last executing test programs:

1m31.574520425s ago: executing program 4 (id=66):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x100002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)={0x1, 0x0, [{0x1, 0x0, 0x1, 0xfffffffc, 0x4, 0x80000000, 0x5}]})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000f00)={0x1, 0x0, [{0x1b1, 0x0, 0xffffffffffffff7d}]})

1m30.666658782s ago: executing program 4 (id=70):
r0 = socket$inet(0x2, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)

1m30.065458193s ago: executing program 4 (id=73):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x4, 0x3fa, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nyUt2nfxFq/2qrTBjGgJk2iQsBNRUVBcKE7FxKaaSlOmtKM2BYXKoKr4saVrlzpH+DGhSDuXQmudC+FIMW1jNyZe5txMhMzyYyjvb8fTHLO3DOc88yZZ+bcc2cCKK1K9ieJOBIRP0fEdKv61waV1r/fb793Prsl0Wi8/lvSbJfVi6bF46byylwakX6UxMku/W5ev/H2aq1WvZrXF+rrVxY2r9946tL66sXqxerl5ZVnzi4trzy7sjywWG/ePvXTxuev/fHJmV+mnr/51gvZeI/kx9rjGJRKVKKR6zz22KA7G7GjbeVkfIQDoS9jEZFN10Qz/6djLLYnbzpe/HCkgwOGKvtsOtT78PsN4C6WxKhHAIxG8UFfnNsP4zz432zrXOsEaGf845HmbSY6zm8HKTvbuvbmx99mtxjSPgQAQLvvsvXPk93WP2nc39bu//m1oZmIuCcijkXEvRFxPCLui2i2fSAiHuyz/0pHfef6J721r8D2KFv/Pdd1/Vus/mJmLK8dbcY/kVy4VKuezZ+TuZg4lNUXd+njx1e++rLXsUrb+i+7Zf0Xa8F8HLfGOzbo1lbrqweJud3WBxEnuq5/kztXApKIeCgiTuyzj2/ONT7rdezv4x+uxhcRj3ed/+2roMnu1ycXmq+HheJVsdOpd6+s9ep/1PFn83949/hnkvbrtZv99/H1zOmtXsf2+/qfTN5olifz+66t1utXFyMmk1d33r+0/diiXrTP4p+b7Z7/x2L7mTiZzWNEPBwRj0TEo/nYT0fEmYiY3SX+l2Zfru4//uHK4l/ra/77L6wvff9Dr/73Nv9PN0tz+T17ef/b6wAP8twBAADAf0Xa/A58ks7fKafp/HzrO/zH43Ba29isP3Fh453La63vys/ERFrsdE237Ycu5nvDRX2po76c7xt/Ova/Zn3+/Eat56YY8I+Y6pH/mV/HRj06YOj8XgvKS/5Decl/KC/5D+Ul/6G85D+Ul/yH8pL/UF7yH8pL/kMpHeR3/QoKCndrYdTvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPxZwAAAP//jYTnFQ==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0xa00}])

1m29.422427977s ago: executing program 4 (id=76):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

1m29.026834997s ago: executing program 4 (id=78):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="d80000001c0081044e81f782db44b904021d08020e0000008100e0a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d80000001c0081054e81f782db44b904021d08040e000000100d10a118000c000600142603600e1208000f0000810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee0800080e408e8d8ef52a98516277ce06ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad8099639cace81ed0bffec193e2a9ecbee5de6ccd4d6e4ed6f3d93452a92954b43370e970189", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)

1m28.572574251s ago: executing program 4 (id=79):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000772904202404019957c2010203010902240001000010000904430002317d5500090502020002020000090582020002"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000340)={0x0, 0x1b, 0x4, "6baf814f"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1m27.966580732s ago: executing program 32 (id=79):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000772904202404019957c2010203010902240001000010000904430002317d5500090502020002020000090582020002"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000340)={0x0, 0x1b, 0x4, "6baf814f"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

28.122424096s ago: executing program 0 (id=432):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000d40)='freezer.state\x00', 0x275a, 0x0)
r1 = fspick(r0, &(0x7f00000000c0)='.\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

26.151367708s ago: executing program 0 (id=444):
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000440)='.\x00', 0x10000823)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1)

25.965860267s ago: executing program 0 (id=437):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
readv(r0, &(0x7f0000000240)=[{&(0x7f0000000940)=""/4100, 0x1004}], 0x1)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})

25.392619928s ago: executing program 0 (id=446):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x10, &(0x7f0000000100)={[{@dioread_lock}]}, 0x5, 0x7e5, &(0x7f00000018c0)="$eJzs3ctrW9kZAPDvyvKjTlK7UGjSlaHQGoLlOnWTFrpI6aIUGgi06yZCVkxq2QqWHGJjSEMpdFNoQxeFdpN12qa7btuZ7cy/MLMZhiEhM+OESZjF4OHqEcu25MgZWZqJfz+49jn3oXO++zj3yPdwHcCxNZX+yESciYg/JxETjflJRAzXUtmIi/X1nm1tFtIpie3tX32U1NZ5urVZiJZtYnw8TjQypyPijT9EnM3sL7eyvrGUL5WKq438bHX5xmxlfWPm+nJ+sbhYXDk/Nz9/7sIPL4z2LtZP3t44+egvP//evy9++vtvPfjTm0lcjJONZa1x9MpUTNX3SQynu3CXn/W6sAFLBl0BXkl6aQ7Vr/I4ExPZGOl+2+xRVgwAODK3I2IbADhmEvd/ADhmmn8HeLq1WUin7duD/XtEvz3+aUSM1eNvPt+sL8k2ntmN1Z6Djj9Ndj3vSCJisgflT0XEP/77m3+mUxzRc0iAdn53JyKuTk412/+d9ifZN2ahrvsBGd9vJg4YHDC1J6/9g/75X9r/+dFO/2/n+su86P9Em/7PaJtr91VMxe4RJ/uv/8zDHhTTUdr/+8nwzti2Zy3xN0wONXKnan2+4eTa9VIxbdu+HhHTMTya5ufaf3xteNn0k8+e7JrbEnFr/+/ju7+9n5af/t5ZI/Mwu6fJXchX872IPfX4TsS3s+3iT14c/6RD//dyl2X84sd//HunZWn8abzNaXf8Rz+qbPtexHejffxNyUHjE8/P1k6H2eZJ0cZ/3vvbeKfyW49/OqXl178LnOp9sG2kx3/84Pgnk9bxmpXDl/HWvYn/d1rWOf6m9uf/SPLrWrp5Kd3KV6urcxEjyS/3zz+3s20z31w/jX/6O+2v/4PO//Q74dUu488++vBfL42/OWNf/A1jXRZ2SGn8C4c6/m0T6VfhDovypQfPloY6ld/d8Z9PE0PTjTndtH8da5ovlUZa1nnlHQcAAAAAAAAAAAAAAAAAAAAAAAAAh5CpvaQ0yeRepDOZXC5q/8P7mzGeKZUr1bPXymsrC/WXmU7G8GhE1F51OdHyPtS5xvvwm/lze/I/iIhvRMRfR79Wy+cK5dLCoIMHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIYTHf7/f+qD0frv5wOtIQBwJMZeusaTYl8qAgD0zcvv/xExevT1AAD6p6v7PwDwWnH/B4DjZywz6BoAAP02FpEddB0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4rV2+dCmdtp9vbRbS/MLN9bWl8s2ZhWJlKbe8VsgVyqs3covl8mKpmCuUl1s2fafd55XK5RvzsbJ2a7ZarFRnK+sbV5bLayvVK9eX84vFK8XhvkUGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN2rrG8s5Uul4mojcX88YvecPiWGGhXq5SfPnOx3FP1IbE/U99SXpT49T4ztnfP+zLunD9rq7r7TWOILJwbZKgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8dXweAAD//9GqGUs=")
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000100)='./bus\x00', 0x80, 0x0, 0x1, 0x0, 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x0, 0x0, 0x1)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]})

24.679324314s ago: executing program 0 (id=454):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000080)='./file1\x00', 0x810, &(0x7f0000000340)={[{@compress}, {@nodatacow}, {@usebackuproot}, {@usebackuproot}, {@metadata_ratio={'metadata_ratio', 0x3d, 0x6}}, {@autodefrag}, {@space_cache_v1}, {@max_inline}]}, 0x3, 0x5139, &(0x7f0000005140)="$eJzs3U+IVVUcB/Dz5s04k4LzEgJbZRFItXBwExHRUyaoKHrlYjACJxdBunASJFoIYkT/Fr6SohaSK6lFMgsjqI0LKYzAbWiYCzeKgeSincZ7957ne+fOu+/NaM6Un0/M3Hve757zzrvcxXxfnnsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhBBe+P2zw2X109enz56fqe86uGXmyv7pdWdCqLRfr+T1HVuffeWNbTtenIgdZl/OtrVavyGzrheyxqqeF1v9en9eDyGMJQNU8+0zawqjdu/uLQ5Y6salPcc27atvPHGkWb12+dyp4kenZWK5J7Bc8uvq4s1rqd7+PZIc0Wl3XXqVnks0659ecHfkQwAAizLVaG86f47mf+J22gfSetKuJ+1m0o5/ITS7G0uRjbuq3zw3pPVlmmc9iwrjfeeZ1PPz32k30v5JO4kai5hn76F5pJnoN8+5pL5c8wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYSR55a/Shsvrp69Nnz8/Udx3cMnNl//S6MyHU2q9XsnJl9ftH6n99u/X4wR83f3Xi4vOPVfN+cTvadXD4Le48MRnCzq7KxTjspbUhNHoL7Wb4slh4s73zXF6o3Pq5AAAAYOW4v/17pNPOYt9YT7vSTpOV9n9RFhZvXNpzbNO++sYTR5rVa5fPnVr6eI0+49UXHK/Trt38qfSE1tqC43WF2nx3b2GccumIaZ5//MLU32X9C/m/Vp7/45m74/m/xHs7B50lAAAAVhr5Px2n3KD8/91rf3xS1r+Q/zf0vGUh/8cZx/w/EpaW/wEAAGAlu4X8PzJM/q8Xxik3KP+PvzT2dVn/Qv6fGi7/j3ZPO774a5zw7skQpgZNHQAAAOgj/n/3m18txLyefXOQ5vWnHj10vmy8Qv6vD5f/x27rpwIAAABuxdEvtj9cVi/k/8Zw+X/8X501AAAAsBhvfzjxQVm9kP9nh8v/q/NtvvIh6/RT/FcIhydDmGjtzGWFn0Pz6U4BAAAAuE1iTv/z010/lB1XyP9z5ff/j3c6iOv/e+7/V1j/31XI7vr3pBsDAAAAcDcqruePt8fPnlzQ7/n7w67/f+CeQ6+WvX8h/x8YLv9Xu7e38/l/AAAAsAT/tef/bS+MU27Q/f/v++idXxbsmC/gL+T/5nD5P27XdH+8k5VKdn7enQxhfWsnv5vgN/FddyeF+bGuQnbikx7bYo+8MD/eVWibS3psngzhwdbOgaRwbyw0k8LVtXnhaFI4Ewv59dApHE8KJ+OV9vnafLpp4ftYyBdYzMcVFGs6SyKSHtf69WgVFuxxrvPmAAAAd5UYnvMsO9bbDGmUna8MOmD1oANGBh1QHXTAaHJAemC/18NsbyG+3jy7cXHP/z86XP6Pp2JVtum3/j/E9f/5cw076/9nY6GWFOZjoZHeMaAR3yMLux/H96g18h5X13cKAAAA8L8WvxeoLvM8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/2LvXGLmu+gDgZ5+zL+9uAhUhRbBAHeOC12s7PNSmYp2mKgqlrEtKVCGKjb0OizfY2E7BESDHBqUogqYlEnxoFEcI1fmQ1CJBgSZR3EgYRc0DpWpEEiUirRNEFJoGUChEwtXsvWf2zrk7D9u7jjf9/STvnJn/edxz5uE59945FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+fzj6pc/8bbP4/b+95PGnLp/85IGNlz//+UvOfTiEqbnHO7Jwx8C1N07+/NaLbztw1/qb7jh+6dt783J5PAxW/3Tmd74Yaz2+IoQ7O0LoTgNrhrJAT35/KNb3hqEQzgnzgVqJ6YGsRNpw+H5/CIfCfKBW1ff6QxgqBC575L57v1JN3NAfwsoQQiVt48lK1kZ/GrigNwsMpIGd3VngVycytcB3O7MAnLb4Zqi96I9M1WcYXbhcg9dfz6Jt2Csr7V5XTIw2zvezjUu8UQW96QNTp/W0lapjSZTeHke925bBu600ztd72opfpPJvKCfmQ5XQuW16+5arZvfGRzrD+HhXo5qW6Hl+7MXPbT2Z9LJ5HcYNGF2U1+FXH1p5a9fqDzx4x5qVzx5+x8HnTnczf1QY0mJ6qVVC/ppbNs9jNOnzZBm8/UrfksZ86QohbP/E732wWbw0/x9tPv+PL+d421mXO9b68nA2N4+PDMXEC8PZ3BwAAACWjeWw13Tn+D3vKRQfqST1leb/Y+0d/4+H/PPJfNbboyFMziUOjoRw3tzjWeCW2NzHR0J481xqqj6wMQkcDeH1c4nVtaqSEn2xxFgS+MlwHphMAsdiYCoJfCsGrk8CX4yBI0lgawwcTQIXx0CYqe/H7w/n/Wg70B8Dm7NBPBLPQvjFcGwtGasnalUBAAAsknx22FN/t3Cuw+lmiNPLI/2tMsQzsBtmqCQ1pDPY2rSqYQ3drWrobFVDrd/7m3e/VHNHq5pLp2F01Ge48Zd/86HQRGn+P9F8/l9ZYEM6Ssf/Q9g09zfm7swjs7X45qm6DAAAAMBpGPzfp7/ZLF6a/0+2d/5/3CfSVcgcHoi7IXaMhDBRH8iq/cNyIDvqPZgHAAAAYDmoHY+vHQufyW+zU7TT+XQ5/9RJ5o8H/icXzN979O7Nzba3NP+fau/8/4H622wjjsWt+NpICH2FwA/iVlYDc8Zi4MfvrQ/k/T8WB+C6WFV+YkKtqutiic0xMJEEDjUq8cNaifPqA/mTVWv8YK0fM3mJQgAAAADOuLg7IB6Xj+f/v+U36z/TrFxp/r/55M7/n5sHl07vnx0MYW13CF3pDwMeGMgWBoyBoY48cc9AVldXWtU1AyFcVO1YWtXT+fr/3ekag4/0Z1XFwHlvOfziBdXEN/tDWFsMPPqRm99ZTexNArXG/7I/hDdVe5s2/p2+rPGetPGv94XwxkKgVtXH+0KoNtabVnVfJb+OQVrVP1dCeE0hUKvqXZUQ9gUAlqn4X+m24oN79l29Y8vs7PTuJUzEffj9YfvM7PT41p2z2yoNtmlbss11yxhdU+5Tu1e+eSJfoujDt28aaidd+53gRLGtfD9+6cTB/H78LtQz18/1PXV3N6Rdfttby02EwjepRl3uXOIuDxQrmX8SS/XH/L1hMPRdtWd69/hnt+zdu3td9rfd7Ouzv/EwUzZW69KxGlho29p4eTRcLStxqmO1qljJ2r1X7lq7Z9/Va2au3HLF9BXTn1r3rvUTF05smHj3hWurvZrI/rbo6qqFqk66euLmNvu1iF09v7tQyZn41JCQkFhuiZ2Dq5r+n1ya/+9qPv+Pnzrxkz9fn6HR8f/ReJg/e3z+MP/mGDjU7vH/0UZH82snBowlgf0xsN9hfgAAAF4d4iQ/7s2Me6V/uvo7zzYrV5r/72/v9/+LtP5/ben6Sxst8786lphotP5/usx/bf3//Y3W/0+X+a+t/3/oFVj//6paIBmSX1j/HwAAeDU4c+v/t1zeP71AQClDy+X90wsElDK0XMa/3QsEnPT6/0/+51/9d2iiNP+/vr35v4X7AQAA4OzxhT/7zO80i5fm/4fam/+f+fX/QqPz/8caBaYaLQxo/T8AAACWqUbr/41eO/CxZuVK8/8j7c3/42kXnXW5Y60vD2dr2oV0TbsXhms/GQAAAIDloTOMj/e0mbduZdSNp97mY/lSoM3SRU//yfGTO///aHvz/7rfZXz1oZW3dq3+wIMv37Fm5bOH33Hwufnj/wAAAMDSaXe/BAAAAAAAAAAAAAAA8Mp7+j8ObGgWL/3+P2yae7zR7//jdf/i7wteW5c71tp6/b/8/mXvv23f3JKFDwyH8NZiYMeBHeeE/Nr8q4qBez+6+nXVxIG0xN1PXfxMNfGxNPC+Nee+VE1clAQ2x0USX58G4lUVX1qRBOLyiv+eBuJ4HEkDvXngyyuyfnSkY/XToWysOtKxenwohJFCoDZWdw5lbXSkHbwhCdQ6+Ok0EDv453mgM92q2wazrYqBoVj0psFsqwAAOGvFb4E9YfvM7PRE/Aofb8/vrr+N6pYsu6ZcbUebzT+RL0324ds3DbWT7kq/i85fa7wnVKpdWFf6ulrM0jHXy8WppcXQvbZBl1ut9tbZoFzqZIeut3GP+rMejW/dObutp2XHN7TOsr67ZZZ1pclOMUvn3JC2UUsb29JGj9ocmzY2Od7vDOPjXUmuP4jB0VCn1Sui3d/rF9f5a/QqKOb51PGDv2pWX2n+P9re/L9S7NdL+cUA9scr6/3diGX+AQAAYGl9eeOvvxH/feja+x9tlrc0/x9rb/4f92Dlh4KzvR1H4/X/D46EMHdp/dEscEts7uMjIbx5LjUVS2QX1L80lpjIArfEHSarY4nNU/VV9cXAkSTwk+E8cDQJHIuBfC/F4ZDvyvn74RDeOZfaVF9iVywxmgQ+GANjSWA8BiaSwIoYmEwCz6/IA1NJ4N9iIMzUj9XtK/KxAgAAOBn5PKun/m5I53lHultl6GiVYaBVhs5WGSpNM/SEI416Ee9/O2bo6SiPQnyoJ222P6mllCFeDL/hhrcc3drh/x/W50wLlpqO5x/UzjfoqM9w13u6K6GJ0vx/or35/0D9bdb6sTj/n7/+Xxb4Qdy8r8VTx8di4MfvrQ/kOwaOxcnudbWqpvIS+aT9ulhiMgbGksCuGJhMAps35YFDr6sP5DPtWuMHa43P5CUKAQAAADjj4g6CuJsmzv9v2vOlwWblSvP/yfbm/7G9wWJjX4y1Hl8Rwp0d81tTC6wZygJxP8ZQ/Hn8G4ZCOKewg6NWYnogK9GbNBy+35/9Qr03rep7/dmPD+L9yx65796vVBM39IewsrD3pdbGk5Wsjf40cEFvFhhIAzu7s0Dc8xMDlepY3NnuL6OgmdpewfiCyk91qRlduFyD19+r5ZqgafdK+0AXyLfQb66WSmmHa75Ptebknram+29ZNKW3x1HvtuX4bhv1bit+kcq/oZyYD1VC57bp7Vuumt0bHyn+krVkiZ7n4q9U20kvwutw/6lvbWuVdAMmko+PiYXLLfw67IjVffWhlbd2rf7Ag3esWfns4XccfK7tzWgg/lD4vs//69CPCsO71Cohf80tu8+TKZ8ny+K/geTdPeZpCyFsev7r1zWLl+b/U+3N/7uT2zm/joO5ZySEtxUG94E4/H88kn0OFgLZp+RryoHskPt/DTf85AQAAIDFVtvdUdtfMJPfZieEp/Pkcv6pEE6MnET+uL9icsH87W73wF9/dGWzeGn+v7n5/L8v2UzH/+uO/4fvOv7PYnH8f0Fn+67ovvSB/ae1K7qvWRkWjeP/Czrb322O/y/I8X/H/xfi+H8Ljv8v6Gx/2kpfunYtwpeu5e/ZP7rn8Wbx0vx/V3vz/2W0/l/tYhtLsf5fumhfbf2/zY3W/9vVaP2//db/AwAAllSDhebSeV5p9b5ShnT1vlKGlgsEtlxisPn6f03W2XvVrP9XGtRW6/89c/6TvwlNlOb/+9ub/8eXw2Cx9eWy/t/YpgZVXR8DuywMCAAAwNmo0b4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXll3/cP/bGsWv/+3lzz+1OWTnzyw8fLnP3/JuQ+HMDP3eEcW7hi49sbJn9968W0H7lp/0x3HL317JS/Xk9/+bl3uWOvLwyEcKjwyFBMvDFfvzAcue/9t+7qriQeGQ3hrMbDjwI5zqolvDYewqhi496OrX1dNHEhL3P3Uxc9UEx9LA+9bc+5L1cRFeaAj3dx/XJFtbke6uV9ZEcJIIVDb3E+uqK+q1saf5oHOtI1/GsraiIGhWPQbQ1kbMTAbS8z0hbC2O4SutKr7K1lVXWlV/1LJqupKq/pCJYSLQgjdaVVP9WZVdac9f7g3qyoGznvL4RcvqCYO9Yawthh49CM3v7Oa+HQSqDX+F70hvKn6kkkb/3ZP1nhP2vgNPSG8MYTQm5b4ZXdWojct8XR3CK8pBGqNf6I7hH2BV4X44VP3ibZn39U7tszOTu9ewkRv3lZ/2D4zOz2+defstkqyTY10FNInrjn1vj/x4ue2Vm8/fPumoXbS3Xm5nrlNXt9Td3fD2b71cbsGipXMPx+l+mP+3jAY+q7aM717/LNb9u7dvS7722729dnfrjyajdW65TJWq4qVrN175a61e/ZdvWbmyi1XTF8x/al171o/ceHEhol3X7i22quJ7O9idPXmM9/V87sLlZyJDwAJCYkmic6zYzPqE511n24TZ/sHeemL/vyG9oTK3Ad0aVpRzNIx18vF6PTGU+zxqXxPadmjdaWJQynL+gWyXFOfZUNpMjFfS3+WZe57XWlyWGysc25I4/3OMD7e1WgcRuvvFof3Z6cxvI/lQ9duGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMClAAAA//9xiSRo")
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6000, 0x0)
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x90009427, &(0x7f0000000180))

