last executing test programs:

1m54.761902844s ago: executing program 0 (id=452):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1], 0x44}}, 0x0)

1m53.469804075s ago: executing program 0 (id=456):
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000540)={[{@session={'session', 0x3d, 0x287}}, {@file_umask={'file_umask', 0x3d, 0x9}}, {@iocharset={'iocharset', 0x3d, 'cp869'}}, {@part={'part', 0x3d, 0xa}}]}, 0x1, 0x2f0, &(0x7f0000000140)="$eJzs3c9u00oUx/HfOEmb/lGvb9urK93NRYVKsKkosEBsglC27FkhSpNKVaMi2iLRbiiIJeIB2PMKPAQbEC8AK1Y8QHdGM5kkduI4CTRxW74fqZEznrHPaDzxHEtgAfhj3at+fX/zu/0zUkEFSXekQFJZKkr6R/+Wn+0ebB806rWsAxVcC/tn1Gxpeups7tbTmtp2roUX2m9FzcfLMB5RFN39lncQyJ2b/SkCadrPQ7e/POG4xuVY+j/vGCYtPsDmRCd6roUcwwEAnAH+/h/428S8KzIKAmnV3/Yv1P3/JO8ATtetRk9RlNkgdv93q7vI2PH9y+3q5HsuhbP7g1aWOEwwpa7vU2peWYkFphmUVbpYgpmt7aLWNl+qFuiVKl6s2rL7rDUv3ZYB0a6k5KYZ+h+tpPuzzd64FWW3Vkhb2436tN1IiX9ptDP+PvPRfDYPTah3qrXXf8XI2GFyIxV2jVRQsvFf73/EOdfK1pJP+yuVSpCo8rc7yX/+DN6AXpbTM5L4MVsPCI7bEWTF6c69qORjhWbv1ge0WkprFba/9Wm1nGhV8FfC2uaTRuajlPFoddG8NQ/Min7og6qx9X9g41tVbGZm/dQbV9NfGc3+TKXXLLqaYc+dozNdLrUj8KZH7hukEZ+WvdFj3dbC/uHRTqHRqO/tHx7ZEXQbOxu+ZGej8XR+z/iS0mspvmuCG4XewDobOu6URNaLKBr2yNE4g792qge0vx/tEjt90irbWdYuCRI9jTdnY7gNO1NSdlU/pcyU87gRRVKfXeP6mcJZsm9ag+4LZnIOCJNm112mmf+5lbxf1bkUyX6EGev07CRTiSOutzO45FJw0X3OjpTBzfXP4GJnvNEnZ3Q51+Wr0pVYoVHmGUMf5wVhqvqiRzz/BwAAAAAAAAAAAAAAAAAAOG8m8S8N8u4jAAAAAAAAAAAAAAAAAAAAAADn3S+9/zft/4h37/8Nu9//O5eoc3rv/81+MxCAofwMAAD///n4dNU=")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)={0x14, 0x4, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000380)='./file1\x00', 0x1c802, &(0x7f0000002740)=ANY=[], 0x3, 0x5f4f, &(0x7f0000009040)="$eJzs3V1vHFf9B/DfPnj90H/TqPqrChEXbgqlpTTPCZSnplxwAUggoVyTyHWrQFpQEhCtIuIqF4gLHl4C3PSGi76RIvEKEC+ASAlXlaAMGvucZDxeex1i76x9Ph/JmfntmfGeydfj2fXM7AkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIL7z7R+e6UXElV+kB45G/F8MIvoRi3W9HPXMpbz8MCKOxXpzPBcRg/mIev31f56JOB8RHx+JuP/g9kr98Nld9uPC6Vs3Pv3ut/7269/fPfbjN3/0Ybv9B/9/7qPf3Ik4+v3XPvr0zt5sOwAAAJSiqqqql97mH0/v7/tddwoAmIp8/K+S/LharVar97T+XX+2+qMutG6qxrvTLCJirblO/ZrB6XgAOGDW4pOuu0CH5F+0YUQ81XUngJnW67oD7Iv7D26v9FK+vebxYHmjPf+dclP+a72H93dsN52kfY3JtH6+7sYgnt2mP4tT6sMsyfn32/lf2WgfpeX2O/9p2S7/0catT8XJ+Q/a+bdsyv8PEXFg8++Pzb9UOf/h4+S/NjjA+7/8AQAAAAA4/PLf/492fP53/sk3ZVd2Ov+7PKU+AAAAAAAAAMBee9Lx/x4y/h8AAADMrPq9eu2PRx49tt1nsdWPX+5FPN1aHihMullmqet+AAAAAAAAAAAAAEBJhhvX8F7uRcxFxNNLS1VV1V9N7fpxPen6B13p2w8l6/qXPAAAbPj4SOte/l7EQkRcTp/1N7e0tFRVC4tL1VK1OJ9fz47mF6rFxvvaPK0fmx/t4gXxcFTV32yhsV7TpPfLk9rb369+rlE12EXHpqPDwAEgIjaORvcdkQ6Zqnomun6Vw8Fg/z987P/sRtc/pwAAAMD+q6qq6qWP8z6ezvn3u+4UADANC/n43z4voFar1Wq1+vDVTdV4d5pFRKw116lfMxiOHwAOmLX4pOsu0CH5F20YEce67gQw03pdd4B9cf/B7ZVeyrfXPB6k8d3ztSCb8l/rra+X1x83naR9jcm0fr7uxiCe3aY/z02pD7Mk599v539lo32Ultvv/Kdlu/zr7TzaQX+6lvMftPNvOTz598fmX6qc//Cx8h/IHwAAAAAAZlj++//Rcs//DnJ/lqfUBwAAAAAAAADYa/cf3F7J973m8/+fHbNcrznn/s9DI+ff23X+7v89THL+/Xb+rQtyBo35e288yv+fD26vfHjrH5/J05nPf24wqp97rtcfDNM1P9XcW3EtrsdqnN6y/HBT+5kt7XOb2s9OaD+3pX1Uty/m9pOxEj+N6/Hmw/b5CRdGLUxorya05/wH9v8i5fyHja86/6XU3mtNa/c+6G/Z75vTcc9z6c//fnHr3jV9d2PwcNua6u070UF/1v9PnhrFz2+u3jj5y6u3bt04E2my6dGzkSZ7LOc/l75y/i+9sNGef+8399d7H4weO/9ZcTeG2+b/QmO+3t6Xp9y3LuT8R+kr55+PQOP3/4Oc//b7/ysd9AcAAAAAAAAAAAAAAAB2UlXV+i2ilyLiYrr/p6t7MwGAqfrt99JMlYRarVar1epDWzdV473eLGJh8zoXI+JX474ZADDL/hMRf++6E3RG/gXLn/dXTz/XdWeAqbr53vs/uXr9+uqNm133BAAAAAAAAAD4X+XxP5cb4z+vXwfUGjd60/ivb8TygR3/sz8arI91njbo+dh5/O8TsfP438MJzzc3oX00oX1+QvvChPaxN3o05PyfTxnn/I+nDStp/NeXOuhP13L+J9JYzzn/L7SWa+Zf/ekg59/flP+pW+/87NTN995/9do7V99efXv13TOnL54/d+H8uQsXTr117frq6Y1/O+zx/sr557GvXQdalpx/zlz+Zcn5fz7V8i9Lzv/FVMu/LDn//HpP/mXJ+ef3PvIvS87/5VTLvyw5/y+mWv5lyfm/kmr5lyXn/6VUy78sOf9XUy3/suT8T6Za/mXJ+Z9KtfzLkvPPZ7jkX5acf76yQf5lyfmfTbX8y5LzP5dq+Zcl538+1fIvS87/QqrlX5ac/8VUy78sOf8vp1r+Zcn5fyXV8i9Lzv+1VMu/LDn/r6Za/mXJ+X8t1fIvS87/66mWf1ly/t9ItfzLkvP/ZqrlX5ac/+upln9ZHn3+v5kpz/zrLxEz0A0zpc68+9edlun6NxMAAAAAAAAAAAAA0DaNK4273kYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+C87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLe3cXIVd5nAD/7Za8NCW4ghBAnrI0BA4t311/gEINJQkpJm1IS0qYlNY69Nk78Ve86AYTKUmhLFKQitRf0omkSpVGktgJFkZpKNEJqpPauXCXiJmolLiwVKgcllVIFtjpz3vfdmdnZmfXH4jnn/H4I/70zZ2beOXNmdp+1nhkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLbhY9N/PpBlWf5/4491WXZp/vc12Z78y7mdF3uFAAAAwPl6q/HnP1yWTtizjAs1bfNvH/qP78/Pz89nX3jz9Nt/OT+fzhjLsqHVWdY4L/r3X/5ivnmb4KlsdGCw6evBHjc/1OP84R7nj/Q4f1WP81f3OH+0x/mLdsAia4rfxzSubFPjr+uKXZpdkY00ztvU4VJPDaweHIy/y2kYaFxmfuRgdjg7kk1nk4suM9D4L8te2pDf1j1ZvK3Bpttan2XZmZ89vj+uYSDs401Zy401ND92b9yVjb35s8f3f2f29fd3mj13w6KVZtnmjfk6n86yhV9XZQPZ6rRP4joHm9a5vsM6h1rWOdC4XP739nWeWeY64/0eDet8pcs614fTHrk2y7K5bMlt2j2VDWZr22417e/R4ojIryN/KN+TDZ/VcbJhGcdJfpnXrm09TtqPybj/N4R9MrzEGpofjjeeXLVov5/rcZLf6344VvPrvi+/0dHR5l+tthyr+TaPX7f0MdDxsetwDKRjuekY2NjrGBhcNdQ4BgYX1ryx5RiYWnSZwWygcVunr+t+DEzMHj0xMfPoY7ccPrrv0PSh6WNTkzu3b9uxfduOHRMHDx+Zniz+PLtdWiJrs8F0DG4MrzXxGLyhbdvmQ3L+mxfueTDaJ8+D/L5/5vp8QZcOZksc4/k2T28+/+dB+r7f9DwYbnoedHxN7fA8GF7G8yDf5szm5X3PHG76v9MaVuq1cF3TMXAxvx/mt/ngjUu/Fq4P63rmprP9fji06BiId2sgPPfyU9LPe6O3hf2y+Li4Oj/jklXZqZnpk1se2Tc7e3IqC+MdcXnTY9V+vKxtuk/ZouNl8KyPlz1//6vrr+5w+rqwr0Zv7v5Y5dtsH+/+WDVe3Vv356qs2J8tp27NwrjA3un92em7Wb4/U5bosj/zbZ6+5fx/Fky5pOn1b6TX69/QyHDx+jeU9sZIy+vf4odmqLGyLDtzy/Je/0bC/+/0698VffL6l++rB7d0PwbybZ6ZONtjYLjr69+1YQ6E9dwYEsNoU+5/u3H+XHGYNj2WPY+b4eGRcNwMx1tsPW62LbpMfm35bW+ePLfjZvO1rY9Vy88tFTxu8n31V5Pdj5t8m5enzv+1Y038a9Nrx6pex8DI0Kp8vSPpIChe7+bXxGNgS7Y/O54dyQ6ky+SPcn5b41uXdwysCv+/068dV/XJMZDvq+e3dj8G8m1+tO3C/uy0OZyStmn62an99wtLZf6rhxeur323XejMn6/z4z/+VDqtU4bIt3l9+9nmjO776eZwyiUd9lP782epY/pA9s7sp6vCOo/s6P67qXybK3Yu83jak2XZq1OvNn7fFX6/+71TP/5+y+99O/1O+dWpV++duP8nZ7N+AADO3duNP+dWFT9rNv2L9XL+/R8AAAAohZj7B8NM5H8AAACojJj7h8JM5H8AAACojJj7h8NMapL/H75t1wtvPZGldwOcD+L5cTfcd0exXex4z4Wvx+YX5Kd/9NsjL3z1ieXd9mCWZb+69wMdt3/4jriuwom4zg+3nr7IVdcs6/YfemBhu+b3Tzizq7j+eH+WexjErvJLE1sb1zv26FRjvnxv1pj3zz3zVHH9xddx+9Pbiu3/JrxpyZ6DAy2X3xzWsynMsfCeMvftWdgP+YyXe2H9h/718s8u3F683MDGdzfu5vN/XFxvfI+o5y4vto/3e6n1/8vXvvtCvv0j13Ve/xODndd/Olzva2H+cnexffM+/2rT+v80rD/eXrzclm/9sOP6X3xfsf2L4bj4Rpjt67/rLz74VqfHK97OntuLy8Xbn/zf7Y3LxeuL19++/tEnplr2R/v1v/xmcT27v/zzoebt4+nxdqKHbm89vgfC49vSI8+y7Lt/lrXs5+wjxeX+uW398fpO3N55/Te3rfPEwDWNyy/cn3Ut9+vrf7e14/2N69nzj+ta7s9zd4f99+bEj/LrPX1/OB7D+f/3SnF97e9l+uLdra83cftvrCuet/H6JtrW/1zb+ueuyfdd7/Xf82ax/hfvXN2y/j2fCMfTPcXstf5Df3tZy+W/+Z3i8Tj5lfFjx2dOHT7QtFebn8erR9esveTSd737svBa2v713uOzD0+fHJscm8yysRK+ZeBKr/9bYf5PMeYu/C0UfvLz4rh79pPF960bflF8/Vw4/aHweMbvj1//65GW47X9cZ+7s5jnu/6bwjqW631f+69rlrXh6c+/dOqf/uT19p8L4v058d7Rxv17fsOVjfMGXi7Ob3+96uU/39v6vP7p8GRj/iDs1/nwzswbryxur/3643uTPPvp4vkbf5KLl8/a3k9k3VDr/Tjf9f80/Bzzw6taX//i8fGDJ9rezXldNpAvYS68PmRzxflxq7i/nz1zZcfbi+/Dk829/2yWuaSZR2cmjhw+duqRidnpmdmJmUcf23v0+Kljs3sb712694u9Lr/w/F7beH4fmN65PWs8248XY4Vd7PWfeGD/gVsnrz8wfXDfqYOzD5yYPnlo/8zM/ukDM9fvO3hw+iu9Ln/4wO6prbu23bp1/NDhA7tv27Vr267xw8eO58soFtXDzskvjR87ubdxkZnd23dN7dixfXL86PED07tvnZwcP9Xr8o3vTeP5pb88fnL6yL7Zw0enx2cOPza9e2rXzp1be77749ETB2fGJk6eOjZxamb65ERxX8ZmGyfn3/t6XZ56mDkeXu/aDISfzj938870/ri5bz+55FUVm7T+eJq9Ed4LKn5/6/V1zP0jYSY1yf8AAABQBzH3hzf+XzhD/gcAAIDKiLl/dZiJ/A8AAACVEXN/kfxH08e/1yX/X6j+/5P6/w36//r/mf5/ov+v/5/p/+v/96D/r/9f5vXr/+v/01u/9f9D7s/WZJl//wcAAICKirl/bZiJ/A8AAACVEXP/JWEm8j8AAABURsz9l4aZ1CT/+/x//X/9/279/7it/n+m/98P/f9N/63/v4j+v/5/pv9/zi52f77s6+/D/v8a/X/6Tb/1/2Puf1eYSU3yPwAAANRBzP3vDjOR/wEAAKAyYu6/LMxE/gcAAIDKiLl/XZhJTfK//r/+v/6/z//X/y9N/9/n/3eg/6//n+n/n7OL3Z8v+/r7sP/v8//pO/3W/4+5/9fCTGqS/wEAAKAOYu5/T5iJ/A8AAACVEXP/5WEm8j8AAABURsz9V4SZ1CT/17P//1qWZfr/mf6//n/bOvX/9f9Xgv6//n83+v/6/2Vev/6//j+99Vv/P+b+94aZ1CT/AwAAQB3E3H9lmIn8DwAAAJURc//7wkzkfwAAAKiMmPuvCjOpSf6vZ//f5//r/xf0/1vXqf+v/78S9P/1/7vR/9f/L/P69f/1/+mt3/r/Mfe/P8ykJvkfAAAA6iDm/qvDTOR/AAAAqIyY+z8QZiL/AwAAQGXE3L8+zKQm+V//X/9f/1//X/9f/38llav/P7jkOfr/Bf3/Vheu/z+3sAD9/9KsX/9f/5/e+q3/H3P/B8NMapL/AQAAoA5i7v9QmIn8DwAAAJURc/81YSbyPwAAAFRGzP1jYSY1yf/6//r/+v/6//r/+v8rqVz9/6Xp/xf0/1v5/H/9f/1//X+667f+f8z9G8JMapL/AQAAoA5i7t8YZiL/AwAAQGXE3H9tmIn8DwAAAJURc/+mMJOa5H/9f/1//X/9f/1//f+VpP+v/9+N/r/+f5nXr/+v/09v/db/j7n/ujCTmuR/AAAAqIOY+68PM5H/AQAAoDJi7r8hzET+BwAAgMqIuX9zmElN8r/+v/6//n+J+/9D+v+Z/n/f0//X/+9G/1//v8zr1//X/6e3fuv/x9x/Y5hJTfI/AAAA1EHM/TeFmcj/AAAAUBkx998cZiL/AwAAQGXE3D8eZlKT/K//r/+v/1/i/r/P/29Zv/5/f9L/L0v/f6T1S/3/ZdH/1//X/9f/p7t+6//H3H9LmElN8j8AAADUQcz9W8JM5H8AAACojJj7J8JM5H8AAACojJj7J8NMapL/9f/1//X/9f/1//X/V5L+f1n6/230/5dF/1//X/9f/5/u+q3/H3P/VJhJTfI/AAAA1EHM/VvDTOR/AAAAqIyY+7eFmcj/AAAAUBkx928PM6lJ/i9J/39LKkDp/+v/6//r/+v/l4r+v/5/N/r/+v9lXr/+v/4/rQY7nNZv/f+Y+3eEmdQk/wMAAEAdxNy/M8xE/gcAAIDKiLn/1jAT+R8AAAAqI+b+28JMapL/S9L/9/n/+v/6/030//X/y0T/X/+/G/1//f8yr1//X/+f3vqt/x9z/64wk5rkfwAAAKiDmPs/HGYi/wMAAEBlxNx/e5iJ/A8AAACl0ulzCKOY+z8SZlKT/K//X/X+//xq/X/9f/3/7uvX/19Z+v/6/93o/+v/l3n9+v/6//TWb/3/mPt3h5nUJP8DAABAHcTcf0eYifwPAAAAlRFz/51hJvI/AAAAVEbM/XvCTGqS//X/q97/9/n/+v/6/73Wr/+/svT/9f+70f8vZ/8//Nii/99H/f/8GNL/px/1W/8/5v67wkxqkv8BAACgDmLu/2iYifwPAAAAlRFz/8fCTOR/AAAAqIyY+z8eZlKT/K//r/+v/6//r/+v/7+S9P9XrP/feCnU/y/o/5+bi92fL/v6+6n/7/P/6Vf91v+Puf/uMJOa5H8AAACog5j7PxFmIv8DAABAZcTc/+thJvI/AAAAVEbM/feEmdQk/+v/6//r/+v/6//r/68k/X+f/9+N/r/+f5nXr/+v/09v/db/j7n/N8JMapL/AQAAoA5i7r83zET+BwAAgMqIuf+TYSbyPwAAAJTMqiXPibn/N8NMapL/y9f/Hytl/38wXb/+v/6//r/+v/7/haT/r/+f6f+fs4vdny/7+vX/9f/prd/6/zH3/1aYSU3yPwAAANRBzP2fCjOR/wEAAKAyYu7/7TAT+R8AAAAqI+b++8JMapL/L3T/v/3y3fj8f/3/TP9f/1//X///POn/6/9n+v/n7GL350u8/vijiP6//j899Fv/P+b+3wkzqUn+BwAAgDqIuf/+MBP5HwAAAPrUw2d9iZj7Px1mIv8DAABAZcTc/5kwk5rk//J9/r/+v/6//r/+v/5/mej/6/93o/+v/1/m9fv8f/1/euu3/n/M/Q+EmdQk/wMAAEAdxNz/2TAT+R8AAAAqI+b+3w0zkf8BAACgMmLu/70wk5rkf/1//X/9f/1//X/9/5Wk/7+4/5+/hun/F/T/9f/LvH79f/1/euu3/n/M/Z8LM6lJ/gcAAIA6iLn/98NM5H8AAACojJj7/yDMRP4HAACAyoi5/8Ewk5rkf/1//X/9f/1//X/9/5Wk/+/z/7vR/9f/L/P69f/1/+mt3/r/Mfd/PsykJvkfAAAA6iDm/j8MM5H/AQAAoDJi7t8bZiL/AwAAQGXE3P9QmElN8r/+v/6//r/+v/6//v9K0v/X/+9G/1//v8zr1//X/6e3fuv/x9y/L8xkT+vNAAAAAOUVc/8Xwkxq8u//AAAAUAcx9+8PM5H/AQAAoDJi7j8QZlKT/K//r/+v/6//r/+v/7+S9P/1/7vR/9f/L/P69f/1/+mt3/r/MfdPh5nUJP8DAABAHcTcfzDMRP4HAACAyoi5/1CYifwPAAAAlRFz/8NhJjXJ//r/+v/6/7Xt/7/yvbZ16v/r/68E/X/9/270//X/y7x+/X/9f3rrt/5/zP2Hw0xqkv8BAACgDmLu/2KYifwPAAAAlRFz/5fCTOR/AAAAqIyY+4+EmdQk/+v/6//r/9e2/7+8z/9fs3C7+v/6/+dC/1//vxv9f/3/Mq9f/1//n976rf8fc//RMJOa5H8AAACog5j7j4WZyP8AAABQGTH3Hw8zkf8BAACgMmLuPxFmUpP8r/9/dv3/gSW6gfr/ndev/1+B/n8T/X/9/3Oh/6//343+v/5/mdev/6//T2/91v+Puf+Pwkxqkv8BAACgDmLuPxlmIv8DAABAZcTcPxNmIv8DAABAZcTcPxtmUpP8r//v8//1//X/9f/1/1eS/r/+fzf6//r/ZV6//r/+P731W/8/5v5TYSY1yf8A8P/s3XeuXlfVx/HndV6Do4g5RMyAETAExoCEGAK9JPTQIfTeQm+hQ+i99x56b4HQqwTK9Vor2Nx7zrV9H3ufvT6fP7LCDSg7SpD4yXx1AAA6yN1/v7jF/gcAAIBp5O6/f9xi/wMAAMA0cvc/IG5psv/1//p//b/+X/+v/98n/b/+f4n+X/+/5ffr//X/rBut/8/d/8C4pcn+BwAAgA5y9z8obrH/AQAAYBq5+x8ct9j/AAAAMI3c/Q+JW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/fp//T/rRuv/c/c/NG5psv8BAACgg9z9D4tb7H8AAACYRu7+h8ct9j8AAABMI3f/dXFLk/2v/9f/6/832P//v/5f/78d+n/9/xL9v/5/y+/X/+v/WTda/5+7//q4pcn+BwAAgA5y9z8ibrH/AQAAYHPuft/Df567/5Fxi/0PAAAA08jd/6i4pcn+1//r//X/G+z/ff9f/78h+n/9/xL9v/5/y+/X/+v/WTda/5+7/9FxS5P9DwAAAB3k7n9M3GL/AwAAwDRy9z82brH/AQAAYOtO5+/k7n9c3NJk/+v/9f/6f/2//l//v0/6f/3/Ev2//n/L79f/6/9Zt/f+/143HNzj9v+5+2+IW5rsfwAAAOggd//j4xb7HwAAAKaRu/8JcYv9DwAAANPI3f/EuKXJ/tf/6//v7P///X/6f/2//v/On+v/T4b+X/+/RP+v/9/y+/X/+n/W7b3/X+n9z//XufufFLc02f8AAADQQe7+J8ct9j8AAABMI3f/U+IW+x8AAACmkbv/qXFLk/2v/9f/+/6//l//r//fJ/3/sP3/+f/VO5f+/1j0//r/o/r/ex7j/fp/Ohit/8/d/7S4pcn+BwAAgA5y9z89brH/AQAAYBq5+2+MW+x/AAAAmEbu/mfELU32v/5f/6//1/+f2/+fatn/3/Ez/f9+6P+H7f+X6f+PRf+v//f9f/0/y0br/3P3PzNuabL/AQAAoIPc/c+KW+x/AAAAmEbu/mfHLfY/AAAATCN3/3Pilib7X/+v/9f/6/8v6fv/V83R//v+//7o//X/S/T/+v8tv1//r/9n3Wj9f+7+58YtTfY/AAAATO/Urnb/8+IW+x8AAACmkbv/+XGL/Q8AAADTyN3/grilyf7X/+v/9f/6/0vq/yf5/r/+f3/0//r/Jcft/3f6//pr0f+P8379v/6fdaP1/7n7Xxi3NNn/AAAA0EHu/hfFLfY/AAAATCN3/4vjFvsfAAAAppG7/yVxS5P9r//X/+v/9f/6f/3/Pun/9f9LfP9f/7/l9+v/9f+sG63/z93/0rilyf4HAACADnL3vyxusf8BAABgGrn7Xx632P8AAAAwjdz9r4hbzt//py7nqy4f/b/+X/+v/9f/6//3Sf+v/1+i/z+8/z9zxJ9P/z/W+/X/+n/Wjdb/5+6/KW7x6/8AAAAwjdz9r4xb7H8AAACYRu7+V8Ut9j8AAABMI3f/q+OWJvv/qP7/9mvO/nH9//Ho/w9/v/5f/6//1//r//X/S/T/vv+/5ffr//X/rBut/8/d/5q4pcn+BwAAgA5y9782brH/AQAAYBq5+18Xt9j/AAAAMI3c/a+PW5rs/5P//v+1+n/9v/4/rv5f/6//1//r/5fp//X/W36//l//z7rR+v/c/W+IW5rsfwAAAOggd/8b4xb7HwAAAKaRu/9NcYv9DwAAANPI3f/muKXJ/j/5/t/3//X/F9j/n9L/J/1//H3V/+v/L4D+X/+/0/9ftCvdz2/9/fp//T/rRuv/c/fffDD1+u1/AAAA6ODmg9+e2b0lbrH/AQAAYBq5+98at9j/AAAAMI3c/W+LW5rsf/2//v+K9/++/1/0//H3Vf+v/78A+n/9/07/f9GudD+/9ffr//X/rBut/8/d//a4pcn+BwAAgA5y978jbrH/AQAAYBqx+8/+n9/tfwAAAJjSOw9+e2b3rrilyf5v3P9fe6n9/9X/9fv6/8Pfr/8/kf7/5vP/2dP/6/+3RP+v/1+i/9f/b/n94/T/8YPr9P+MZ7T+P3f/u+OWJvsfAAAAOsjd/564xf4HAACAaeTuvyVusf8BAABgGrn73xu3NNn/jfv/Sb7/f+/b4gX6/3n7f9//j6v/1/8fRv8/Qf9/x//80v/Xn1//v533j9P/+/4/4xqt/8/d/764pcn+BwAAgA5y978/brH/AQAAYBq5+z8Qt9j/AAAAMI3c/R+MW5rsf/3/1vt/3//X/+v/9f9j0//r/5f4/r/+f8vv1//r/1k3Wv+fu/9DcUuT/Q8AAAAd5O7/cNxi/wMAAMA0cvd/JG6x/wEAAGAaufs/Grc02f/6f/3/vvr/O/4k+v8m/f/1+v+d/v9I+n/9/xL9v/5/y+/X/+v/WTda/5+7/2NxS5P9DwAAAB3k7v943GL/AwAAwDRy938ibrH/AQAAYBq5+z8ZN9zjblfuSSfr9BE/j95c/6//9/1//b/v/+v/90n/r/9fov/X/2/5/fp//T/rRuv/c/d/Km7x6/8AAAAwjdz9n45b7H8AAACYRu7+z8Qt9j8AAABMI3f/Z+OWJvtf/6//1/9vtv+/Wv9/7vv1/2PS/+v/l+j/9f9bfv+x+/9bD//P6//pYLT+P3f/5+KWJvsfAAAAOsjd//m4xf4HAACAaeTu/0LcYv8DAADANHL3fzFuabL/9f/6f/3/Zvt/3/8/7/36/zHp//X/S/T/+v8tv9/3//X/rBut/8/d/6W4pcn+BwAAgA5y9385brH/AQAAYBq5+78St9j/AAAAMI3c/V+NW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/fp//T/rRuv/c/d/LW5psv8BAACgg9z9X49b7H8AAACYRu7+b8Qt9j8AAABMI3f/N+OWJvt/5v5/6d+m/z9L/6//3+n/9f97pv/X/y/R/+v/t/x+/b/+n3Wj9f+5+78VtzTZ/wAAANBB7v5vxy32PwAAAEwjd/+tcYv9DwAAANPI3f+duKXJ/p+5/1+i/z9L/6//3+n/9f97pv/X/y/R/+v/t/x+/b/+n3VXqP8/vTui/8/d/924pcn+BwAAgA5y938vbrH/AQAAYBq5+78ft9j/AAAAMI3c/T+IW+bZ//e5ZeEP6v9PvP8/+IdI/6//3+n/9f/6/wP6f/3/Ev2//n/L79f/6/9ZN9r3/3P3/zBumWf/AwAAQHu5+38Ut9j/AAAAMI3c/T+OW+x/AAAAmEbu/p/ELU32v/7f9//1/636/6t2+n/9/2Wm/9f/L9H/6/+3/H79v/6fdaP1/7n7fxq35PC75mL+KgEAAICR5O7/WdzS5Nf/AQAAoIPc/T+PW+x/AAAAmEbu/l/ELU32v/5f/6//b9X/+/6//v+y0//r/5fo//X/W35/9v/5z53+X//P/xqt/8/d/8u4pcn+BwAAgA5y9/8qbrH/AQAAYBq5+38dt9j/AAAAMI3c/b+JW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/b7/r/9n3Wj9f+7+2+KWJvsfAAAAOsjd/9u4xf4HAACAaeTu/13cYv8DAADANHL33x63NNn/+n/9/5T9/131//p//f8o9P/6/yX6f/3/lt+v/9f/s260/j93/+/jlib7HwAAADrI3f+HuMX+BwAAgGnk7v9j3GL/AwAAwDRy9/8pbmmy//X/+v8L7/9P11/3sP2/7//r//X/w5i3/7+L/v+w/v/Mhb2/e/9/401nf6z/3+b79f/6f9aN1v/n7v9z3NJk/wMAAEAHufv/ErfY/wAAADCN3P1/jVvsfwAAAJhG7v6/xS1N9r/+X/8/5ff/9f/6f/3/MObt/33/3/f/ff9f/6//1/+zZrT+P3f/3+OWJvsfAAAAOsjd/4+4xf4HAACAaeTu/2fcYv8DAADANHL3/ytuabL/9f/6f/2//l//r//fJ/2//n+J/l//v+X36//1/6wbrf/P3f+fAAAA///vXi84")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a439, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

