_syscall_64+0xf3/0x230
[  747.073266][T14123]  ? clear_bhb_loop+0x35/0x90
[  747.073293][T14123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.073316][T14123] RIP: 0033:0x7fadaaf75bd9
[  747.073333][T14123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  747.073351][T14123] RSP: 002b:00007fadabde9048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  747.073390][T14123] RAX: ffffffffffffffda RBX: 00007fadab104038 RCX: 00007fadaaf75bd9
[  747.073406][T14123] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  747.073421][T14123] RBP: 00007fadaafe4e60 R08: 0000000000000000 R09: 0000000000000000
[  747.073435][T14123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  747.073449][T14123] R13: 000000000000006e R14: 00007fadab104038 R15: 00007fff498940f8
[  747.073481][T14123]  </TASK>
[  747.073492][T14123] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  747.486112][T14123] CPU: 1 UID: 0 PID: 14123 Comm: syz.3.2377 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0
[  747.496352][T14123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  747.506405][T14123] Call Trace:
[  747.509680][T14123]  <TASK>
[  747.512608][T14123]  dump_stack_lvl+0x241/0x360
[  747.517302][T14123]  ? __pfx_dump_stack_lvl+0x10/0x10
[  747.522525][T14123]  ? __pfx__printk+0x10/0x10
[  747.527138][T14123]  ? vscnprintf+0x5d/0x90
[  747.531473][T14123]  panic+0x349/0x870
[  747.535388][T14123]  ? __warn+0x177/0x4e0
[  747.539562][T14123]  ? __pfx_panic+0x10/0x10
[  747.544029][T14123]  __warn+0x34b/0x4e0
[  747.548014][T14123]  ? bpf_lwt_seg6_adjust_srh+0x877/0xb30
[  747.553656][T14123]  report_bug+0x2b3/0x500
[  747.558000][T14123]  ? bpf_lwt_seg6_adjust_srh+0x877/0xb30
[  747.563670][T14123]  handle_bug+0x3e/0x70
[  747.567829][T14123]  exc_invalid_op+0x1a/0x50
[  747.572334][T14123]  asm_exc_invalid_op+0x1a/0x20
[  747.577187][T14123] RIP: 0010:bpf_lwt_seg6_adjust_srh+0x877/0xb30
[  747.583429][T14123] Code: 8f e2 28 f8 eb 05 e8 88 e2 28 f8 48 c7 c0 f2 ff ff ff e9 d1 fc ff ff e8 77 e2 28 f8 48 63 c3 e9 c4 fc ff ff e8 6a e2 28 f8 90 <0f> 0b 90 4d 85 f6 0f 85 0e f9 ff ff e9 46 fa ff ff e8 53 e2 28 f8
[  747.603032][T14123] RSP: 0018:ffffc90008e277a0 EFLAGS: 00010283
[  747.609099][T14123] RAX: ffffffff896aa176 RBX: 0000000000000000 RCX: 0000000000040000
[  747.617085][T14123] RDX: ffffc9001516f000 RSI: 0000000000000830 RDI: 0000000000000831
[  747.625064][T14123] RBP: ffffc90008e278d8 R08: ffffffff896a9a7b R09: 1ffffffff1f5ef4d
[  747.633041][T14123] R10: dffffc0000000000 R11: ffffffffa0001fd4 R12: 0000000000000000
[  747.641021][T14123] R13: ffff8880b953d1f0 R14: 0000000000000000 R15: dffffc0000000000
[  747.649023][T14123]  ? 0xffffffffa0001fd4
[  747.653182][T14123]  ? bpf_lwt_seg6_adjust_srh+0x17b/0xb30
[  747.658823][T14123]  ? bpf_lwt_seg6_adjust_srh+0x876/0xb30
[  747.664475][T14123]  ? lockdep_hardirqs_on+0x99/0x150
[  747.669692][T14123]  ? __pfx_bpf_lwt_seg6_adjust_srh+0x10/0x10
[  747.675696][T14123]  bpf_prog_2088341bddeddc1d+0x40/0x42
[  747.681266][T14123]  bpf_test_run+0x4f0/0xa90
[  747.685784][T14123]  ? do_syscall_64+0xf3/0x230
[  747.690462][T14123]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.696534][T14123]  ? bpf_test_run+0x370/0xa90
[  747.701224][T14123]  ? __pfx_bpf_test_run+0x10/0x10
[  747.706262][T14123]  ? eth_type_trans+0x3d1/0x7a0
[  747.711123][T14123]  ? __pfx_eth_type_trans+0x10/0x10
[  747.716328][T14123]  ? convert___skb_to_skb+0x41/0x620
[  747.721622][T14123]  bpf_prog_test_run_skb+0xc97/0x1820
[  747.727017][T14123]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  747.732841][T14123]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  747.738663][T14123]  bpf_prog_test_run+0x33a/0x3b0
[  747.743651][T14123]  __sys_bpf+0x48d/0x810
[  747.747937][T14123]  ? __pfx___sys_bpf+0x10/0x10
[  747.752724][T14123]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  747.758728][T14123]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  747.765077][T14123]  ? do_syscall_64+0x100/0x230
[  747.769857][T14123]  __x64_sys_bpf+0x7c/0x90
[  747.774289][T14123]  do_syscall_64+0xf3/0x230
[  747.778802][T14123]  ? clear_bhb_loop+0x35/0x90
[  747.783498][T14123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.789433][T14123] RIP: 0033:0x7fadaaf75bd9
[  747.793854][T14123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  747.813459][T14123] RSP: 002b:00007fadabde9048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  747.821883][T14123] RAX: ffffffffffffffda RBX: 00007fadab104038 RCX: 00007fadaaf75bd9
[  747.829875][T14123] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  747.837940][T14123] RBP: 00007fadaafe4e60 R08: 0000000000000000 R09: 0000000000000000
[  747.845914][T14123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  747.853898][T14123] R13: 000000000000006e R14: 00007fadab104038 R15: 00007fff498940f8
[  747.861910][T14123]  </TASK>
[  747.865217][T14123] Kernel Offset: disabled
[  747.869620][T14123] Rebooting in 86400 seconds..