23.468597197s ago: executing program 0 (id=461):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x24, r1, 0x990, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x8}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x401}]}, 0x24}, 0x1, 0x0, 0x0, 0x8090}, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}}, 0x28}}, 0x0)

23.136049134s ago: executing program 33 (id=461):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x24, r1, 0x990, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x8}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x401}]}, 0x24}, 0x1, 0x0, 0x0, 0x8090}, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}}, 0x28}}, 0x0)

8.372551897s ago: executing program 2 (id=548):
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0xc03, &(0x7f0000008040)=ANY=[], 0x2, 0x5fbf, &(0x7f0000002080)="$eJzs3VtvHGf9B/DfHrw+9N/U6kWVf8QhTTm0lCaNkzYtp6ZC4gIEVKpyn8i4VYQLKAkVrSzsKhL3SFyj8iK4BqHeIBWJl8AbiGT3hghEBo39PM54vPbaJN5Zez4fyZn97TPjfSZfj2fXc3gCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjvf+/ti52IuP5+emI+4v+iF9GNmC3rs/HXiNX7ef5+RJyOzeZ4JiJOTUeUy2/+81TE5Yj49FTE+sbKYvn0wgH78cpb9/72w7d/tPbbL/7l7//+5Pd/qre/9cl3f/DH1Yj507/53X9WH8+6AwAAQFsURVF0Nj/mR5xJn++7TXcKABiLvP8vkvy8Wv0odT92aro/arVard6tGG61WkTEWnWZ8j2Dw/EAcMysxf2mu0CD5N9q/Yh4oulOABOt03QHOBLrGyuLnZRvp7o/OLvVns8F2ZH/Wmf7+o69pqPUzzEZ18/X3ejF03v0Z3ZMfZgkOf9uPf/rW+2DNN9R5z8ue+U/2Lr0qXVy/r16/jUnJ//u0PzbKuffP1T+PfkDAAAAAMAEy3//n2/4+O/0o6/Kgex3/PfsmPoAAAAAAAAAAI/bAcb/Kx9czfPXx//bZvw/AAAAmFjlZ/XSx6cePrfXvdjK5691Ip6szQ+0TLpYZq7pfgAAAAAAAAAAAABAm/S3zuG91omYiogn5+aKoii/qur1YT3q8sdd29cf2qzpX/IAALDl01O1a/k7ETMRcS3d629qbm6uKGZm54q5YnY6v58dTM8Us5XPtXlaPjc9OMAb4v6gKL/ZTGW5qlGfl0e1179f+VqDoneAjo1Hg4EDQERs7Y3W7ZFOmKJ4Kpp+l8PxYPs/eWz/HETTP6cAAADA0SuKouik23mfScf8u013CgAYi7z/rx8XUKvVarVaffLqqmK41WoREWvVZcr3DIbjB4BjZi3uN90FGiT/VutHxOmmOwFMtE7THeBIrG+sLHZSvp3q/iCN757PBdmR/1pnc7m8/LDpKPVzTMb183U3evH0Hv15Zkx9mCQ5/249/+tb7YM031HnPy575V+u53wD/Wlazr9Xz7/m5OTfHZp/W+X8+4fKvyd/AAAAAACYYPnv//OO/+ZVBgAAAAAAAIBjZ31jZTFf95qP/39uyHyu/zyZcv4d+bdSzr9bz792Qk6v8vjemw/z/2xjZfHj/7/yhTyd+PyneoPytac63V5/65yff+Zbmy7Fy7vmL+cppt6Jm7EcS3FxV/vUjvaFEe2XdrUPyvbZ3H4+FuPnsRw/2W6fHnFi1MyI9mJEe86/Z/tvpZx/v/JV5j+X2ju1aeneR91d2311Oux1rv74wZXdW9f43Y3e9rpVlet3roH+bP6fPDGIX95eunX+Vzfu3Ll1MdJkx7MLkSaPWc5/Kn3l/J9/bqs9/96vbq/3PhocOv9JcTf6e+b/XOVxub4vjLlvTcj5D9JXzj/vgYZv/8c5/723/xcb6A8AAAAAAAAAAAAAAADspyiKzUtEr0bEq+n6n6auzQQAxivv/4t8M4xErVar1Wr1yauriuHeqBYR8efqMuV7hl8P+2YAwCR7EBH/aLoTNEb+LZbv91dOv9R0Z4Cxuv3Bhz+9sby8dOv2/7J00Xv8PQIAAAAAAAAADiuP/3m2Mv7z5nlAtXGjd4z/+mac/WxjZfH9+X99/tiN/9kd9DbHOk8r9GxUx+fePULxudh//O/+iNebGtE+GNE+PaJ9ZkT70As9KnL+z6aMc/5n0ortN/5rzr8+HfGSjdpv/NfnG+hP03L+59JYzzn/r9bmq+Zf/OE4j//b3ZH/hTvv/eLC7Q8+fOnmezfeXXp36WeXLi+8fnHhyuXXXr7wzs3lpfRvgz0+Wjn/PPa180DbJeefM5d/u+T8v5xq+bdLzv8rqZZ/u+T88/s9+bdLzj9/9tnO/0Gz/WI8cv4vpNr23y45/6+lWv7tkvN/MdXyb5ec/9dTLf92yfm/lGr5t0vO/3yq5d8uOf8LqZZ/u+T88xEu+bdLzj+f2SD/dsn5L6Ra/u2S87+Uavm3S87/cqrl3y45/1dSLf92yfm/mupD5O/eXydAzv9Kqm3/7ZLzfy3V8m+XnP/rqZZ/u+T8v5Fq+bdLzv+bqZZ/u+T8v5Vq+bdLzv/bqZZ/u+T8vxMPLyaVf3vk/N9Ite2/XR7e/98DDzzwID9o+jcTAAAAAAAAAAAAAFA3jtOJm15HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe3cXI1d53w/87Ju9NsTeJIbwYmBtDBhYvOsX/PL/18FASCm0DSGBvpEa116bTfxWr00AIbERNEUCqVxwQSslBYSqXKQKahM1SDSiUqU2vWmv2psqrdSoQlGonKg3jQquzpzneTwzOzuz6921Z875fBD+eWfOzDx75szsfsf6zgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQb8O9k3/Yl2VZ/n/tj5Esuzz/+6psX/7lzM5LvUIAAABgsT6s/fnttemEffO4UN02f3f9P3733Llz57LsT9Z96tV8BqNZtmZllhXnBcM/OdmwTfB8NtzXX/d1f4ebH+hw/mCH84c6nL+iw/krO5w/3OH8WTtgllXF6zG1K9tU++tIsUuzddlQ7bxNLS71fN/K/v74Wk5NX+0y54YOZ1PZ0Wwym5h1mb7af1n27ob8tu7P4m31193W+izLzv7s2YNxDX1hH2/KGm6spv6+++DubPTnP3v24JMjv7iu1ey4G2atNMs2b8zX+UKWnX+5KuvLVqZ9EtfZX7fO9S3WOdCwzr7a5fK/N6/z7DzXGb/v4bDOf2qzzvXhtKduzLJsJptzm2bPZ/3Z6qZbTft7uDgi8uvI78pPZIMLOk42zOM4yS/z4xsbj5PmYzLu/w1hnwzOsYb6u+ODr62Ytd8v9DjJv+tuOFbz634ov9Hh4fqXVhuO1XybZ2+a+xhoed+1OAbSsVx3DGzsdAz0rxioHQP959e8seEY2DrrMv1ZX+223r+p/TEwfvrYyfHpp5+5Y+rYgSOTRyaPb9+xbc/Wbbt27J4YPzx1dDL8ubBd2kNWZ/3pGNwYnmviMXhL07b1h+S5N4rHwetX77q+1VzIGoaX6HGwmDVk4Xj54s35gi7vz+Y4xvNtXti8+MdB+rlf9zgYrHsctHxObfE4GJzH4yDf5uzm+f3MHKz7v9UaWj0XLsUxMFJ3DCzm52H9Gi7k52F+m4/dOvdz4fqwrhdvW+jPw4FZx0D8tvrCYy8/Jf2+N7w77JfZx8U1+RmXrcjOTE+e2vLUgdOnT23NwrgoPll3XzUfL6vrvqds1vHSv+DjZd/nPtp1TYvTR8K+Gr69/X2Vb7NjrP19VXt2b70/G07dloWxxC72/mz10yzfnylLtNmf+TYv3LH43wVTLql7/hvq9Pw3MDRYPP8NpL0x1PD8N/uuGaitLMvO3jG/57+h8P/Ffv5b1yXPf/m+emxL+2Mg3+bF8YUeA4Ntn/9uDLMvrOfWkBiG63L/R7XzZ4rDtO6+7HjcDA4OheNmMN5i43GzfdZl8mvLb3vzxIUdN5tvbLyvGn5vKeFxk++rVyfaHzf5Nu9tXfxzx6r417rnjhWdjoGhgRX5eofSQVA8351bFY+BLdnB7ER2NDuULpPfy/ltjW2b3zGwIvx/sZ87ruqSYyDfV69ta38M5Nv87fal/d1pczglbVP3u1Pz6wtzZf5rBs9fX/NuW+rMn6/zMzvavzaUb/PTHQvNGe330+3hlMta7Kfmx89cx/ShrPN+WqpjOl/n0TvbvzaVb7Nu5zyPp31Zlr3z0lvF613F67t/ceafv9vwum+r15Tfeemtz1/9wx8uZP0AAFy4j2p/zqwoftes+xfr+fz7PwAAANATYu7vDzOR/wEAAKA0Yu4fCDOR/wEAAKA0Yu4fDDPZ1+nd8crhib6vv/rhc1l6N8BzQTw/vgzy0Mpiu9jxnglfj547Lz/9nreGHvzec/O77f4sy/73gWtbbv/Eyriuwsm4zoHG02e56oZ53f7jj5zfrv79E872F9cfv5/5vgwUu8rv/ts9tesdvbWY7z2Q1ebDMy8+X7v+PcXXcfv3/6PY7hvhTUv2He5ruPzmsJ5NYY6G95R5aNX5/ZDPeLnvvHvk7z/96Pnbi5fr27im9m2+tqW43vgeUa/8ZbF9/L7nWv9fv/St7+TbP3VT6/U/1996/e+H6/1xmP/zQXF6/T7/Xt36/yCsP95evNyWN3/Qcv1v/1Wx/dvhuHg9zOb13/1H133Y6v6Kt7NvsLhcvP2JP7uvdrl4ffH6m9c/PH5Pw/5ovv733iyuZ++T/z1Qv308Pd5O9Phg4/HdF+7fhh55lmXf+nrWsJ+zoeJy7zStP17fycHW67+9aZ0n33iidvnm7yf65iP3tvx+43r2/flIw/fzypqw//pX/UN+ve9fG47HcP4vZorra34v07fXND7fxO1fHyket/H6xpvW/0rT+mduyPdd5/Xf//Ni/W/ftbJh/fvWhuPp48XstP4jf7q24fJvfLZYz6mvjh0/MX1mKr7HwUjT43jl8KrVl13+sTVrw3Np89f7T5x+YvLU6MToRJaN9uBbBi73+t8M87+KMbP0t1D4l8HiuHv5weLn1i1DxdevhNMfD/dn/Pn4zT8eajhem+/3meFiLnb9t4V1zNf6TT/ZPa8N/3PH26/+68Nfav69IH4/J68Yrn1/r224snZe33vF+c3PV538+xWNj+sfrSvm98N+PRfemXnjlcXtNV9/fG+Sl79QPH7jb3Lx8lnT+4mMDDR+H4td/4/C7zE/uKrx+S8eH99/rundnEeyvnwJM+H5IZspzo9bxf398tkrW95efB+ebObqhSxzTtNPT48fnTp+5qnx05PTp8enn35m/7ETZ46f3l9779L9X+50+fOP79W1x/ehyZ07stqj/UQxltmlXv/JRw4e2jVx86HJwwfOHD79yMnJU0cOTk8fnDw0ffOBw4cnv9rp8lOH9m7dtmf7rm1jR6YO7d29Z8/2PWNTx0/kyygW1cHOia+MHT+1v3aR6b079my9884dE2PHThya3LtrYmLsTKfL1342jeWXfnLs1OTRA6enjk2OTU89M7l3656dO7d1fPfHYycPT4+OnzpzfPzM9OSp8eJ7GT1dOzn/2dfp8lTD9NrwfNekL/x2ft/tO9P74+be+tqcV1VsMtJ44k/De0F9Y3j77vl8HXP/UJiJf/8HAACA0oi5P3w+xfnX3eV/AAAAKI3wgX/hMyP9+z8AAACUUcz9w2EmFcn/+v/6/xfQ/091bf1//f9M/1//vwP9f/3/dvT/9f97ef36//r/dNZt/f+Y+1dlWSXzPwAAAFRBzP2rw0zkfwAAACiNmPsvCzOR/wEAAKA0Yu6/PMykIvlf/1//3+f/l6//35dlM/r/+v/dQv9f/78d/X/9/15ev/6//j+ddVv/P+b+j4WZVCT/AwAAQBXE3L8mzET+BwAAgNKIuX9tmIn8DwAAAKURc/9ImEmZ8v9dc5+l/1/1/v+A/n8J+/8+/7+g/98d9P/1/9vR/9f/7+X16//r/9NZt/X/Y+7/eJhJmfI/AAAAVFzM/Z8IM5H/AQAAoDRi7v9kmIn8DwAAAKURc/+6MJOK5H/9/6r3/33+f6b/v4z9/7il/r/+v/5/r/f/V4WT9f8b6f/r/+v/6//TXrf1/2PuvyLMpCL5HwAAAKog5v4rw0zkfwAAACiNmPs/FWYi/wMAAEBpxNx/VZhJRfK//r/+v/6//r/P/9f/X076/+Xo/8eT9f8b6f/r/+v/6//TXrf1/2PuvzrMpCL5HwAAAKog5v5rwkzkfwAAACiNmPuvDTOR/wEAAKA0Yu5fH2ZSkfyv/6//r/+v/6//r/+/nPT/9f/b0f/X/+/l9ev/6//TWbf1/2Puvy7MpCL5HwAAAKog5v7rw0zkfwAAACiNmPtvCDOR/wEAAKA0Yu4fDTOpSP7X/9f/1//X/9f/1/9fTvr/+