1m52.152303915s ago: executing program 0 (id=460):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x282a2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000200)=0x12)
ioctl$SOUND_PCM_READ_RATE(r1, 0x80045002, 0x0)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000040))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
clock_gettime(0xfffffffffffffff1, &(0x7f0000000000))
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xfffffffffffffd0e)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1b, &(0x7f0000000280)=0x1e51, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
pwritev2(0xffffffffffffffff, &(0x7f00000006c0)=[{&(0x7f0000000080)='7', 0x1}], 0x1, 0x6e45, 0x80, 0x0)
r6 = fanotify_init(0x0, 0x0)
write$binfmt_elf64(r6, &(0x7f00000006c0)=ANY=[@ANYBLOB="7f454c4622"], 0x18)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x20000000)
ioctl$USBDEVFS_FREE_STREAMS(r5, 0x802c550a, 0x0)

1m50.371917542s ago: executing program 0 (id=463):
r0 = syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000580)='./file1\x00', 0x40c0, &(0x7f0000002480)=ANY=[], 0x3, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a00)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x400, 0x8, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8db48224ad54afa051d875397bdb22d0000b420a100005240f45f819e00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x6]}})
mount_setattr(r0, &(0x7f0000000280)='./file1\x00', 0x100, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000480)={0x0, {}, 0x0, {}, 0x3, 0x0, 0x1e, 0x28, "561bfcadb322e7a648b826f003c1851a9c242527cb3d254dada276366a87ccc588949546a12cc5809eccd37a8564cabfda4c147b3a45b8e943bced07fd3fffbf", "2b416beaef043ee1e602417940bd7c3771390871faaa7103228109660205a039", [0x3, 0x7]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mount(&(0x7f00000000c0), &(0x7f0000000140)='./bus\x00', 0x0, 0x18c7c80, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x109)

1m47.173360759s ago: executing program 0 (id=475):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x6f)
read$dsp(0xffffffffffffffff, &(0x7f00000002c0)=""/4096, 0x1000)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r5, 0x40045567, 0x0)
ioctl$UI_ABS_SETUP(r5, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x3)
write$uinput_user_dev(r5, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x4, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000]}, 0x45c)
ioctl$UI_DEV_CREATE(r5, 0x5501)
write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
ioctl$SNDCTL_DSP_GETISPACE(0xffffffffffffffff, 0x8010500d, &(0x7f00000014c0))
sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
shutdown(r0, 0x1)
pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

1m46.682047385s ago: executing program 0 (id=478):
ustat(0x100, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = gettid()
r5 = epoll_create(0x400)
r6 = eventfd(0x0)
kcmp$KCMP_EPOLL_TFD(r4, r4, 0x7, r6, &(0x7f0000000080)={r5, r6, 0x1000000})

1m46.270784182s ago: executing program 32 (id=478):
ustat(0x100, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = gettid()
r5 = epoll_create(0x400)
r6 = eventfd(0x0)
kcmp$KCMP_EPOLL_TFD(r4, r4, 0x7, r6, &(0x7f0000000080)={r5, r6, 0x1000000})

6.405202854s ago: executing program 4 (id=892):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x3844811, &(0x7f0000000180)=ANY=[], 0x1, 0x67e, &(0x7f0000000ec0)="$eJzs3c1vHGcdB/DvbDZONi3BTZO2oEq1GgSIiMSO5YK5NCCEfKhQVQ6crWTTWNmkxXaRWyHq8HrtoX9AOfiCOCFxj1Q4cIFbb8jHSkhcesGcFs3srL1+7bppvDZ8PtHs8zzzzDzze36zM/tiRRvg/9bclTQfpsjclVdWyvb62nRnfW36Xr+e5EyS1aSZpJGk+He32/0wuZEUm8MUO8pd3l+Yfe2jT9Y/7rWa9VJt3zhovx3q7VZ3rF7tr5tIcqouH8G28W4+8njFZuQ3klyuSxi500m62/zkr09u9gxo7bX32SOJEXi8it7r5i7jybn6Qi/fB/RfeRtHG93wzgy53c53EAAAAHDSDPMZ+Isb2chKcf4IwgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/Catbv/9f1EujX59I0f/9/7F6Xer68fLC4TZ/+LjiAAAAAAAAAIAj9MJGNrKS8/12t6j+5v9i1bhYPT6Rt7KUdhZzNSuZz3KWs5ipJOMDA42tzC8vL04Nsef1Pfe8/imBnqnL1uczbwAAAAAAAAA48da3tX6Rua2//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHFQJKd6RYoHA6vH02gmOZtkrFyxmvy9Xz/JHo46AAAAAHj8nkuykZWc76/oFrmY5JnqO4CzeSv3s5yFLKeTdm5V3wv0PvU31temO+tr0/fKZffA3/3XoeKoRkzvu4e9j1xG2ug+UW/fztXczBvp5FYa1Z7VbOp4+qNuj+tUXb7cM2Rkt+qynPl7dbnLu4ea7H4O+WXKeJWz07mdhSpHk3VsZTae6p+Zvc/QIc/OziNNpbEZ7MUdRxrbPpkH5ZGKlw+X83N1Wc7nN/vlfCR2ZuL6wLPvmYNznnztT3/48WRdPz5TGk7/4ulWj63dmZgeyMSzw2TiTuf+3Tu3l66ctEzsMlll4tJmey4/yI9yJRN5NYtZyE8zn+W0M5HvV7X5+uQXA5f8Ppm6sa316qdFMlY/Q3sn63AxvVjtez4L+WHeyK2081L173qm8q3MZCazA2f40sFnuLrqG/tc9d0v7Bn85a/XlVaS39bl8VDm9amBvA7ec8ervsE1W1m6MESWDnlvbH65rpTH+GVdHg87MzE1kImnD87E76rbylLn/t3FO/NvDne4C+/VlfI6+nUycXxuJOXz5UJ5sqrW9mdH2ff0nn1TVd/Fzb7Grr5Lm329K3V13yt1rH4Pt3uk61Xfs3v2TVd9zw30tTb7tt5vAXDsnfvGubHWP1t/a33Q+lXrTuuVs9878+0zz4/l9J9Pf6c5eeqrjeeLP+aD/Hzr8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDZLb39zt35Tqe9uKPS7Xbf3adryEqzPsJn3P0RKpn4R/V7gXt09X/O7Ajj+dKTSXvxK0edhGNW+U+3263XFPts8/u/lIkafajznfLZXzkWqRtRZXT3JOBoXFu+9+a1pbff+ebCvfnX26+378/OzMxOzs68NH3t9kKnPdl7HHWUwOOw9aI/6kgAAAAAAAAAAACAYR3FfycY9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk23uSpoPU2Rq8upk2V5fm+6US7++tWUzSSNJ8bOk+DC5kd6S8YHhiv2O8/7C7GsffbL+8dZYzf72jYP2G85qvWQiyale+eDzGu9mXR6oOGgKxeYMy4Rd7icORu2/AQAA//+XIAU6")
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
setresuid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x84, 0xb, 0x6, 0x3, 0x0, 0x0, {0x2, 0x0, 0x2}, [@IPSET_ATTR_DATA={0x3c, 0x7, 0x0, 0x1, [@IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz2\x00'}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}}, @IPSET_ATTR_CIDR2={0x5, 0x15, 0x2}, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0xe73c}]}, @IPSET_ATTR_ADT={0x2c, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x10}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x2}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PROTO={0x5, 0x7, 0x73}}]}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x84}, 0x1, 0x0, 0x0, 0x44000}, 0x4000000)

5.23194041s ago: executing program 4 (id=897):
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x2000003, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_clone3(&(0x7f0000002c00)={0x100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

5.000721838s ago: executing program 4 (id=900):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000007000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x7c8a, &(0x7f0000000000), &(0x7f0000000080), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_FILES_UPDATE(r4, 0x2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[0xffffffffffffffff]}, 0x1)
io_uring_register$IORING_UNREGISTER_FILES(r4, 0x3, 0x0, 0x0)

4.726271868s ago: executing program 5 (id=901):
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x1a, &(0x7f00000002c0)=0x3, 0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x6002, 0x0, 0x7, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x2a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r2 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0)
write$rfkill(r2, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[])
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000001c0))
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
timerfd_create(0x1, 0x0)

4.725519768s ago: executing program 1 (id=902):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

4.505996577s ago: executing program 1 (id=904):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000000)=0x3)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

4.505635787s ago: executing program 2 (id=905):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0xf00, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fstat(r2, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setreuid(0x0, r3)
fanotify_mark(r1, 0x1, 0x5000006a, r0, 0x0)

3.891139105s ago: executing program 2 (id=907):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x25, 0x4, 0x0, 0x0, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x3, 0xfffffff9, 0x4]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3a}, 0x658}, {@broadcast}, {@empty, 0x3}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x4, 0x0, 0x3, 0x8}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3.829953914s ago: executing program 1 (id=908):
r0 = socket$inet6(0xa, 0x3, 0x9)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x6, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r1, r2, 0x6, 0x0, @void}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@cgroup=r3, 0x6, 0x1, 0x0, &(0x7f000001f380)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
r7 = syz_create_resource$binfmt(&(0x7f0000000040)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r7, 0x42, 0x1ff)
r8 = openat$binfmt(0xffffffffffffff9c, r7, 0x2, 0x0)
write(r8, &(0x7f0000000180)="01", 0x1)
close(r8)
execveat$binfmt(0xffffffffffffff9c, r7, 0x0, 0x0, 0x0)

2.816453701s ago: executing program 1 (id=910):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000100), 0x4)