v/t6P/r//fy+vX/9f/prNv6/zH3bwgzqUj+BwAAgCqIuX9jmIn8DwAAAKURc/+NYSbyPwAAAJRGzP2bwkwqkv/1//X/9f/L2v8f0P/X/+8K+v/6/+3o/+v/9/L69f/1/+ms2/r/MfffFGZSkfwPAAAAVRBz/81hJvI/AAAAlEbM/beEmcj/AAAAUBox928OM6lI/tf/1//X/y9r/9/n/+v/dwf9f/3/dvT/9f97ef36//r/dNZt/f+Y+28NM6lI/gcAAIAqiLn/tjAT+R8AAABKI+b+28NM5H8AAAAojZj7x8JMKpL/9f/1//X/9f/1//X/l5P+v/5/O/r/+v+9vH79f/1/Ouu2/n/M/XeEmVQk/wMAAEAVxNy/JcxE/gcAAIDSiLl/PMxE/gcAAIDSiLl/IsykIvlf/1//X/9f/1//X/9/Oen/6/+3o/+v/9/L69f/1/+ns27r/8fcvzXMpCL5HwAAAHrUdQvZOOb+bWEm8j8AAACURsz928NM5H8AAAAojZj7d4SZVCT/6//r/+v/6//r/+v/Lyf9f/3/dur7//kl9f+r0v+f6ydNr6y/oP+v/09n3db/j7n/zjCTiuR/AAAAqIKY+3eGmcj/AAAAUBox9+8KM5md///m4q0KAAAAWEox9+8OM+n5f/+fX6+qUv3/A/env+r/F/T/9f8z/X/9/2Wm/6//347P/69q/39pXOr16//r/9NZt/X/Y+7fE2bS8/kfAAAAiGLu/39hJvI/AAAAlEbM/f8/zET+BwAAgNKIuf+Xwkwqkv8r1f+vo/9f0P/X/8/0//X/l5n+v/5/O/r/+v+9vP7u7f9/e3WW6f/THbqt/x9z/94wk4rkfwAAAKiCmPs/HWYyd/4fXv5VAQAAAEsp5v67wkz8+z8AAACURsz9+8JMKpL/9f/1//X/9f/1//X/l5P+v/5/O4vr/4/q/y/Spe7P9/r6u7f/7/P/6R7d1v+Puf/uMJOK5H8AAACogpj77wkzkf8BAACgNGLuvzfMRP4HAACA0oi5/zNhJhXJ/xet/9+iUKz/r/+f6f/r/+v/6/8vkv5/lfv/Pv9/sS51f34J1p/f5fr/+v90sW7r/8fcf1+YSUXyPwAAAFRBzP2fDTOR/wEAAKA0Yu7/5TAT+R8AAABKI+b++8NMKpL/ff6//r/+v/6//r/+/3LS/9f/b0f/X/+/l9ev/6//T2fd1v+Puf9Xwkwqkv8BAACgCmLufyDMRP4HAACA0oi5/8EwE/kfAAAASiPm/l8NM6lI/tf/1//X/9f/1//X/19O+v/6/+3o/+v/9/L69f/1/+ms2/r/Mff/WphJRfI/AAAAlMLcrx/UxNz/62Em8j8AAACURsz9nwszkf8BAACgNGLufyjMpCL5X/9f/1//X/9f/1//fznp/+v/t6P/r//fy+vX/9f/p7Nu6//H3P/5MJOK5H8AAACogpj7Hw4zkf8BAACgNGLu/0KYifwPAAAAPeDsvLaKuf+LYSYVyf/6//r/+v/6/0vY/1+R6f8n+v+ran/q/+v/t9NL/f9W5+j/6//r/+v/01639f9j7n8kzKQi+R8AAACqIOb+R8NM5H8AAAAojZj7fyPMRP4HAACA0oi5/zfDTCqS//X/9f/1//X/ff6//v9y0v/X/2+nl/r/rej/6//r/+v/01639f9j7v+tMJOK5H8AAACogpj7fzvMRP4HAACA0oi5/3fCTOR/AAAAKI2Y+x8LM6lI/i/6/48e1P8v6P/r/+v/6/9H+v9LQ/9f/78d/X/9/15ev/6//j+ddVv/P+b+L4WZVCT/AwAAQBXE3P+7YSbyPwAAAJRGzP37w0zkfwAAACiNmPsfDzOpSP73+f/6//r/+v8L6f+vanG6/n9B/781/X/9/3b0/8vc/1+xJGu8dOuf6wlrMP1N/1//n866rf8fc/+BMJOK5H8AAACogpj7fy/MRP4HAACA0oi5/2CYifwPAAAApRFz/6Ewk4rkf/1//X/9f/3/Hvn8/6FsOfr/M/r/y60k/f/39P8L+v+N9P99/r/+v/4/7XVb/z/m/skwk4rkfwAAAOh183nX0Zj7D4eZyP8AAABQGjH3Hwkzkf8BAACgNGLufyLMpCL5vxv7/zfo/+v/6/+n69H/9/n/+v/t+fx//f9M//+CXer+fK+vX/9f/5/Ouq3/H3P/VJhJRfI/AAAAVEHM/V8OM5H/AQAAoDRi7v9KmIn8DwAAAD1n5Rynx9x/NMykIvm/G/v/mf6//r/+f7oe/X/9f/3/9vT/9f8z/f8Ldqn7872+/iXt/6/Q/6ecuq3/H3P/sTCTiuR/AAAAqIKY+4+Hmcj/AAAAUBox958IM5H/AQAAoDRi7j8ZZtKT+b9vzt7uXPT/9f+7rf9f37wsdf9/pf6//r/+/1LQ/9f/z/T/L9il7s/3+vp9/r/+P511W/8/5v7fDzPpyfwPAAAAtBJz/6kwE/kfAAAASiPm/ukwE/kfAAAASiPm/v9j7z539LirOI4/thI7kSC8R9wLiPvgNTdAL4npLfQamqmh995b6BB6773XUEKRgrR7zok3Xs/sPvjxzvzP5/PmsGTXO5GN0U+rr+YBccv0/j+926e6cvT/+v+l9f9t3/9/lf4/6f/1/8eh/9f/b/T/Wzvpfn7tz6//1/8zb2n9f+7+B8Ytfv4PAAAAw8jd/6C4xf4HAACAYeTuf3DcYv8DAADAMHL3PyRuabL/r2z/f98DH+n/9f+brfr/s/W1Q/X/3v9/5++r/l//fwxd+//8m1D/v0//v52T7ufX/vz6f/0/85bW/+fuf2jc0mT/AwAAQAe5+x8Wt9j/AAAAMIzc/Q+PW+x/AAAAGEbu/kfELU32v/f/6//X1/8P+v5//X/R/+v/j6Nr/5/0//v0/9s56X5+7c+v/9f/M29p/X/u/kfGLU32PwAAAHSQu//6uMX+BwAAgGHk7r8hbrH/AQAAYBi5+8/FLU32v/5f/6//1//r//X/u6T/1/9P0f8vt/+/Q/8/+/31//p/5i2t/z9342Zv9+9/m377HwAAADrI3f/ouMX+BwAAgGHk7n9M3GL/AwAAwDBy9z82bmmy//X/+n/9v/5f/6//3yX9v/5/iv5/uf2/9//r/+e+Xv/PUSyt/8/d/7i4pcn+BwAAgA5y9z8+brH/AQAAYBi5+58Qt9j/AAAAMIzc/U+MW5rsf/2//l//r//X/+v/d0n/r/+fspL+P36Ji3979P9D9//3v9fM11+y/z+10f/r/wlL6/9z9z8pbmmy/wEAAKCD3P1PjlvsfwAAABhG7v6nxC32PwAAAAwjd/+NcUuT/a//1//r//X/+n/9/y7p//X/U1bS/1+S/n/o/n/2+3v/v/6feUvr/3P3PzVuOTD8zh7z3xIAAABYktz9T4tbmvz8HwAAADrI3f/0uMX+BwAAgGHk7n9G3NJk/+v/5/v/6+8+/+vp/w9/fv2//l//r//X/6+g/7/5kE/U/x+J/r9R/3/txV+v/9f/M29p/X/u/mfGLU32PwAAAHSQu/9ZcYv9DwAAAMPI3f/suMX+BwAAgGHk7n9O3HKfzeaIGfuq6f+9/1//r//X/+v/d0n/v4L+/zD6/yPR/zfq/w+h/9f/M29p/X/u/ufGLX7+DwAAAMPI3f+8uMX+BwAAgGHk7n9+3GL/AwAAwDBy978gbmmy//X/6+n/r9L/j9D/3/OW8/fT/8c/1//r/y8H/b/+f6P/39pJ9/Nrf379v/6feUvr/3P33xS3NNn/AAAA0EHu/hfGLfY/AAAADCN3/4viFvsfAAAAhpG7/8VxS5P9r/9fT//v/f9D9P/e/7/g/v9R8ecx6f8vD/2//n/KZej/b7pO/7+1k+7nT+j5T1+u59f/6/+Zt7T+P3f/S+KWJvsfAAAAOsjd/9K4xf4HAACAYeTuPx+32P8AAAAwjNz9L4tbmux//b/+X/+v/9f/e///Lun/9f9TvP9f/7/m59f/6/+Zt7T+P3f/y+OWJvsfAAAAOsjd/4q4xf4HAACAYeTuf2XcYv8DAADAql3YgeXuf1Xc0mT/6//1//r/S/X/5/X/d6H/1/9vQ/+v/5+i/9f/r/n59f/6f+Ytrf/P3f/quKXJ/gcAAIAOcvffHLfY/wAAADCM3P2viVvsfwAAABhG7v7Xxi1N9r/+X/+v//f+f/2//n+X9P/6/yn6f/3/mp9f/6//Z97S+v/c/a+LW5rsfwAAAOggd//r4xb7HwAAAIaRu/8NcYv9DwAAAMPI3f/GuKXJ/tf/6//1//p//b/+f5f0//r/Kfp//f+an1//r/9n3tL6/9z9b4pbmux/AAAA6CB3/5vjFvsfAAAAhpG7/y1xi/0PAAAAw8jd/9a4pcn+1//r//X/+n/9v/5/l/T/+v8p+n/9/5qfX/+v/2fe0vr/3P1vi1ua7H8AAADoIHf/2+MW+x8AAACGkbv/HXGL/Q8AAADDyN3/zrilyf7X/+v/9f/6f/2//n+X9P/6/ynr6/+vPvCR/l//r//X/zNtaf1/7v53xS1N9j8AAAB0kLv/3XGL/Q8AAADDyN3/nrjF/gcAAIBh5O5/b9zSZP/r/zv3/6fObTb6/43+X/+v/98p/b/+f8r6+v+D9P/6f/2//p9pS+v/c/e/L25psv8BAACgg9z9749b7H8AAAAYRu7+D8Qt9j8AAAAMI3f/B+OWJvtf/9+5//f+f/3/wefU/+v/d0H/r/+fov/X/6/5+Zfc/5/W/7MQJ97/5yfGx7n7PxS3NNn/AAAA0EHu/g/HLfY/AAAADCN3/0fiFvsfAAAAhpG7/6NxS5P9r//X/+v/9f8X9v9nDv8jvkf/r//fhv5f/z9F/6//X/PzL7n/9/5/luLE+/+7fJy7/2NxS5P9DwAAAB3k7v943GL/AwAAwDBy938ibrH/AQAAYBi5+2+JW5rsf/2//l//r//3/n/9/y7p//X/U/T/q+v/r7rwA/2//l//z5yl9f+5+z8ZtzTZ/wAAALBy1x7lk3L3fypusf8BAABgGLn7Px232P8AAAAwjNz9n4lbmuz/bfr/s/r/i+j/D39+/b/+X/+v/19Y/3/Ntt9H/79P/39Qw/7/AP2//l//z5yl9f+5+z8btzTZ/wAAANBB7v7PxS32PwAAAAwjd//n4xb7HwAAAIaRu/8LcUuT/e/9//p//f+x+v8b9P/6f/3/8Sys/9+a/n/f7vr/e2969P9Xx3/Q/4/w/Pp//T/zltb/5+7/YtzSZP8DAABAB7n7b41b7H8AAAAYRu7+L8Ut9j8AAAAMI3f/l+OWJvtf/6//1/97/7/+X/+/S/r/4/b/Z471XOP0/97/v9H/r+759f/6f+Ytrf/P3f+VuKXJ/gcAAIAOcvd/NW6x/wEAAGAYufu/FrfY/wAAADCM3P1fj1ua7H/9v/5f/6//1//r/3dJ/+/9/1P0//r/NT+//l//z7yl9f+5+78RtzTZ/wAAANBB7v5vxi32PwAAAAwjd/+34hb7HwAAAIaRu//bcUuT/a//1//r//X/+v+F9P+nzun/t6D/1/9v9P9bO+l+fu3Pr//X/zNvaf1/7v7vxC1N9j8AAAB0kLv/u3GL/Q8AAADDyN3/vbjF/gcAAIBh5O7/ftzSZP/P9P/VwOn/p+n/N3v/+9H/H/z19f/6f+//1//r/6fp//X/a35+/b/+n3lL6/9z9/8gbrlz+J05/r8lAAAAsCS5+38YtzT5+T8AAAB0kLv/R3GL/Q8AAADDyN3/47ilyf73/n/9v/f/6//1//r/XdL/6/+n6P/1/2t+fv2//p95S+v/c/f/JG5psv8BAACgg9z9P41b7H8AAAAYRu7+n8Ut9j8AAAAMI3f/z+OWJvtf/z9q/3/b3fb/qf5f/6//n3t+/f9u6f/1/1P0//r/NT+//l//z7yl9f+5+38RtzTZ/wAAALB+p2c/I3f/L+MW+x8AAACGkbv/V3GL/Q8AAADDyN3/67ilyf7X/4/a/3v/v/5f/6//Xwb9v/5/iv5f/7/m59f/6/+Zt7T+P3f/b+KWJvsfAAAAOsjd/9u4xf4HAACAYeTu/13cYv8DAADAMHL3/z5uabL/9f+76P9v1f/r//fo//X/+v/19/+n4i8c/f8+/f9B+n/9v/5f/8+0pfX/ufv/ELc02f8AAADQQe7+P8Yt9j8AAAAMI3f/n+IW+x8AAACGkbv/z3FLk/0/Tv8fT7qI/t/7//X/+/T/+n/9//r7/6T/36f/P0j/r//X/+v/mba0/j93/1/ilib7HwAAADrI3f/XuMX+BwAAgGHk7r8tbrH/AQAAYBi5+/8WtzTZ/+P0/0H/r//X/+v/47/X/y+D/l//P0X/r/9f8/Pr//X/zFta/5+7/+9xS5P9DwAAAB3k7v9H3GL/AwAAwDBy9/8zbrH/AQAAYBi5+2+PWy7a/2eu4FNdOfp//f/u+v877rHZ6P/1//p//b/+X/9/afp//f+an1//r/9n3tL6/9v3/r/2ms2/9r7az/8BAABgRLn7/x232P8AAAAwjNz9/4lb7H8AAAAYRu7+/8YtTfa//l//7/3//1f/f93Unwf9v/5f/6//1/9P0//r/9f8/Pp//T/zltb/5+7/XwAAAP//RByXNg==")
syz_mount_image$msdos(&(0x7f0000000940), &(0x7f0000001cc0)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
syz_mount_image$msdos(&(0x7f0000000940), &(0x7f0000001cc0)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r0 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