2.63370922s ago: executing program 1 (id=911):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./bus\x00', 0x1c802, &(0x7f0000002740)=ANY=[@ANYRES8=0x0], 0x1, 0x5f16, &(0x7f0000009040)="$eJzs3V1vHFcZB/BnX7x+KU2jClUh4iJNobSU5j2B8taUCy4ACSSUaxK5bhVIASUB0SoirnKBuODlI8BNb7joFylfAfEBiBRzVQnKoLHPScbjddZp4p1dn99PcmaePTPeM/l7PLuemT0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3vvvj072IuPzr9MDhiM/EIKIfsVzXx6KeuZiXH0bEkdhsjuciYrAYUa+/+c8zEeci4qNDEfc2bq3WD5/ZYz/On7p5/ZPvf+cfv/vTnSM/ffMnH7Tbf/TZsx/+/nbE4R++9uEnt5/MtgMAAEApqqqqeult/tH0/r7fdacAgKnIx/8qyY+r1Wq1+onWf+zPVn/UhdZN1Xi3m0VErDfXqV8zOB0PAHNmPT7uugt0SP5FG0bEU113Aphpva47wL64t3FrtZfy7TWPB8e22vPfKbflv967f3/HbtNJ2teYTOvn604M4tld+rM8pT7Mkpx/v53/5a32UVpuv/Oflt3yH23d+lScnP+gnX/Ltvz/HBFzm39/bP6lyvkPHyX/9cEc7//yBwAAAADg4Mt//z/c8fnfxcfflD152PnfY1PqAwAAAAAAAAA8aY87/t99xv8DAACAmVW/V6/95dCDx3b7LLb68Uu9iKdbywOFSTfLrHTdDwAAAAAAAAAAAAAoyXDrGt5LvYiFiHh6ZaWqqvqrqV0/qsddf96Vvv1Qsq5/yQMAwJaPDrXu5e9FLEXEpfRZfwsrKytVtbS8Uq1Uy4v59exocalabryvzdP6scXRHl4QD0dV/c2WGus1TXq/PKm9/f3q5xpVgz10bDo6DBwAImLraHTPEemAqapnoutXOcwH+//BY/9nL7r+OQUAAAD2X1VVVS99nPfRdM6/33WnAIBpWMrH//Z5AbVarVar1QevbqrGu90sImK9uU79msFw/AAwZ9bj4667QIfkX7RhRBzpuhPATOt13QH2xb2NW6u9lG+veTxI47vna0G25b/e21wvrz9uOkn7GpNp/XzdiUE8u0t/nptSH2ZJzr/fzv/yVvsoLbff+U/LbvnX23m4g/50Lec/aOffcnDy74/Nv1Q5/+Ej5T+QPwAAAAAAzLD89//Dzv/mTQYAAAAAAACAuXNv49Zqvu81n////Jjles05938eGDn/3p7zd//vQZLz77fzb12QM2jM333jQf7/3ri1+sHNf30uT2c+/4XBqH7uhV5/MEzX/FQLb8XVuBZrcWrH8sNt7ad3tC9saz8zof3sjvZR3b6c20/EavwirsWb99sXJ1wYtTShvZrQnvMf2P+LlPMfNr7q/FdSe681rd19v79jv29Oxz3Pxb/998Wde9f03YnB/W1rqrfveAf92fw/eWoUv7qxdv3Eb67cvHn9dKTJtkfPRJo8YTn/hfSV83/pha32/Hu/ub/efX/0yPnPijsx3DX/Fxrz9fa+POW+dSHnP0pfOf98BBq//89z/rvv/6900B8AAAAAAAAAAAAAAAB4mKqqNm8RvRgRF9L9P13dmwkATNUffpBmqiTUarVarVYf2LqpGu/1ZhFL29e5EBG/HffNAIBZ9r+I+GfXnaAz8i9Y/ry/evqFrjsDTNWNd9/72ZVr19au3+i6JwAAAAAAAADAp5XH/zzWGP958zqg1rjR28Z/fSOOze34n/3RYHOs87RBz8fDx/8+Hg8f/3s44fkWJrSPJrQvTmhfmtA+9kaPhpz/8ynjnP/RtGEljf/6Ugf96VrO/3ga6znn/6XWcs38q7/Oc/79bfmfvPnOL0/eePe9V6++c+XttbfXfn761IVzZ8+fO3v+/Mm3rl5bO7X1b4c93l85/zz2tetAy5Lzz5nLvyw5/y+mWv5lyfm/mGr5lyXnn1/vyb8sOf/83kf+Zcn5v5xq+Zcl5//lVMu/LDn/V1It/7Lk/L+SavmXJef/aqrlX5ac/4lUy78sOf+TqZZ/WXL++QyX/MuS889XNsi/LDn/M6mWf1ly/mdTLf+y5PzPpVr+Zcn5n0+1/MuS87+QavmXJef/1VTLvyw5/6+lWv5lyfm/lmr5lyXn//VUy78sOf9vpFr+Zcn5fzPV8i9Lzv9bqZZ/WXL+3061/MuS83891fIvy4PP/zcz5Zn//D1iBrphxsy4ma5/MwEAAAAAAAAAAAAAbdO4nLjrbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7PDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd3cxcpX3GcDPftlrQ4IbCCHECWtjwMDi3fUXOMRgkpBS0qaUhLRpSY1jr40Tf9W7TgChshTaEgWpSO0FvWiaRGkUqa1AUaSmEo2QGqm9K1eJuIlaiQtLhcpBSaVUga3OnPd9d2Z2dmb9sXjOOb8fwn/vzJmZd86cmd1nrWcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZhs+Nv3nA1mW5f83/liXZZfmf1+T7cm/nNt5sVcIAAAAnK+3Gn/+w2XphD3LuFDTNv/2of/4/vz8/Hz2hTdPv/2X8/PpjLEsG1qdZY3zon//5S/mm7cJnspGBwabvh7scfNDPc4f7nH+SI/zV/U4f3WP80d7nL9oByyypvh9TOPKNjX+uq7YpdkV2UjjvE0dLvXUwOrBwfi7nIaBxmXmRw5mh7Mj2XQ2uegyA43/suylDflt3ZPF2xpsuq31WZad+dnj++MaBsI+3pS13FhD82P3xl3Z2Js/e3z/d2Zff3+n2XM3LFpplm3emK/z6Sxb+HVVNpCtTvskrnOwaZ3rO6xzqGWdA43L5X9vX+eZZa4z3u/RsM5XuqxzfTjtkWuzLJvLltym3VPZYLa27VbT/h4tjoj8OvKH8j3Z8FkdJxuWcZzkl3nt2tbjpP2YjPt/Q9gnw0usofnheOPJVYv2+7keJ/m97odjNb/u+/IbHR1t/tVqy7Gab/P4dUsfAx0fuw7HQDqWm46Bjb2OgcFVQ41jYHBhzRtbjoGpRZcZzAYat3X6uu7HwMTs0RMTM48+dsvho/sOTR+aPjY1uXP7th3bt+3YMXHw8JHpyeLPs9ulJbI2G0zH4MbwWhOPwRvatm0+JOe/eeGeB6N98jzI7/tnrs8XdOlgtsQxnm/z9Obzfx6k7/tNz4PhpudBx9fUDs+D4WU8D/Jtzmxe3vfM4ab/O61hpV4L1zUdAxfz+2F+mw/euPRr4fqwrmduOtvvh0OLjoF4twbCcy8/Jf28N3pb2C+Lj4ur8zMuWZWdmpk+ueWRfbOzJ6eyMN4Rlzc9Vu3Hy9qm+5QtOl4Gz/p42fP3v7r+6g6nrwv7avTm7o9Vvs328e6PVePVvXV/rsqK/dly6tYsjAvsnd6fnb6b5fszZYku+zPf5ulbzv9nwZRLml7/Rnq9/g2NDBevf0Npb4y0vP4tfmiGGivLsjO3LO/1byT8/06//l3RJ69/+b56cEv3YyDf5pmJsz0Ghru+/l0b5kBYz40hMYw25f63G+fPFYdp02PZ87gZHh4Jx81wvMXW42bbosvk15bf9ubJcztuNl/b+li1/NxSweMm31d/Ndn9uMm3eXnq/F871sS/Nr12rOp1DIwMrcrXO5IOguL1bn5NPAa2ZPuz49mR7EC6TP4o57c1vnV5x8Cq8P87/dpxVZ8cA/m+en5r92Mg3+ZH2y7sz06bwylpm6afndp/v7BU5r96eOH62nfbhc78+To//uNPpdM6ZYh8m9e3n23O6L6fbg6nXNJhP7U/f5Y6pg9k78x+uiqs88iO7r+byre5Yucyj6c9WZa9OvVq4/dd4fe73zv14++3/N630++UX5169d6J+39yNusHAODcvd34c25V8bNm079YL+ff/wEAAIBSiLl/MMxE/gcAAIDKiLl/KMxE/gcAAIDKiLl/OMykJvn/4dt2vfDWE1l6N8D5IJ4fd8N9dxTbxY73XPh6bH5BfvpHvz3ywlefWN5tD2ZZ9qt7P9Bx+4fviOsqnIjr/HDr6Ytcdc2ybv+hBxa2a37/hDO7iuuP92e5h0HsKr80sbVxvWOPTjXmy/dmjXn/3DNPFddffB23P72t2P5vwpuW7Dk40HL5zWE9m8IcC+8pc9+ehf2Qz3i5F9Z/6F8v/+zC7cXLDWx8d+NuPv/HxfXG94h67vJi+3i/l1r/v3ztuy/k2z9yXef1PzHYef2nw/W+FuYvdxfbN+/zrzat/0/D+uPtxctt+dYPO67/xfcV278YjotvhNm+/rv+4oNvdXq84u3sub24XLz9yf/d3rhcvL54/e3rH31iqmV/tF//y28W17P7yz8fat4+nh5vJ3ro9tbjeyA8vi098izLvvtnWct+zj5SXO6f29Yfr+/E7Z3Xf3PbOk8MXNO4/ML9Wddyv77+d1s73t+4nj3/uK7l/jx3d9h/b078KL/e0/eH4zGc/3+vFNfX/l6mL97d+noTt//GuuJ5G69vom39z7Wtf+6afN/1Xv89bxbrf/HO1S3r3/OJcDzdU8xe6z/0t5e1XP6b3ykej5NfGT92fObU4QNNe7X5ebx6dM3aSy5917svC6+l7V/vPT778PTJscmxySwbK+FbBq70+r8V5v8UY+7C30LhJz8vjrtnP1l837rhF8XXz4XTHwqPZ/z++PW/Hmk5Xtsf97k7i3m+678prGO53ve1/7pmWRue/vxLp/7pT15v/7kg3p8T7x1t3L/nN1zZOG/g5eL89terXv7zva3P658OTzbmD8J+nQ/vzLzxyuL22q8/vjfJs58unr/xJ7l4+azt/UTWDbXej/Nd/0/DzzE/vKr19S8eHz94ou3dnNdlA/kS5sLrQzZXnB+3ivv72TNXdry9+D482dz7z2aZS5p5dGbiyOFjpx6ZmJ2emZ2YefSxvUePnzo2u7fx3qV7v9jr8gvP77WN5/eB6Z3bs8az/XgxVtjFXv+JB/YfuHXy+gPTB/edOjj7wInpk4f2z8zsnz4wc/2+gwenv9Lr8ocP7J7aumvbrVvHDx0+sPu2Xbu27Ro/fOx4voxiUT3snPzS+LGTexsXmdm9fdfUjh3bJ8ePHj8wvfvWycnxU70u3/jeNJ5f+svjJ6eP7Js9fHR6fObwY9O7p3bt3Lm157s/Hj1xcGZs4uSpYxOnZqZPThT3ZWy2cXL+va/X5amHmePh9a7NQPjp/HM370zvj5v79pNLXlWxSeuPp9kb4b2g4ve3Xl/H3D8SZlKT/A8AAAB1EHN/eOP/hTPkfwAAAKiMmPtXh5nI/wAAAFAZMfcXyX80ffx7XfL/her/P6n/36D/r/+f6f8n+v/6/5n+v/5/D/r/+v9lXr/+v/4/vfVb/z/k/mxNlvn3fwAAAKiomPvXhpnI/wAAAFAZMfdfEmYi/wMAAEBlxNx/aZhJTfK/z//X/9f/79b/j9vq/2f6//3Q/9/03/r/i+j/6/9n+v/n7GL358u+/j7s/6/R/6ff9Fv/P+b+d4WZ1CT/AwAAQB3E3P/uMBP5HwAAACoj5v7LwkzkfwAAAKiMmPvXhZnUJP/r/+v/6//7/H/9/9L0/33+fwf6//r/mf7/ObvY/fmyr78P+/8+/5++02/9/5j7fy3MpCb5HwAAAOog5v73hJnI/wAAAFAZMfdfHmYi/wMAAEBlxNx/RZhJTfJ/Pfv/r2VZpv+f6f/r/7etU/9f/38l6P/r/3ej/6//X+b16//r/9Nbv/X/Y+5/b5hJTfI/AAAA1EHM/VeGmcj/AAAAUBkx978vzET+BwAAgMqIuf+qMJOa5P969v99/r/+f0H/v3Wd+v/6/ytB/1//vxv9f/3/Mq9f/1//n976rf8fc//7w0xqkv8BAACgDmLuvzrMRP4HAACAyoi5/wNhJvI/AAAAVEbM/evDTGqS//X/9f/1//X/9f/1/1dSufr/g0ueo/9f0P9vdeH6/3MLC9D/L8369f/1/+mt3/r/Mfd/MMykJvkfAAAA6iDm/g+Fmcj/AAAAUBkx918TZiL/AwAAQGXE3D8WZlKT/K//r/+v/6//r/+v/7+SytX/X5r+f0H/v5XP/9f/1//X/6e7fuv/x9y/IcykJvkfAAAA6iDm/o1hJvI/AAAAVEbM/deGmcj/AAAAUBkx928KM6lJ/tf/1//X/9f/1//X/19J+v/6/93o/+v/l3n9+v/6//TWb/3/mPuvCzOpSf4HAACAOoi5//owE/kfAAAAKiPm/hvCTOR/AAAAqIyY+zeHmdQk/+v/6//r/5e4/z+k/5/p//c9/X/9/270//X/y7x+/X/9f3rrt/5/zP03hpnUJP8DAABAHcTcf1OYifwPAAAAlRFz/81hJvI/AAAAVEbM/eNhJjXJ//r/+v/6/yXu//v8/5b16//3J/1//f9u9P/1/8u8fv1//X9667f+f8z9t4SZ1CT/AwAAQB3E3L8lzET+BwAAgMqIuX8izET+BwAAgMqIuX8yzKQm+V//X/9f/1//X/9f/38l6f/r/3ej/6//X+b16//r/9Nbv/X/Y+6fCjOpSf4HAACAOoi5f2uYifwPAAAAlRFz/7YwE/kfAAAAKiPm/u1hJjXJ/yXp/29JBSj9f/1//X/9f/3/UtH/1//vRv9f/7/M69f/1/+n1WCH0/qt/x9z/44wk5rkfwAAAKiDmPt3hpnI/wAAAFAZMfffGmYi/wMAAEBlxNx/W5hJTfJ/Sfr/Pv9f/1//v4n+v/5/mej/6/93o/+v/1/m9ev/6//TW7/1/2Pu3xVmUpP8DwAAAHUQc/+Hw0zkfwAAAKiMmPtvDzOR/wEAAKBUOn0OYRRz/0fCTGqS//X/q97/n1+t/6//r//fff36/ytL/1//vxv9f/3/Mq9f/1//n976rf8fc//uMJOa5H8AAACog5j77wgzkf8BAACgMmLuvzPMRP4HAACAyoi5f0+YSU3yv/5/1fv/Pv9f/1//v9f69f9Xlv6//n83+v/l7P+HH1v0//uo/58fQ/r/9KN+6//H3H9XmElN8j8AAADUQcz9Hw0zkf8BAACgMmLu/1iYifwPAAAAlRFz/8fDTGqS//X/9f/1//X/9f/1/1eS/v+K9f8bL4X6/wX9/3NzsfvzZV9/P/X/ff4//arf+v8x998dZlKT/A8AAAB1EHP/J8JM5H8AAACojJj7fz3MRP4HAACAyoi5/54wk5rkf/1//X/9f/1//X/9/5Wk/+/z/7vR/9f/L/P69f/1/+mt3/r/Mff/RphJTfI/AAAA1EHM/feGmcj/AAAAUBkx938yzET+BwAAgJJZteQ5Mff/ZphJTfJ/+fr/Y6Xs/w+m69f/1//X/9f/1/+/kPT/9f8z/f9zdrH782Vfv/6//j+99Vv/P+b+3wozqUn+BwAAgDqIuf9TYSbyPwAAAFRGzP2/HWYi/wMAAEBlxNx/X5hJTfL/he7/t1++G5//r/+f6f/r/+v/6/+fJ/1//f9M//+cXez+fNnXr/+v/09v/db/j7n/d8JMapL/AQAAoA5i7r8/zET+BwAAgD718FlfIub+T4eZyP8AAABQGTH3fybMpCb5v3yf/6//r/+v/6//r/9fJvr/+v/d6P/r/5d5/fr/+v/01m/9/5j7HwgzqUn+BwAAgDqIuf+zYSbyPwAAAFRGzP2/G2Yi/wMAAEBlxNz/e2EmNcn/+v/6//r/+v/6//r/K0n/f3H/P38N0/8v6P/r/5d5/fr/+v/01m/9/5j7PxdmUpP8DwAAAHUQc//vh5nI/wAAAFAZMff/QZiJ/A8AAACVEXP/g2EmNcn/+v/6//r/+v/6//r/K0n/3+f/d6P/r/9f5vXr/+v/01u/9f9j7v98mElN8j8AAADUQcz9fxhmIv8DAABAZcTcvzfMRP4HAACAyoi5/6Ewk5rkf/1//X/9f/1//X/9/5Wk/6//343+v/5/mdev/6//T2/91v+PuX9fmMme1psBAAAAyivm/i+EmdTk3/8BAACgDmLu3x9mIv8DAABAZcTcfyDMpCb5X/9f/1//X/9f/1//fyXp/+v/d6P/r/9f5vXr/+v/01u/9f9j7p8OM6lJ/gcAAIA6iLn/YJiJ/A8AAACVEXP/oTAT+R8AAAAqI+b+h8NMapL/9f/1//X/a9v/f+V7bevU/9f/Xwn6//r/3ej/6/+Xef36//r/9NZv/f+Y+w+HmdQk/wMAAEAdxNz/xTAT+R8AAAAqI+b+L4WZyP8AAABQGTH3HwkzqUn+1//X/9f/r23/f3mf/79m4Xb1//X/z4X+v/5/N/r/+v9lXr/+v/4/vfVb/z/m/qNhJjXJ/wAAAFAHMfcfCzOR/wEAAKAyYu4/HmYi/wMAAEBlxNx/IsykJvlf///s+v8DS3QD9f87r1//vwL9/yb6//r/50L/X/+/G/1//f8yr1//X/+f3vqt/x9z/x+FmdQk/wMAAEAdxNx/MsxE/gcAAIDKiLl/JsxE/gcAAIDKiLl/NsykJvlf/9/n/+v/6//r/+v/ryT9f/3/bvT/9f/LvH79f/1/euu3/n/M/afCTGqS/wEAAKAO/p+9+8zV66riOPziYHCEmEOmwAgYAmNAYgz0ktBDh9B7C72ZDqH33nvvPRB6lUC5XmsFO77nXNv39d1nr+f5kAU3SNlRzIe/nJ9O7v77xy32PwAAAEwjd/8D4hb7HwAAAKaRu/+BcUuT/a//1//r//X/+n/9/z7p//X/S/T/+v8tv1//r/9n3Wj9f+7+B8UtTfY/AAAAdJC7/8Fxi/0PAAAA08jd/5C4xf4HAACAaeTuf2jc0mT/6//1//p//b/+X/+/T/p//f8S/b/+f8vv1//r/1k3Wv+fu/9hcUuT/Q8AAAAd5O5/eNxi/wMAAMA0cvc/Im6x/wEAAGAaufuvj1ua7H/9v/5f/7/B/v+u+n/9/3bo//X/S/T/+v8tv1//r/9n3Wj9f+7+G+KWJvsfAAAAOsjd/8i4xf4HAACAaeTuf1TcYv8DAADANHL3PzpuabL/9f/6f/3/Bvt/3//X/2+I/l//v0T/r//f8vv1//p/1o3W/+fuf0zc0mT/AwAAQAe5+x8bt9j/AAAAMI3c/Y+LW+x/AAAAmEbu/sfHLU32v/5f/6//1//r//X/+6T/1/8v0f/r/7f8fv2//p91e+//73PjwT1q/5+7/8a4pcn+BwAAgA5y9z8hbrH/AQAAYBq5+58Yt9j/AAAAMI3c/U+KW5rsf/2//v+O/v+/d9H/6//1/3f8XP9/PPT/+v8l+n/9/5bfr//X/7Nu7/3/Su9/4X/P3f/kuKXJ/gcAAIAOcvc/JW6x/wEAAGAaufufGrfY/wAAADCN3P1Pi1ua7H/9v/7f9//1//p//f8+6f+H7f8v/L/e+fT/R6L/1/8f1v/f+wjv1//TwWj9f+7+p8ctTfY/AAAAdJC7/xlxi/0PAAAA08jdf1PcYv8DAADANHL3PzNuabL/9f/6f/2//v/8/v9Uy/7/9p/p//dD/z9s/79M/38k+n/9v+//6/9ZNlr/n7v/WXFLk/0PAAAAHeTuf3bcYv8DAADANHL3Pydusf8BAABgGrn7nxu3NNn/+n/9v/5f/39F3/+/Zo7+3/f/90f/r/9fov/X/2/5/fp//T/rRuv/c/c/L25psv8BAABgeqd2tfufH7fY/wAAADCN3P0viFvsfwAAAJhG7v4Xxi1N9r/+X/+v/9f/X1H/P8n3//X/+6P/1/8vOWr/v9P/19+L/n+c9+v/9f+sG63/z93/orilyf4HAACADnL3vzhusf8BAABgGrn7XxK32P8AAAAwjdz9L41bmux//b/+X/+v/9f/6//3Sf+v/1/i+//6/y2/X/+v/2fdaP1/7v6XxS1N9j8AAAB0kLv/5XGL/Q8AAADTyN3/irjF/gcAAIBp5O5/Zdxy4f4/dTVfdfXo//X/+n/9v/5f/79P+n/9/xL9/8X7/zOH/PX0/2O9X/+v/2fdaP1/7v6b4xa//w8AAADTyN3/qrjF/gcAAIBp5O5/ddxi/wMAAMA0cve/Jm5psv8P6/9vu8e5P6//Pxr9/8Xfr//X/+v/9f/6f/3/Ev2/7/9v+f36f/0/60br/3P3vzZuabL/AQAAoIPc/a+LW+x/AAAAmEbu/tfHLfY/AAAATCN3/xvilib7//i//3+d/l//r/+Pq//X/+v/9f/6/2X6f/3/lt+v/9f/s260/j93/xvjlib7HwAAADrI3f+muMX+BwAAgGnk7n9z3GL/AwAAwDRy978lbmmy/4+///f9f/3/Jfb/p/T/Sf8f/1z1//r/S6D/1//v9P+X7aT7+a2/X/+v/2fdaP1/7v6zB1Ov3/4HAACADs4e/PHM7q1xi/0PAAAA08jd/7a4xf4HAACAaeTuf3vc0mT/6//1/yfe//v+f9H/xz9X/b/+/xLo//X/O/3/ZTvpfn7r79f/6/9ZN1r/n7v/HXFLk/0PAAAAHeTuf2fcYv8DAADANGL3n/uX3+1/AAAAmNK7Dv54ZvfuuKXJ/m/c/193pf3/tf/3n/X/F3+//v9Y+v+zF/7a0//r/7dE/6//X6L/1/9v+f3j9P/xg+v1/4xntP4/d/974pYm+x8AAAA6yN3/3rjF/gcAAIBp5O6/JW6x/wEAAGAaufvfF7c02f+N+/9Jvv9/31vjBfr/eft/3/+Pq//X/1+M/l//v9P/X7aT7ue3/v5x+n/f/2dco/X/ufvfH7c02f8AAADQQe7+D8Qt9j8AAABMI3f/B+MW+x8AAACmkbv/Q3FLk/2v/996/+/7//p//b/+f2z6f/3/Ev2//n/L79f/6/9ZN1r/n7v/w3FLk/0PAAAAHeTu/0jcYv8DAADANHL3fzRusf8BAABgGrn7Pxa3NNn/+n/9/776/9v/Ivr/Jv3/Dfr/nf7/UPp//f8S/b/+f8vv1//r/1k3Wv+fu//jcUuT/Q8AAAAd5O7/RNxi/wMAAMA0cvd/Mm6x/wEAAGAaufs/FTfc654n96TjdfqQn0dvrv/X//v+v/7f9//1//uk/9f/L9H/6/+3/H79v/6fdaP1/7n7Px23+P1/AAAAmEbu/s/ELfY/AAAATCN3/2fjFvsfAAAAppG7/3NxS5P9r//X/+v/N9v/X6v/P//9+v8x6f/1/0v0//r/Lb9f/6//Z91o/X/u/s/HLU32PwAAAHSQu/8LcYv9DwAAANPI3f/FuMX+BwAAgGnk7v9S3NJk/+v/9f/6/832/77/f8H79f9j0v/r/5fo//X/W36//l//z7rR+v/c/V+OW5rsfwAAAOggd/9X4hb7HwAAAKaRu/+rcYv9DwAAANPI3f+1uKXJ/tf/6//1//p//b/+f5/0//r/Jfp//f+W36//1/+zbrT+P3f/1+OWJvsfAAAAOsjd/424xf4HAACAaeTu/2bcYv8DAADANHL3fytuabL/Z+7/l/5n+v9z9P/6/53+X/+/Z/p//f8S/b/+f8vv1//r/1k3Wv+fu//bcUuT/Q8AAAAd5O7/Ttxi/wMAAMA0cvd/N26x/wEAAGAaufu/F7c02f8z9/9L9P/n6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7PuhPr/07tD+v/c/d+PW5rsfwAAAOggd/8P4hb7HwAAAKaRu/+HcYv9DwAAANPI3f+juGWe/X+/Wxb+pP7/2Pv/g19E+n/9/07/r//X/x/Q/+v/l+j/9f9bfr/+X//PutG+/5+7/8dxyzz7HwAAANrL3f+TuMX+BwAAgGnk7v9p3GL/AwAAwDRy9/8sbmmy//X/vv+v/2/V/1+z0//r/68y/b/+f4n+X/+/5ffr//X/rBut/8/d//O4pcn+BwAAgA5y9/8ibrH/AQAAYBq5+38Zt9j/AAAAMI3c/b+KW5rsf/2//l//36r/9/1//f9Vp//X/y/R/+v/t/z+7P/z153+X//PnY3W/+fu/3Xc0mT/AwAAQAe5+38Tt9j/AAAAMI3c/b+NW+x/AAAAmEbu/t/FLU32v/5f/6//1//r//X/+6T/1/8v0f/r/7f8ft//1/+zbrT+P3f/rXFLk/0PAAAAHeTu/33cYv8DAADANHL3/yFusf8BAABgGrn7b4tbmux//b/+f8r+/+76f/2//n8U+n/9/xL9v/5/y+/X/+v/WTda/5+7/49xS5P9DwAAAB3k7v9T3GL/AwAAwDRy9/85brH/AQAAYBq5+/8StzTZ//p//f+l9/+n6+972P7f9//1//r/Yczb/99N/6//v+L+/6abz/1Y/7/N9+v/9f+sG63/z93/17ilyf4HAACADnL3/y1usf8BAABgGrn7/x632P8AAAAwjdz9/4hbmux//b/+f8rv/+v/9f/6/2HM2//7/r/+3/f/9f/6f/0/a0br/3P3/zNuabL/AQAAoIPc/f+KW+x/AAAAmEbu/n/HLfY/AAAATCN3/3/ilib7X/+v/9f/6//1//r/fdL/6/+X6P/1/1t+v/5f/8+60fr/3P3/CwAA//8gszKL")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0x8, &(0x7f0000000bc0)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030303030372c747970653dc59f86bc2c756d61736b3d30303030303030303030303030303030303030303030312c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c71756965742c636f6465706167653d6b6f69382d722c756d61736b3d30303030303030303030303030303030303030303230312c747970653d731472bb2c696f636861727365743d69736f383835392d31342c756d61736b3d30303030303030303030303030303030303030303030362c66696c655f756d61736b3d3030303030303030303030303030303030303030303037fb636f6465706167653d6d616363656e746575726f2c6469725f756d61736b3d3031373737283737373737373737d25af6be9a373737373737373732", @ANYRESHEX=0x0, @ANYBLOB=',dir_umask=00000000000000000000000,\x00'], 0x3, 0x331, &(0x7f0000000880)="$eJzs3U9P1EwcB/DvtLuw+0B4KmBIPBmUxBMBPGi8SAzx4hvwYIgIS0KomCgmSmJEz8Z4MzHx6M2z0begF+Mb0BMH40kvxIM1M5220zrTXRbYQvb7SVxLO39+0+m0MxAoiKhvXVn4+ub8jvwn6gB8AJcAD0ADqAE4iYnG/Y3NtgX56ZZAnFP8k2Z5o2XL2oDOoQXyqxqGzX10OKIoir65Dg4kGz97Fg9VQ5gj2OABg3p0quONnkd2OLbjdvUXo4fFLnbxACNVhkNERNXTz39PPyWG9fzd84ApPQ8/7s//3Pxmt7o4joT0+e/FX0dCnp//1SG53lvbDFsr8RJO9r6XrBJtZVmviSg73WoZ4QH+kDHlMmqxU7F4zdW1sDW9rQp4isuakWxcfa4gaYjiilYvaCYta9MSZW0vN6TaUJdtmHPEP1ZWo3UB/OE7XtqrW/zkiMOc6oqP4rNYFAFeYSWd/9UiIU+OOj9BYajE8c+0aWUQp8q1Mgv/hKrkVNID799mrWy6zmsDvozFRpYiivP3IInzxYA7F0aR/7ZC3LpZd+tUrjGgJtSqwcw1lyb6bc01XqyruVoPW9PLd0LXRX+wrCs68VxcF5P4gXdYMOb/nkw9BffIzI1yoVLqK6O0PTWV0tGPOWoA397TyCTlqrWjyz3DLVzEyL2HW+tLYdi6W/1GMlS6zH76gOOJL0R9Oco98n8jDRpyow7gwCr9E0WR9VANveiCumrqhddZk7fWl4S+5+2vCnnnLByadycGMA9A70nuCN3U/jjNNZgV2FH2X7K31R77BZlE1YMBklSVO+RjsKOR0uyi0muP1pfCru5EdMxknY6JG1UHQ1WQ8y4Rr/+M9cqMuuvIj6Bk/RO1K9wocdaxAhpVn/91toJLi3XOE4eSjTZrrjPngLOFGj0kNT4pFhvoOHEUfyq59x9liAV8wU1+/5+IiIiIiIiIiIiIiIiIiIiIiIiI6LjZ628jdPPrBPkad/rwD28QEREREREREREREREREREREREREREREe2P8f5fwFdvjBmwvf+37E1Nii9zqLfe7P/9v34H7/8V2503kois/gYAAP//rsJe4A==")
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
ftruncate(r0, 0xc17a)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x47)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc4}})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40)
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x9}, 0xe)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r3, &(0x7f0000000400), 0xe)
listen(r3, 0x0)
listen(r2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000180), 0xfefc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, r4, 0x0)
fdatasync(r0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680))

2.320791339s ago: executing program 5 (id=913):
epoll_create1(0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x2040, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000001580), 0x80000, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000480), 0x202, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x149000, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x28002, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00')
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x101040, 0x0)

2.167435158s ago: executing program 3 (id=914):
r0 = syz_open_dev$video(&(0x7f0000000000), 0x2, 0x0)
r1 = syz_io_uring_setup(0x239, &(0x7f00000000c0)={0x0, 0x2, 0x80, 0x80000000, 0x185}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x79540, 0x0)
fsopen(0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick=0x2f, {}, {}, @raw32}, {0x0, 0x2, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x38)
syz_mount_image$minix(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1200808, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES16, @ANYRES64, @ANYRESOCT, @ANYRES8, @ANYRES16], 0x1, 0x1e6, &(0x7f0000000140)="$eJzs20tu00Acx/HfJGkSQ4HyXCCkILGADUmaikqsWs7BqmrTqsIFhNkkQsJcAM7AObgMB4AFO1YY+ZGm9aM1E9y0zfez8Xh+/dvjuu6MolgAFtamHsrIqBnuPGivfLltStU1qx4YgMoFyfZPYMOxqgJwXtR/p3uSFYA/n/EAOCs/X0jfJf349WFb9eyqPsz9SV5rZfNP0v1Gkpu2nPT64qv0eFJvrmTrG/E2zq/mHv/Jo8n5l3VN13VDK7qpW8aXifKdw/p7VmsgAAAWjVH3tLwr1QvSePLOrgqmlrT7LTurTzW1u+8OB6fka4V5K8q722/cnRPOAiBPrdTzX6wePX/9gnRJivLVZL9tO0wAFfBG45Zcd/jOG4WTfNQYv9py/6nhWFWVaZjKjpzfaKZ6go+SDns2bY8c6FiPc/T33PE6sw/exJ/SKB05ZcpryoteWgxjIxuFU8BsN8X4VuXLn5V7XbM1NlTqhzs598K60TqjP/7jjXn/ZwJQtd77g7c9bzR+un+wtTfcG74e9PvP15+tra4PetHKvnfS+h7ARTad9HXk20AAAAAAAAAAAAAAAOAiuaO74Sb92i4AAACAS+i/vTPUUOHrVvO+RgAAAAAAAAAAAAAAAAAALpu/AQAA///U5AZL")
truncate(&(0x7f0000000000)='./file2\x00', 0x8800000)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r6, 0xc00464b4, &(0x7f0000000480))
write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, &(0x7f0000000080)={0x1, 0x7}, 0x2)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0xb, 0x2000, @fd_index, 0x0, 0x0, 0x0, 0x2d, 0x1, {0x3}})
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05640, &(0x7f0000000340)={0x9, @pix_mp={0x0, 0x0, 0x0, 0x0, 0xa, [{0x27}, {}, {0x100, 0x9}, {0x0, 0x320}, {0x0, 0x4}, {0x2, 0xfffffff9}, {0x0, 0x8}, {0x5b1}], 0x0, 0x5, 0x8, 0x0, 0x6}})

2.165059088s ago: executing program 2 (id=915):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="38000000100039042cbd7000eaffffff000003e4", @ANYRES32, @ANYBLOB="83000400cb15feff1700128008000100736974"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040)

2.006264477s ago: executing program 5 (id=916):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000380)='./file1\x00', 0x1c802, &(0x7f0000002740)=ANY=[], 0x3, 0x5f4f, &(0x7f0000009040)="$eJzs3V1vHFf9B/DfPnj90H/TqPqrChEXbgqlpTTPCZSnplxwAUggoVyTyHWrQFpQEhCtIuIqF4gLHl4C3PSGi76RIvEKEC+ASAlXlaAMGvucZDxeex1i76x9Ph/JmfntmfGeydfj2fXM7AkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIL7z7R+e6UXElV+kB45G/F8MIvoRi3W9HPXMpbz8MCKOxXpzPBcRg/mIev31f56JOB8RHx+JuP/g9kr98Nld9uPC6Vs3Pv3ut/7269/fPfbjN3/0Ybv9B/9/7qPf3Ik4+v3XPvr0zt5sOwAAAJSiqqqql97mH0/v7/tddwoAmIp8/K+S/LharVar97T+XX+2+qMutG6qxrvTLCJirblO/ZrB6XgAOGDW4pOuu0CH5F+0YUQ81XUngJnW67oD7Iv7D26v9FK+vebxYHmjPf+dclP+a72H93dsN52kfY3JtH6+7sYgnt2mP4tT6sMsyfn32/lf2WgfpeX2O/9p2S7/0catT8XJ+Q/a+bdsyv8PEXFg8++Pzb9UOf/h4+S/NjjA+7/8AQAAAAA4/PLf/492fP53/sk3ZVd2Ov+7PKU+AAAAAAAAAMBee9Lx/x4y/h8AAADMrPq9eu2PRx49tt1nsdWPX+5FPN1aHihMullmqet+AAAAAAAAAAAAAEBJhhvX8F7uRcxFxNNLS1VV1V9N7fpxPen6B13p2w8l6/qXPAAAbPj4SOte/l7EQkRcTp/1N7e0tFRVC4tL1VK1OJ9fz47mF6rFxvvaPK0fmx/t4gXxcFTV32yhsV7TpPfLk9rb369+rlE12EXHpqPDwAEgIjaORvcdkQ6Zqnomun6Vw8Fg/z987P/sRtc/pwAAAMD+q6qq6qWP8z6ezvn3u+4UADANC/n43z4voFar1Wq1+vDVTdV4d5pFRKw116lfMxiOHwAOmLX4pOsu0CH5F20YEce67gQw03pdd4B9cf/B7ZVeyrfXPB6k8d3ztSCb8l/rra+X1x83naR9jcm0fr7uxiCe3aY/z02pD7Mk599v539lo32Ultvv/Kdlu/zr7TzaQX+6lvMftPNvOTz598fmX6qc//Cx8h/IHwAAAAAAZlj++//Rcs//DnJ/lqfUBwAAAAAAAADYa/cf3F7J973m8/+fHbNcrznn/s9DI+ff23X+7v89THL+/Xb+rQtyBo35e288yv+fD26vfHjrH5/J05nPf24wqp97rtcfDNM1P9XcW3EtrsdqnN6y/HBT+5kt7XOb2s9OaD+3pX1Uty/m9pOxEj+N6/Hmw/b5CRdGLUxorya05/wH9v8i5fyHja86/6XU3mtNa/c+6G/Z75vTcc9z6c//fnHr3jV9d2PwcNua6u070UF/1v9PnhrFz2+u3jj5y6u3bt04E2my6dGzkSZ7LOc/l75y/i+9sNGef+8399d7H4weO/9ZcTeG2+b/QmO+3t6Xp9y3LuT8R+kr55+PQOP3/4Oc//b7/ysd9AcAAAAAAAAAAAAAAAB2UlXV+i2ilyLiYrr/p6t7MwGAqfrt99JMlYRarVar1epDWzdV473eLGJh8zoXI+JX474ZADDL/hMRf++6E3RG/gXLn/dXTz/XdWeAqbr53vs/uXr9+uqNm133BAAAAAAAAAD4X+XxP5cb4z+vXwfUGjd60/ivb8TygR3/sz8arI91njbo+dh5/O8TsfP438MJzzc3oX00oX1+QvvChPaxN3o05PyfTxnn/I+nDStp/NeXOuhP13L+J9JYzzn/L7SWa+Zf/ekg59/flP+pW+/87NTN995/9do7V99efXv13TOnL54/d+H8uQsXTr117frq6Y1/O+zx/sr557GvXQdalpx/zlz+Zcn5fz7V8i9Lzv/FVMu/LDn//HpP/mXJ+ef3PvIvS87/5VTLvyw5/y+mWv5lyfm/kmr5lyXn/6VUy78sOf9XUy3/suT8T6Za/mXJ+Z9KtfzLkvPPZ7jkX5acf76yQf5lyfmfTbX8y5LzP5dq+Zcl538+1fIvS87/QqrlX5ac/8VUy78sOf8vp1r+Zcn5fyXV8i9Lzv+1VMu/LDn/r6Za/mXJ+X8t1fIvS87/66mWf1ly/t9ItfzLkvP/ZqrlX5ac/+upln9ZHn3+v5kpz/zrLxEz0A0zpc68+9edlun6NxMAAAAAAAAAAAAA0DaNK4273kYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+C87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLe3cXIVd5nAD/7Za8NCW4ghBAnrI0BA4t311/gEINJQkpJm1IS0qYlNY69Nk78Ve86AYTKUmhLFKQitRf0omkSpVGktgJFkZpKNEJqpPauXCXiJmolLiwVKgcllVIFtjpz3vfdmdnZmfXH4jnn/H4I/70zZ2beOXNmdp+1nhkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLbhY9N/PpBlWf5/4491WXZp/vc12Z78y7mdF3uFAAAAwPl6q/HnP1yWTtizjAs1bfNvH/qP78/Pz89nX3jz9Nt/OT+fzhjLsqHVWdY4L/r3X/5ivnmb4KlsdGCw6evBHjc/1OP84R7nj/Q4f1WP81f3OH+0x/mLdsAia4rfxzSubFPjr+uKXZpdkY00ztvU4VJPDaweHIy/y2kYaFxmfuRgdjg7kk1nk4suM9D4L8te2pDf1j1ZvK3Bpttan2XZmZ89vj+uYSDs401Zy401ND92b9yVjb35s8f3f2f29fd3mj13w6KVZtnmjfk6n86yhV9XZQPZ6rRP4joHm9a5vsM6h1rWOdC4XP739nWeWeY64/0eDet8pcs614fTHrk2y7K5bMlt2j2VDWZr22417e/R4ojIryN/KN+TDZ/VcbJhGcdJfpnXrm09TtqPybj/N4R9MrzEGpofjjeeXLVov5/rcZLf6344VvPrvi+/0dHR5l+tthyr+TaPX7f0MdDxsetwDKRjuekY2NjrGBhcNdQ4BgYX1ryx5RiYWnSZwWygcVunr+t+DEzMHj0xMfPoY7ccPrrv0PSh6WNTkzu3b9uxfduOHRMHDx+Zniz+PLtdWiJrs8F0DG4MrzXxGLyhbdvmQ3L+mxfueTDaJ8+D/L5/5vp8QZcOZksc4/k2T28+/+dB+r7f9DwYbnoedHxN7fA8GF7G8yDf5szm5X3PHG76v9MaVuq1cF3TMXAxvx/mt/ngjUu/Fq4P63rmprP9fji06BiId2sgPPfyU9LPe6O3hf2y+Li4Oj/jklXZqZnpk1se2Tc7e3IqC+MdcXnTY9V+vKxtuk/ZouNl8KyPlz1//6vrr+5w+rqwr0Zv7v5Y5dtsH+/+WDVe3Vv356qs2J8tp27NwrjA3un92em7Wb4/U5bosj/zbZ6+5fx/Fky5pOn1b6TX69/QyHDx+jeU9sZIy+vf4odmqLGyLDtzy/Je/0bC/+/0698VffL6l++rB7d0PwbybZ6ZONtjYLjr69+1YQ6E9dwYEsNoU+5/u3H+XHGYNj2WPY+b4eGRcNwMx1tsPW62LbpMfm35bW+ePLfjZvO1rY9Vy88tFTxu8n31V5Pdj5t8m5enzv+1Y038a9Nrx6pex8DI0Kp8vSPpIChe7+bXxGNgS7Y/O54dyQ6ky+SPcn5b41uXdwysCv+/068dV/XJMZDvq+e3dj8G8m1+tO3C/uy0OZyStmn62an99wtLZf6rhxeur323XejMn6/z4z/+VDqtU4bIt3l9+9nmjO776eZwyiUd9lP782epY/pA9s7sp6vCOo/s6P67qXybK3Yu83jak2XZq1OvNn7fFX6/+71TP/5+y+99O/1O+dWpV++duP8nZ7N+AADO3duNP+dWFT9rNv2L9XL+/R8AAAAohZj7B8NM5H8AAACojJj7h8JM5H8AAACojJj7h8NMapL/H75t1wtvPZGldwOcD+L5cTfcd0exXex4z4Wvx+YX5Kd/9NsjL3z1ieXd9mCWZb+69wMdt3/4jriuwom4zg+3nr7IVdcs6/YfemBhu+b3Tzizq7j+eH+WexjErvJLE1sb1zv26FRjvnxv1pj3zz3zVHH9xddx+9Pbiu3/JrxpyZ6DAy2X3xzWsynMsfCeMvftWdgP+YyXe2H9h/718s8u3F683MDGdzfu5vN/XFxvfI+o5y4vto/3e6n1/8vXvvtCvv0j13Ve/xODndd/Olzva2H+cnexffM+/2rT+v80rD/eXrzclm/9sOP6X3xfsf2L4bj4Rpjt67/rLz74VqfHK97OntuLy8Xbn/zf7Y3LxeuL19++/tEnplr2R/v1v/xmcT27v/zzoebt4+nxdqKHbm89vgfC49vSI8+y7Lt/lrXs5+wjxeX+uW398fpO3N55/Te3rfPEwDWNyy/cn3Ut9+vrf7e14/2N69nzj+ta7s9zd4f99+bEj/LrPX1/OB7D+f/3SnF97e9l+uLdra83cftvrCuet/H6JtrW/1zb+ueuyfdd7/Xf82ax/hfvXN2y/j2fCMfTPcXstf5Df3tZy+W/+Z3i8Tj5lfFjx2dOHT7QtFebn8erR9esveTSd737svBa2v713uOzD0+fHJscm8yysRK+ZeBKr/9bYf5PMeYu/C0UfvLz4rh79pPF960bflF8/Vw4/aHweMbvj1//65GW47X9cZ+7s5jnu/6bwjqW631f+69rlrXh6c+/dOqf/uT19p8L4v058d7Rxv17fsOVjfMGXi7Ob3+96uU/39v6vP7p8GRj/iDs1/nwzswbryxur/3643uTPPvp4vkbf5KLl8/a3k9k3VDr/Tjf9f80/Bzzw6taX//i8fGDJ9rezXldNpAvYS68PmRzxflxq7i/nz1zZcfbi+/Dk829/2yWuaSZR2cmjhw+duqRidnpmdmJmUcf23v0+Kljs3sb712694u9Lr/w/F7beH4fmN65PWs8248XY4Vd7PWfeGD/gVsnrz8wfXDfqYOzD5yYPnlo/8zM/ukDM9fvO3hw+iu9Ln/4wO6prbu23bp1/NDhA7tv27Vr267xw8eO58soFtXDzskvjR87ubdxkZnd23dN7dixfXL86PED07tvnZwcP9Xr8o3vTeP5pb88fnL6yL7Zw0enx2cOPza9e2rXzp1be77749ETB2fGJk6eOjZxamb65ERxX8ZmGyfn3/t6XZ56mDkeXu/aDISfzj938870/ri5bz+55FUVm7T+eJq9Ed4LKn5/6/V1zP0jYSY1yf8AAABQBzH3hzf+XzhD/gcAAIDKiLl/dZiJ/A8AAACVEXN/kfxH08e/1yX/X6j+/5P6/w36//r/mf5/ov+v/5/p/+v/96D/r/9f5vXr/+v/01u/9f9D7s/WZJl//wcAAICKirl/bZiJ/A8AAACVEXP/JWEm8j8AAABURsz9l4aZ1CT/+/x//X/9/279/7it/n+m/98P/f9N/63/v4j+v/5/pv9/zi52f77s6+/D/v8a/X/6Tb/1/2Puf1eYSU3yPwAAANRBzP3vDjOR/wEAAKAyYu6/LMxE/gcAAIDKiLl/XZhJTfK//r/+v/6/z//X/y9N/9/n/3eg/6//n+n/n7OL3Z8v+/r7sP/v8//pO/3W/4+5/9fCTGqS/wEAAKAOYu5/T5iJ/A8AAACVEXP/5WEm8j8AAABURsz9V4SZ1CT/17P//1qWZfr/mf6//n/bOvX/9f9Xgv6//n83+v/6/2Vev/6//j+99Vv/P+b+94aZ1CT/AwAAQB3E3H9lmIn8DwAAAJURc//7wkzkfwAAAKiMmPuvCjOpSf6vZ//f5//r/xf0/1vXqf+v/78S9P/1/7vR/9f/L/P69f/1/+mt3/r/Mfe/P8ykJvkfAAAA6iDm/qvDTOR/AAAAqIyY+z8QZiL/AwAAQGXE3L8+zKQm+V//X/9f/1//X/9f/38llav/P7jkOfr/Bf3/Vheu/z+3sAD9/9KsX/9f/5/e+q3/H3P/B8NMapL/AQAAoA5i7v9QmIn8DwAAAJURc/81YSbyPwAAAFRGzP1jYSY1yf/6//r/+v/6//r/+v8rqVz9/6Xp/xf0/1v5/H/9f/1//X+667f+f8z9G8JMapL/AQAAoA5i7t8YZiL/AwAAQGXE3H9tmIn8DwAAAJURc/+mMJOa5H/9f/1//X/9f/1//f+VpP+v/9+N/r/+f5nXr/+v/09v/db/j7n/ujCTmuR/AAAAqIOY+68PM5H/AQAAoDJi7r8hzET+BwAAgMqIuX9zmElN8r/+v/6//n+J+/9D+v+Z/n/f0//X/+9G/1//v8zr1//X/6e3fuv/x9x/Y5hJTfI/AAAA1EHM/TeFmcj/AAAAUBkx998cZiL/AwAAQGXE3D8eZlKT/K//r/+v/1/i/r/P/29Zv/5/f9L/L0v/f6T1S/3/ZdH/1//X/9f/p7t+6//H3H9LmElN8j8AAADUQcz9W8JM5H8AAACojJj7J8JM5H8AAACojJj7J8NMapL/9f/1//X/9f/1//X/V5L+f1n6/230/5dF/1//X/9f/5/u+q3/H3P/VJhJTfI/AAAA1EHM/VvDTOR/AAAAqIyY+7eFmcj/AAAAUBkx928PM6lJ/i9J/39LKkDp/+v/6//r/+v/l4r+v/5/N/r/+v9lXr/+v/4/rQY7nNZv/f+Y+3eEmdQk/wMAAEAdxNy/M8xE/gcAAIDKiLn/1jAT+R8AAAAqI+b+28JMapL/S9L/9/n/+v/6/030//X/y0T/X/+/G/1//f8yr1//X/+f3vqt/x9z/64wk5rkfwAAAKiDmPs/HGYi/wMAAEBlxNx/e5iJ/A8AAACl0ulzCKOY+z8SZlKT/K//X/X+//xq/X/9f/3/7uvX/19Z+v/6/93o/+v/l3n9+v/6//TWb/3/mPt3h5nUJP8DAABAHcTcf0eYifwPAAAAlRFz/51hJvI/AAAAVEbM/XvCTGqS//X/q97/9/n/+v/6/73Wr/+/svT/9f+70f8vZ/8//Nii/99H/f/8GNL/px/1W/8/5v67wkxqkv8BAACgDmLu/2iYifwPAAAAlRFz/8fCTOR/AAAAqIyY+z8eZlKT/K//r/+v/6//r/+v/7+S9P9XrP/feCnU/y/o/5+bi92fL/v6+6n/7/P/6Vf91v+Puf/uMJOa5H8AAACog5j7PxFmIv8DAABAZcTc/+thJvI/AAAAVEbM/feEmdQk/+v/6//r/+v/6//r/68k/X+f/9+N/r/+f5nXr/+v/09v/db/j7n/N8JMapL/AQAAoA5i7r83zET+BwAAgMqIuf+TYSbyPwAAAJTMqiXPibn/N8NMapL/y9f/Hytl/38wXb/+v/6//r/+v/7/haT/r/+f6f+fs4vdny/7+vX/9f/prd/6/zH3/1aYSU3yPwAAANRBzP2fCjOR/wEAAKAyYu7/7TAT+R8AAAAqI+b++8JMapL/L3T/v/3y3fj8f/3/TP9f/1//X///POn/6/9n+v/n7GL350u8/vijiP6//j899Fv/P+b+3wkzqUn+BwAAgDqIuf/+MBP5HwAAAPrUw2d9iZj7Px1mIv8DAABAZcTc/5kwk5rk//J9/r/+v/6//r/+v/5/mej/6/93o/+v/1/m9fv8f/1/euu3/n/M/Q+EmdQk/wMAAEAdxNz/2TAT+R8AAAAqI+b+3w0zkf8BAACgMmLu/70wk5rkf/1//X/9f/1//X/9/5Wk/7+4/5+/hun/F/T/9f/LvH79f/1/euu3/n/M/Z8LM6lJ/gcAAIA6iLn/98NM5H8AAACojJj7/yDMRP4HAACAyoi5/8Ewk5rkf/1//X/9f/1//X/9/5Wk/+/z/7vR/9f/L/P69f/1/+mt3/r/Mfd/PsykJvkfAAAA6iDm/j8MM5H/AQAAoDJi7t8bZiL/AwAAQGXE3P9QmElN8r/+v/6//r/+v/6//v9K0v/X/+9G/1//v8zr1//X/6e3fuv/x9y/L8xkT+vNAAAAAOUVc/8Xwkxq8u//AAAAUAcx9+8PM5H/AQAAoDJi7j8QZlKT/K//r/+v/6//r/+v/7+S9P/1/7vR/9f/L/P69f/1/+mt3/r/MfdPh5nUJP8DAABAHcTcfzDMRP4HAACAyoi5/1CYifwPAAAAlRFz/8NhJjXJ//r/+v/6/7Xt/7/yvbZ16v/r/68E/X/9/270//X/y7x+/X/9f3rrt/5/zP2Hw0xqkv8BAACgDmLu/2KYifwPAAAAlRFz/5fCTOR/AAAAqIyY+4+EmdQk/+v/6//r/9e2/7+8z/9fs3C7+v/6/+dC/1//vxv9f/3/Mq9f/1//n976rf8fc//RMJOa5H8AAACog5j7j4WZyP8AAABQGTH3Hw8zkf8BAACgMmLuPxFmUpP8r/9/dv3/gSW6gfr/ndev/1+B/n8T/X/9/3Oh/6//343+v/5/mdev/6//T2/91v+Puf+Pwkxqkv8BAACgDmLuPxlmIv8DAABAZcTcPxNmIv8DAABAZcTcPxtmUpP8r//v8//1//X/9f/1/1eS/r/+fzf6//r/ZV6//r/+P731W/8/5v5TYSY1yf8A8P/s3XeuXlfVx/HndV6Do4g5RMyAETAExoCEGAK9JPTQIfTeQm+hQ+i99x56b4HQqwTK9Vor2Nx7zrV9H3ufvT6fP7LCDSg7SpD4yXx1AAA6yN1/v7jF/gcAAIBp5O6/f9xi/wMAAMA0cvc/IG5psv/1//p//b/+X/+v/98n/b/+f4n+X/+/5ffr//X/rBut/8/d/8C4pcn+BwAAgA5y9z8obrH/AQAAYBq5+x8ct9j/AAAAMI3c/Q+JW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/fp//T/rRuv/c/c/NG5psv8BAACgg9z9D4tb7H8AAACYRu7+h8ct9j8AAABMI3f/dXFLk/2v/9f/6/832P//v/5f/78d+n/9/xL9v/5/y+/X/+v/WTda/5+7//q4pcn+BwAAgA5y9z8ibrH/AQAAYHPuft/Df567/5Fxi/0PAAAA08jd/6i4pcn+1//r//X/G+z/ff9f/78h+n/9/xL9v/5/y+/X/+v/WTda/5+7/9FxS5P9DwAAAB3k7n9M3GL/AwAAwDRy9z82brH/AQAAYOtO5+/k7n9c3NJk/+v/9f/6f/2//l//v0/6f/3/Ev2//n/L79f/6/9Zt/f+/143HNzj9v+5+2+IW5rsfwAAAOggd//j4xb7HwAAAKaRu/8JcYv9DwAAANPI3f/EuKXJ/tf/6//v7P///X/6f/2//v/On+v/T4b+X/+/RP+v/9/y+/X/+n/W7b3/X+n9z//XufufFLc02f8AAADQQe7+J8ct9j8AAABMI3f/U+IW+x8AAACmkbv/qXFLk/2v/9f/+/6//l//r//fJ/3/sP3/+f/VO5f+/1j0//r/o/r/ex7j/fp/Ohit/8/d/7S4pcn+BwAAgA5y9z89brH/AQAAYBq5+2+MW+x/AAAAmEbu/mfELU32v/5f/6//1/+f2/+fatn/3/Ez/f9+6P+H7f+X6f+PRf+v//f9f/0/y0br/3P3PzNuabL/AQAAoIPc/c+KW+x/AAAAmEbu/mfHLfY/AAAATCN3/3Pilib7X/+v/9f/6/8v6fv/V83R//v+//7o//X/S/T/+v8tv1//r/9n3Wj9f+7+58YtTfY/AAAATO/Urnb/8+IW+x8AAACmkbv/+XGL/Q8AAADTyN3/grilyf7X/+v/9f/6/0vq/yf5/r/+f3/0//r/Jcft/3f6//pr0f+P8379v/6fdaP1/7n7Xxi3NNn/AAAA0EHu/hfFLfY/AAAATCN3/4vjFvsfAAAAppG7/yVxS5P9r//X/+v/9f/6f/3/Pun/9f9LfP9f/7/l9+v/9f+sG63/z93/0rilyf4HAACADnL3vyxusf8BAABgGrn7Xx632P8AAAAwjdz9r4hbzt//py7nqy4f/b/+X/+v/9f/6//3Sf+v/1+i/z+8/z9zxJ9P/z/W+/X/+n/Wjdb/5+6/KW7x6/8AAAAwjdz9r4xb7H8AAACYRu7+V8Ut9j8AAABMI3f/q+OWJvv/qP7/9mvO/nH9//Ho/w9/v/5f/6//1//r//X/S/T/vv+/5ffr//X/rBut/8/d/5q4pcn+BwAAgA5y9782brH/AQAAYBq5+18Xt9j/AAAAMI3c/a+PW5rs/5P//v+1+n/9v/4/rv5f/6//1//r/5fp//X/W36//l//z7rR+v/c/W+IW5rsfwAAAOggd/8b4xb7HwAAAKaRu/9NcYv9DwAAANPI3f/muKXJ/j/5/t/3//X/F9j/n9L/J/1//H3V/+v/L4D+X/+/0/9ftCvdz2/9/fp//T/rRuv/c/fffDD1+u1/AAAA6ODmg9+e2b0lbrH/AQAAYBq5+98at9j/AAAAMI3c/W+LW5rsf/2//v+K9/++/1/0//H3Vf+v/78A+n/9/07/f9GudD+/9ffr//X/rBut/8/d//a4pcn+BwAAgA5y978jbrH/AQAAYBqx+8/+n9/tfwAAAJjSOw9+e2b3rrilyf5v3P9fe6n9/9X/9fv6/8Pfr/8/kf7/5vP/2dP/6/+3RP+v/1+i/9f/b/n94/T/8YPr9P+MZ7T+P3f/u+OWJvsfAAAAOsjd/564xf4HAACAaeTuvyVusf8BAABgGrn73xu3NNn/jfv/Sb7/f+/b4gX6/3n7f9//j6v/1/8fRv8/Qf9/x//80v/Xn1//v533j9P/+/4/4xqt/8/d/764pcn+BwAAgA5y978/brH/AQAAYBq5+z8Qt9j/AAAAMI3c/R+MW5rsf/3/1vt/3//X/+v/9f9j0//r/5f4/r/+f8vv1//r/1k3Wv+fu/9DcUuT/Q8AAAAd5O7/cNxi/wMAAMA0cvd/JG6x/wEAAGAaufs/Grc02f/6f/3/vvr/O/4k+v8m/f/1+v+d/v9I+n/9/xL9v/5/y+/X/+v/WTda/5+7/2NxS5P9DwAAAB3k7v943GL/AwAAwDRy938ibrH/AQAAYBq5+z8ZN9zjblfuSSfr9BE/j95c/6//9/1//b/v/+v/90n/r/9fov/X/2/5/fp//T/rRuv/c/d/Km7x6/8AAAAwjdz9n45b7H8AAACYRu7+z8Qt9j8AAABMI3f/Z+OWJvtf/6//1/9vtv+/Wv9/7vv1/2PS/+v/l+j/9f9bfv+x+/9bD//P6//pYLT+P3f/5+KWJvsfAAAAOsjd//m4xf4HAACAaeTu/0LcYv8DAADANHL3fzFuabL/9f/6f/3/Zvt/3/8/7/36/zHp//X/S/T/+v8tv9/3//X/rBut/8/d/6W4pcn+BwAAgA5y9385brH/AQAAYBq5+78St9j/AAAAMI3c/V+NW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/fp//T/rRuv/c/d/LW5psv8BAACgg9z9X49b7H8AAACYRu7+b8Qt9j8AAABMI3f/N+OWJvt/5v5/6d+m/z9L/6//3+n/9f97pv/X/y/R/+v/t/x+/b/+n3Wj9f+5+78VtzTZ/wAAANBB7v5vxy32PwAAAEwjd/+tcYv9DwAAANPI3f+duKXJ/p+5/1+i/z9L/6//3+n/9f97pv/X/y/R/+v/t/x+/b/+n3VXqP8/vTui/8/d/924pcn+BwAAgA5y938vbrH/AQAAYBq5+78ft9j/AAAAMI3c/T+IW+bZ//e5ZeEP6v9PvP8/+IdI/6//3+n/9f/6/wP6f/3/Ev2//n/L79f/6/9ZN9r3/3P3/zBumWf/AwAAQHu5+38Ut9j/AAAAMI3c/T+OW+x/AAAAmEbu/p/ELU32v/7f9//1/636/6t2+n/9/2Wm/9f/L9H/6/+3/H79v/6fdaP1/7n7fxq35PC75mL+KgEAAICR5O7/WdzS5Nf/AQAAoIPc/T+PW+x/AAAAmEbu/l/ELU32v/5f/6//b9X/+/6//v+y0//r/5fo//X/W35/9v/5z53+X//P/xqt/8/d/8u4pcn+BwAAgA5y9/8qbrH/AQAAYBq5+38dt9j/AAAAMI3c/b+JW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/b7/r/9n3Wj9f+7+2+KWJvsfAAAAOsjd/9u4xf4HAACAaeTu/13cYv8DAADANHL33x63NNn/+n/9/5T9/131//p//f8o9P/6/yX6f/3/lt+v/9f/s260/j93/+/jlib7HwAAADrI3f+HuMX+BwAAgGnk7v9j3GL/AwAAwDRy9/8pbmmy//X/+v8L7/9P11/3sP2/7//r//X/w5i3/7+L/v+w/v/Mhb2/e/9/401nf6z/3+b79f/6f9aN1v/n7v9z3NJk/wMAAEAHufv/ErfY/wAAADCN3P1/jVvsfwAAAJhG7v6/xS1N9r/+X/8/5ff/9f/6f/3/MObt/33/3/f/ff9f/6//1/+zZrT+P3f/3+OWJvsfAAAAOsjd/4+4xf4HAACAaeTu/2fcYv8DAADANHL3/ytuabL/9f/6f/2//l//r//fJ/2//n+J/l//v+X36//1/6wbrf/P3f+fAAAA///vXi84")
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
open(0x0, 0x66842, 0x0)

1.910222417s ago: executing program 2 (id=917):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000540)={[0x8aba, 0xca26, 0x4, 0xd646, 0x7, 0xf, 0x6, 0x1ff, 0x7ff, 0x8, 0x8000000000000001, 0x2, 0xffff, 0x101, 0x5, 0x1], 0x8000000, 0x141200})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
getpid()
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.770587896s ago: executing program 3 (id=918):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000000)=0x3)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

1.606308606s ago: executing program 4 (id=919):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x14000, &(0x7f0000000340)=ANY=[], 0x1, 0xee2, &(0x7f0000001e80)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPhjekBUQhQJcao4UHGhVEqRigSqVKGe2p5a9dYT6oVKVSoF9dBGSlzFeW+9O97XXY/tWXv395M+v33zZuf7xruYmcns2wCMrMbaz+PHF4oQ3v3snUdffqr45Nqyu1prHFr7WcReM4Qw0dYvStv7Ii64cumlU93aIhxd+5n64bGLrefOhBBWwqHweWiGj5aWv/rwvUcOf/z69C1vnX/mlR3a/ZbyfgAAwDC68Kflv933jz8+MH/5wsGTYaq1PB2fN2N/Jh73H4kHyul4uRE6+0VbtJssrTcWo1Fab6y03ngpz3gm30RpOxOZ9SZ75BtrW9ZtPwEAAGAvSue1zVA0Fjv6jcbi4vXz/mu+mJssFp87u3zm3IAKBQAAACr796trN90KIYQQQgghhBBiiGN1btBXIAAAAIBRU54vbIOV7Z2pq7W1Zn/5Lz7c6P582AZ1v//l31v5P3jNXxwAAKob1qPJtF/pODrNY1CeR3Cs9LzNHv83StsZ32SduXkF98p8g7k6y7/X3SpX/2Zfx0HJ1V+eD3O3ytVfnqdzt8rVP1VzHVXl6p+uuY6qcvXvq7mOqnL176+5jqpy9c/UXEdVufpna66jqlz9N9RcR1W5+g/UXEdVufr3ym21ufqbNddRVa7++ZrrqCpX/40111FVrv6baq6jqlz9N9dcx6DcGdv0eziYWW+myzndXjnHAwAAgFH3X/P/CSGEEEIIIYQQQx+vDvoCBAAAADBw6XMB6VPvq1EaH+sxPt4+Pr2+Qhqf6PH8yR7jUz3GAQAAgBB++8aZ294u1ue72+p8eGneqH3hk6uhwjxG5fkIN5t/q/OebTX/Xpm3DAAAgNFSfO/zq/c/+v4L85cvHDzZdvZ7NZ7vpnlAx+O1gU9jP90XMFvqF+kc+mRnnkZmvfL1gRty23t8izsKAAAAIyydvzdD0VhsO+9uhkZjcXH9fHwhTBRnzi6fPhL76ftZ/jA3MXVt+UM11w0AAAD0b/18v/v5f/oe34UwWSw+d3b5zLnr/dnW8olG+3WBufXlRft1gWZp+dHM8mOxn76/8wdz+9aWL5764fJT273zAAAAMCLOvXj+mSeXl0//yAMPPPCg9WDQf5kAAIDt9uWX70z8+Njs765//n99/rv0+f9Dsd+Mc/v9Oa6Q7hNInwPY8Hn9JzrzzOXWe75zvWZpvbEYU6W6p9u2E9bmG+x83nwuX7NzO5OZfDOlfLOlfOV5CsZL6xdd5hIMXeYnTOvNlZaX52EcL+UoSvnv7pILAAAAkqUXnn1+6dyL5x88++yTT59++vRzx46e+O6JE0ce+s5DS2v39S+1390PAAAA7EXrN/0OuhIAAAAAAAAAAAAAAAAAAAAYXXV8ndig9xEAAABG3b9eDSGsCJGJ9AWDg65D7OZYnRp8DcMdwX+HQgghhBBi67G6Wv6meQAAAICddeXSS6fa2w1Wim3N19pa83pzNeZN7eyDf52/Fmm1iw93Xi/Zv63VMOrqfv/Lv1vzT3Ud/+C17c0/nR70/fev0bmBkx29ff3mvXfplwvt+W8f7zN/ef8f7zdjp8Ol/PeG/vKvvl/K/0RHr9Fv/vtK+ff3mX/D/j/fb8ZO98f8C7F/+J5+83fuYnqXpv3o9w3w7dL+PxX6zV/a/2afCUseiPkBYBT1fcCyx6SjhHQ8PRP7aX/j4WYo3/2w2eP/Rmk741uuvHO76Tjo1thvHa+vdOZNNlt/+r3MxvaGinWW7ZW7SnL1b9fruNNy9U/UXEdVufona66jqlz93c/ed59c/dM111FVrv6+L0QMWK7+vXJdOVf/TM11VJWrf7bmOqrK1b/Z/48PSq7+AzXXUVWu/rma66gqV3/Fy2q1y9U/X3MdVeXqv7HmOqrK1X9TzXVUlav/5prrGJQ7Yps7H07nn3NxLPWbpf5Ul9/lsF5bAAAAgL3mn+b/E0IIIYQQYuTjP6vXDboOIcTOxerqoK9AMEg7+2lmAHYrf/9Hm9d/tHn9R5vXn/8n3cNflPrJWI/x8R7jEz3GJ0vj5ffrVI/xm0rbXU3XNaObe4x/Le5BbvxAj+ff2mN8ocf4bT3Gb+8xfkePcQAAAEbDLbF1fggAAADD6+Vfffrmb+594tL85QsHT4bJDfPOH4n9qfhv62/Efnne+2Qi/pv/T2L/F7H9fWz/Xlrf/ScAAACw89L3xPj3fwAAABhe6XtKnf8DAADA8JqPrfN/AAAAGF43xtb5PwAAAAyxYrr74tim6wJ3x7bfef0AgN3v67G9M7YHY3tXbL8R23QccE9sv1lTfQDA9vn593964u1ifb7/Y6XxK3F5ajdYuX6loGh0zuS/L7b7Y/utPuspfx9Av/mTA33m2an8c1vMDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMj8baz+PHF4oQ3v3snUd/NvnmX64tu6u1xqG1n0XsNUMIE63npdH1/q/jilcuvXSqvb0a2yIcDUUoWsvDYxdbmWZCCCvhUPg8NMNHS8tfffjeI4c/fn36lrfOP/PKDv4KOvYPAAAAhtH/AgAA//8EMCKu")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x40)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0xffffffff, 0x0, 0x40000000})
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, 0x0)