7.683599263s ago: executing program 3 (id=553):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@bridge_setlink={0x44, 0x13, 0xa2f, 0x70bd25, 0x0, {0x7, 0x0, 0x68, r1, 0x900, 0x62010}, [@IFLA_LINKINFO={0x24, 0x1a, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x4, 0x0, 0x1, [@IFLA_VLAN_EGRESS_QOS={0x10, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x7}}]}]}}}]}, 0x44}}, 0x0)

7.284228614s ago: executing program 3 (id=555):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000280)={r1, r1, 0x1, 0x2, &(0x7f00000004c0)="0006", 0x48, 0x1, 0x5, 0x8, 0x8, 0x1, 0x2, 'syz0\x00'})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f0000000200)={0x1, &(0x7f0000000140)=[{@none}]})

6.855611346s ago: executing program 3 (id=558):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b)

6.398153389s ago: executing program 3 (id=561):
syz_mount_image$jfs(&(0x7f0000005e00), &(0x7f0000005e40)='./file0\x00', 0x0, &(0x7f0000005e80), 0x1, 0x5e67, &(0x7f0000011b00)="$eJzs3c1vHGcdB/Df7K7XL6Wp1UNVIoTctLyU0ryWECjQ9gAHLhxQriiR61YRKaAkoLSKiCtfOPBHgJA4IsQRLvwBPXDlxh9ApAQJ1BODxn6eZDzxeh0c79h+Ph/JmfntM+N9Jt+dffHM7BMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHz/ez88V0XElV+kG5YjPhPDiEHEYlOvRMTiynJefhQRL8Zmc7wQEXPzEc36m/88F/FGRHxyIuL+gzurzc3n99iP7/7x77/70TM/+Nsf5s7850+3hm9OWu727V//+89397fNAAAAUJq6rusqfcw/mT7fD/ruFAAwE/n1v07y7Wq1Wq1Wq49f3Vbv7G67iIj19jrNewaH4wHgiFmPT/vuAj2Sf9FGEfFM350ADrWq7w5wIO4/uLNapXyr9uvBylZ7PhdkW/7r1cPrOyZNp+meYzKrx9dGDOP5Cf1ZnFEfDpOc/6Cb/5Wt9nFa7qDzn5VJ+Y+3Ln0qTs5/2M2/40jlP5zctBGDHfMvVc5/9ET5Dw93/ruQPwAAAAAAJch//1/u+fjv/P43ZU92O/67MqM+AAAAAAAAAMDTtt/x/x4y/h8AAAAcWs1n9cZvTjy6bdJ3sTW3X64inu0sDxQmXSyz1Hc/AAAAAAAAAAAAAKAko61zeC9XEXMR8ezSUl3XzU9bt35S+13/qCt9+6FkfT/JAwDAlk9OdK7lryIWIuJy+q6/uaWlpbpeWFyql+rF+fx+djy/UC+2PtfmaXPb/HgPb4hH47r5ZQut9dqmfV6e1t79fc19jevhHjo2Gz0GDgARsfVqdN8r0jFT189F3+9yOBrs/8eP/Z+96PtxCgAAABy8uq7rKn2d98l0zH/Qd6cAgJnIr//d4wJqtVqtVquPX91W7+xuu4iI9fY6zXsGw/EDwBGzHp/23QV6JP+ijSLixb47ARxqVd8d4EDcf3BntUr5Vu3XgzS+ez4XZFv+69Xmenn9nabTdM8xmdXjayOG8fyE/rwwoz4cJjn/QTf/K1vt47TcQec/K5Pyb7ZzuYf+9C3nP+zm33F88h/smH+pcv6jJ8p/KH8AAAAAADjE8t//lx3/zZsMAAAAAAAAAEfO/Qd3VvN1r/n4/+d2WM71n8dTzr+Sf5Fy/oNO/l/uLDdszd9751H+/3pwZ/X3t/752Tzda/7zeaZKj6wqPSKqdE/VKE33s3WP25gbjpt7mqsGw1E656eeey+uxfVYi7Pblh2k/49H7ee2tTc9ndvWfn5b++ix9gvb2ufS9w7Ui7n9dKzGT+N6vLvZ3rTNT9n+hSnt9ZT2nP/Q/l+knP+o9dPkv5Taq860ce/jwWP7fXu60/28fe3zvzp78Jsz1UYMH25bW7N9p3roz+b/yTPj+PnNtRunb1+9devGuUiTbbeejzR5ynL+c+nn4fP/y1vt+Xm/vb/e+3j8xPkfFhsxmpj/y635ZntfnXHf+pDzH6efnP+7qX3n/f8o5z95/3+th/4AAAAAAAAAAAAAAADAbuq63rxE9O2IuJiu/+nr2kwAYLby63+d5NvVarVarVYfv7qt3tlb7SIi/tpep3nP8MudfhkAcJj9NyL+0Xcn6I38C5a/76+ZvtJ3Z4CZuvnhRz++ev362o2bffcEAAAAAAAAAPh/5fE/V1rjP78SEcud5baN//pOrOx3/M9Rnnk4wOhTHuh7go3BeDhoDTf+Uuw+/vep2H3879GU+5ub0j6e0j4/pX1hl7a/TFk3Wvm/1BrvvMn/ZGf49RLGf+2OeV+CnP+p1uO5yf9LneXa+de/Pcr5D7blf+bWBz87c/PDj16/9sHV99feX/vJhXPnzl64ePHSpUtn3rt2fe3s1r899vhg5fzz2NfOAy1Lzj9nLv+y5Py/kGr5lyXn/8VUy78sOf/8fk/+Zcn5588+8i9Lzv/VVMu/LDn/r6Ra/mXJ+b+WavmXJef/1VTLvyw5/9dT/UT5Tzs4waGX8z+davt/WXL+Z1It/7Lk/PMRLvmXJeefz2yQf1ly/udTLf+y5PwvpFr+Zcn5v5Fq+Zcl5/+1VMu/LDn/i6mWf1ly/l9P9Z7yP3Hw/WI2cv6XUm3/L0vO/xupln9Zcv7fTLX8y5LzfzPV8i9Lzv9bqZZ/WXL+3061/MuS8/9OquVflpz/W6mWf1keff+/GTNmzOSZvp+ZAAAAAAAAAAAAAICuWZxO3Pc2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/YwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2Lu7GLnOuwzgZ9e79tppG7dJgxOcdO24juNssuuP+KNg6qZpGpKWkq/S8BHbeNfOtv6Kd02TEMmu0tJIdUWFisgN0FYR5AbVQr0oKFS5QCCuCFyUG1SE1IsIpVVaCQkQZNGced93Z2bPzlnHE3fmnN9Piv/emTPznjlzZnafdZ8pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK02fXTmy0NZljX+y/9Yn2Xvavx97fj6/LIP/az3EAAAALhS/5f/+ea16YKDK7hRyzZ/f8s/fmdhYWEh+8yqPxz9+sJCumI8y0bXZFl+XXTp3x8fat0meD4bGxpu+Xq4ZPlVJdePlFw/WnL96pLr15RcP1Zy/ZIDsMTa5u9j8jvbkv91ffOQZtdno/l1Wwpu9fzQmuHh+Luc3FB+m4XRY9lsdiKbyabatm9uO5Rv/8qmxlr3Z3Gt4Za1NjbOkJ88dzTuw1A4xlva1lq8z+hHH8nGf/qT547+2fwbNxbN0sPQdn/N/dy2ubGfXwyXNPd1KFuTjkncz+GW/dxY8JysatvPofx2jb937uebK9zPVYu7eVV1Pudj2XD+99fy4zTS+mu9dJw2hsv+69Ysyy4s7nbnNkvWyoazdW2XDC8+P2PNM7JxH41T6X3ZyGWdp5tWcJ425vSW9vO08zURn/9N4XYjy+xD69P0oy+sXvK8X+55GjUe9XKvlc5zsNevlX45B+N58Vr+oF8oPAe3hMf/3Nblz8HCc6fgHEyPu+Uc3Fx2Dg6vXpXvc3oShvLbLJ6DO9q2X5WvNJTP17d2Pwcn50+emZx75tk7Z08eOT5zfObUrh07pnbt2bNv377JY7MnZqaaf77No93/1mXD6TWwORy7+Bq4rWPb1lN14Zu9ex2OdXkdru/Yttevw5HOBzd0dV6QS8/p5mvj0cZBH7s4nC3zGsufn+1X/jpMj7vldTjS8jos/J5S8DocWcHrsLHNme0r+5llpOW/on14p74XrG85Bzt/Huk8B3v980i/nINj4bz41+3Lfy/YGPb3hYnL/Xlk1ZJzMD3c8N7TuCT9vD+2Lx9F5+VNjSuuWZ2dm5s5e9fTR+bnz+7Iwrgqrms5VzrP13Utjylbcr4OX/b5enD2lhduKrh8fThWY3c2/hhb9rlqbLP7ru7PVf7drfh4tl26Mwujx6728Sz6bt44nilLdjmejW2+OHnlP4unXNry/ju6zPtvzP1vNddLd/X8qtGR5ut3VTo6o23vx+1P1Uj+3jWUr/3m5Mrej0fDf1f7/fj6Lu/HGzq27fX78Wjng4vvx0Nlv+24Mp3P51g4T05MdX8/bmyzYeflnpMjXd+Pbw1zKBz/20NSSLmo5dxZ7rxNa42MjIbHNRJXaD9Pd7VtPxqyWWOtl3e+vfN0263N+1qVHt2iq3Wejnds2+vzNL1fLXeeDpX99u3t6Xw+x8J5cf2u7udpY5tXd1/5e+fa+NeW987VZefg6KrVjX0eTSdh8/1+YW08B+/KjmansxPZdH7t6vx8GsrXmrh7Zefg6vDf1X6v3NDlHNzWsW2vz8H0fWy5c29oZOmD74HO53MsnBcv3t39HGxsc+/e3v7sui1ckrZp+dm18/dry/3O66aOw/RO/s6rsZ9/u7f772Yb25zYd7k5s/txuiNcck3Bcep8/S73mprOrs5x2hD28419yx+nxv40tvn6/hWeTwezLDv/1D3573vDv6/85bnvf6ft312K/k3n/FP3/Pjdx/7ucvYfgMH3VnOsa36va/mXqZX8+z8AAAAwEGLuHw4zkf8BAACgMmLuj/+r8ET+BwAAgMqIuX8kzKQq+b/kQ/423PvG7FvnFzdcCOL16TA80NwudlynwtfjC4sal9/z0sx//vX5le3acJZl//vA7xZuv+GBuF9N42E/L32s/fKlNzy/ovUPP7a4XWt//Rvh/uPjWelpUFTBncqy7JVrv5qvM/74xXy++sDhfD584YXnG9u8ub/5dbz969c1t//jUP49eOxI2+1fD8fhh2FOPVh8POLtvn3x9o17P724Xrzd0Ob35A/7xSea9xs/J+drzze3j8d5uf3/m6+8/O3G9k9/sHj/zw8X7//L4X5fCvO/b25u3/ocNL6Ot/tS2P+4XrzdXd/6XuH+X/pyc/sz9zW3OxxmXH9b+HrLfW/Mth6vp4eOtD2u7OPN7eL6U9///fz6eH/x/jv3f+zQxbbj0Xl+vPrPzfuZ7Ng+Xh7Xif6qY/3G/bSen3H9l3/vcNtxLlv/0sOv39y438717+jY7sxT2/P1F++v/ROb/uRLXy1cL+7Pwb840/Z4Dj4UXsdh/RefCOdjuP5/LjXvr/PTFQ4/1P7+E7f/xvrzbY8nuv+nzfUvffh4PteMrV13zbve/Z4LH2gcuyx77ZHm/ZWtf/xPT7ft/zdvaB6PeH3s6Heuv5y4/tnPT5w6PXdudrrlqOafnfOJ5v7E/b02vLd2fn3o9PyTM2fHp8ansmy8uh+h97Z9K8wfN8eFy7399sfC83nTH72ybus/fSVe/i+PNi+/+GDz+9ZtYbuvhcvXh+fvStd/cdMN+et76NXm12099h7YuOU/9q1ow/D4O38uiOf7mfc/mR+HxnX59434ur7C/f/BdPN+vhuO60L4ZObNNyyu17p9/GyEi480X+9XfPzC21x8Xv88PN+f/GHz/uN+xcf7g/BzzPc2tL/fxfPju+eHO+8//xSPC+H9JLvQvD5uFY/3xTdvKNy9+Dkk2YUb86//IN3PjZf1MJcz98zc5InZU+eenpyfmZufnHvm2UMnT587NX8o/yzPQ58tu/3i+9O6/P1pembP7ix/tzrdHO+wy9z/JR8+daX7f+axo9N7p7ZOzxw7cu7Y/GNnZs4ePzo3d3Rmem7rkWPHZj5fdvvZ6QM7du7ftXfnxPHZ6QP79u/ftX9i9tTpxm40d6rEnqnPTZw6eyi/ydyB3ft33H337qmJk6enZw7snZqaOFd2+/x700Tj1r8zcXbmxJH52ZMzE3Ozz84c2LF/z56dpZ8GePLMsbnxybPnTk2em5s5O9l8LOPz+cWN731lt6ea5v6t+fNsp6HmB/Fln7pjT/p81oaXvrDsXTU36fgA0TfCZ9H8w3vP7FvJ1zH3j4aZVCX/AwAAACn3rw4zkf8BAACgMmLuXxNmIv8DAABAZcTcPxZmUpP8r/+v/6//r/+v/1+8vv7/YNL/707/v4T+f536/z3ff/1//X+W6rf+f8z9a7OslvkfAAAA6iDm/nVhJvI/AAAAVEbM/deEmcj/AAAAUBkx978rzKQm+V//X/9f/1//X/+/eH39/8Gk/9+d/n8J/X/9/2X2fyVvuPr/+v8s1W/9/5j73x1mUpP8DwAAAHUQc/97wkzkfwAAAKiMmPuvDTOR/wEAAKAyYu5fH2ZSk/yv/6//r/+v/6//X7y+/v9g0v/vTv+/hP6//r///3/9f3qq3/r/Mfe/N8ykJvkfAAAA6iDm/veFmcj/AAAAUBkx918XZiL/AwAAQGXE3H99mElN8r/+v/6//r/+v/5/8fr6/4NJ/787/f8S+v/6//r/+v/0VL/1/2Puf3+YSU3yPwAAANRBzP03hJnI/wAAAFAZMff/XJiJ/A8AAACVEXP/hjCTmuR//X/9f/1//X/9/+L19f8Hk/5/d/r/JfT/9f/1//X/6al+6//H3H9jmElN8j8AAAAMrtUr3jLm/pvCTOR/AAAAqIyY+38+zET+BwAAgMqIuX9jmElN8r/+v/6//r/+v/5/8fr6/4NJ/787/f8S+v/6//r/+v/0VL/1/2PuvznMpCb5HwAAAOog5v5bwkzkfwAAAKiMmPs/EGYi/wMAAEBlxNw/HmZSk/yv/6//r/+v/6//X7y+/v9g0v/vTv+/hP6//r/+v/4/PdVv/f+Y+zeFmdQk/wMAAEAdxNy/OcxE/gcAAIDKiLn/1jAT+R8AAAAqI+b+LWEmNcn/+v/6//r/+v/6/8Xr6/8PJv3/7vT/S+j/6//r/+v/01P91v+Puf+DYSY1yf8AAABQBzH3bw0zkf8BAACgMmLuvy3MRP4HAACAyoi5f1uYSU3yv/6//r/+v/6//n/x+vr/g0n/vzv9/xL6//r/+v/6//RUv/X/Y+6/PcykJvkfAAAA6iDm/u1hJvI/AAAAVEbM/XeEmcj/AAAAUBkx90+EmdQk/+v/6//r/+v/6/8Xr6//P5j0/7vT/y+h/6//r/+v/09P9Vv/P+b+O8NMapL/AQAAoA5i7r8rzET+BwAAgMqIuX8yzET+BwAAgMqIuX8qzKQm+V//X/9f/1//X/+/eH39/8Gk/9+d/n8J/X/9f/1//X96qt/6/zH37wgzqUn+BwAAgDqIuX9nmIn8DwAAAJURc/+uMBP5HwAAACoj5v7dYSY1yf/6//r/+v/6//r/xevr/w8m/f/u9P9L6P/r/+v/6//TU/3W/4+5/+4wk5rkfwAAAKiDmPv3hJnI/wAAAFAZMffvDTOR/wEAAKAyYu7fF2ZSk/yv/6//r/+v/6//X7y+/v9g0v/vTv+/hP6//r/+v/4/PdVv/f+Y+/eHmdQk/wMAAEAdxNz/oTCTjvw/elX3CgAAAOilmPt/IczEv/8DAABAZcTc/4thJjXJ//r/+v/6//r/+v/F6+v/Dyb9/+70/0vo/+v/6//r/9NT/db/j7n/QJhJTfI/AAAA1EHM/b8UZiL/AwAAQGXE3P/hMBP5HwAAACoj5v6DYSY1yf/6//r/+v/6//r/xevr/w8m/f/u9P9L6P/r/+v/6//TU/3W/4+5/yNhJjXJ/wAAAFAHMfffE2Yi/wMAAEBlxNz/0TAT+R8AAAAqI+b+e8NMapL/9f/1//X/9f/1/4vX1/8fTPr/3en/lxi4/v9Qpv/fP/uv/6//z1L91v+Puf9jYSY1yf8AAABQBzH33xdmIv8DAABAZcTc//EwE/kfAAAAKiPm/vvDTGqS//X/9f/1//X/9f+L19f/H0z6/93p/5cYuP6/////ftp//X/9f5bqt/5/zP2/HGZSk/wPAAAAdRBz/wNhJvI/AAAAVEbM/Q+Gmcj/AAAAUBkx938izKQm+V//X/9f/1//X/+/eH39/8Gk/9+d/n8J/X/9f/1//X96qt/6/zH3fzLMpCb5HwAAAOog5v5fCTOR/wEAAKAyYu7/VJiJ/A8AAACVEXP/r4aZ1CT/6//r/+v/6//r/xevr/8/mPT/u9P/L6H/r/+v/6//T0/1W/8/5v6Hwkxqkv8BAACgDmLufzjMRP4HAACAyoi5/5EwE/kfAAAAKiPm/kfDTGqS//X/9f/1//X/9f+L19f/H0z6/93p/5fQ/9f/1//X/6en+q3/H3P/Y2EmNcn/AAAAUAcx9386zET+BwAAgMqIuf/XwkzkfwAAAKiMmPs/E2ZSk/yv/6//r/+v/6//X7y+/v9g0v/vTv+/hP6//r/+v/4/PdVv/f+Y+x8PM6lJ/gcAAIA6iLn/18NM5H8AAACojJj7fyPMRP4HAACAyoi5/zfDTGqS//X/9f/1//X/9f+L19f/H0z6/93p/5fQ/9f/1//X/6en+q3/H3P/b4WZ1CT/AwAAQB3E3P9EmIn8DwAAAJURc/+hMBP5HwAAACoj5v7DYSY1yf/6//r/+v/6//r/xevr/w8m/f/u9P9L6P/r/+v/6//TU/3W/4+5/0iYSU3yPwAAANRBzP2/HWYi/wMAAEBlxNx/NMxE/gcAAIDKiLl/OsykJvlf/1//X/9f/1//v3h9/f/BpP/fnf5/Cf1//X/9f/1/eqrf+v8x98+EmdQk/wMAAEAdxNx/LMxE/gcAAIDKiLn/eJiJ/A8AAACVEXP/k2EmNcn/+v/6//r/+v/6/8Xr6/8PJv3/7vT/S+j/6//r/+v/01P91v+PuX82zKQm+R8AAADqIOb+z4aZyP8AAABQGTH3fy7MRP4HAACAyoi5/0SYSU3yv/6//r/+v/6//n/x+vr/g0n/vzv9/xI/2/7/SPxRTP9/MPdf/1//n6X6rf8fc//JMJOa5H8AAACog5j7T4WZyP8AAABQGTH3nw4zkf8BAACgMmLuPxNmUpP8r/+v/6//r/+v/1+8vv7/YNL/707/v4T//3/9f/1//X96qt/6/zH3PxVmUpP8DwAAAHUQc//ZMBP5HwAAACoj5v65MBP5HwAAACoj5v75MJOa5H/9f/3/wv5/fKL1//X/9f8T/f/BoP/fnf5/Cf1//X/9f/1/eqrf+v//z95d7QySFnEc5oDAnXIHuC7u7u7u7u7u7u7ucECyqSoC2+lmSMO+XfU8J5XdTPJ+k8zJP5PfdO7+O8YtQ/Y/AAAATJC7/05xi/0PAAAAbeTuv3PcYv8DAABAG7n77xK33Mj+zzjtgvT/+n/f/9f/6/+339f/X5P+f5/+/4D+X/+v/9f/c6rV+v/c/XeNW/z9PwAAALSRu/9ucYv9DwAAAG3k7r973GL/AwAAQBu5++8RtwzZ//p//b/+X/+v/99+X/9/Tfr/faP6/5v0/zfq1u7nr/7z6//1/9zSav1/7v57xi1D9j8AAABMkLv/XnGL/Q8AAABt5O6/d9xi/wMAAEAbufvvE7cM2f/6f/2//l//r//ffl//f036/32j+n/f/79ht3Y/f/WfX/+v/+eWVuv/c/ffFLcM2f8AAAAwQe7++8Yt9j8AAAC0kbv/fnGL/Q8AAABt5O6/f9wyZP/r//X/+n/9v/5/+339/zXp//fp/w/o//X/+n/9P6darf/P3f+AuGXI/gcAAIAJcvc/MG6x/wEAAKCN3P0PilvsfwAAAGgjd/+D45Yh+1//r//X/+v/9f/b7+v/r0n/v0//f0D/r//X/+v/OdVq/X/u/ofELUP2PwAAAEyQu/+hcYv9DwAAAG3k7n9Y3GL/AwAAQBu5+x8etwzZ//p//b/+X/+v/99+X/9/Tfr/ffr/A/p//b/+X//PqVbr/3P3PyJuGbL/AQAAYILc/Y+MW+x/AAAAaCN3/6PiFvsfAAAA2sjd/+i4Zcj+1//r//X/+n/9//b7+v9r0v/v0/8f0P/r//X/+n9OtVr/n7v/MXHLkP0PAAAAE+Tuf2zcYv8DAABAG7n7Hxe32P8AAADQRu7+x8ctQ/a//l//r//X/+v/t9/X/1+T/v+f7rDx//T/B/T/+n/9v/6fU63W/+fuf0LcMmT/AwAAwAS5+58Yt9j/AAAA0Ebu/ifFLfY/AAAAtJG7/8lxy5D9r//X/+v/9f/6/+339f/XpP/fp/8/oP/X/+v/9f+carX+P3f/U+KWIfsfAAAAJsjd/9S4xf4HAACANnL3Py1usf8BAACgjdz9T49bhux//f+Y/v/m35L+X/+v/9f/d6f/36f/P6D/1//r//X/nGq1/j93/zPiliH7HwAAACbI3f/MuMX+BwAAgDZy9z8rbrH/AQAAoI3c/c+OW4bsf/3/mP7f9//1//p//f8I+v99+v8D+n/9v/5f/8+pVuv/c/c/J24Zsv8BAABggtz9z41b7H8AAABoI3f/8+IW+x8AAADayN3//LhlyP7X/+v/9f/6f/3/9vv6/2vS/+/T/x/Q/+v/9f/6f061Wv+fu/8FccuQ/Q8AAAAT5O5/Ydxi/wMAAEAbuftfFLfY/wAAANBG7v4Xxy1D9r/+X/+v/9f/6/+339f/X5P+f5/+/4D+X/+v/9f/c6rV+v/c/S+JW4bsfwAAAJggd/9L4xb7HwAAANrI3f+yuMX+BwAAgDZy9788bhmy//X/+n/9v/5f/7/9vv7/mvT/+/T/B/T/+n/9v/6fU63W/+fuf0XcMmT/AwAAwAS5+18Zt9j/AAAA0Ebu/lfFLfY/AAAAtJG7/9Vxy5D9r//X/+v/9f/6/+339f/XpP/fp/8/oP/X/+v/9f+carX+P3f/a+KWIfsfAAAAJsjd/9q4xf4HAACANnL3vy5usf8BAACgjdz9r49bhux//b/+X/+v/9f/b7+v/78m/f8+/f8B/b/+X/+v/+dUq/X/ufvfELcM2f8AAAAwQe7+N8Yt9j8AAAC0kbv/TXGL/Q8AAABt5O5/c9wyZP/r//X/+n/9v/5/+339/zXp//fp/w/o//X/+n/9P6darf/P3f+WuGXI/gcAAIAJcve/NW6x/wEAAKCN3P1vi1vsfwAAAGgjd//b45Yh+1//r//X/5/R/8e/JKL/v5n+f5v+//9D/79P/39A/6//1//r/znVav1/7v53xC1D9j8AAABMkLv/nXGL/Q8AAABt5O5/V9xi/wMAAEAbufvfHbcM2f/6f/2//t/3//X/2+/r/69J/79P/39A/6//1//r/znVav1/7v73xC1D9j8AAABMkLv/vXGL/Q8AAABt5O5/X9xi/wMAAEAbufvfH7cM2f/6f/2//l//r//ffl//f036/336/wP6f/2//l//z6lW6/9z938gbhmy/wEAAGCC3P0fjFvsfwAAAGgjd/+H4hb7HwAAANrI3f/huGXI/tf/6//1//p//f/2+/r/a9L/79P/H9D/6//1//p/TrVa/5+7/yNxy5D9DwAAABPk7v9o3GL/AwAAQBu5+z8Wt9j/AAAA0Ebu/o/HLUP2v/5f/6//1//r/7ff1/9fk/5/n/7/gP5f/79I/3+72+j/6WG1/j93/yfiliH7HwAAACbI3f/JuMX+BwAAgDZy938qbrH/AQAAoI3c/Z+OW4bsf/3/f9f/3/7f/lv//68/v/5/+8+H/l//r///39P/79P/H9D/6/8X6f99/58uVuv/c/d/Jm4Zsv8BAABggtz9n41b7H8AAABoI3f/5+IW+x8AAADayN3/+bhlyP7X//v+v/5f/6//335f/39N+v99+v8D+n/9v/5f/8+pVuv/c/d/IW4Zsv8BAABggtz9X4xb7H8AAABoI3f/l+IW+x8AAADayN3/5bhlyP7X/+v/9f/6f/3/9vv6/2vS/+/T/x/Q/+v/9f/6f061Wv+fu/8rccuQ/Q8AAAAT5O7/atxi/wMAAEAbufu/FrfY/wAAANBG7v6vxy1D9r/+X/+v/9f/6/+339f/X5P+f5/+/4D+X/+v/9f/c6rV+v/c/d+IW4bsfwAAAJggd/834xb7HwAAANrI3f+tuMX+BwAAgDZy9387bhmy//X/+n/9v/5f/7/9vv7/mvT/+/T/B/T/+n/9v/6fU63W/+fu/07cMmT/AwAAwAS5+78bt9j/AAAA0Ebu/u/FLfY/AAAAtJG7//txy5D9r//X/+v/9f/6/+339f/XpP/fp/8/oP/X/+v/9f+carX+P3f/D+KWIfsfAAAAJsjd/8O4xf4HAACANnL3/yhusf8BAACgjdz9P45bhux//b/+X/+v/9f/b7+v/78m/f8+/f8B/b/+X/+v/+dUq/X/uft/ErcM2f8AAAAwQe7+n8Yt9j8AAAC0kbv/Z3GL/Q8AAABt5O7/edwyZP/r//X/+n/9v/5/+339/zXp//fp/w/o//X/+n/9P6darf/P3f+LuGXI/gcAAIAJcvf/Mm6x/wEAAKCN3P2/ilvsfwAAAGgjd/+v45Yh+1//r//X/+v/9f/b7+v/r0n/v0//f0D/r//X/+v/OdVq/X/u/t/ELUP2PwAAAEyQu/+3cYv9DwAAAG3k7v9d3GL/AwAAQBu5+38ftwzZ//p//b/+X/+v/99+X/9/Tfr/ffr/A/p//b/+X//PqVbr/3P3/yFuGbL/AQAAYILc/X+MW+x/AAAAaCN3/5/iFvsfAAAA2sjd/+e4Zcj+1//r//X/+n/9//b7+v9r0v/v0/8f0P/r//X/+n9OtVr/n7v/L3HLkP0PAAAAE+Tu/2vcYv8DAADAFdz2P/lFufv/FrfY/wAAANBG7v6/xy1D9r/+X/+v/9f/6/+339f/X5P+f5/+/4D+X/+v/9f/c6rV+v/c/f8IAAD//2gee+o=")
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xa2)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x1b3)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8, 0x0, 0xc, 0xac, 0xffff8db7})

6.276697926s ago: executing program 2 (id=563):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x1008490, &(0x7f00000009c0)={[{@nodelalloc}, {@grpquota}, {@resuid}]}, 0x4, 0x4eb, &(0x7f0000000a80)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20004800)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events.local\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000901, 0xffffffffffffffff, 0x0)

5.839578438s ago: executing program 1 (id=564):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x10, 0x4, 0x8, 0x5}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)

5.252229618s ago: executing program 1 (id=565):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003040)=@deltfilter={0x24, 0x2d, 0x119, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r0, {0x0, 0x1}, {0xffe0, 0x1}, {0xf, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x820000, &(0x7f00000002c0)=ANY=[@ANYRESOCT=0x0, @ANYRES16], 0x26, 0x358, &(0x7f00000008c0)="$eJzs3T1oJGUYAOB3bza/ciaFEBSE1U6Q4xKx0CrhOOEwhZ4s/jUuJtEzsx4ksJArsreNYqnYCFrZWWh5tViI2FnYeoKcJzZed3CHI7uzP7M/kSgm8bjnKcLLO9+73zszX9jJ35c3VmN7Yyq2bt26EbOzpSivnluN26VYjFORRO5qjGiNJgCAe8ntLIs/slwhvTR59EfzvWj6GHoDAI5G5/3/rdODxMxJdgMAHIcDvv4f9cLE7OUjawsAOEJj7/+PDx0e+TZ/uf87AQDAveulV197fm094mKlMhtRf79RbVTj2cHxtUdvXoo0NuNsLMTdiPxBIX9aaH987sL6+bOVtl8Xo9quaFQj6s1GNX9SWEuiXT8Ty7EQi936rF+ftOuXO/WViLja7Mwf9VKjOhXz7fqtuPTTfCSxEgvx0Fh9xIX18yuV7gtU6736ZkQrZnsn0e7/TCzED2/G5UhjI9q1g/73lyuVc9l6ob7W+UHIxkncEAAAAAAAAAAAAAAAAAAAAAAA7gtnKn2L/f1vsnqz8d7F0QGLxf11GtX88NpWZ3+fVr4/UDbT253ng2R0f6Dh/Xka1XKcOtEzBwAAAAAAAAAAAAAAAAAAgP+PUkxHLU03d3b3rmwXg2Yh8+53X34zF6Nj3kkGmSjnLzc0ppuLQlUS/fKsX54lQ2O6QRIxGPzFtX7HeSaZcC5jZzETEcOZUrenWpqefuyXT8cm3buy/ecgk8TYZRkOSt2ZC4fqD+apg6p6zU58wZW/masdXM+y7KB+9j8Zr4pSRHnsxv0Xwbc33n74qd2lpzuZr7ubPjzx5MLL1z/+/LftWhrdS5Om0zu7d7N/N1eWDK2fUvc6l2LCYpsYtAaZ1s7uXi358fdXHvnw+6Exc2OLpDd7IVPutzE7fLtrafrV6OzTeVA66C6PBFMTFv/k4PU7/dX7zy/m0mertWv7P988bFXhE8tGHQAAAAAAAAAAAAAAAAAAcCwKfyse8cBhq5558Wi7AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjNfj//4WgNZY5THCnGeOHZjZ3dg+cfO5YTxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPvYXwEAAP//IZFqGg==")
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40000)
syz_usb_connect$uac1(0x2, 0xbc, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003000000106b1d01014000010203010902aa00030156c0020904000000010100000a24010101bb02010211240601040507000a0008000300020005052405060f0f2406020504020002000a000a00040c240202030202508000090111240605020507002e130a004ef10200000924030102020505f50904010000010200000904010101010200000905010920009301050725010003480f090402000001020000090402010101ff0000090582"], &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0})

4.64032395s ago: executing program 2 (id=568):
r0 = syz_usb_connect$uac2(0x5, 0xa8, &(0x7f0000000280)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x582, 0x4c, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x96, 0x3, 0x1, 0x5, 0x30, 0x9, {0x8, 0xb, 0x0, 0x1, 0x1, 0x7, 0x20, 0x8c}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x20, 0x0, {{0x9, 0x24, 0x1, 0x4000, 0x4, 0x1d, 0x7}, [@source_unit={0x8, 0x24, 0xa, 0x0, 0x1, 0xff, 0x23}, @output_terminal={0xc, 0x24, 0x3, 0x2, 0x307, 0x0, 0x4, 0x0, 0x7, 0x81}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x3, 0xb, 0x4, {0x8, 0x25, 0x1, 0x0, 0x0, 0x40, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {[@format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x4, 0x1ccc, 0x5}, @as_header={0x10, 0x24, 0x1, 0x2, 0x1, 0x0, 0x4, 0x8, 0xb8, 0x3}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x40, 0x6, 0x3, {0x8, 0x25, 0x1, 0x82, 0x3, 0xf3, 0x6}}}}}}}}]}}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, &(0x7f0000000700)={0x2c, 0x0, &(0x7f00000005c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x44a}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac2(r0, 0x0, 0x0)
syz_usb_control_io$uac2(r0, 0x0, &(0x7f0000000500)={0x24, &(0x7f0000000180)={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac2(r0, 0x0, &(0x7f00000001c0)={0x44, &(0x7f0000000340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.67579173s ago: executing program 3 (id=569):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000ac0)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x3c, 0x64, 0x0, 0x7, 0x6, 0x0, @private=0xa010102, @remote}, {{0x4e22, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x8, 0x606d, 0x0, 0x1ff, {[@md5sig={0x13, 0x12, "0e2400000041002000"}]}}}}}}}, 0x0)

3.2930782s ago: executing program 5 (id=570):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[@ANYBLOB='N,N'], 0x6a)

3.09658094s ago: executing program 3 (id=572):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000700)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
poll(&(0x7f0000000140)=[{r1, 0x2cfc08c20dafc34e}, {0xffffffffffffffff, 0xf102}], 0x2, 0x8000007)

2.992177445s ago: executing program 1 (id=573):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e61, 0x2, @loopback, 0x7fffffff}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@ccm_128={{0x1c438bcbda6bce17}, "8c498b2ddeb19a37", "88801c62739bff07bd9a79223857eede", "b72d0400", "bdbecb446f6147e3"}, 0x28)

2.90459678s ago: executing program 5 (id=574):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000023c0), 0x20180, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000002400)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x1}}, './file0\x00'})

2.556631918s ago: executing program 1 (id=575):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r1)

2.488460071s ago: executing program 5 (id=577):
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r0, &(0x7f00000000c0), 0x10)
sendto$l2tp(r0, &(0x7f0000000040)="e5786a0d000000000000c83b", 0xc, 0x0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x2008, 0x4)
recvfrom$inet(r0, 0x0, 0x0, 0x40000140, 0x0, 0x0)

2.188396387s ago: executing program 1 (id=579):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000280)={&(0x7f0000000780)={{@my=0x0}, {@my=0x0, 0x800000}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418})
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r0, 0x7ac, &(0x7f0000000100)={0x0, 0x0, 0x1})

2.136591809s ago: executing program 5 (id=580):
mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@hyper})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f00000000c0)={&(0x7f0000000bc0)={{@host, 0x6}, {@hyper, 0x3ff9}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b8317ad07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7d9ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effde3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162f3abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c900"}, 0x44f, 0x4})

1.989254217s ago: executing program 6 (id=581):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb010018000000000000004c0000004c00000002000000000000000800000d020000000d00000005000000040000000500000006000000040000001000"], 0x0, 0x66, 0x0, 0x1}, 0x28)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040), 0xe09)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x5d7000000000000, 0x2402)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000100)={'\x00', 0x6, 0xa, 0x3, 0xffffffff})

1.837451085s ago: executing program 5 (id=582):
syz_open_dev$usbmon(&(0x7f0000000140), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='fd/3\x00')
r0 = syz_usbip_server_init(0x1)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb2361000000010902"], 0x0)
write$usbip_server(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000300000001"], 0x35)

1.764504779s ago: executing program 1 (id=583):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0009030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000000)=""/172, 0xac)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ncm(0x3, 0x6e, &(0x7f00000001c0)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x7, 0xb0, 0x6, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x2}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x8c64, 0x3}, {0x6, 0x24, 0x1a, 0x20fc, 0x2}}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0x17, 0xa, 0xd}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200, 0xff, 0xbe, 0x1}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x5, 0xe0, 0x4}}}}}}}]}}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x3, [{0x0, 0x0}, {0x0, 0x0}, {0x7, &(0x7f00000000c0)=@string={0x7, 0x3, "c579646132"}}]})

1.408898027s ago: executing program 6 (id=584):
socket$kcm(0x11, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0x8}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'virt_wifi0\x00', 0x11})
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd9e", 0xeb98}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)

1.117636092s ago: executing program 6 (id=585):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000100)={0x18, 0x0, {0x4, @local, 'ip_vti0\x00'}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0), 0x202, 0x0)
ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000040)=0x1)
write(r1, &(0x7f0000000180)="ad2a", 0x2)

980.574859ms ago: executing program 2 (id=586):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000009c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a4c000000030a0fdb00000000000000000a0020050900030073797a30000000000900010073797a31000000001400048008000240e7b140bb08000140000000030a000700726f75746500000014000000110001"], 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r1 = socket(0xa, 0x3, 0xff)
sendmsg$inet6(r1, &(0x7f0000000300)={&(0x7f0000000140)={0xa, 0xa, 0x7f, @empty}, 0x1c, &(0x7f0000000340)=[{&(0x7f00000001c0)="671723d7c6012b37ee4765910ba4a51c750912d707c0a11404d6b618035a63176f243e55aa8079468d207f11cf5bdfaf23707fde221c55cb7fc7fbba3c7a4f388ac8e6818a519d85f2de3bb232e530de853b451f096f119eff4fc997da0cead908e10d000000000000005da1ec09616408b4a34c7531f034308cd9dbb2a3dd5a6db82f27ff864722af0d5e998ce5fb0f2c45696c1ccc2cf91acf9faac763b0f45b798097c692a63f0939b590ebbed429375bbe76c9fdf8205b5e6827221ab8ee384357e6dec9dfe7eaf241cceb560300b0e567335622", 0x7}, {&(0x7f0000000380)="9e91d91a92dc7c8fff658bb539e2ffb332c99223a7dfe52c1f51218206f5abfd2a3c", 0x22}, {&(0x7f0000000500)="e4", 0x5b}], 0x3}, 0x20008b88)

758.745121ms ago: executing program 6 (id=587):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000580)={'pcl812\x00', [0x8001, 0x101, 0x1, 0x4, 0x0, 0x1, 0xc, 0x7, 0x100, 0x6, 0x5e, 0x1, 0x8, 0x7ff, 0x6, 0x89, 0xc92, 0x5, 0x43, 0xa, 0x89, 0x0, 0xf27, 0x4, 0xc, 0x8, 0x5, 0xfffffff8, 0x8, 0x10000, 0xfffffff4]})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x640, 0x0)
ppoll(&(0x7f00000000c0)=[{r0, 0x1188}, {r1, 0x600}], 0x2, 0x0, 0x0, 0x0)

692.288014ms ago: executing program 2 (id=588):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000200)='dctcp', 0x5)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
r1 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r1, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)

368.671611ms ago: executing program 6 (id=589):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000080)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000002c0)={0x1, 0x0, [{0x4b564d07, 0x0, 0x1000000}]})

348.525122ms ago: executing program 2 (id=590):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000740)=ANY=[@ANYBLOB="726f6469722c757466383d316f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e39352c6e66733dd764df591c2efd287374616c655f72772c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c73686f72746e61ba60fa632387304d653d166cd8ecff6d5093e8ead988afd4ca5e48ca7316202d45c2ba63a367f92ce68948004d18c05bd76e1325cdb79a82cffbbfe3c0be09a33102233de158f410eeab3bee907dd47ffa18ea5377315637f40b192278e32838f98a45c58f9e6db5b2170dbbf19b21553e67754ba4294fafdd9aef38ad518a7b671816e57b0cd020bb00000000"], 0xfc, 0x2b8, &(0x7f0000000300)="$eJzs3EFr02AYwPGnXbt2HVt7EhTEB73oJWz1ExTZQCwocxX1IGQu1dLYjqZWKuJ2E29+juHRm+D8Art48y5ehiB42UEWadLYtBQ3Z7vM7f+DkWd53yfvmzYbTwJ5d+6+eVItO0bZbEo8rRIX2ZBdkVwn6opJwtvGvXhSwjbkyvSPz+dv37t/o1AsLiypLhaWr+ZVdfbCh2cv3l782Jy+8272fUq2cw92vue/bJ/ZPruztxwcvd5UU1fq9aa5Ylu6WnGqhuot2zIdSys1x2r0tZft+tpaW83a6kxmrWE5jpq1tlattjbr2my01XxkVmpqGIbOZOS0mfjrjNLm0pJZGMtkEIWpYTsbjYI54TfGJBZuKW0e2cwAAMCxcbD63zfK+v9xxdGKo7X96v+4UP+Pj1f/7w0tGnEyJDs3AAUz0/377Uf9DwAAAAAAAAAAAAAAAAAAAADA/2DXdbOu62aDbfCTEpG0iAS/Rz1PjMchvv9YhNPFiIVe3EuL2K9apVbJ3/rthbJUxBZL5pIiP73rocuPF68XF+bUk5Mte72b770kmAryA7nh+fN+voby11ulpGTC4+f99w6H5ecH8pMi0ipNyuVLoXxDsvLpodTFllXvOL38l/Oq124WB8af8voBAAAAAHASGPpbrv/+119N0jA0WDZkoN3f2Xs+INl9ng+obE1KLz8h5xLRnTcAAAAAAKeJ035eNW3banQCSYg0+vaMPpge25GPNhj46AaC18dghqMPjLR/0fyxs+u6651O/z5oXEQiOtNvInL0n3NKRMY6xNen/hd4kM5R/lcCAAAAMA69oj/qmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHoddPGwoP9h1h4LDTcRzVkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8OvAAAA//8XzBeO")
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x4000, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

68.119276ms ago: executing program 6 (id=591):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/mcfilter6\x00')
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000580)=""/118, 0x76}, {&(0x7f0000000d00)=""/93, 0x5d}, {&(0x7f0000000d80)=""/4096, 0x1000}], 0x3, 0xb, 0x100)

0s ago: executing program 5 (id=592):
setreuid(0xffffffffffffffff, 0xee01)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpgid(0x0)
fcntl$setownex(r1, 0xf, &(0x7f0000000140)={0x2, r2})
sendmmsg$unix(r0, &(0x7f0000006c40)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="11", 0x1}], 0x1}}], 0x1, 0x4040011)

kernel console output (not intermixed with test programs):