1.457976505s ago: executing program 3 (id=920):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
io_uring_setup(0x5f89, 0x0)

1.393839115s ago: executing program 2 (id=921):
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000cc0)='./bus\x00', 0x21081e, &(0x7f0000000280)={[{@init_itable_val={'init_itable', 0x3d, 0x8}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000240)={0x3920e, r0, 0x4, 0x4, 0x80, 0x7})

1.369282445s ago: executing program 3 (id=922):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, 0x0, 0x48000)
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r2, 0x8004745a, 0x2000000c)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000200), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
write$cgroup_subtree(r4, &(0x7f0000000040)={[{0x2d, 'pids'}]}, 0x6)

1.157616404s ago: executing program 1 (id=923):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000001c0)=0x299c, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x88c, 0x4)

1.033841304s ago: executing program 4 (id=924):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000001a0001000000000000000a008020", @ANYBLOB='\x00\x00\x00 '], 0x38}}, 0x0)

1.027762204s ago: executing program 5 (id=925):
unshare(0x600)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, 0x0, 0x20)

1.012443764s ago: executing program 3 (id=926):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028008000400000000"], 0x44}}, 0x0)

942.308494ms ago: executing program 2 (id=927):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRES32, @ANYBLOB], 0x48)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000100)={0xc, 0x1f, 0x6, 0x0, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r5, 0xc00464b4, &(0x7f0000000400)={r6})
readv(r3, &(0x7f0000000240)=[{&(0x7f0000000140)=""/201, 0xc9}], 0x6)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
dup(0xffffffffffffffff)

622.074812ms ago: executing program 4 (id=928):
dup2(0xffffffffffffffff, 0xffffffffffffffff)
mount(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x18e420, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioperm(0x0, 0x2, 0x7e)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket(0x2b, 0x1, 0x1)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
accept$netrom(r1, 0x0, &(0x7f00000000c0))

489.739732ms ago: executing program 5 (id=929):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = io_uring_setup(0x550e, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
ioctl$PPPOEIOCDFWD(0xffffffffffffffff, 0xb101, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x16)
r3 = openat$sequencer2(0xffffff9c, 0x0, 0x719800, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r3, 0x40085112, &(0x7f0000000040)=@l={0x92, 0x0, 0xe0, 0x16})
read(r3, 0x0, 0x0)
r4 = userfaultfd(0x1)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x2287, 0x0)
connect$bt_l2cap(r5, &(0x7f00000001c0)={0x1f, 0x40, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x100, 0x1}, 0xe)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
setreuid(0x0, 0x0)
fchown(r0, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="0100000080000000060000000300"/25], 0x50)

426.047471ms ago: executing program 5 (id=930):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000000)=0x3)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

0s ago: executing program 3 (id=931):
timer_create(0xfffffffc, 0x0, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x1c9c380}}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000300)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r1 = getpid()
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r2}, 0x10)
userfaultfd(0x80001)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r5}, 0x20)
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r4], &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000040)})
r6 = syz_pidfd_open(r1, 0x0)
setns(r6, 0x8020000)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

281] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12'.
[   70.511276][ T4281] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12'.
[   70.565264][   T26] audit: type=1326 audit(1734152268.079:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4270 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f4855b0fd19 code=0x7ffc0000
[   70.593671][   T26] audit: type=1326 audit(1734152268.079:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4270 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4855b0fd19 code=0x7ffc0000
[   70.617245][   T26] audit: type=1326 audit(1734152268.079:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4270 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4855b0fd19 code=0x7ffc0000
[   70.699421][   T26] audit: type=1326 audit(1734152268.089:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4270 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4855b0fd19 code=0x7ffc0000
[   70.879050][ T4290] loop0: detected capacity change from 0 to 512
[   70.998416][ T4288] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[   71.005250][ T4288] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   71.013529][ T4288] vhci_hcd vhci_hcd.0: Device attached
[   71.086155][ T4289] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(12)
[   71.092829][ T4289] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   71.100670][ T4289] vhci_hcd vhci_hcd.0: Device attached
[   71.173223][ T4290] =======================================================
[   71.173223][ T4290] WARNING: The mand mount option has been deprecated and
[   71.173223][ T4290]          and is ignored by this kernel. Remove the mand
[   71.173223][ T4290]          option from the mount to silence this warning.
[   71.173223][ T4290] =======================================================
[   71.240172][ T4290] EXT4-fs (loop0): Ignoring removed oldalloc option
[   71.247388][ T4290] EXT4-fs (loop0): inline encryption not supported
[   71.255144][ T4290] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   71.380479][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[   71.389941][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[   71.411533][ T4299] netlink: 20 bytes leftover after parsing attributes in process `syz.3.14'.
[   71.434509][   T26] audit: type=1326 audit(1734152268.089:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4270 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4855b0fd19 code=0x7ffc0000
[   71.467990][ T4290] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.11: bg 0: block 64: padding at end of block bitmap is not set
[   71.484283][ T4290] Quota error (device loop0): write_blk: dquota write failed
[   71.492224][ T4290] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   71.503795][ T4290] EXT4-fs error (device loop0): ext4_acquire_dquot:6197: comm syz.0.11: Failed to acquire dquot type 0
[   71.516454][ T4290] EXT4-fs (loop0): 1 truncate cleaned up
[   71.522139][ T4290] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,oldalloc,inlinecrypt,delalloc,noload,delalloc,noload,mb_optimize_scan=0x0000000000000001,lazytime,,errors=continue. Quota mode: writeback.
[   71.556386][ T2303] vhci_hcd: vhci_device speed not set
[   71.622511][   T26] audit: type=1326 audit(1734152268.089:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4270 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4855b0fd19 code=0x7ffc0000
[   71.625450][ T2303] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[   71.692707][ T4304] netlink: 192 bytes leftover after parsing attributes in process `syz.3.16'.
[   71.754133][ T4294] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   71.755576][ T4291] vhci_hcd: connection closed
[   71.760168][ T4292] vhci_hcd: connection closed
[   71.783007][ T4225] vhci_hcd: stop threads
[   71.809389][ T4225] vhci_hcd: release socket
[   71.828450][ T4225] vhci_hcd: disconnect device
[   71.938783][ T4225] vhci_hcd: stop threads
[   71.943085][ T4225] vhci_hcd: release socket
[   71.990678][ T4225] vhci_hcd: disconnect device
[   72.017581][ T4314] netlink: 4 bytes leftover after parsing attributes in process `syz.4.18'.
[   72.211150][ T4315] binder: 4305:4315 ioctl c0306201 20000680 returned -14
[   73.346327][ T4317] loop3: detected capacity change from 0 to 64
[   73.811780][ T4290] syz.0.11 (4290) used greatest stack depth: 19072 bytes left
[   73.890912][ T4319] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   73.890912][ T4319]    program syz.2.20 not setting count and/or reply_len properly
[   73.933136][ T4319] loop2: detected capacity change from 0 to 64
[   76.131153][ T4340] loop3: detected capacity change from 0 to 256
[   76.303821][ T4348] loop1: detected capacity change from 0 to 64
[   76.795707][ T4353] loop0: detected capacity change from 0 to 256
[   76.918094][ T4353] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   77.045740][ T2303] vhci_hcd: vhci_device speed not set
[   77.067657][ T4340] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7239f2d3, utbl_chksum : 0xe619d30d)
[   82.258215][ T1324] cfg80211: failed to load regulatory.db
[   84.194996][ T4394] loop1: detected capacity change from 0 to 4096
[   84.573397][ T4402] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   87.187474][ T4442] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   87.187474][ T4442]    program syz.2.57 not setting count and/or reply_len properly
[   87.220873][ T4442] loop2: detected capacity change from 0 to 64
[   88.514389][ T4450] input: syz1 as /devices/virtual/input/input6
[   89.881726][ T4459] loop2: detected capacity change from 0 to 128
[   89.981512][ T4459] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[   90.059590][ T4459] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   90.147120][ T4467] loop4: detected capacity change from 0 to 128
[   90.526455][ T4469] EXT4-fs error (device loop2): __ext4_find_entry:1696: inode #2: comm syz.2.61: checksumming directory block 0
[   90.845811][ T4471] process 'syz.4.64' launched './file1' with NULL argv: empty string added
[   90.876140][ T4471] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[   90.886666][ T4471] FAT-fs (loop4): Filesystem has been set read-only
[   91.038953][ T4471] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[   91.049833][ T4471] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[   91.923588][   T26] kauditd_printk_skb: 7 callbacks suppressed
[   91.923605][   T26] audit: type=1800 audit(2000000015.690:17): pid=4471 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.64" name="file0" dev="loop4" ino=1048591 res=0 errno=0
[   92.409498][ T4482] loop2: detected capacity change from 0 to 512
[   92.453496][ T4486] loop4: detected capacity change from 0 to 128
[   92.725423][ T4486] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[   93.916949][ T4492] loop0: detected capacity change from 0 to 8
[   94.324093][ T4482] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2766: inode #11: comm syz.2.67: corrupted xattr block 95
[   94.453396][ T4486] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   94.626986][ T4482] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2816: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   94.714808][ T4482] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.67: bg 0: block 7: invalid block bitmap
[   94.730393][ T4482] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6183: Corrupt filesystem
[   94.741155][ T4492] MTD: Attempt to mount non-MTD device "/dev/loop0"
[   94.769609][ T4489] cramfs: Error -5 while decompressing!
[   94.776204][ T4489] cramfs: ffffffff96bb72a8(26)->ffff88805875e000(4096)
[   94.777178][ T4482] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2932: inode #11: comm syz.2.67: corrupted xattr block 95
[   94.783131][ T4489] cramfs: Error -3 while decompressing!
[   94.783171][ T4489] cramfs: ffffffff96bb72c2(26)->ffff88805ed29000(4096)
[   94.783203][ T4489] cramfs: Error -3 while decompressing!
[   94.813809][ T4489] cramfs: ffffffff96bb72dc(16)->ffff8880582f9000(4096)
[   94.818024][ T4482] EXT4-fs warning (device loop2): ext4_evict_inode:302: xattr delete (err -117)
[   94.821085][ T4489] cramfs: Error -5 while decompressing!
[   94.835501][ T4489] cramfs: ffffffff96bb72a8(26)->ffff88805875e000(4096)
[   94.905953][ T4482] EXT4-fs (loop2): 1 orphan inode deleted
[   94.923331][ T4482] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   95.062995][ T4486] UDF-fs: error (device loop4): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[   96.304041][ T4516] loop3: detected capacity change from 0 to 128
[   96.693812][ T4526] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[   96.704053][ T4526] FAT-fs (loop3): Filesystem has been set read-only
[   96.711889][ T4526] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[   96.722431][ T4526] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[   96.746531][   T26] audit: type=1800 audit(2000000021.580:18): pid=4526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.80" name="file0" dev="loop3" ino=1048593 res=0 errno=0
[   97.023659][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!!
[   97.033407][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[   97.045206][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   97.054360][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   97.063586][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   97.072851][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   97.082221][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   97.091648][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   97.100763][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   97.110365][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   98.914408][ T4544] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   99.580555][ T4529] loop1: detected capacity change from 0 to 1024
[   99.618276][ T4529] EXT4-fs (loop1): Ignoring removed oldalloc option
[   99.645311][ T4320] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   99.728767][ T4529] EXT4-fs (loop1): mounted filesystem without journal. Opts: stripe=0x0000000000000003,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  100.306798][ T4320] usb 1-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  100.321239][ T4320] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.335535][ T4320] usb 1-1: Product: syz
[  100.339787][ T4320] usb 1-1: Manufacturer: syz
[  100.344418][ T4320] usb 1-1: SerialNumber: syz
[  100.383558][ T4320] usb 1-1: config 0 descriptor??
[  100.792703][ T1324] usb 1-1: USB disconnect, device number 2
[  101.619052][ T4584] syz.2.98 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  101.780299][ T4584] xt_CONNSECMARK: invalid mode: 0
[  102.119657][ T4568] loop1: detected capacity change from 0 to 32768
[  102.943541][ T4606] loop0: detected capacity change from 0 to 8
[  103.058176][ T4606] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  103.112081][ T4606] cramfs: Error -5 while decompressing!
[  103.117800][ T4606] cramfs: ffffffff96bbb2a8(26)->ffff88805b2a9000(4096)
[  103.124936][ T4606] cramfs: Error -3 while decompressing!
[  103.130616][ T4606] cramfs: ffffffff96bbb2c2(26)->ffff88805b12a000(4096)
[  103.137823][ T4606] cramfs: Error -3 while decompressing!
[  103.143463][ T4606] cramfs: ffffffff96bbb2dc(16)->ffff88805b12b000(4096)
[  103.151940][ T4606] cramfs: Error -5 while decompressing!
[  103.157686][ T4606] cramfs: ffffffff96bbb2a8(26)->ffff88805b2a9000(4096)
[  105.811304][ T4622] loop0: detected capacity change from 0 to 512
[  106.131294][ T4622] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.110: casefold flag without casefold feature
[  106.161583][ T4622] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.110: couldn't read orphan inode 15 (err -117)
[  106.232449][ T4622] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,,errors=continue. Quota mode: writeback.
[  107.054732][ T4180] Bluetooth: Wrong link type (-71)
[  107.061381][ T4180] Bluetooth: hci3: link tx timeout
[  107.066882][ T4180] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  107.232858][ T4639] loop4: detected capacity change from 0 to 128
[  107.371602][ T4644] loop0: detected capacity change from 0 to 512
[  107.668592][ T4646] loop1: detected capacity change from 0 to 256
[  107.907361][ T4648] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  107.917551][ T4648] FAT-fs (loop4): Filesystem has been set read-only
[  107.924280][ T4648] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  107.934434][ T4648] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  107.947724][   T26] audit: type=1800 audit(2000000032.810:19): pid=4648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.115" name="file0" dev="loop4" ino=1048595 res=0 errno=0
[  108.312834][ T4628] loop2: detected capacity change from 0 to 32768
[  108.536102][ T4628] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.111 (4628)
[  108.550685][ T4644] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  108.575723][ T4646] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  108.585380][ T4644] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  108.663147][ T4644] EXT4-fs (loop0): 1 truncate cleaned up
[  108.690541][ T4628] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  108.695237][ T4644] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,nombcache,quota,. Quota mode: writeback.
[  108.717567][ T4628] BTRFS info (device loop2): using free space tree
[  108.735414][ T4628] BTRFS info (device loop2): has skinny extents
[  109.759054][ T4211] Bluetooth: hci3: command 0x0406 tx timeout
[  110.003422][ T4628] BTRFS error (device loop2): open_ctree failed
[  110.031753][ T4590] syz.3.100 (4590): drop_caches: 1
[  110.074945][ T4687] syz.1.121[4687] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.075057][ T4687] syz.1.121[4687] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.697265][ T4692] loop1: detected capacity change from 0 to 4096
[  111.300778][ T4701] loop0: detected capacity change from 0 to 1024
[  111.521594][ T4704] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  113.856216][ T4715] syz.4.128 uses obsolete (PF_INET,SOCK_PACKET)
[  114.400793][ T4720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.129'.
[  114.634540][ T4321] hfsplus: b-tree write err: -5, ino 4
[  114.710913][ T4724] loop2: detected capacity change from 0 to 24
[  114.877755][ T4724] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  114.994378][ T4724] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  114.999307][ T4726] loop1: detected capacity change from 0 to 512
[  115.039079][ T4726] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  115.089796][ T4724] VFS: Lookup of 'file0' in romfs loop2 would have caused loop
[  115.110760][ T4726] EXT4-fs (loop1): 1 truncate cleaned up
[  115.135729][ T4726] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,nombcache,quota,. Quota mode: writeback.
[  116.667924][ T4746] loop0: detected capacity change from 0 to 512
[  116.781040][ T4746] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  116.904544][ T4746] EXT4-fs (loop0): 1 orphan inode deleted
[  116.921922][ T4746] EXT4-fs (loop0): 1 truncate cleaned up
[  116.927813][ T4746] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,noinit_itable,debug_want_extra_isize=0x000000000000002a,errors=remount-ro,nodelalloc,grpjquota=,. Quota mode: none.
[  117.000643][ T4750] loop2: detected capacity change from 0 to 256
[  117.050997][ T4754] netlink: 28 bytes leftover after parsing attributes in process `syz.3.140'.
[  117.068163][ T4754] netlink: 28 bytes leftover after parsing attributes in process `syz.3.140'.
[  117.084308][ T4752] loop1: detected capacity change from 0 to 256
[  117.118967][ T4754] device dummy0 entered promiscuous mode
[  117.249797][ T4754] device dummy0 left promiscuous mode
[  118.576902][ T4769] netlink: 8 bytes leftover after parsing attributes in process `syz.3.143'.
[  120.017750][ T4782] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  120.149244][ T4786] loop3: detected capacity change from 0 to 512
[  120.396031][ T4786] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  121.148681][ T4786] EXT4-fs (loop3): 1 truncate cleaned up
[  121.157623][ T4786] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,nombcache,quota,. Quota mode: writeback.
[  122.263342][ T4802] loop1: detected capacity change from 0 to 1024
[  123.880406][ T4331] hfsplus: b-tree write err: -5, ino 4
[  124.552148][ T4830] loop2: detected capacity change from 0 to 64
[  124.623342][ T4831] netlink: 8 bytes leftover after parsing attributes in process `syz.3.159'.
[  125.073059][ T4837] loop1: detected capacity change from 0 to 256
[  125.382037][ T4837] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  125.426474][ T4840] loop2: detected capacity change from 0 to 512
[  125.463717][ T4837] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  125.524925][ T4840] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  125.633617][ T4840] EXT4-fs (loop2): 1 truncate cleaned up
[  125.663558][ T4840] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,nombcache,quota,. Quota mode: writeback.
[  125.938481][ T4850] loop4: detected capacity change from 0 to 512
[  125.999663][ T4852] loop3: detected capacity change from 0 to 512
[  126.175411][ T4852] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  126.200602][ T4850] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.167: casefold flag without casefold feature
[  126.258550][ T4855] input: syz1 as /devices/virtual/input/input11
[  126.557073][ T4852] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e11c, mo2=0002]
[  126.575033][ T4852] EXT4-fs (loop3): orphan cleanup on readonly fs
[  126.585466][ T4850] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.167: couldn't read orphan inode 15 (err -117)
[  126.624542][ T4852] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.166: bg 0: block 361: padding at end of block bitmap is not set
[  126.651191][ T4850] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  126.738326][ T4852] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  126.772085][ T4852] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.166: attempt to clear invalid blocks 33619980 len 1
[  126.810432][ T4852] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.166: invalid indirect mapped block 1811939328 (level 0)
[  126.866582][ T4852] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.166: invalid indirect mapped block 2185560079 (level 1)
[  126.921525][ T4852] EXT4-fs (loop3): 1 truncate cleaned up
[  126.943319][ T4859] loop0: detected capacity change from 0 to 2048
[  126.962208][ T4852] EXT4-fs (loop3): mounted filesystem without journal. Opts: nouid32,noblock_validity,discard,norecovery,inode_readahead_blks=0x0000000000000002,errors=continue. Quota mode: none.
[  127.038118][ T4859] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  129.110114][ T4884] No such timeout policy "syz1"
[  129.116695][ T4883] netlink: 8 bytes leftover after parsing attributes in process `syz.2.177'.
[  129.149728][ T4884] loop1: detected capacity change from 0 to 256
[  129.156756][ T4211] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  129.282555][ T4884] exfat: Deprecated parameter 'utf8'
[  129.288560][ T4884] exfat: Deprecated parameter 'namecase'
[  129.294338][ T4884] exfat: Deprecated parameter 'utf8'
[  129.321875][ T4884] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  129.428430][ T4211] usb 5-1: Using ep0 maxpacket: 16
[  129.556036][ T4888] loop3: detected capacity change from 0 to 64
[  130.176014][ T4890] loop0: detected capacity change from 0 to 8
[  130.225993][ T4211] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  130.259399][ T4211] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.349251][ T4211] usb 5-1: Product: syz
[  130.374738][ T4211] usb 5-1: Manufacturer: syz
[  130.410932][ T4211] usb 5-1: SerialNumber: syz
[  130.427400][ T4895] loop2: detected capacity change from 0 to 128
[  130.433220][ T4211] r8152-cfgselector 5-1: config 0 descriptor??
[  130.482586][ T4897] loop4: detected capacity change from 0 to 256
[  130.484713][ T4211] r8152-cfgselector 5-1: can't set config #0, error -71
[  130.502630][ T4899] netlink: 20 bytes leftover after parsing attributes in process `syz.1.179'.
[  130.521437][ T4211] r8152-cfgselector 5-1: Unknown version 0x0000
[  130.531828][ T4211] r8152-cfgselector 5-1: USB disconnect, device number 2
[  130.555121][ T4901] loop0: detected capacity change from 0 to 2048
[  130.572889][ T4897] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  130.593432][ T4895] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  130.608321][ T4897] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  130.619358][ T4905] loop1: detected capacity change from 0 to 8
[  130.631215][ T4895] ext4 filesystem being mounted at /39/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  130.674010][ T4901] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  130.679157][ T4905] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  130.735307][ T4243] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  131.126749][ T4909] loop1: detected capacity change from 0 to 64
[  132.885085][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  132.892252][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  133.009509][ T4243] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  133.056141][ T4916] loop0: detected capacity change from 0 to 2048
[  133.069623][ T4243] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  133.087096][ T4920] loop2: detected capacity change from 0 to 512
[  133.111541][ T4243] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.271036][ T4920] EXT4-fs (loop2): Test dummy encryption mode enabled
[  133.302414][ T4243] usb 4-1: config 0 descriptor??
[  133.320340][ T4920] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  133.335850][ T4916] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  133.348728][ T4243] pwc: Askey VC010 type 2 USB webcam detected.
[  133.364636][ T4916] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.667914][ T4920] EXT4-fs (loop2): 1 truncate cleaned up
[  133.735086][ T4920] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,barrier,debug_want_extra_isize=0x0000000000000080,block_validity,test_dummy_encryption=v1,,errors=continue. Quota mode: writeback.
[  133.875394][ T4243] pwc: send_video_command error -71
[  133.880649][ T4243] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  133.917301][ T4243] Philips webcam: probe of 4-1:0.0 failed with error -71
[  133.950740][ T4914] fs-verity: sha512 using implementation "sha512-avx2"
[  133.963908][ T4243] usb 4-1: USB disconnect, device number 2
[  134.167672][ T4939] loop3: detected capacity change from 0 to 64
[  134.525761][ T4941] input: syz1 as /devices/virtual/input/input12
[  135.418797][ T4954] loop2: detected capacity change from 0 to 512
[  135.572472][ T4955] loop0: detected capacity change from 0 to 128
[  135.592806][ T4957] loop4: detected capacity change from 0 to 8
[  135.640549][ T4955] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  135.675713][ T4957] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  135.717306][ T4962] No such timeout policy "syz1"
[  135.751579][ T4962] loop1: detected capacity change from 0 to 256
[  135.780863][ T4954] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.196: casefold flag without casefold feature
[  135.794671][ T4954] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.196: couldn't read orphan inode 15 (err -117)
[  135.809702][ T4954] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,,errors=continue. Quota mode: writeback.
[  136.049848][ T4962] exfat: Deprecated parameter 'utf8'
[  136.055648][ T4962] exfat: Deprecated parameter 'namecase'
[  136.061439][ T4962] exfat: Deprecated parameter 'utf8'
[  136.607248][ T4964] loop3: detected capacity change from 0 to 128
[  136.684368][ T4955] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  136.904035][ T4964] hpfs: Bad magic ... probably not HPFS
[  137.501050][ T4970] loop4: detected capacity change from 0 to 64
[  137.509358][ T4962] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  138.269117][ T4975] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input13
[  139.837876][ T5003] input: syz1 as /devices/virtual/input/input14
[  139.916249][ T4998] loop0: detected capacity change from 0 to 64
[  140.189682][ T5008] loop1: detected capacity change from 0 to 1024
[  140.633328][ T5012] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  140.633328][ T5012]    program syz.3.213 not setting count and/or reply_len properly
[  140.653452][ T5012] loop3: detected capacity change from 0 to 64
[  141.272282][ T5014] loop2: detected capacity change from 0 to 64
[  141.679884][ T5008] EXT4-fs (loop1): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  141.715376][ T5008] EXT4-fs (loop1): Cannot use DAX on a filesystem that may contain inline data
[  141.721689][ T5014] hfs: can't find a HFS filesystem on dev loop2
[  142.206153][ T5014] loop2: detected capacity change from 0 to 32768
[  142.213436][ T5019] loop3: detected capacity change from 0 to 8
[  142.252389][ T5019] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  142.727054][ T5027] loop3: detected capacity change from 0 to 64
[  142.865374][ T5026] netlink: 16 bytes leftover after parsing attributes in process `syz.1.219'.
[  143.737895][ T5042] netlink: 28 bytes leftover after parsing attributes in process `syz.4.224'.
[  143.787873][ T5042] netlink: 28 bytes leftover after parsing attributes in process `syz.4.224'.
[  145.143898][ T5062] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  145.143898][ T5062]    program syz.4.226 not setting count and/or reply_len properly
[  145.176111][ T5062] loop4: detected capacity change from 0 to 64
[  145.183324][ T1107] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  145.585985][ T1107] usb 4-1: Using ep0 maxpacket: 32
[  145.816210][ T5064] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  145.970458][ T5071] loop1: detected capacity change from 0 to 8
[  145.975692][ T1107] usb 4-1: New USB device found, idVendor=1ba6, idProduct=0001, bcdDevice=49.88
[  146.174928][ T1107] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.184829][ T1107] usb 4-1: Product: syz
[  146.194773][ T1107] usb 4-1: Manufacturer: syz
[  146.199445][ T1107] usb 4-1: SerialNumber: syz
[  146.212320][ T1107] usb 4-1: config 0 descriptor??
[  146.275669][ T4680] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  146.822429][ T5079] input: syz1 as /devices/virtual/input/input15
[  147.021622][ T5071] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  147.044768][ T1107] as10x_usb: device has been detected
[  147.064875][ T1107] dvbdev: DVB: registering new adapter (Abilis Systems DVB-Titan)
[  147.317267][ T1107] usb 4-1: DVB: registering adapter 1 frontend 0 (Abilis Systems DVB-Titan)...
[  148.366550][ T5092] loop1: detected capacity change from 0 to 64
[  148.406289][ T4680] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.560797][ T4680] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  148.737448][ T4680] usb 3-1: New USB device found, idVendor=05ac, idProduct=0238, bcdDevice= 0.00
[  148.788154][ T4680] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.850893][ T4680] usb 3-1: config 0 descriptor??
[  148.960982][ T1107] as10x_usb: error during firmware upload part1
[  148.962597][ T4680] usb 3-1: can't set config #0, error -71
[  148.969866][ T1107] Registered device Abilis Systems DVB-Titan
[  148.975764][ T1107] usb 4-1: USB disconnect, device number 3
[  149.015228][ T1107] Unregistered device Abilis Systems DVB-Titan
[  149.027846][ T1107] as10x_usb: device has been disconnected
[  149.066629][ T4680] usb 3-1: USB disconnect, device number 2
[  151.742951][ T5115] loop4: detected capacity change from 0 to 2048
[  153.325035][ T5115] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  153.484425][ T5125] loop1: detected capacity change from 0 to 256
[  153.661094][ T5129] loop2: detected capacity change from 0 to 8
[  153.686315][ T5127] loop3: detected capacity change from 0 to 2048
[  153.691201][ T5125] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  153.718177][ T5129] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  153.795966][ T5127] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  154.394420][ T5139] input: syz1 as /devices/virtual/input/input16
[  155.030257][ T5142] loop1: detected capacity change from 0 to 512
[  155.100035][ T5142] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  155.474410][ T5149] loop2: detected capacity change from 0 to 64
[  155.784133][ T5148] loop3: detected capacity change from 0 to 64
[  156.096219][ T5142] EXT4-fs (loop1): 1 truncate cleaned up
[  156.105289][ T5142] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,nombcache,quota,. Quota mode: writeback.
[  156.612149][ T5134] loop4: detected capacity change from 0 to 40427
[  157.022869][ T5161] loop0: detected capacity change from 0 to 256
[  158.026722][ T5161] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  158.227622][ T5166] loop1: detected capacity change from 0 to 256
[  158.846258][ T5166] exfat: Deprecated parameter 'utf8'
[  158.852622][ T5166] exfat: Unknown parameter 'zero_size_dir'
[  159.318216][ T5170] loop3: detected capacity change from 0 to 32768
[  159.335710][ T5172] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  159.335710][ T5172]    program syz.2.261 not setting count and/or reply_len properly
[  159.367452][ T5172] loop2: detected capacity change from 0 to 64
[  159.454666][ T5170] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.263 (5170)
[  159.677250][ T5170] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  159.686261][ T5170] BTRFS info (device loop3): using free space tree
[  159.693390][ T5170] BTRFS info (device loop3): has skinny extents
[  160.445895][ T5196] loop2: detected capacity change from 0 to 32768
[  161.239783][ T5196] x_tables: ip6_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  161.410857][ T5181] loop0: detected capacity change from 0 to 4096
[  161.549816][ T5181] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
[  161.583378][ T5211] loop1: detected capacity change from 0 to 8
[  161.598835][ T5170] BTRFS info (device loop3): enabling ssd optimizations
[  161.690942][ T5211] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  161.707355][ T4457] BTRFS info (device loop3): space_info 5 has 139264 free, is not full
[  161.716191][ T4457] BTRFS info (device loop3): space_info total=3276800, used=53248, pinned=0, reserved=16384, may_use=3067904, readonly=0 zone_unusable=0
[  161.730964][ T4457] BTRFS info (device loop3): global_block_rsv: size 851968 reserved 851968
[  161.740179][ T4457] BTRFS info (device loop3): trans_block_rsv: size 0 reserved 0
[  161.748489][ T4457] BTRFS info (device loop3): chunk_block_rsv: size 0 reserved 0
[  161.756528][ T4457] BTRFS info (device loop3): delayed_block_rsv: size 0 reserved 0
[  161.764369][ T4457] BTRFS info (device loop3): delayed_refs_rsv: size 524288 reserved 389120
[  162.022946][ T5209] input: syz1 as /devices/virtual/input/input17
[  162.065050][ T5215] BTRFS info (device loop3): space_info 5 has 139264 free, is not full
[  162.074252][ T5215] BTRFS info (device loop3): space_info total=11534336, used=53248, pinned=20480, reserved=0, may_use=11321344, readonly=0 zone_unusable=0
[  162.088936][ T5215] BTRFS info (device loop3): global_block_rsv: size 851968 reserved 851968
[  162.097982][ T5215] BTRFS info (device loop3): trans_block_rsv: size 0 reserved 0
[  162.105713][ T5215] BTRFS info (device loop3): chunk_block_rsv: size 98304 reserved 98304
[  162.114066][ T5215] BTRFS info (device loop3): delayed_block_rsv: size 0 reserved 0
[  162.122153][ T5215] BTRFS info (device loop3): delayed_refs_rsv: size 131072 reserved 131072
[  162.643337][ T5221] loop1: detected capacity change from 0 to 64
[  163.137456][ T5222] loop4: detected capacity change from 0 to 8
[  163.426361][ T5225] loop2: detected capacity change from 0 to 512
[  163.482811][ T5225] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  163.612601][ T5225] EXT4-fs (loop2): 1 truncate cleaned up
[  163.691765][ T5225] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,nombcache,quota,. Quota mode: writeback.
[  164.412700][ T5240] netlink: 8 bytes leftover after parsing attributes in process `syz.1.275'.
[  165.419370][ T5248] loop4: detected capacity change from 0 to 1024
[  165.497367][ T5248] EXT4-fs (loop4): mounted filesystem without journal. Opts: stripe=0x0000000000000003,nodelalloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,nodiscard,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  165.639437][ T5234] loop0: detected capacity change from 0 to 32768
[  165.941284][ T5264] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  165.941284][ T5264]    program syz.3.272 not setting count and/or reply_len properly
[  165.981682][ T5264] loop3: detected capacity change from 0 to 64
[  167.718311][ T5270] loop2: detected capacity change from 0 to 256
[  168.536447][ T5274] input: syz1 as /devices/virtual/input/input18
[  168.788694][ T5269] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF
[  168.797959][ T5269] FAT-fs (loop2): Filesystem has been set read-only
[  169.083551][ T5277] loop1: detected capacity change from 0 to 512
[  169.213343][ T5281] loop4: detected capacity change from 0 to 8
[  169.316960][ T5281] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  169.377085][ T5277] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  169.409547][ T5283] loop2: detected capacity change from 0 to 8
[  169.505736][ T5277] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.882933][ T5291] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  169.882933][ T5291]    program syz.0.286 not setting count and/or reply_len properly
[  169.912239][ T5291] loop0: detected capacity change from 0 to 64
[  173.281453][ T5315] loop0: detected capacity change from 0 to 256
[  173.517795][ T5317] loop1: detected capacity change from 0 to 256
[  173.723438][ T5319] netlink: 8 bytes leftover after parsing attributes in process `syz.4.292'.
[  173.910080][ T5317] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  174.543091][ T5315] FAT-fs (loop0): Directory bread(block 64) failed
[  174.565382][ T5315] FAT-fs (loop0): Directory bread(block 65) failed
[  174.669540][ T5315] FAT-fs (loop0): Directory bread(block 66) failed
[  174.685315][ T5315] FAT-fs (loop0): Directory bread(block 67) failed
[  174.695518][ T5315] FAT-fs (loop0): Directory bread(block 68) failed
[  174.702187][ T5315] FAT-fs (loop0): Directory bread(block 69) failed
[  174.715502][ T5315] FAT-fs (loop0): Directory bread(block 70) failed
[  175.146175][ T5315] FAT-fs (loop0): Directory bread(block 71) failed
[  175.183050][ T5315] FAT-fs (loop0): Directory bread(block 72) failed
[  175.231247][ T5315] FAT-fs (loop0): Directory bread(block 73) failed
[  175.743244][ T5336] tipc: Started in network mode
[  175.770181][ T5336] tipc: Node identity ac14140f, cluster identity 4711
[  175.823689][ T5336] tipc: New replicast peer: 10.1.1.2
[  175.916217][ T5336] tipc: Enabled bearer <udp:syz0>, priority 10
[  176.887780][ T5342] loop3: detected capacity change from 0 to 128
[  177.124847][ T1107] tipc: Node number set to 2886997007
[  177.784600][ T5351] loop0: detected capacity change from 0 to 2048
[  177.810861][ T5342] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  177.908507][ T5342] ext4 filesystem being mounted at /53/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  177.975431][ T1107] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  178.117462][ T5351] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  178.117829][ T4913] udevd[4913]: incorrect nilfs2 checksum on /dev/loop0
[  178.301188][ T5361] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  178.925327][ T1107] usb 3-1: config 0 has an invalid interface number: 32 but max is 0
[  178.975995][   T26] audit: type=1804 audit(2000000103.863:20): pid=5342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.299" name="/newroot/53/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop3" ino=12 res=1 errno=0
[  179.025612][ T1107] usb 3-1: config 0 has no interface number 0
[  179.086871][ T1107] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.156334][   T26] audit: type=1800 audit(2000000103.963:21): pid=5342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.299" name="bus" dev="loop3" ino=12 res=0 errno=0
[  179.283868][ T1107] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.294280][ T1107] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  179.303679][ T1107] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.316555][ T5366] loop1: detected capacity change from 0 to 8
[  179.336450][ T1107] usb 3-1: config 0 descriptor??
[  179.712392][ T5372] netlink: 44 bytes leftover after parsing attributes in process `syz.0.309'.
[  180.015944][ T1107] usbhid 3-1:0.32: can't add hid device: -71
[  180.023465][ T1107] usbhid: probe of 3-1:0.32 failed with error -71
[  180.084679][ T5382] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  180.084679][ T5382]    program syz.1.310 not setting count and/or reply_len properly
[  180.115325][ T5382] loop1: detected capacity change from 0 to 64
[  180.136782][ T1107] usb 3-1: USB disconnect, device number 3
[  181.804486][ T5397] ODEBUG: Out of memory. ODEBUG disabled
[  183.638609][ T5401] No such timeout policy "syz1"
[  183.649131][ T5401] loop2: detected capacity change from 0 to 256
[  183.808383][ T5401] exfat: Deprecated parameter 'utf8'
[  183.813749][ T5401] exfat: Deprecated parameter 'namecase'
[  183.838270][ T5401] exfat: Deprecated parameter 'utf8'
[  183.991132][ T5408] loop0: detected capacity change from 0 to 2048
[  184.618996][ T5401] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  184.702539][ T5408] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  185.306785][ T5420] loop4: detected capacity change from 0 to 8
[  185.680031][ T5428] input: syz1 as /devices/virtual/input/input19
[  186.156817][ T1107] Bluetooth: hci3: command 0x0406 tx timeout
[  186.162974][ T1107] Bluetooth: hci1: command 0x0406 tx timeout
[  186.169211][ T1107] Bluetooth: hci0: command 0x0406 tx timeout
[  186.175430][ T1107] Bluetooth: hci2: command 0x0406 tx timeout
[  186.617055][ T5440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.327'.
[  187.665079][ T5451] No such timeout policy "syz1"
[  187.675260][ T5451] loop0: detected capacity change from 0 to 256
[  187.732193][ T5446] loop4: detected capacity change from 0 to 4096
[  187.804019][ T5454] loop3: detected capacity change from 0 to 256
[  187.806138][ T5451] exfat: Deprecated parameter 'utf8'
[  187.815921][ T5451] exfat: Deprecated parameter 'namecase'
[  187.821667][ T5451] exfat: Deprecated parameter 'utf8'
[  187.879272][ T5451] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  188.126509][ T5454] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xcb93d4f6, utbl_chksum : 0xe619d30d)
[  188.152821][ T5425] loop2: detected capacity change from 0 to 40427
[  188.371893][ T5425] F2FS-fs (loop2): invalid crc value