)
[   86.133071][ T4405] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   86.167966][ T4405] syz.1.13: attempt to access beyond end of device
[   86.167966][ T4405] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   86.253781][ T4405] syz.1.13: attempt to access beyond end of device
[   86.253781][ T4405] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   86.332950][ T4405] syz.1.13: attempt to access beyond end of device
[   86.332950][ T4405] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   86.413447][ T4405] syz.1.13: attempt to access beyond end of device
[   86.413447][ T4405] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   86.473847][ T4405] syz.1.13: attempt to access beyond end of device
[   86.473847][ T4405] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   86.538775][ T4405] syz.1.13: attempt to access beyond end of device
[   86.538775][ T4405] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   86.645316][ T4407] FAT-fs (loop0): error, corrupted directory (invalid entries)
[   86.661802][ T4413] syz.3.14 uses obsolete (PF_INET,SOCK_PACKET)
[   86.681057][ T4407] FAT-fs (loop0): Filesystem has been set read-only
[   86.826021][   T27] cfg80211: failed to load regulatory.db
[   86.970713][ T4419] loop4: detected capacity change from 0 to 2048
[   87.082268][ T4419] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   87.296463][ T4314] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.307139][ T4423] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   87.349628][ T4314] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   87.375395][ T4423] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   87.438436][ T4423] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   87.728716][ T4425] fido_id[4425]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   87.935951][ T4415] loop2: detected capacity change from 0 to 32768
[   87.983661][ T4432] Bluetooth: MGMT ver 1.22
[   87.990217][ T4415] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.16 (4415)
[   88.032613][ T4429] loop1: detected capacity change from 0 to 8192
[   88.117983][ T4415] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   88.165537][ T4415] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[   88.220468][ T4415] BTRFS info (device loop2): setting nodatasum
[   88.265761][ T4415] BTRFS info (device loop2): force zlib compression, level 3
[   88.290577][ T4415] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[   88.329119][ T4415] BTRFS info (device loop2): use lzo compression, level 0
[   88.352577][ T4415] BTRFS info (device loop2): turning on flush-on-commit
[   88.367792][ T4436] loop3: detected capacity change from 0 to 512
[   88.401800][ T4415] BTRFS info (device loop2): enabling auto defrag
[   88.429418][ T4415] BTRFS info (device loop2): max_inline at 4096
[   88.439426][ T4438] loop4: detected capacity change from 0 to 64
[   88.460840][ T4415] BTRFS info (device loop2): using free space tree
[   88.553523][ T4436] EXT4-fs error (device loop3): ext4_orphan_get:1405: inode #15: comm syz.3.25: inode has both inline data and extents flags
[   88.599574][ T4438] Trying to free block not in datazone
[   88.633095][ T4436] EXT4-fs error (device loop3): ext4_orphan_get:1410: comm syz.3.25: couldn't read orphan inode 15 (err -117)
[   88.749219][ T4279] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[   88.757113][ T4436] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   88.770404][ T4279] FAT-fs (loop1): Filesystem has been set read-only
[   88.953368][ T4438] Trying to free block not in datazone
[   88.964370][ T4438] minix_free_inode: bit 5 already cleared
[   89.082131][ T4415] BTRFS info (device loop2): enabling ssd optimizations
[   89.188359][ T4267] EXT4-fs (loop3): unmounting filesystem.
[   89.757524][ T4269] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   89.976663][ T4474] loop0: detected capacity change from 0 to 2048
[   90.059093][ T4474] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   90.177599][ T4482] netlink: 8 bytes leftover after parsing attributes in process `syz.1.34'.
[   90.263169][ T4488] netlink: 65011 bytes leftover after parsing attributes in process `syz.1.34'.
[   90.516890][ T4490] loop2: detected capacity change from 0 to 8192
[   90.731468][ T4468] loop4: detected capacity change from 0 to 32768
[   90.752725][ T4486] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   90.928618][ T4468] XFS (loop4): Mounting V5 Filesystem
[   90.952853][ T4486] usb 4-1: Using ep0 maxpacket: 16
[   90.969977][ T4486] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.010070][   T26] audit: type=1800 audit(1776796602.692:3): pid=4485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.33" name="file1" dev="loop0" ino=1415 res=0 errno=0
[   91.079916][ T4486] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.098718][ T4495] FAT-fs (loop2): error, corrupted directory (invalid entries)
[   91.122851][ T4495] FAT-fs (loop2): Filesystem has been set read-only
[   91.139851][ T4486] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   91.189589][ T4486] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   91.232627][ T4486] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.256483][ T4468] XFS (loop4): Ending clean mount
[   91.279854][ T4486] usb 4-1: config 0 descriptor??
[   91.321018][ T4468] XFS (loop4): Quotacheck needed: Please wait.
[   91.408360][ T4468] XFS (loop4): Quotacheck: Done.
[   91.426168][ T4494] loop1: detected capacity change from 0 to 32768
[   91.475245][   T26] audit: type=1800 audit(1776796603.162:4): pid=4468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.31" name="file1" dev="loop4" ino=6150 res=0 errno=0
[   91.501823][ T4494] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.35 (4494)
[   91.523161][ T4468] XFS (loop4): User initiated shutdown received.
[   91.560657][ T4468] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:499).  Shutting down filesystem.
[   91.589179][ T4494] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   91.624361][ T4468] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[   91.648186][ T4506] loop0: detected capacity change from 0 to 512
[   91.655259][ T4494] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[   91.682832][ T4494] BTRFS info (device loop1): using free space tree
[   91.719553][ T4486] HID 045e:07da: Invalid code 65791 type 1
[   91.747015][ T4486] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0002/input/input5
[   91.761483][ T4506] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   91.789267][ T4486] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[   91.828546][ T4506] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.907562][ T4272] XFS (loop4): Unmounting Filesystem
[   92.025858][   T27] usb 4-1: USB disconnect, device number 2
[   92.093452][ T4494] BTRFS info (device loop1): enabling ssd optimizations
[   92.116124][ T4268] EXT4-fs (loop0): unmounting filesystem.
[   92.305526][ T4536] loop0: detected capacity change from 0 to 2048
[   92.352484][ T4524] fido_id[4524]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[   92.371360][ T4538] overlayfs: './file2' not a directory
[   92.466217][ T4536] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   92.819684][ T4268] EXT4-fs (loop0): unmounting filesystem.
[   92.846908][ T4546] loop3: detected capacity change from 0 to 1024
[   92.899441][ T4546] =======================================================
[   92.899441][ T4546] WARNING: The mand mount option has been deprecated and
[   92.899441][ T4546]          and is ignored by this kernel. Remove the mand
[   92.899441][ T4546]          option from the mount to silence this warning.
[   92.899441][ T4546] =======================================================
[   92.971349][ T4279] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   93.153688][ T4546] EXT4-fs: Ignoring removed bh option
[   93.173693][ T4546] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   93.199452][ T4546] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.697541][ T4294] EXT4-fs error (device loop3): ext4_map_blocks:747: inode #15: comm kworker/u4:5: lblock 0 mapped to illegal pblock 0 (length 6)
[   93.761650][ T4294] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117
[   93.848244][ T4294] EXT4-fs (loop3): This should not happen!! Data will be lost
[   93.848244][ T4294] 
[   93.930039][ T4294] EXT4-fs error (device loop3): ext4_map_blocks:747: inode #15: block 8: comm kworker/u4:5: lblock 8 mapped to illegal pblock 8 (length 8)
[   94.024826][ T4294] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[   94.144749][ T4294] EXT4-fs (loop3): This should not happen!! Data will be lost
[   94.144749][ T4294] 
[   94.201212][ T4267] EXT4-fs (loop3): unmounting filesystem.
[   94.351445][ T4565] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-61)
[   94.442664][    C1] sched: RT throttling activated
[   94.520808][ T4558] loop2: detected capacity change from 0 to 131072
[   94.530194][ T4558] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[   94.538420][ T4558] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   94.565221][ T4549] loop0: detected capacity change from 0 to 32768
[   94.574617][ T4558] F2FS-fs (loop2): invalid crc value
[   94.653987][ T4558] F2FS-fs (loop2): Found nat_bits in checkpoint
[   94.704925][ T4558] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   94.712070][ T4558] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   94.795361][ T4549] JBD2: Ignoring recovery information on journal
[   94.923246][ T4573] loop3: detected capacity change from 0 to 8192
[   95.015273][ T4549] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   95.341598][ T4268] ocfs2: Unmounting device (7,0) on (node local)
[   95.598995][ T4578] FAT-fs (loop3): error, corrupted directory (invalid entries)
[   95.639155][ T4567] loop1: detected capacity change from 0 to 32768
[   95.661576][ T4578] FAT-fs (loop3): Filesystem has been set read-only
[   95.778346][ T4567] XFS (loop1): Mounting V5 Filesystem
[   95.942140][ T4567] XFS (loop1): Ending clean mount
[   96.022540][ T4567] XFS (loop1): Quotacheck needed: Please wait.
[   96.069281][ T4567] XFS (loop1): Quotacheck: Done.
[   96.135836][   T26] audit: type=1800 audit(1776796607.822:5): pid=4567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.50" name="file1" dev="loop1" ino=6150 res=0 errno=0
[   96.146074][ T4567] XFS (loop1): User initiated shutdown received.
[   96.172898][ T4567] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:499).  Shutting down filesystem.
[   96.213111][ T4567] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[   96.425387][ T4279] XFS (loop1): Unmounting Filesystem
[   96.878440][ T4603] loop3: detected capacity change from 0 to 2048
[   96.978209][ T4603] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   96.991854][ T4581] loop2: detected capacity change from 0 to 40427
[   97.037172][ T4581] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   97.124325][ T4581] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   97.180978][ T4581] F2FS-fs (loop2): invalid crc value
[   97.212184][ T4581] F2FS-fs (loop2): Found nat_bits in checkpoint
[   97.426431][ T4581] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   97.452904][ T4581] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   97.510511][ T4597] loop0: detected capacity change from 0 to 32768
[   97.532899][ T4597] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.57 (4597)
[   97.611849][ T4597] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   97.659008][ T4597] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[   97.727874][ T4597] BTRFS info (device loop0): using free space tree
[   97.982948][ T4597] BTRFS info (device loop0): enabling ssd optimizations
[   98.040545][ T4618] loop1: detected capacity change from 0 to 32768
[   98.081227][ T4618] JBD2: Ignoring recovery information on journal
[   98.217774][ T4618] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   98.420301][ T4279] ocfs2: Unmounting device (7,1) on (node local)
[   98.558402][ T4649] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   98.610413][ T4649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   98.683195][ T4649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   98.804213][ T4268] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   99.195097][ T4659] loop4: detected capacity change from 0 to 512
[   99.223590][ T4659] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   99.253539][ T4347] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   99.283464][ T4347] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   99.416741][ T4369] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 12 /dev/loop0 scanned by udevd (4369)
[   99.436037][ T4656] loop1: detected capacity change from 0 to 8192
[   99.459037][ T4668] device ipip0 entered promiscuous mode
[   99.656733][ T4272] EXT4-fs (loop4): unmounting filesystem.
[   99.957921][ T4675] loop2: detected capacity change from 0 to 2048
[  100.015691][ T4675] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  100.400540][ T4670] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  100.409919][ T4670] FAT-fs (loop1): Filesystem has been set read-only
[  100.575201][ T4296] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.589315][ T4667] loop3: detected capacity change from 0 to 32768
[  100.625976][ T4667] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 12
[  100.804657][ T4296] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.955005][   T26] audit: type=1800 audit(1776796612.642:6): pid=4675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.77" name="file1" dev="loop2" ino=1415 res=0 errno=0
[  100.955422][ T4296] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.988237][ T4369] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 12
[  101.256705][ T4296] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.153094][ T4270] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  102.163098][ T4270] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  102.176989][ T4270] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  102.186671][ T4270] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  102.196230][ T4270] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  102.207974][ T4270] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  102.336240][ T4679] loop1: detected capacity change from 0 to 40427
[  102.367663][ T4684] loop0: detected capacity change from 0 to 32768
[  102.427107][ T4682] loop3: detected capacity change from 0 to 32768
[  102.435044][ T4684] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.91 (4684)
[  102.449348][ T4679] F2FS-fs (loop1): invalid crc value
[  102.507954][ T4679] F2FS-fs (loop1): Found nat_bits in checkpoint
[  102.525778][ T4684] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  102.578800][ T4686] loop2: detected capacity change from 0 to 32768
[  102.579312][ T4682] 
[  102.579312][ T4682]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  102.579312][ T4682] 
[  102.648085][ T4684] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  102.666255][ T4686] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.82 (4686)
[  102.720639][ T4684] BTRFS info (device loop0): using free space tree
[  102.772700][ T4686] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  102.813310][ T4679] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  102.827656][ T4686] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  102.924058][ T4686] BTRFS info (device loop2): using free space tree
[  103.003133][    T9] ERROR: (device loop3): diWrite: ixpxd invalid
[  103.003133][    T9] 
[  103.023236][    T9] ERROR: (device loop3): txCommit: 
[  103.023236][    T9] 
[  103.031127][    T9] jfs_write_inode: jfs_commit_inode failed!
[  103.048684][ T4267] 
[  103.048684][ T4267]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.048684][ T4267] 
[  103.093590][ T4267] 
[  103.093590][ T4267]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.093590][ T4267] 
[  103.114004][ T4684] BTRFS info (device loop0): enabling ssd optimizations
[  103.308670][ T4686] BTRFS info (device loop2): enabling ssd optimizations
[  103.333179][ T4279] syz-executor: attempt to access beyond end of device
[  103.333179][ T4279] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  103.455182][ T4689] chnl_net:caif_netlink_parms(): no params data found
[  103.607686][ T4268] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  104.214014][ T4269] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  104.262961][ T4270] Bluetooth: hci3: command 0x0409 tx timeout
[  104.552590][ T4689] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.591593][ T4689] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.627235][ T4369] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 12 /dev/loop2 scanned by udevd (4369)
[  104.628746][ T4689] device bridge_slave_0 entered promiscuous mode
[  104.659452][ T4757] loop1: detected capacity change from 0 to 4096
[  104.712839][ T4689] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.720001][ T4689] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.755295][ T4689] device bridge_slave_1 entered promiscuous mode
[  104.876025][ T4761] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  104.981524][   T26] audit: type=1800 audit(1776796616.662:7): pid=4757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.85" name="file2" dev="loop1" ino=16 res=0 errno=0
[  105.125612][ T4689] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.173221][ T4766] loop3: detected capacity change from 0 to 256
[  105.207568][ T4296] device hsr_slave_0 left promiscuous mode
[  105.250845][ T4766] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  105.292434][ T4296] device hsr_slave_1 left promiscuous mode
[  105.309685][ T4296] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  105.372197][ T4296] batman_adv: batadv0: Removing interface: batadv_slave_0
[  105.419737][ T4766] syz.3.89: attempt to access beyond end of device
[  105.419737][ T4766] loop3: rw=524288, sector=34359738488, nr_sectors = 8 limit=256
[  105.479229][ T4296] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  105.499416][ T4296] batman_adv: batadv0: Removing interface: batadv_slave_1
[  105.520388][ T4766] syz.3.89: attempt to access beyond end of device
[  105.520388][ T4766] loop3: rw=0, sector=34359738488, nr_sectors = 8 limit=256
[  105.563218][ T4296] device bridge_slave_1 left promiscuous mode
[  105.591359][ T4296] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.681653][ T4296] device bridge_slave_0 left promiscuous mode
[  105.745845][   T26] audit: type=1800 audit(1776796617.432:8): pid=4766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.89" name="file1" dev="loop3" ino=1048615 res=0 errno=0
[  105.810222][ T4296] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.124636][ T4766] exFAT-fs (loop3): error, tried to truncate zeroed cluster.
[  106.132373][ T4766] exFAT-fs (loop3): Filesystem has been set read-only
[  106.175973][ T4769] exFAT-fs (loop3): hint_cluster is invalid (1)
[  106.223337][ T4769] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000)
[  106.244538][ T4776] loop1: detected capacity change from 0 to 2048
[  106.251711][ T4296] device veth1_macvtap left promiscuous mode
[  106.263633][ T4296] device veth0_macvtap left promiscuous mode
[  106.270970][ T4296] device veth1_vlan left promiscuous mode
[  106.294578][ T4769] exFAT-fs (loop3): error, failed to bmap (inode : ffff8880553e87e0 iblock : 9, err : -5)
[  106.342870][ T4270] Bluetooth: hci3: command 0x041b tx timeout
[  106.365311][ T4769] exFAT-fs (loop3): error, tried to truncate zeroed cluster.
[  106.381149][ T4776] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  106.409113][ T4769] exFAT-fs (loop3): error, tried to truncate zeroed cluster.
[  106.413921][ T4296] device veth0_vlan left promiscuous mode
[  106.929249][ T4768] loop2: detected capacity change from 0 to 40427
[  106.974227][ T4768] F2FS-fs (loop2): invalid crc value
[  107.001580][ T4768] F2FS-fs (loop2): Found nat_bits in checkpoint
[  107.185870][ T4768] F2FS-fs (loop2): Start checkpoint disabled!
[  107.256531][ T4768] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  107.289670][   T26] audit: type=1800 audit(1776796618.972:9): pid=4776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.93" name="file1" dev="loop1" ino=1415 res=0 errno=0
[  107.397508][ T4768] syz.2.90: attempt to access beyond end of device
[  107.397508][ T4768] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  107.453296][ T4768] syz.2.90: attempt to access beyond end of device
[  107.453296][ T4768] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  107.482727][ T4796] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  107.560738][ T4768] syz.2.90: attempt to access beyond end of device