[  188.411303][ T5425] F2FS-fs (loop2): Found nat_bits in checkpoint
[  190.327891][ T5483] netlink: 8 bytes leftover after parsing attributes in process `syz.4.342'.
[  190.964200][ T5485] loop2: detected capacity change from 0 to 8
[  191.065346][ T4210] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  191.128121][ T5485] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  191.260571][ T5473] loop0: detected capacity change from 0 to 8
[  191.684249][ T5491] loop2: detected capacity change from 0 to 64
[  191.747699][ T4210] usb 4-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  192.112400][ T4210] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  192.505400][ T5498] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  192.505400][ T5498]    program syz.1.345 not setting count and/or reply_len properly
[  192.536968][ T5498] loop1: detected capacity change from 0 to 64
[  192.565693][ T4210] usb 4-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c
[  192.658084][ T4210] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.983767][ T4210] usb 4-1: Product: syz
[  193.163113][ T4210] usb 4-1: Manufacturer: syz
[  193.189768][ T4210] usb 4-1: SerialNumber: syz
[  193.241475][ T4210] usb 4-1: config 0 descriptor??
[  193.299993][ T4210] usb 4-1: can't set config #0, error -71
[  193.317013][ T5499] loop2: detected capacity change from 0 to 4096
[  193.552004][ T4210] usb 4-1: USB disconnect, device number 4
[  193.645899][ T5505] input: syz1 as /devices/virtual/input/input20
[  194.365671][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  194.374853][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  194.784896][ T5520] loop1: detected capacity change from 0 to 8
[  195.015430][ T5520] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  195.677837][ T5532] loop1: detected capacity change from 0 to 64
[  196.082260][ T5540] loop3: detected capacity change from 0 to 8
[  196.298376][ T5545] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  196.298376][ T5545]    program syz.4.361 not setting count and/or reply_len properly
[  197.536142][ T5554] input: syz1 as /devices/virtual/input/input21
[  199.725165][ T5572] tipc: Failed to remove unknown binding: 66,0,0/0:1424825438/1424825439
[  200.010917][ T5576] netlink: 'syz.1.373': attribute type 10 has an invalid length.
[  200.191844][ T5578] loop0: detected capacity change from 0 to 256
[  200.996101][ T5576] team0: Port device netdevsim0 added
[  201.002320][ T5579] netlink: 'syz.1.373': attribute type 10 has an invalid length.
[  201.119177][ T5578] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  201.408223][ T5587] loop4: detected capacity change from 0 to 8
[  201.468194][ T5576] syz.1.373 (5576) used greatest stack depth: 17432 bytes left
[  201.597791][ T5579] team0: Port device netdevsim0 removed
[  201.630509][ T5579] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  202.085251][ T4678] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  202.704087][ T5596] loop0: detected capacity change from 0 to 4096
[  202.807478][ T5604] loop1: detected capacity change from 0 to 4096
[  202.843485][ T5605] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  202.855182][ T4678] usb 4-1: Using ep0 maxpacket: 32
[  203.217506][ T5604] ntfs3: Unknown parameter 'hide_dot_files'
[  203.424044][   T26] audit: type=1804 audit(2000000128.313:22): pid=5596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.378" name="/newroot/66/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  203.475682][   T26] audit: type=1804 audit(2000000128.363:23): pid=5596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.378" name="/newroot/66/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  203.535601][ T4678] usb 4-1: unable to read config index 0 descriptor/start: -61
[  203.543181][ T4678] usb 4-1: can't read configurations, error -61
[  203.564353][   T26] audit: type=1804 audit(2000000128.363:24): pid=5596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.378" name="/newroot/66/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  203.861184][ T4678] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  204.855830][ T4678] usb 4-1: Using ep0 maxpacket: 32
[  204.931591][ T4678] usb 4-1: device descriptor read/all, error -71
[  204.947565][ T5620] loop3: detected capacity change from 0 to 128
[  205.049287][ T4678] usb usb4-port1: attempt power cycle
[  205.156574][ T5626] loop1: detected capacity change from 0 to 128
[  205.187070][ T5620] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  205.195774][ T5626] hpfs: Bad magic ... probably not HPFS
[  205.238802][ T4681] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  205.490801][ T5629] loop2: detected capacity change from 0 to 8
[  205.814417][ T5633] loop4: detected capacity change from 0 to 256
[  206.364517][ T4681] usb 1-1: Using ep0 maxpacket: 16
[  206.581454][ T5633] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  206.674916][ T5638] loop3: detected capacity change from 0 to 8
[  206.827368][ T5638] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  206.839440][ T5637] netlink: 124 bytes leftover after parsing attributes in process `syz.2.391'.
[  206.905629][ T4681] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  206.929306][ T4681] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.960993][ T4681] usb 1-1: Product: syz
[  206.965351][ T4681] usb 1-1: Manufacturer: syz
[  206.970039][ T4681] usb 1-1: SerialNumber: syz
[  207.006247][ T4681] r8152-cfgselector 1-1: config 0 descriptor??
[  207.193714][ T5644] device syzkaller0 entered promiscuous mode
[  207.216560][ T5647] loop4: detected capacity change from 0 to 1024
[  207.264194][ T5649] loop3: detected capacity change from 0 to 64
[  207.294653][ T5647] UDF-fs: warning (device loop4): udf_fill_super: No partition found (2)
[  209.053098][ T4681] r8152-cfgselector 1-1: Unknown version 0x0000
[  209.071376][ T4681] r8152-cfgselector 1-1: bad CDC descriptors
[  209.103975][ T4681] r8152-cfgselector 1-1: Unknown version 0x0000
[  209.169758][ T4681] r8152-cfgselector 1-1: USB disconnect, device number 3
[  209.589899][ T5666] blktrace: Concurrent blktraces are not allowed on nullb0
[  211.132105][ T5675] loop2: detected capacity change from 0 to 8
[  211.504697][ T5685] loop3: detected capacity change from 0 to 256
[  212.121755][ T5686] loop4: detected capacity change from 0 to 128
[  212.195753][ T5685] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  212.231110][ T5686] hpfs: Bad magic ... probably not HPFS
[  212.320667][ T5691] loop0: detected capacity change from 0 to 128
[  212.516233][ T5691] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  212.534954][ T5694] loop2: detected capacity change from 0 to 4096
[  212.556546][ T5691] ext4 filesystem being mounted at /71/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  212.776878][ T5702] loop4: detected capacity change from 0 to 128
[  214.255822][ T5710] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  214.266170][ T5710] FAT-fs (loop4): Filesystem has been set read-only
[  214.272992][ T5710] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  214.282378][   T26] audit: type=1800 audit(2000000138.753:25): pid=5710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.409" name="file0" dev="loop4" ino=1048618 res=0 errno=0
[  214.283430][ T5710] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  214.568402][ T5707] loop0: detected capacity change from 0 to 1024
[  214.669046][ T5713] loop1: detected capacity change from 0 to 64
[  215.452504][ T5716] blktrace: Concurrent blktraces are not allowed on nullb0
[  215.498689][ T5707] hfsplus: xattr search failed
[  217.015967][ T5728] No such timeout policy "syz1"
[  217.026708][ T5728] loop1: detected capacity change from 0 to 256
[  217.476524][ T5729] loop3: detected capacity change from 0 to 64
[  217.476680][ T5728] exfat: Deprecated parameter 'utf8'
[  217.488263][ T5728] exfat: Deprecated parameter 'namecase'
[  217.493951][ T5728] exfat: Deprecated parameter 'utf8'
[  217.520596][ T5728] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  217.813424][ T5745] loop4: detected capacity change from 0 to 128
[  217.865300][ T5745] hpfs: Bad magic ... probably not HPFS
[  218.058023][ T5749] loop1: detected capacity change from 0 to 512
[  218.092005][ T5752] loop2: detected capacity change from 0 to 128
[  218.157352][ T5749] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  218.346329][ T5749] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  218.354634][ T5749] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=f840e11c, mo2=0003]
[  218.427539][ T5749] System zones: 0-1, 15-15, 18-18, 34-34
[  218.460328][ T5749] EXT4-fs (loop1): orphan cleanup on readonly fs
[  218.480591][ T5749] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[  218.537400][ T5749] EXT4-fs warning (device loop1): ext4_enable_quotas:6432: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  218.558836][   T26] audit: type=1800 audit(2000000143.453:26): pid=5761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.424" name="file0" dev="loop2" ino=1048620 res=0 errno=0
[  218.590163][ T5749] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  218.598443][ T5761] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  218.653720][ T5749] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.423: bg 0: block 40: padding at end of block bitmap is not set
[  218.732187][ T5749] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  218.741134][ T5761] FAT-fs (loop2): Filesystem has been set read-only
[  218.777792][ T5749] EXT4-fs (loop1): 1 truncate cleaned up
[  218.800603][ T5749] EXT4-fs (loop1): mounted filesystem without journal. Opts: data_err=abort,bsdgroups,delalloc,norecovery,i_version,nomblk_io_submit,,errors=continue. Quota mode: writeback.
[  218.871274][ T5761] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  218.910987][ T5761] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  219.146574][ T5766] loop4: detected capacity change from 0 to 64
[  219.887267][   T26] audit: type=1326 audit(2000000144.783:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0456c0d19 code=0x7ffc0000
[  220.107009][ T5772] loop4: detected capacity change from 0 to 16
[  220.133837][   T26] audit: type=1326 audit(2000000144.833:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0456c0d19 code=0x7ffc0000
[  220.210406][   T26] audit: type=1326 audit(2000000144.833:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0456c0d19 code=0x7ffc0000
[  220.236586][ T5772] erofs: (device loop4): mounted with root inode @ nid 36.
[  220.250483][ T5777] netlink: 4 bytes leftover after parsing attributes in process `syz.3.431'.
[  220.258761][ T5772] erofs: (device loop4): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36
[  220.841157][   T26] audit: type=1326 audit(2000000144.833:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0456c0d19 code=0x7ffc0000
[  221.315172][   T26] audit: type=1326 audit(2000000144.833:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0456c0d19 code=0x7ffc0000
[  221.476237][   T26] audit: type=1326 audit(2000000144.833:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0456c0d19 code=0x7ffc0000
[  221.585491][   T26] audit: type=1326 audit(2000000144.833:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0456c0d19 code=0x7ffc0000
[  221.685890][   T26] audit: type=1326 audit(2000000144.883:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0456c0d19 code=0x7ffc0000
[  221.780250][   T26] audit: type=1326 audit(2000000144.883:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0456c0d19 code=0x7ffc0000
[  221.821286][ T5793] loop4: detected capacity change from 0 to 512
[  221.888970][   T26] audit: type=1326 audit(2000000144.883:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7fc0456c0d19 code=0x7ffc0000
[  221.913692][ T5792] input: syz1 as /devices/virtual/input/input22
[  221.954303][ T5793] EXT4-fs (loop4): orphan cleanup on readonly fs
[  222.043409][ T5793] EXT4-fs (loop4): 1 orphan inode deleted
[  222.101123][ T5793] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  222.104323][ T5788] loop1: detected capacity change from 0 to 32768
[  222.632551][ T5803] loop3: detected capacity change from 0 to 64
[  222.714375][ T5804] loop4: detected capacity change from 0 to 64
[  223.506360][ T5803] hfs: can't find a HFS filesystem on dev loop3
[  223.825404][ T1107] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  223.918707][ T5803] loop3: detected capacity change from 0 to 32768
[  224.246293][ T1107] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  224.343167][ T1107] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  224.404410][ T1107] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  224.506120][ T5797] loop0: detected capacity change from 0 to 32768
[  224.511235][ T1107] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.155696][ T5806] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  225.654169][ T1107] usb 3-1: USB disconnect, device number 4
[  226.200322][ T5835] input: syz1 as /devices/virtual/input/input23
[  226.514077][ T4260] udevd[4260]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  227.819262][ T5856] loop0: detected capacity change from 0 to 64
[  227.994421][ T5859] loop1: detected capacity change from 0 to 128
[  227.997143][ T5857] loop2: detected capacity change from 0 to 64
[  228.318796][ T5856] hfs: can't find a HFS filesystem on dev loop0
[  228.364922][ T5859] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  228.451050][ T5859] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000002,discard,,errors=continue. Quota mode: none.
[  228.465623][ T5859] ext2 filesystem being mounted at /98/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  228.589867][ T5856] loop0: detected capacity change from 0 to 32768
[  229.829751][ T5881] input: syz1 as /devices/virtual/input/input24
[  230.935688][ T5892] loop3: detected capacity change from 0 to 64
[  231.311136][ T5886] loop0: detected capacity change from 0 to 8192
[  231.764067][ T5901] loop1: detected capacity change from 0 to 256
[  232.227937][ T5903] loop2: detected capacity change from 0 to 64
[  232.948835][ T5901] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  233.085943][ T5909] loop3: detected capacity change from 0 to 64
[  233.689560][ T5911] loop2: detected capacity change from 0 to 64
[  233.893680][ T5911] hfs: can't find a HFS filesystem on dev loop2
[  234.000924][ T5915] loop1: detected capacity change from 0 to 2048
[  234.008486][ T5917] loop4: detected capacity change from 0 to 512
[  234.170427][ T5919] loop3: detected capacity change from 0 to 4096
[  234.237742][ T5911] loop2: detected capacity change from 0 to 32768
[  234.290139][ T5915] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  234.335817][ T5917] EXT4-fs (loop4): Ignoring removed bh option
[  234.352692][ T5917] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  234.440324][ T5917] EXT4-fs error (device loop4): ext4_orphan_get:1427: comm syz.4.476: bad orphan inode 17
[  234.457394][ T4321] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.510072][   T26] kauditd_printk_skb: 7 callbacks suppressed
[  234.510092][   T26] audit: type=1800 audit(2000000159.393:44): pid=5919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.474" name="file0" dev="loop3" ino=0 res=0 errno=0
[  234.555425][ T5917] EXT4-fs (loop4): Remounting filesystem read-only
[  234.562407][ T5917] ext4_test_bit(bit=16, block=4) = 1
[  234.585168][ T5917] is_bad_inode(inode)=0
[  234.589438][ T5917] NEXT_ORPHAN(inode)=1048336
[  234.594217][ T5917] max_ino=32
[  234.605206][ T5917] i_nlink=0
[  234.608566][ T5917] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,bh,inode_readahead_blks=0x0000000000010000,block_validity,block_validity,. Quota mode: none.
[  234.816674][ T4321] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.090565][ T4321] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.184920][ T5938] loop2: detected capacity change from 0 to 256
[  235.689276][ T5940] loop1: detected capacity change from 0 to 64
[  235.772141][ T5938] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  236.602196][ T4321] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.767150][ T5954] loop4: detected capacity change from 0 to 64
[  237.131591][ T5957] input: syz1 as /devices/virtual/input/input25
[  237.723560][ T5954] hfs: can't find a HFS filesystem on dev loop4
[  238.389757][   T26] audit: type=1326 audit(2000000163.283:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13838f8d19 code=0x7ffc0000
[  238.447436][ T5954] loop4: detected capacity change from 0 to 32768
[  238.453787][ T5967] loop2: detected capacity change from 0 to 512
[  238.457366][   T26] audit: type=1326 audit(2000000163.343:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f13838f8d19 code=0x7ffc0000
[  238.483023][   T26] audit: type=1326 audit(2000000163.343:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13838f8d19 code=0x7ffc0000
[  238.525251][   T26] audit: type=1326 audit(2000000163.343:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f13838f8d19 code=0x7ffc0000
[  238.571936][   T26] audit: type=1326 audit(2000000163.343:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f13838f8d53 code=0x7ffc0000
[  238.657639][   T26] audit: type=1326 audit(2000000163.343:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f13838f77cf code=0x7ffc0000
[  238.680213][   T26] audit: type=1326 audit(2000000163.343:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f13838f8da7 code=0x7ffc0000
[  238.712247][   T26] audit: type=1326 audit(2000000163.343:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f13838f7680 code=0x7ffc0000
[  239.364185][ T5967] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  239.435369][ T5967] System zones: 0-2, 18-18, 34-34
[  239.525539][   T26] audit: type=1326 audit(2000000163.343:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f13838f891b code=0x7ffc0000
[  239.568438][   T26] audit: type=1326 audit(2000000163.483:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f13838f797a code=0x7ffc0000
[  239.614416][ T5967] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.492: bg 0: block 248: padding at end of block bitmap is not set
[  239.687454][ T5960] chnl_net:caif_netlink_parms(): no params data found
[  239.695037][ T5967] Quota error (device loop2): write_blk: dquota write failed
[  239.703464][ T5967] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  239.714230][ T5967] EXT4-fs error (device loop2): ext4_acquire_dquot:6197: comm syz.2.492: Failed to acquire dquot type 1
[  239.982353][ T5984] loop4: detected capacity change from 0 to 256
[  240.037967][ T5967] EXT4-fs (loop2): 1 truncate cleaned up
[  240.046394][ T5986] loop1: detected capacity change from 0 to 8
[  240.126981][ T5967] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,noload,,errors=continue. Quota mode: writeback.
[  240.175376][ T4177] Bluetooth: hci0: command 0x0409 tx timeout
[  240.203581][ T5984] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  240.223936][   T26] audit: type=1326 audit(2000000163.483:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f13838f797a code=0x7ffc0000
[  240.246743][ T5967] ext4 filesystem being mounted at /102/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.258596][   T26] audit: type=1326 audit(2000000163.553:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f13838f7587 code=0x7ffc0000
[  240.307138][   T26] audit: type=1326 audit(2000000163.553:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f13838fa4ba code=0x7ffc0000
[  240.335540][   T26] audit: type=1326 audit(2000000165.203:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f13838f7680 code=0x7ffc0000
[  240.409448][   T26] audit: type=1326 audit(2000000165.203:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f13838f7a67 code=0x7ffc0000
[  240.581357][   T26] audit: type=1326 audit(2000000165.203:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5966 comm="syz.2.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f13838f7680 code=0x7ffc0000
[  240.960313][ T5992] loop4: detected capacity change from 0 to 256
[  240.976189][ T5992] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  241.453907][ T6002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.499'.
[  241.604898][ T6003] input: syz1 as /devices/virtual/input/input26
[  242.342594][ T4673] Bluetooth: hci0: command 0x041b tx timeout
[  242.354288][ T5960] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.373004][ T5960] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.403272][ T5960] device bridge_slave_0 entered promiscuous mode
[  242.425019][ T5960] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.440163][ T5960] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.477990][ T5960] device bridge_slave_1 entered promiscuous mode
[  242.550625][ T5960] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.562454][ T5960] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.620751][ T5960] team0: Port device team_slave_0 added
[  242.925634][ T5960] team0: Port device team_slave_1 added
[  243.075821][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.113443][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.271690][ T5960] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.493940][ T6008] loop1: detected capacity change from 0 to 32768
[  243.540307][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.558796][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.635381][ T1107] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  243.925388][ T1107] usb 5-1: Using ep0 maxpacket: 32
[  244.045989][ T1107] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  244.100869][ T1107] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  244.415723][ T1107] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  244.418526][ T4681] Bluetooth: hci0: command 0x040f tx timeout
[  244.424851][ T1107] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.447050][ T1107] usb 5-1: config 0 descriptor??
[  244.455522][ T5960] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.500146][ T6008] XFS (loop1): Mounting V5 Filesystem
[  244.510570][ T6035] netlink: 8 bytes leftover after parsing attributes in process `syz.3.505'.
[  244.565463][ T6010] loop2: detected capacity change from 0 to 1024
[  244.654479][ T6010] EXT4-fs (loop2): Ignoring removed oldalloc option
[  244.714829][ T5960] device hsr_slave_0 entered promiscuous mode
[  244.731863][ T5960] device hsr_slave_1 entered promiscuous mode
[  244.742335][ T5960] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  244.755010][ T5960] Cannot create hsr debugfs directory
[  244.832345][ T6010] EXT4-fs (loop2): mounted filesystem without journal. Opts: stripe=0x0000000000000003,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  244.855326][ T6008] XFS (loop1): Ending clean mount
[  245.421673][ T6008] XFS (loop1): Quotacheck needed: Please wait.
[  245.645921][ T1107] savu 0003:1E7D:2D5A.0001: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  245.663631][ T1107] usb 5-1: USB disconnect, device number 3
[  245.820752][ T6008] XFS (loop1): Quotacheck: Done.
[  245.937172][ T6058] loop3: detected capacity change from 0 to 8
[  245.943924][ T4168] XFS (loop1): Unmounting Filesystem
[  246.526709][ T4678] Bluetooth: hci0: command 0x0419 tx timeout
[  246.589496][ T6076] input: syz1 as /devices/virtual/input/input27
[  246.972907][ T5960] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  247.047619][ T5960] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  247.128648][ T6091] loop3: detected capacity change from 0 to 512
[  247.233560][ T5960] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  247.250476][ T6091] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  247.538588][ T6097] loop1: detected capacity change from 0 to 1024
[  249.017408][ T6097] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  249.366015][ T4321] device hsr_slave_0 left promiscuous mode
[  249.395962][ T4321] device hsr_slave_1 left promiscuous mode
[  249.411962][ T6102] loop4: detected capacity change from 0 to 64
[  249.428030][ T4321] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  249.436713][ T6091] EXT4-fs (loop3): mounted filesystem without journal. Opts: stripe=0x0000000000000010,stripe=0x0000000000000007,dioread_nolock,mblk_io_submit,discard,nogrpid,,errors=continue. Quota mode: none.
[  249.480025][ T4321] batman_adv: batadv0: Removing interface: batadv_slave_0
[  249.488908][ T4321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  249.497596][ T4321] batman_adv: batadv0: Removing interface: batadv_slave_1
[  249.507520][ T6102] hfs: can't find a HFS filesystem on dev loop4
[  249.520723][ T4321] device bridge_slave_1 left promiscuous mode
[  249.540078][ T4321] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.559485][   T26] kauditd_printk_skb: 6 callbacks suppressed
[  249.559504][   T26] audit: type=1800 audit(2000000174.453:67): pid=6091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.515" name="file1" dev="loop3" ino=15 res=0 errno=0
[  249.609876][   T26] audit: type=1804 audit(2000000174.453:68): pid=6091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.515" name="/newroot/103/file0/file1" dev="loop3" ino=15 res=1 errno=0
[  249.658832][ T4321] device bridge_slave_0 left promiscuous mode
[  249.694129][ T4321] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.784846][ T6105] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.515: bg 0: block 496: padding at end of block bitmap is not set
[  249.906454][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  250.552360][ T4321] device veth1_macvtap left promiscuous mode
[  250.568397][   T26] audit: type=1800 audit(2000000175.463:69): pid=6091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.515" name="file1" dev="loop3" ino=15 res=0 errno=0
[  250.606433][ T6105] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3758096384 > max in inode 15
[  250.621601][ T4321] device veth0_macvtap left promiscuous mode
[  250.632247][ T6111] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  250.635503][ T6105] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3758096385 > max in inode 15
[  250.667975][ T4321] device veth1_vlan left promiscuous mode
[  250.674308][ T4321] device veth0_vlan left promiscuous mode
[  250.973253][ T6119] loop1: detected capacity change from 0 to 8
[  251.235660][ T6123] input: syz1 as /devices/virtual/input/input28
[  251.518459][ T6128] loop4: detected capacity change from 0 to 64
[  252.425312][ T4673] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  252.453042][ T6134] loop3: detected capacity change from 0 to 64
[  252.486628][ T6134] hfs: can't find a HFS filesystem on dev loop3
[  252.624303][ T4321] team0 (unregistering): Port device team_slave_1 removed
[  252.660652][ T4321] team0 (unregistering): Port device team_slave_0 removed
[  252.685323][ T4321] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  252.731319][ T4321] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  252.815209][ T4673] usb 3-1: Using ep0 maxpacket: 8
[  253.116201][ T4673] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[  253.139669][ T4673] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.183353][ T4673] usb 3-1: Product: syz
[  253.209344][ T4673] usb 3-1: Manufacturer: syz
[  253.234518][ T4673] usb 3-1: SerialNumber: syz
[  253.477860][ T4673] usb 3-1: config 0 descriptor??
[  253.529060][ T4321] bond0 (unregistering): Released all slaves
[  253.570222][ T6142] loop4: detected capacity change from 0 to 8
[  253.595788][ T6140] loop3: detected capacity change from 0 to 2048
[  253.608406][ T6142] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  253.627958][ T5960] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  253.755694][ T4673] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  253.814870][ T6140] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  253.996476][ T5960] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.020641][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  254.030491][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  254.061981][ T5960] 8021q: adding VLAN 0 to HW filter on device team0
[  254.089904][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  254.122559][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  254.167024][ T4457] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.174227][ T4457] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.193777][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  254.255387][ T4673] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71
[  254.271211][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  254.274258][ T4673] usb 3-1: USB disconnect, device number 5
[  254.301264][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  254.365922][ T4457] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.373177][ T4457] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.455679][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  254.504819][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  254.593197][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  254.640015][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  254.724021][ T5960] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  254.758603][ T5960] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  254.872371][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  254.909926][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  254.927283][ T6170] input: syz1 as /devices/virtual/input/input29
[  254.965407][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  254.991240][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  255.020447][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  255.047240][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  255.172875][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  255.209134][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  255.363025][ T6188] loop2: detected capacity change from 0 to 64
[  255.452138][ T4411] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  255.476886][ T6188] hfs: can't find a HFS filesystem on dev loop2
[  255.493968][ T4411] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  255.524659][ T5960] 8021q: adding VLAN 0 to HW filter on device batadv0
[  255.699833][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  255.706394][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  255.999341][ T6199] loop2: detected capacity change from 0 to 8
[  256.293368][ T4263] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  256.312250][ T4263] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  256.372597][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  256.412025][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  256.449129][ T5960] device veth0_vlan entered promiscuous mode
[  256.464766][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  256.487165][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  256.531029][ T5960] device veth1_vlan entered promiscuous mode
[  256.725373][ T5960] device veth0_macvtap entered promiscuous mode
[  256.765495][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  256.782334][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  256.840888][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  256.881456][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  256.935437][ T5960] device veth1_macvtap entered promiscuous mode
[  256.986141][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  257.024409][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  257.124256][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.167529][ T6221] loop1: detected capacity change from 0 to 4096
[  257.175360][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.214031][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.235247][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.255373][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.278854][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.307135][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.334905][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.357660][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_0
[  257.371760][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  257.384415][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  257.407719][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.427398][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.434732][ T6221] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  257.465993][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.503304][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.526197][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.537726][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.548165][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.551366][ T6221] ntfs3: loop1: Inode r=19 is not in use!
[  257.559433][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.579486][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_1
[  257.584264][ T6221] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  257.600591][ T5960] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.618355][ T5960] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.632748][ T5960] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.644432][ T5960] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.658708][ T6221] ntfs3: loop1: Failed to load root.
[  257.672293][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  257.684354][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  257.989311][ T4411] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  258.006194][ T6221] ./file0: Can't open blockdev
[  258.034575][ T4411] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  258.047026][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  258.098461][ T6239] input: syz1 as /devices/virtual/input/input30
[  258.271167][ T4411] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  258.295665][ T4411] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  258.342244][ T6249] loop1: detected capacity change from 0 to 512
[  258.356441][ T6251] loop4: detected capacity change from 0 to 8
[  258.426188][ T6251] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  258.472004][ T6249] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  258.485788][ T4390] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  258.694697][ T6249] EXT4-fs (loop1): 1 truncate cleaned up
[  258.841261][ T6249] EXT4-fs (loop1): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback.
[  258.976978][ T6260] No such timeout policy "syz1"
[  259.001737][ T6260] loop3: detected capacity change from 0 to 256
[  259.024870][ T6263] loop4: detected capacity change from 0 to 64
[  259.210032][ T6260] exfat: Deprecated parameter 'utf8'
[  259.219313][ T6260] exfat: Deprecated parameter 'namecase'
[  259.241571][ T6249] EXT4-fs error (device loop1): mb_free_blocks:1865: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  259.316839][ T6260] exfat: Deprecated parameter 'utf8'
[  259.326314][ T6270] netlink: 80 bytes leftover after parsing attributes in process `syz.5.557'.
[  259.394126][ T6270] netlink: 80 bytes leftover after parsing attributes in process `syz.5.557'.
[  259.507122][ T6270] netlink: 80 bytes leftover after parsing attributes in process `syz.5.557'.
[  259.561676][ T6260] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  260.183298][ T6283] loop1: detected capacity change from 0 to 1024
[  260.341614][ T6283] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  260.377458][ T6283] EXT4-fs (loop1): orphan cleanup on readonly fs
[  260.386305][ T6283] EXT4-fs error (device loop1): ext4_free_blocks:6223: comm syz.1.559: Freeing blocks not in datazone - block = 0, count = 4096
[  260.405451][ T6283] EXT4-fs (loop1): 1 orphan inode deleted
[  260.411445][ T6283] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  261.467329][ T6311] input: syz1 as /devices/virtual/input/input31
[  261.890620][ T6327] loop3: detected capacity change from 0 to 256
[  263.449842][ T6354] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  263.449842][ T6354]    program syz.4.574 not setting count and/or reply_len properly
[  263.481251][ T6354] loop4: detected capacity change from 0 to 64
[  264.336157][ T6364] input: syz1 as /devices/virtual/input/input32
[  264.576973][ T6368] loop3: detected capacity change from 0 to 8
[  264.670584][ T6368] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  264.707899][ T6365] loop4: detected capacity change from 0 to 1024
[  264.779420][ T6365] EXT4-fs (loop4): Ignoring removed nobh option
[  264.809632][ T6365] EXT4-fs (loop4): Ignoring removed bh option
[  264.826926][ T6365] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  265.034511][ T6365] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  265.209341][ T6394] loop3: detected capacity change from 0 to 64
[  265.569962][ T6406] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  265.569962][ T6406]    program syz.2.592 not setting count and/or reply_len properly
[  265.601341][ T6406] loop2: detected capacity change from 0 to 64
[  266.606020][ T6417] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  266.606020][ T6417]    program syz.5.594 not setting count and/or reply_len properly
[  266.636930][ T6417] loop5: detected capacity change from 0 to 64
[  267.662182][ T6431] loop3: detected capacity change from 0 to 64
[  267.831173][ T6431] hfs: can't find a HFS filesystem on dev loop3
[  267.896271][ T6424] loop4: detected capacity change from 0 to 4096
[  267.906034][ T6434] input: syz1 as /devices/virtual/input/input33
[  268.403837][   T26] audit: type=1800 audit(2000000193.293:70): pid=6438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.599" name="bus" dev="loop4" ino=0 res=0 errno=0
[  268.536161][ T4179] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22.
[  268.573931][ T4179] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  268.668287][ T6449] autofs4:pid:6449:autofs_fill_super: called with bogus options
[  269.054159][ T6458] loop2: detected capacity change from 0 to 4096
[  269.390453][ T6468] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  269.390453][ T6468]    program syz.4.607 not setting count and/or reply_len properly
[  269.426326][ T6468] loop4: detected capacity change from 0 to 64
[  270.158977][ T6431] loop3: detected capacity change from 0 to 32768
[  271.149091][ T6487] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  272.095635][ T6496] input: syz1 as /devices/virtual/input/input34
[  272.454704][ T6505] autofs4:pid:6505:autofs_fill_super: called with bogus options
[  273.213840][ T6525] netlink: 165 bytes leftover after parsing attributes in process `syz.4.621'.
[  273.220297][ T6527] loop5: detected capacity change from 0 to 8
[  273.272938][ T6528] input: syz1 as /devices/virtual/input/input35
[  273.513071][ T6527] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  273.902772][ T6535] loop5: detected capacity change from 0 to 64
[  274.961655][ T6541] autofs4:pid:6541:autofs_fill_super: called with bogus options
[  275.849912][ T6560] netlink: 12 bytes leftover after parsing attributes in process `syz.3.630'.
[  275.875302][ T6555] input: syz1 as /devices/virtual/input/input36
[  275.924358][ T6563] loop5: detected capacity change from 0 to 4096
[  275.974024][ T6566] netlink: 24 bytes leftover after parsing attributes in process `syz.2.631'.
[  275.988328][ T6563] EXT4-fs warning (device loop5): ext4_fill_super:3982: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  276.088925][ T6563] EXT4-fs (loop5): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  276.288500][ T6572] loop2: detected capacity change from 0 to 128
[  276.348820][ T6573] loop3: detected capacity change from 0 to 8
[  276.640421][   T26] audit: type=1800 audit(2000000201.533:71): pid=6578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.633" name="file0" dev="loop2" ino=1048631 res=0 errno=0
[  276.662415][ T6578] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  276.672973][ T6578] FAT-fs (loop2): Filesystem has been set read-only
[  276.679862][ T6578] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  276.690280][ T6578] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  276.790603][ T6585] loop5: detected capacity change from 0 to 8
[  276.924850][ T6585] SQUASHFS error: Failed to read block 0x738: -5
[  276.954082][ T6585] SQUASHFS error: Unable to read metadata cache entry [736]
[  277.020551][ T6590] loop4: detected capacity change from 0 to 8
[  277.085982][ T6590] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  278.389037][ T6606] loop4: detected capacity change from 0 to 64
[  278.620127][ T6616] tipc: Started in network mode
[  278.635189][ T6616] tipc: Node identity 4, cluster identity 4711
[  278.641389][ T6616] tipc: Node number set to 4
[  278.727437][ T6622] netlink: 24 bytes leftover after parsing attributes in process `syz.1.643'.
[  278.948253][ T6624] input: syz1 as /devices/virtual/input/input37
[  279.921571][ T6630] netlink: 'syz.5.647': attribute type 5 has an invalid length.
[  279.946714][ T6630] netlink: 4 bytes leftover after parsing attributes in process `syz.5.647'.
[  280.097393][ T6634] loop1: detected capacity change from 0 to 64
[  280.206462][ T6634] hfs: can't find a HFS filesystem on dev loop1
[  280.215616][ T6639] loop4: detected capacity change from 0 to 8
[  280.561166][ T6648] input: syz1 as /devices/virtual/input/input38
[  280.775919][ T6651] loop2: detected capacity change from 0 to 4096
[  280.903176][ T6654] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  280.903176][ T6654]    program syz.5.654 not setting count and/or reply_len properly
[  280.934043][ T6654] loop5: detected capacity change from 0 to 64
[  281.547580][ T6651] NILFS (loop2): invalid segment: Checksum error in segment payload
[  281.621028][ T6656] loop4: detected capacity change from 0 to 8
[  281.637214][ T6651] NILFS (loop2): trying rollback from an earlier position
[  281.684090][ T6651] NILFS (loop2): recovery complete
[  281.718555][ T6656] squashfs: Unknown parameter '017777777777777777777771844674407370955161518446744073709551615uZÈ#¼'
[  281.745338][ T6657] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  282.250042][ T6664] netlink: 24 bytes leftover after parsing attributes in process `syz.2.658'.
[  282.262618][ T6634] loop1: detected capacity change from 0 to 32768
[  282.378804][ T6667] loop4: detected capacity change from 0 to 64
[  282.708881][ T6671] input: syz1 as /devices/virtual/input/input39
[  284.162667][ T6705] loop4: detected capacity change from 0 to 8
[  284.342468][ T6709] loop1: detected capacity change from 0 to 4096
[  284.480109][ T6718] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  284.493146][ T6716] netlink: 24 bytes leftover after parsing attributes in process `syz.2.670'.
[  284.521360][   T26] audit: type=1804 audit(2000000209.413:72): pid=6709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.667" name="/newroot/144/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  284.617810][   T26] audit: type=1804 audit(2000000209.443:73): pid=6709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.667" name="/newroot/144/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  284.741092][   T26] audit: type=1804 audit(2000000209.443:74): pid=6709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.667" name="/newroot/144/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  284.884778][ T6733] autofs4:pid:6733:autofs_fill_super: called with bogus options
[  285.000042][ T6738] input: syz1 as /devices/virtual/input/input40
[  285.249301][ T6741] device vcan0 entered promiscuous mode
[  285.345472][ T6741] device vlan2 entered promiscuous mode
[  285.417597][ T6741] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  285.465740][ T6741] device vcan0 left promiscuous mode
[  285.522198][ T6750] sch_tbf: peakrate 2 is lower than or equals to rate 16777224 !
[  285.522585][ T6755] loop1: detected capacity change from 0 to 128
[  285.812965][ T6763] netlink: 24 bytes leftover after parsing attributes in process `syz.5.681'.
[  285.834776][   T26] audit: type=1800 audit(2000000210.723:75): pid=6759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.679" name="file0" dev="loop1" ino=1048633 res=0 errno=0
[  285.857154][ T6759] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  285.868409][ T6759] FAT-fs (loop1): Filesystem has been set read-only
[  285.875200][ T6759] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  285.885553][ T6759] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  286.017774][ T6766] loop4: detected capacity change from 0 to 4096
[  286.260510][ T6777] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  286.288359][   T26] audit: type=1804 audit(2000000211.183:76): pid=6766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.682" name="/newroot/144/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  286.313168][ T6778] loop5: detected capacity change from 0 to 8
[  286.385162][   T26] audit: type=1804 audit(2000000211.223:77): pid=6766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.682" name="/newroot/144/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  286.433282][ T6784] autofs4:pid:6784:autofs_fill_super: called with bogus options
[  286.500845][   T26] audit: type=1804 audit(2000000211.263:78): pid=6766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.682" name="/newroot/144/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  287.658105][ T6801] input: syz1 as /devices/virtual/input/input41
[  287.682578][ T6799] device vlan2 entered promiscuous mode
[  287.777418][ T6799] device bond0 entered promiscuous mode
[  287.832477][ T6799] device bond_slave_0 entered promiscuous mode
[  287.955467][ T6799] device bond_slave_1 entered promiscuous mode
[  288.033142][ T6799] device bond0 left promiscuous mode
[  288.063708][ T6799] device bond_slave_0 left promiscuous mode
[  288.083635][ T6799] device bond_slave_1 left promiscuous mode
[  288.259033][ T6819] loop2: detected capacity change from 0 to 1024
[  288.281070][ T6825] loop4: detected capacity change from 0 to 128
[  288.614286][ T6835] loop3: detected capacity change from 0 to 8
[  288.653350][ T6827] loop5: detected capacity change from 0 to 4096
[  288.687525][ T6836] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  288.698043][ T6836] FAT-fs (loop4): Filesystem has been set read-only
[  288.705722][ T6836] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  288.716356][ T6836] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  288.754555][   T26] audit: type=1800 audit(2000000213.573:79): pid=6836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.698" name="file0" dev="loop4" ino=1048635 res=0 errno=0
[  289.429208][ T4237] hfsplus: b-tree write err: -5, ino 4
[  289.616053][ T6847] input: syz1 as /devices/virtual/input/input42
[  289.655632][ T6841] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  289.920634][   T26] audit: type=1804 audit(2000000214.803:80): pid=6827 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.699" name="/newroot/33/file0/bus" dev="loop5" ino=18 res=1 errno=0
[  290.065310][ T2303] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  290.425590][ T2303] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  290.425668][ T2303] usb 4-1: config 0 has no interfaces?
[  290.425787][ T2303] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  290.425871][ T2303] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.533368][ T2303] usb 4-1: config 0 descriptor??
[  290.785517][ T6845] udc-core: couldn't find an available UDC or it's busy
[  290.792519][ T6845] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  290.868432][ T2303] usb 4-1: USB disconnect, device number 8
[  291.107980][ T6870] loop2: detected capacity change from 0 to 64
[  291.150597][ T6868] loop5: detected capacity change from 0 to 256
[  291.203680][ T6870] hfs: can't find a HFS filesystem on dev loop2
[  291.259981][ T6868] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  291.841653][ T6888] loop5: detected capacity change from 0 to 8
[  292.539877][ T6893] loop1: detected capacity change from 0 to 128
[  293.066177][ T6903] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  293.076700][ T6903] FAT-fs (loop1): Filesystem has been set read-only
[  293.086115][ T6903] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  293.096604][ T6903] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  293.151834][   T26] audit: type=1800 audit(2000000217.923:81): pid=6903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.715" name="file0" dev="loop1" ino=1048638 res=0 errno=0
[  294.121177][ T6908] loop4: detected capacity change from 0 to 4096
[  294.973589][   T26] audit: type=1800 audit(2000000219.863:82): pid=6908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.716" name="bus" dev="loop4" ino=0 res=0 errno=0
[  295.127541][ T6937] loop5: detected capacity change from 0 to 512
[  295.143394][ T6931] loop2: detected capacity change from 0 to 256
[  295.247219][ T6931] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  295.357994][ T6937] EXT4-fs (loop5): orphan cleanup on readonly fs
[  295.365971][ T6930] loop3: detected capacity change from 0 to 4096
[  295.392441][ T4179] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22.
[  295.400139][ T4179] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  295.426988][ T6937] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.724: bg 0: block 248: padding at end of block bitmap is not set
[  295.449380][ T6937] Quota error (device loop5): write_blk: dquota write failed
[  295.460211][ T6937] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  295.473863][ T6937] EXT4-fs error (device loop5): ext4_acquire_dquot:6197: comm syz.5.724: Failed to acquire dquot type 1
[  295.513709][ T6937] EXT4-fs (loop5): 1 truncate cleaned up
[  295.606393][ T6937] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  296.191521][ T6953] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  296.191521][ T6953]    program syz.2.727 not setting count and/or reply_len properly
[  296.787427][ T6953] loop2: detected capacity change from 0 to 64
[  298.973145][ T6976] loop3: detected capacity change from 0 to 64
[  299.248535][ T6976] hfs: inconsistency in B*Tree (1,0,2,2,3)
[  299.648886][ T6975] loop2: detected capacity change from 0 to 32768
[  300.755992][ T6995] loop5: detected capacity change from 0 to 256
[  300.994962][ T6995] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  301.974566][ T7001] netlink: 'syz.5.739': attribute type 1 has an invalid length.
[  301.987704][ T7001] netlink: 8 bytes leftover after parsing attributes in process `syz.5.739'.
[  302.443596][ T7009] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  302.443596][ T7009]    program syz.3.742 not setting count and/or reply_len properly
[  302.475153][ T7009] loop3: detected capacity change from 0 to 64
[  303.186920][ T7010] tmpfs: Unknown parameter 'usrquota'
[  303.461749][ T7016] tmpfs: Bad value for 'mpol'
[  303.536971][ T7016] fuse: Bad value for 'rootmode'
[  303.849571][ T7020] netlink: 12 bytes leftover after parsing attributes in process `syz.1.746'.
[  304.437391][ T7030] loop2: detected capacity change from 0 to 256
[  304.480376][ T4678] Bluetooth: hci0: command 0x0c20 tx timeout
[  304.511095][ T7030] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  304.572618][    T7] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  304.930287][ T7046] loop5: detected capacity change from 0 to 512
[  304.955360][    T7] usb 4-1: Using ep0 maxpacket: 16
[  305.064832][ T7048] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  305.064832][ T7048]    program syz.1.755 not setting count and/or reply_len properly
[  305.095463][ T7048] loop1: detected capacity change from 0 to 64
[  305.239738][ T7046] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  305.736386][ T7046] EXT4-fs (loop5): 1 truncate cleaned up
[  305.762660][ T7046] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_lock,min_batch_time=0x0000000000000fff,journal_dev=0x0000000000000005,user_xattr,abort,max_batch_time=0x0000000000000004,,errors=continue. Quota mode: none.
[  305.784697][    C1] vkms_vblank_simulate: vblank timer overrun
[  305.831919][ T7046] syz.5.756 (pid 7046) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  305.855448][    T7] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  305.902543][    T7] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  305.942153][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.985536][    T7] usb 4-1: config 0 descriptor??
[  306.128481][    T7] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input43
[  306.190547][ T7043] loop2: detected capacity change from 0 to 32768
[  306.241606][ T7059] netlink: 'syz.4.760': attribute type 4 has an invalid length.
[  306.249962][ T7059] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.760'.
[  306.515520][ T3531] bcm5974 4-1:0.0: could not read from device
[  306.533202][    T7] usb 4-1: USB disconnect, device number 9
[  306.541534][ T7016] bcm5974 4-1:0.0: could not read from device
[  307.499825][ T3531] bcm5974 4-1:0.0: could not read from device
[  308.313806][ T7076] loop2: detected capacity change from 0 to 256
[  308.377650][ T7076] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  308.733044][ T7093] loop4: detected capacity change from 0 to 64
[  308.862815][ T7095] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  308.862815][ T7095]    program syz.5.767 not setting count and/or reply_len properly
[  308.882148][ T7095] loop5: detected capacity change from 0 to 64
[  308.908243][ T7094] loop3: detected capacity change from 0 to 4096
[  309.134175][ T7101] netlink: 8 bytes leftover after parsing attributes in process `syz.1.771'.
[  309.691399][ T7103] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  309.691399][ T7103]    program syz.2.770 not setting count and/or reply_len properly
[  309.711121][ T7103] loop2: detected capacity change from 0 to 64
[  310.566316][ T7094] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  310.653431][ T7094] ntfs3: loop3: Inode r=19 is not in use!
[  310.665242][ T7094] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  310.685048][ T7094] ntfs3: loop3: Failed to load root.
[  310.909837][ T7109] loop5: detected capacity change from 0 to 4096
[  311.026271][ T7117] loop2: detected capacity change from 0 to 512
[  311.034333][ T7094] overlayfs: overlapping lowerdir path
[  311.048462][ T7109] EXT4-fs warning (device loop5): ext4_fill_super:3982: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  311.069325][ T7109] EXT4-fs (loop5): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  311.130192][ T7117] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  311.211136][ T7117] EXT4-fs (loop2): mounted filesystem without journal. Opts: stripe=0x0000000000000010,stripe=0x0000000000000007,dioread_nolock,mblk_io_submit,discard,nogrpid,,errors=continue. Quota mode: none.
[  311.277204][   T26] audit: type=1800 audit(2000000236.173:83): pid=7117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.776" name="file1" dev="loop2" ino=15 res=0 errno=0
[  311.327836][   T26] audit: type=1804 audit(2000000236.203:84): pid=7117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.776" name="/newroot/159/file0/file1" dev="loop2" ino=15 res=1 errno=0
[  311.533082][ T7129] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.776: bg 0: block 496: padding at end of block bitmap is not set
[  312.010933][ T7129] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3758096384 > max in inode 15
[  312.239716][ T7129] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3758096385 > max in inode 15
[  312.274434][ T7141] loop5: detected capacity change from 0 to 256
[  312.289258][ T7139] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  312.289258][ T7139]    program syz.4.782 not setting count and/or reply_len properly
[  312.311579][ T7139] loop4: detected capacity change from 0 to 64
[  312.327969][   T26] audit: type=1800 audit(2000000237.223:85): pid=7117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.776" name="file1" dev="loop2" ino=15 res=0 errno=0
[  312.552387][ T7141] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  312.674618][ T7141] exFAT-fs (loop5): hint_cluster is invalid (17)
[  312.807674][ T7138] loop3: detected capacity change from 0 to 32768
[  313.179143][ T7138] XFS (loop3): Mounting V5 Filesystem
[  313.741218][ T7138] XFS (loop3): Ending clean mount
[  314.064300][ T7138] XFS (loop3): Quotacheck needed: Please wait.
[  314.189501][ T7138] XFS (loop3): Quotacheck: Done.
[  314.224986][ T7173] loop5: detected capacity change from 0 to 512
[  314.261445][ T7171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.790'.
[  314.394721][ T7173] EXT4-fs (loop5): inline encryption not supported
[  314.445536][ T7165] loop4: detected capacity change from 0 to 4096
[  314.476745][ T7173] EXT4-fs (loop5): mounted filesystem without journal. Opts: inlinecrypt,,errors=continue. Quota mode: writeback.
[  314.489892][ T7173] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.492072][ T4172] XFS (loop3): Unmounting Filesystem
[  314.685437][ T7183] loop2: detected capacity change from 0 to 2048
[  314.774043][ T7165] EXT4-fs warning (device loop4): ext4_fill_super:3982: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  315.266605][ T7165] EXT4-fs (loop4): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  315.357655][ T7173] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #2: comm syz.5.792: corrupted inode contents
[  315.437946][ T7183] loop2: detected capacity change from 0 to 32768
[  315.484174][ T7173] EXT4-fs error (device loop5): ext4_dirty_inode:6010: inode #2: comm syz.5.792: mark_inode_dirty error
[  315.559636][ T7173] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #2: comm syz.5.792: corrupted inode contents
[  315.639631][ T7173] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #2: comm syz.5.792: mark_inode_dirty error
[  315.719861][ T7184] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #2: comm syz.5.792: corrupted inode contents
[  315.781655][ T7196] netlink: 'syz.4.797': attribute type 39 has an invalid length.
[  315.838251][ T7184] EXT4-fs error (device loop5): ext4_dirty_inode:6010: inode #2: comm syz.5.792: mark_inode_dirty error
[  315.857940][ T7183] XFS (loop2): Mounting V5 Filesystem
[  315.876927][ T7184] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #2: comm syz.5.792: corrupted inode contents
[  315.973093][ T7185] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #2: comm syz.5.792: corrupted inode contents
[  316.018767][ T7183] XFS (loop2): Ending clean mount
[  316.091156][ T7185] EXT4-fs error (device loop5): ext4_append:88: inode #2: comm syz.5.792: mark_inode_dirty error
[  316.219101][ T7185] EXT4-fs error (device loop5) in ext4_append:100: Corrupt filesystem
[  316.473772][ T7173] sg_read: process 167 (syz.5.792) changed security contexts after opening file descriptor, this is not allowed.
[  316.492665][ T7202] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  316.492665][ T7202]    program syz.3.795 not setting count and/or reply_len properly
[  316.513369][ T7202] loop3: detected capacity change from 0 to 64
[  316.524342][ T7184] capability: warning: `syz.5.792' uses 32-bit capabilities (legacy support in use)
[  316.561669][ T4169] XFS (loop2): Unmounting Filesystem
[  316.578554][ T7189] syz.1.796 (7189): drop_caches: 2
[  317.912982][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  317.919559][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  317.939758][ T7216] kvm: emulating exchange as write
[  318.040053][ T7231] loop2: detected capacity change from 0 to 512
[  318.182462][ T7226] loop4: detected capacity change from 0 to 4096
[  318.273776][ T7231] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000000,minixdf,,errors=continue. Quota mode: writeback.
[  318.463153][ T7240] loop3: detected capacity change from 0 to 2048
[  318.736227][ T7231] ext4 filesystem being mounted at /165/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  319.277674][ T7243] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  319.325318][   T26] audit: type=1804 audit(2000000244.203:86): pid=7226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.807" name="/newroot/172/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  319.350877][ T7238] loop3: detected capacity change from 0 to 32768
[  319.381367][   T26] audit: type=1804 audit(2000000244.213:87): pid=7226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.807" name="/newroot/172/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  319.402846][    C1] vkms_vblank_simulate: vblank timer overrun
[  319.630711][ T7238] XFS (loop3): Mounting V5 Filesystem
[  319.824607][ T7238] XFS (loop3): Ending clean mount
[  320.332447][ T7263] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  320.332447][ T7263]    program syz.2.819 not setting count and/or reply_len properly
[  320.336996][ T4172] XFS (loop3): Unmounting Filesystem
[  320.352376][ T7263] loop2: detected capacity change from 0 to 64
[  320.424671][ T7274] loop1: detected capacity change from 0 to 256
[  320.528001][ T7274] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  320.643050][ T7274] exFAT-fs (loop1): hint_cluster is invalid (17)
[  320.675468][ T4243] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  320.719763][ T7277] loop2: detected capacity change from 0 to 1024
[  320.848509][ T7277] hfsplus: unable to parse mount options
[  320.925335][ T4243] usb 5-1: Using ep0 maxpacket: 8
[  321.231210][ T4243] usb 5-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  321.258132][ T4243] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.286856][ T4243] usb 5-1: Product: syz
[  321.291665][ T4243] usb 5-1: Manufacturer: syz
[  321.302295][ T4243] usb 5-1: SerialNumber: syz
[  321.308131][ T7283] loop2: detected capacity change from 0 to 4096
[  321.334678][ T4243] usb 5-1: config 0 descriptor??
[  321.395705][ T4243] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  321.505294][ T7296] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  321.538135][   T26] audit: type=1804 audit(2000000246.433:88): pid=7283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.826" name="/newroot/170/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  321.579965][   T26] audit: type=1804 audit(2000000246.433:89): pid=7283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.826" name="/newroot/170/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  321.632492][   T26] audit: type=1804 audit(2000000246.433:90): pid=7283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.826" name="/newroot/170/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  322.083906][ T7301] loop1: detected capacity change from 0 to 2048
[  322.983411][ T7300] loop1: detected capacity change from 0 to 32768
[  323.752246][ T7300] XFS (loop1): Mounting V5 Filesystem
[  324.041515][ T4243] gspca_sonixj: reg_w1 err -71
[  324.425302][ T7320] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  324.425302][ T7320]    program syz.2.833 not setting count and/or reply_len properly
[  324.445948][ T7320] loop2: detected capacity change from 0 to 64
[  324.457295][ T7300] XFS (loop1): Ending clean mount
[  325.268569][ T4243] sonixj: probe of 5-1:0.0 failed with error -71
[  325.439510][ T7336] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  325.439510][ T7336]    program syz.5.842 not setting count and/or reply_len properly
[  325.459959][ T7336] loop5: detected capacity change from 0 to 64
[  325.474881][ T4243] usb 5-1: USB disconnect, device number 4
[  325.485592][ T4168] XFS (loop1): Unmounting Filesystem
[  325.512506][ T7341] loop3: detected capacity change from 0 to 1024
[  325.577280][ T7341] EXT4-fs (loop3): Ignoring removed nobh option
[  325.725854][ T7341] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000002000000,abort,block_validity,init_itable=0x0000000000000006,block_validity,max_dir_size_kb=0x00000000000001ff,nobh,block_validity,mb_optimize_scan=0x0000000000000000,user_xattr,init_itable=0x0,errors=continue. Quota mode: none.
[  325.900374][   T26] audit: type=1800 audit(2000000250.793:91): pid=7341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.843" name="bus" dev="loop3" ino=18 res=0 errno=0
[  327.363438][ T7372] loop1: detected capacity change from 0 to 32768
[  327.521518][ T7372] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  327.966078][ T7384] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  327.966078][ T7384]    program syz.3.857 not setting count and/or reply_len properly
[  327.984916][ T7384] loop3: detected capacity change from 0 to 64
[  328.258377][ T7372] (syz.1.853,7372,1):ocfs2_read_blocks_sync:112 ERROR: status = -12
[  328.267173][ T7372] (syz.1.853,7372,1):ocfs2_get_suballoc_slot_bit:2709 ERROR: read block 47244640267 failed -12
[  328.277644][ T7372] (syz.1.853,7372,1):ocfs2_get_suballoc_slot_bit:2741 ERROR: status = -12
[  328.288815][ T7372] (syz.1.853,7372,1):ocfs2_test_inode_bit:2823 ERROR: get alloc slot and bit failed -12
[  328.288906][ T7372] (syz.1.853,7372,1):ocfs2_test_inode_bit:2864 ERROR: status = -12
[  328.288934][ T7372] (syz.1.853,7372,1):ocfs2_get_dentry:78 ERROR: test inode bit failed -12
[  329.289600][ T7398] loop5: detected capacity change from 0 to 2048
[  329.482050][ T4681] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  329.775555][ T4681] usb 2-1: Using ep0 maxpacket: 32
[  329.915620][ T4681] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  329.939927][ T4681] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0
[  330.235671][ T4681] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  330.263470][ T4681] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.279530][ T7417] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  330.279530][ T7417]    program syz.2.870 not setting count and/or reply_len properly
[  330.298745][ T4681] usb 2-1: Product: syz
[  330.299213][ T7417] loop2: detected capacity change from 0 to 64
[  330.323144][ T4681] usb 2-1: Manufacturer: syz
[  330.362966][ T4681] usb 2-1: config 0 descriptor??
[  330.415611][ T4681] usb 2-1: can't set config #0, error -71
[  330.435489][ T4681] usb 2-1: USB disconnect, device number 2
[  330.568246][ T4168] ocfs2: Unmounting device (7,1) on (node local)
[  330.695511][ T7411] loop4: detected capacity change from 0 to 32768
[  330.767919][ T7411] XFS (loop4): sunit and swidth options incompatible with the noalign option
[  330.837865][   T26] audit: type=1326 audit(2000000255.733:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.2.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13838f8d19 code=0x7ffc0000
[  330.949062][   T26] audit: type=1326 audit(2000000255.753:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.2.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13838f8d19 code=0x7ffc0000
[  330.981982][   T26] audit: type=1326 audit(2000000255.753:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.2.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13838f8d19 code=0x7ffc0000
[  331.063906][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.3.874'.
[  331.729389][   T26] audit: type=1326 audit(2000000255.753:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.2.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13838f8d19 code=0x7ffc0000
[  331.762342][ T7423] sctp: failed to load transform for md5: -2
[  331.817644][   T26] audit: type=1326 audit(2000000255.753:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.2.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13838f8d19 code=0x7ffc0000
[  331.891106][   T26] audit: type=1326 audit(2000000255.753:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.2.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f13838f8d19 code=0x7ffc0000
[  333.241248][ T7459] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  333.241248][ T7459]    program syz.3.883 not setting count and/or reply_len properly
[  333.261162][ T7459] loop3: detected capacity change from 0 to 64
[  333.809203][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.1.887'.
[  334.758207][ T7481] loop4: detected capacity change from 0 to 1024
[  336.301063][ T7504] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  336.301063][ T7504]    program syz.3.899 not setting count and/or reply_len properly
[  336.320801][ T7504] loop3: detected capacity change from 0 to 64
[  336.375717][ T7468] loop2: detected capacity change from 0 to 40427
[  338.669603][ T7512] syz.5.901 (7512): drop_caches: 2
[  339.081523][ T7545] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  339.081523][ T7545]    program syz.3.914 not setting count and/or reply_len properly
[  339.101253][ T7545] loop3: detected capacity change from 0 to 64
[  339.375850][ T7539] loop1: detected capacity change from 0 to 32768
[  339.717661][ T7560] loop4: detected capacity change from 0 to 4096
[  339.757850][ T7566] loop2: detected capacity change from 0 to 512
[  339.853323][ T7571] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  339.872935][ T7566] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000008,mb_optimize_scan=0x0000000000000001,stripe=0x0000000000000009,,errors=continue. Quota mode: writeback.
[  339.893220][ T7566] ext4 filesystem being mounted at /190/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  339.907985][ T7551] loop5: detected capacity change from 0 to 32768
[  340.073516][   T26] audit: type=1800 audit(2000000264.963:98): pid=7573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.921" name="file2" dev="loop2" ino=16 res=0 errno=0
[  340.122022][   T26] audit: type=1800 audit(2000000264.963:99): pid=7566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.921" name="file1" dev="loop2" ino=15 res=0 errno=0
[  340.320955][ T7577] netlink: 8 bytes leftover after parsing attributes in process `syz.3.926'.
[  340.551014][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  341.189555][ T7585] 
[  341.191940][ T7585] ======================================================
[  341.199095][ T7585] WARNING: possible circular locking dependency detected
[  341.206943][ T7585] 5.15.173-syzkaller #0 Not tainted
[  341.212321][ T7585] ------------------------------------------------------
[  341.219828][ T7585] syz.4.928/7585 is trying to acquire lock:
[  341.225870][ T7585] ffff888019f813d0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0xcf/0x1a0
[  341.237403][ T7585] 
[  341.237403][ T7585] but task is already holding lock:
[  341.244887][ T7585] ffff888019f80120 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x22d/0x530
[  341.254517][ T7585] 
[  341.254517][ T7585] which lock already depends on the new lock.
[  341.254517][ T7585] 
[  341.265224][ T7585] 
[  341.265224][ T7585] the existing dependency chain (in reverse order) is:
[  341.274254][ T7585] 
[  341.274254][ T7585] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}:
[  341.282014][ T7585]        lock_acquire+0x1db/0x4f0
[  341.287062][ T7585]        lock_sock_nested+0x44/0x100
[  341.292393][ T7585]        smc_listen_out+0x84/0x320
[  341.297554][ T7585]        process_one_work+0x8a1/0x10c0
[  341.303041][ T7585]        worker_thread+0xaca/0x1280
[  341.308454][ T7585]        kthread+0x3f6/0x4f0
[  341.313097][ T7585]        ret_from_fork+0x1f/0x30
[  341.318190][ T7585] 
[  341.318190][ T7585] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}:
[  341.328384][ T7585]        validate_chain+0x1649/0x5930
[  341.333776][ T7585]        __lock_acquire+0x1295/0x1ff0
[  341.339287][ T7585]        lock_acquire+0x1db/0x4f0
[  341.344646][ T7585]        __flush_work+0xeb/0x1a0
[  341.349700][ T7585]        __cancel_work_timer+0x519/0x6a0
[  341.355462][ T7585]        smc_clcsock_release+0x5e/0xe0
[  341.361133][ T7585]        __smc_release+0x3b9/0x530
[  341.366556][ T7585]        smc_close_non_accepted+0xd4/0x1e0
[  341.372630][ T7585]        smc_close_active+0x9f3/0xdb0
[  341.378454][ T7585]        __smc_release+0xa6/0x530
[  341.383495][ T7585]        smc_release+0x2d5/0x530
[  341.388714][ T7585]        sock_close+0xcd/0x230
[  341.393844][ T7585]        __fput+0x3fe/0x8e0
[  341.398663][ T7585]        task_work_run+0x129/0x1a0
[  341.404055][ T7585]        do_exit+0x6a3/0x2480
[  341.409362][ T7585]        do_group_exit+0x144/0x310
[  341.414580][ T7585]        get_signal+0xc66/0x14e0
[  341.419880][ T7585]        arch_do_signal_or_restart+0xc3/0x1890
[  341.426280][ T7585]        exit_to_user_mode_loop+0x97/0x130
[  341.432277][ T7585]        exit_to_user_mode_prepare+0xb1/0x140
[  341.438666][ T7585]        syscall_exit_to_user_mode+0x5d/0x240
[  341.444916][ T7585]        do_syscall_64+0x47/0xb0
[  341.450017][ T7585]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  341.456814][ T7585] 
[  341.456814][ T7585] other info that might help us debug this:
[  341.456814][ T7585] 
[  341.467642][ T7585]  Possible unsafe locking scenario:
[  341.467642][ T7585] 
[  341.475360][ T7585]        CPU0                    CPU1
[  341.480736][ T7585]        ----                    ----
[  341.486316][ T7585]   lock(sk_lock-AF_SMC/1);
[  341.491010][ T7585]                                lock((work_completion)(&new_smc->smc_listen_work));
[  341.500667][ T7585]                                lock(sk_lock-AF_SMC/1);
[  341.508140][ T7585]   lock((work_completion)(&new_smc->smc_listen_work));
[  341.515883][ T7585] 
[  341.515883][ T7585]  *** DEADLOCK ***
[  341.515883][ T7585] 
[  341.524288][ T7585] 2 locks held by syz.4.928/7585:
[  341.529403][ T7585]  #0: ffff8880683e1410 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: sock_close+0x98/0x230
[  341.539857][ T7585]  #1: ffff888019f80120 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x22d/0x530
[  341.549273][ T7585] 
[  341.549273][ T7585] stack backtrace:
[  341.555251][ T7585] CPU: 0 PID: 7585 Comm: syz.4.928 Not tainted 5.15.173-syzkaller #0
[  341.564041][ T7585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  341.574095][ T7585] Call Trace:
[  341.577379][ T7585]  <TASK>
[  341.580421][ T7585]  dump_stack_lvl+0x1e3/0x2d0
[  341.585122][ T7585]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  341.590853][ T7585]  ? print_circular_bug+0x12b/0x1a0
[  341.596056][ T7585]  check_noncircular+0x2f8/0x3b0
[  341.601087][ T7585]  ? add_chain_block+0x850/0x850
[  341.606133][ T7585]  ? lockdep_lock+0x11f/0x2a0
[  341.610829][ T7585]  ? reacquire_held_locks+0x660/0x660
[  341.616303][ T7585]  ? reacquire_held_locks+0x660/0x660
[  341.622229][ T7585]  ? _find_first_zero_bit+0xcf/0xf0
[  341.627642][ T7585]  validate_chain+0x1649/0x5930
[  341.632703][ T7585]  ? reacquire_held_locks+0x660/0x660
[  341.638193][ T7585]  ? __lock_acquire+0x1295/0x1ff0
[  341.643235][ T7585]  ? look_up_lock_class+0x77/0x120
[  341.648377][ T7585]  ? register_lock_class+0x100/0x9a0
[  341.653765][ T7585]  ? is_dynamic_key+0x1f0/0x1f0
[  341.658794][ T7585]  ? mark_lock+0x98/0x340
[  341.663584][ T7585]  __lock_acquire+0x1295/0x1ff0
[  341.668480][ T7585]  lock_acquire+0x1db/0x4f0
[  341.672987][ T7585]  ? __flush_work+0xcf/0x1a0
[  341.677580][ T7585]  ? finish_lock_switch+0x8f/0x100
[  341.682701][ T7585]  ? read_lock_is_recursive+0x10/0x10
[  341.688076][ T7585]  ? __switch_to_asm+0x34/0x60
[  341.693030][ T7585]  ? __schedule+0x12cc/0x45b0
[  341.697709][ T7585]  ? __switch_to_asm+0x34/0x60
[  341.702517][ T7585]  __flush_work+0xeb/0x1a0
[  341.706936][ T7585]  ? __flush_work+0xcf/0x1a0
[  341.711527][ T7585]  ? flush_work+0x20/0x20
[  341.715948][ T7585]  ? print_irqtrace_events+0x210/0x210
[  341.721416][ T7585]  ? __cancel_work_timer+0x467/0x6a0
[  341.726795][ T7585]  __cancel_work_timer+0x519/0x6a0
[  341.732192][ T7585]  ? cancel_work_sync+0x20/0x20
[  341.737051][ T7585]  ? mark_lock+0x98/0x340
[  341.741922][ T7585]  ? __local_bh_enable_ip+0x16c/0x1f0
[  341.747406][ T7585]  ? __smc_release+0x3b1/0x530
[  341.752393][ T7585]  ? _local_bh_enable+0xa0/0xa0
[  341.757368][ T7585]  ? do_raw_spin_unlock+0x137/0x8b0
[  341.762753][ T7585]  smc_clcsock_release+0x5e/0xe0
[  341.767713][ T7585]  __smc_release+0x3b9/0x530
[  341.772306][ T7585]  smc_close_non_accepted+0xd4/0x1e0
[  341.777632][ T7585]  smc_close_active+0x9f3/0xdb0
[  341.782730][ T7585]  __smc_release+0xa6/0x530
[  341.787240][ T7585]  smc_release+0x2d5/0x530
[  341.791659][ T7585]  sock_close+0xcd/0x230
[  341.795958][ T7585]  ? sock_mmap+0x90/0x90
[  341.800200][ T7585]  __fput+0x3fe/0x8e0
[  341.804187][ T7585]  task_work_run+0x129/0x1a0
[  341.808783][ T7585]  do_exit+0x6a3/0x2480
[  341.812953][ T7585]  ? put_task_struct+0x80/0x80
[  341.817735][ T7585]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  341.823804][ T7585]  do_group_exit+0x144/0x310
[  341.828405][ T7585]  ? lockdep_hardirqs_on+0x94/0x130
[  341.833607][ T7585]  get_signal+0xc66/0x14e0
[  341.838031][ T7585]  arch_do_signal_or_restart+0xc3/0x1890
[  341.843671][ T7585]  ? futex_exit_release+0x1e0/0x1e0
[  341.848884][ T7585]  ? read_lock_is_recursive+0x10/0x10
[  341.854271][ T7585]  ? get_sigframe_size+0x10/0x10
[  341.859303][ T7585]  ? __lock_acquire+0x1ff0/0x1ff0
[  341.864439][ T7585]  ? __sys_connect+0x179/0x410
[  341.869216][ T7585]  ? exit_to_user_mode_loop+0x39/0x130
[  341.875014][ T7585]  exit_to_user_mode_loop+0x97/0x130
[  341.880394][ T7585]  exit_to_user_mode_prepare+0xb1/0x140
[  341.885987][ T7585]  syscall_exit_to_user_mode+0x5d/0x240
[  341.891569][ T7585]  do_syscall_64+0x47/0xb0
[  341.896603][ T7585]  ? clear_bhb_loop+0x15/0x70
[  341.901422][ T7585]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  341.907508][ T7585] RIP: 0033:0x7f4855b0fd19
[  341.912015][ T7585] Code: Unable to access opcode bytes at RIP 0x7f4855b0fcef.
[  341.919397][ T7585] RSP: 002b:00007f48539800e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  341.927912][ T7585] RAX: fffffffffffffe00 RBX: 00007f4855cfffa8 RCX: 00007f4855b0fd19
[  341.935902][ T7585] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4855cfffa8
[  341.944232][ T7585] RBP: 00007f4855cfffa0 R08: 0000000000000000 R09: 0000000000000000
[  341.952213][ T7585] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4855cfffac
[  341.960205][ T7585] R13: 0000000000000000 R14: 00007ffe47d83c60 R15: 00007ffe47d83d48
[  341.968472][ T7585]  </TASK>
[  344.815265][   T23] Bluetooth: hci4: command 0x0406 tx timeout