[  107.560738][ T4768] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  107.716225][ T4799] loop0: detected capacity change from 0 to 128
[  107.812767][ T4799] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  107.856458][ T4799] hpfs: filesystem error: improperly stopped
[  107.862526][ T4799] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  107.902898][ T4799] hpfs: You really don't want any checks? You are crazy...
[  107.910908][ T4799] hpfs: hpfs_map_sector(): read error
[  107.949961][ T4799] hpfs: code page support is disabled
[  107.970467][   T46] kworker/u4:3: attempt to access beyond end of device
[  107.970467][   T46] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  107.977559][ T4799] hpfs: hpfs_map_4sectors(): unaligned read
[  108.001044][ T4799] hpfs: hpfs_map_4sectors(): unaligned read
[  108.032218][ T4799] hpfs: filesystem error: unable to find root dir
[  108.417016][ T4296] team0 (unregistering): Port device team_slave_1 removed
[  108.424126][ T4270] Bluetooth: hci3: command 0x040f tx timeout
[  108.465513][ T4296] team0 (unregistering): Port device team_slave_0 removed
[  108.502431][ T4296] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  108.541020][ T4296] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.815871][ T4296] bond0 (unregistering): Released all slaves
[  108.890997][ T4689] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.954881][ T4689] team0: Port device team_slave_0 added
[  108.979242][ T4689] team0: Port device team_slave_1 added
[  109.018358][ T4689] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.031898][ T4689] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.066084][ T4689] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.084791][ T4689] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.091827][ T4689] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.126679][ T4689] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.169562][ T4689] device hsr_slave_0 entered promiscuous mode
[  109.177969][ T4689] device hsr_slave_1 entered promiscuous mode
[  109.186709][ T4689] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.202216][ T4689] Cannot create hsr debugfs directory
[  109.350308][ T4689] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  109.360705][ T4689] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  109.370764][ T4689] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  109.380827][ T4689] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  109.536710][ T4689] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.568813][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  109.580236][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  109.596980][ T4689] 8021q: adding VLAN 0 to HW filter on device team0
[  109.610494][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.623663][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.632215][ T4324] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.639395][ T4324] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.656017][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  109.676895][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.688737][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.702528][ T4294] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.709892][ T4294] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.734343][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  109.743578][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  109.767908][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  109.784862][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  109.804538][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.828525][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  109.853184][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  109.870398][ T4689] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  110.189193][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  110.199401][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  110.218256][ T4689] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.507899][ T4270] Bluetooth: hci3: command 0x0419 tx timeout
[  110.690271][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  110.708864][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  110.737230][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  110.753487][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  110.773378][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  110.783944][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  110.809037][ T4689] device veth0_vlan entered promiscuous mode
[  110.828399][ T4689] device veth1_vlan entered promiscuous mode
[  110.871143][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  110.884591][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  110.893634][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  110.903622][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  110.915044][ T4689] device veth0_macvtap entered promiscuous mode
[  110.925300][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  110.938168][ T4689] device veth1_macvtap entered promiscuous mode
[  110.959369][ T4689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.971171][ T4689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.981387][ T4689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.992199][ T4689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.002470][ T4689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.016429][ T4689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.026788][ T4689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.037419][ T4689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.048816][ T4689] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.069002][ T4689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.080045][ T4689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.091530][ T4689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.104744][ T4689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.116682][ T4689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.127904][ T4689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.138123][ T4689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.151480][ T4689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.164061][ T4689] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.171447][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  111.180985][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  111.190046][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  111.199887][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  111.221017][ T4689] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.231027][ T4689] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.239900][ T4689] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.250005][ T4689] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.357259][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.378240][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.386973][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  111.415040][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.426388][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.435428][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  111.611842][ T4848] netlink: 'syz.2.110': attribute type 11 has an invalid length.
[  111.642874][ T4848] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0103 with DS=0x91
[  111.888287][ T4486] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  112.048066][ T4850] loop5: detected capacity change from 0 to 32768
[  112.110160][ T4486] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.120837][ T4486] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3
[  112.131004][ T4486] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  112.133649][ T4850] JBD2: Ignoring recovery information on journal
[  112.146603][ T4486] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.187169][ T4850] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  112.208104][ T4486] usb 4-1: config 0 descriptor??
[  112.290221][ T4689] ocfs2: Unmounting device (7,5) on (node local)
[  112.778738][ T4876] loop1: detected capacity change from 0 to 512
[  112.838626][ T4486] Bluetooth: Can't get version to change to load ram patch err
[  112.856991][ T4486] Bluetooth: Loading sysconfig file failed
[  112.877136][ T4486] ath3k: probe of 4-1:0.0 failed with error -71
[  112.910878][ T4486] usb 4-1: USB disconnect, device number 3
[  112.964386][ T4876] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  113.157695][ T4872] loop5: detected capacity change from 0 to 32768
[  113.177736][ T4872] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 12
[  113.219193][ T4878] binder: 4877:4878 ioctl c0306201 200000001a80 returned -14
[  113.304112][ T4279] EXT4-fs (loop1): unmounting filesystem.
[  113.732497][ T4369] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 12
[  114.450131][ T4916] loop0: detected capacity change from 0 to 512
[  114.561899][ T4916] EXT4-fs (loop0): 1 truncate cleaned up
[  114.637614][ T4916] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  114.841340][ T4891] loop5: detected capacity change from 0 to 32768
[  114.867868][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  114.940523][ T4891] JBD2: Ignoring recovery information on journal
[  114.968838][ T4928] loop1: detected capacity change from 0 to 1024
[  115.109649][ T4891] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  115.527263][ T4689] ocfs2: Unmounting device (7,5) on (node local)
[  115.731775][ T4942] loop1: detected capacity change from 0 to 8
[  116.291726][ T4935] loop3: detected capacity change from 0 to 32768
[  116.317661][ T4932] loop0: detected capacity change from 0 to 32768
[  116.404407][   T26] audit: type=1800 audit(1776796628.092:10): pid=4935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.123" name="file1" dev="loop3" ino=7 res=0 errno=0
[  116.451313][ T4952] loop5: detected capacity change from 0 to 4096
[  116.532484][ T4932] XFS (loop0): Mounting V5 Filesystem
[  116.623585][ T4952] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  116.649145][ T4932] XFS (loop0): Ending clean mount
[  116.716057][ T4932] XFS (loop0): Quotacheck needed: Please wait.
[  116.780007][ T4952] ntfs3: loop5: Failed to load $Extend.
[  116.856122][ T4932] XFS (loop0): Quotacheck: Done.
[  117.130756][ T4969] loop2: detected capacity change from 0 to 4096
[  117.239095][ T4969] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  117.337872][ T4268] XFS (loop0): Unmounting Filesystem
[  117.356030][ T4952] syz.5.127 (4952) used greatest stack depth: 20624 bytes left
[  118.382079][ T4995] loop5: detected capacity change from 0 to 2048
[  118.493872][ T4995] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  118.512750][ T4477] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  118.689675][ T5002] device syzkaller1 entered promiscuous mode
[  118.719813][ T4477] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40
[  118.738110][ T4477] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.764793][ T4477] usb 2-1: Product: syz
[  118.782393][ T4477] usb 2-1: Manufacturer: syz
[  118.797613][ T4477] usb 2-1: SerialNumber: syz
[  119.339489][   T26] audit: type=1800 audit(1776796631.022:11): pid=4995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.136" name="file1" dev="loop5" ino=1415 res=0 errno=0
[  119.399980][ T5017] loop0: detected capacity change from 0 to 512
[  119.481466][ T4995] syz.5.136 (4995) used greatest stack depth: 20528 bytes left
[  119.552909][ T5017] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  119.562903][ T5017] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.675331][ T4477] rtl8150 2-1:1.0: eth5: rtl8150 is detected
[  119.903557][ T4477] usb 2-1: USB disconnect, device number 2
[  120.015431][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  120.180325][ T5037] loop5: detected capacity change from 0 to 512
[  120.234927][ T5037] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  120.301624][ T5037] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  120.358558][ T5037] EXT4-fs error (device loop5): ext4_orphan_get:1431: comm syz.5.151: bad orphan inode 131083
[  120.534809][ T5037] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  120.714972][ T4689] EXT4-fs (loop5): unmounting filesystem.
[  120.782843][ T4350] kernel write not supported for file /vcs (pid: 4350 comm: kworker/1:7)
[  121.292845][ T4350] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  121.509942][ T4350] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  121.536479][ T5083] loop3: detected capacity change from 0 to 128
[  121.539193][ T4350] usb 3-1: config 0 has no interface number 0
[  121.572780][ T4350] usb 3-1: config 0 interface 1 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  121.621164][ T5083] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  121.642938][ T4350] usb 3-1: config 0 interface 1 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.670243][ T5083] ext4 filesystem being mounted at /37/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  121.740228][ T5086] loop1: detected capacity change from 0 to 1024
[  121.755154][ T5086] EXT4-fs: Ignoring removed bh option
[  121.761128][ T4350] usb 3-1: config 0 interface 1 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  121.823072][ T4350] usb 3-1: config 0 interface 1 has no altsetting 0
[  121.841290][ T5086] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  121.850254][ T4350] usb 3-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[  121.878715][ T4350] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.951975][ T5083] EXT4-fs error (device loop3): dx_make_map:1328: inode #2: block 18: comm syz.3.167: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  121.970576][    C0] vkms_vblank_simulate: vblank timer overrun
[  121.979430][ T5086] EXT4-fs (loop1): re-mounted. Quota mode: none.
[  121.994364][ T4350] usb 3-1: config 0 descriptor??
[  122.098150][ T5083] EXT4-fs (loop3): Remounting filesystem read-only
[  122.124590][ T5095] loop5: detected capacity change from 0 to 256
[  122.128839][ T5083] EXT4-fs error (device loop3) in do_split:2095: Corrupt filesystem
[  122.178616][ T5083] EXT4-fs (loop3): Remounting filesystem read-only
[  122.199291][ T4279] EXT4-fs (loop1): unmounting filesystem.
[  122.423985][ T4350] hid (null): invalid report_count 252767622
[  122.463674][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  122.627604][ T4350] input: HID 145f:0212 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:145F:0212.0004/input/input6
[  122.685386][ T5105] loop5: detected capacity change from 0 to 2048
[  122.711206][ T5105] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  122.748931][ T4350] input: HID 145f:0212 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:145F:0212.0004/input/input7
[  122.776157][ T5105] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  122.861926][ T4350] uclogic 0003:145F:0212.0004: input,hiddev0,hidraw0: USB HID v4.06 Keypad [HID 145f:0212] on usb-dummy_hcd.2-1/input1
[  122.941231][ T4350] usb 3-1: USB disconnect, device number 2
[  123.364872][ T5113] fido_id[5113]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  123.562970][ T4481] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  123.706708][ T5134] loop5: detected capacity change from 0 to 2048
[  123.764402][ T4481] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  123.793169][ T4481] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  123.804703][ T5134] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  123.836919][ T4481] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  123.886758][ T4481] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  123.902590][   T26] audit: type=1800 audit(1776796635.582:12): pid=5134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.183" name="file1" dev="loop5" ino=1367 res=0 errno=0
[  123.938296][ T4481] usb 2-1: SerialNumber: syz
[  124.215546][ T4481] usb 2-1: 0:2 : does not exist
[  124.254903][ T4481] usb 2-1: USB disconnect, device number 3
[  124.494410][ T4369] udevd[4369]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  125.045658][ T5147] device syzkaller1 entered promiscuous mode
[  125.061881][ T5152] loop3: detected capacity change from 0 to 2048
[  125.157033][ T5152] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  125.734282][ T5170] loop2: detected capacity change from 0 to 1024
[  125.810097][ T5170] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  125.818922][ T5170] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.845856][ T5170] EXT4-fs error (device loop2): ext4_map_blocks:747: inode #15: block 3: comm syz.2.197: lblock 3 mapped to illegal pblock 3 (length 3)
[  125.866513][ T5170] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  125.879248][ T5170] EXT4-fs (loop2): This should not happen!! Data will be lost
[  125.879248][ T5170] 
[  125.892828][ T4350] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  125.898713][ T5170] EXT4-fs error (device loop2): ext4_map_blocks:747: inode #15: block 8: comm syz.2.197: lblock 8 mapped to illegal pblock 8 (length 4)
[  125.922716][ T5170] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 4 with error 117
[  125.923540][   T27] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  125.943051][ T5170] EXT4-fs (loop2): This should not happen!! Data will be lost
[  125.943051][ T5170] 
[  125.968606][ T5170] EXT4-fs error (device loop2): ext4_ext_remove_space:2930: inode #15: comm syz.2.197: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  126.032252][   T26] audit: type=1800 audit(1776796637.712:13): pid=5152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.186" name="file1" dev="loop3" ino=1415 res=0 errno=0
[  126.086888][ T4294] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm kworker/u4:5: bg 0: block 112: padding at end of block bitmap is not set
[  126.098537][ T4350] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.131340][ T4350] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.150721][ T4294] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  126.170053][ T4294] EXT4-fs (loop2): This should not happen!! Data will be lost
[  126.170053][ T4294] 
[  126.179948][ T4294] EXT4-fs (loop2): Total free blocks count 0
[  126.187301][   T27] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  126.202986][ T4294] EXT4-fs (loop2): Free/Dirty block details
[  126.206330][ T4350] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  126.208946][ T4294] EXT4-fs (loop2): free_blocks=0
[  126.226526][   T27] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.262970][   T27] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.280735][ T4350] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  126.293961][   T27] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  126.323208][ T4350] usb 6-1: Manufacturer: syz
[  126.349046][ T4350] usb 6-1: config 0 descriptor??
[  126.362509][   T27] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  126.385061][   T27] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  126.401870][   T27] usb 2-1: Manufacturer: syz
[  126.447868][   T27] usb 2-1: config 0 descriptor??
[  126.873531][ T4256] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  126.885948][   T27] appleir 0003:05AC:8243.0006: unknown main item tag 0x0
[  126.903979][   T27] appleir 0003:05AC:8243.0006: No inputs registered, leaving
[  126.934210][   T27] appleir 0003:05AC:8243.0006: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  127.076002][ T4256] usb 3-1: Using ep0 maxpacket: 32
[  127.084284][ T4256] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.119014][ T5187] netlink: 14 bytes leftover after parsing attributes in process `syz.0.203'.
[  127.121169][ T4256] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.159063][ T4256] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  127.181413][ T4350] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0005/input/input8
[  127.202892][ T4256] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.231609][ T4256] usb 3-1: config 0 descriptor??
[  127.241703][ T4256] hub 3-1:0.0: USB hub found
[  127.285891][ T4350] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0005/input/input9
[  127.298246][   T27] usb 2-1: USB disconnect, device number 4
[  127.325752][ T4350] input: syz Touch Strip as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0005/input/input10
[  127.353099][ T4347] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  127.374393][ T4350] input: syz Dial as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0005/input/input11
[  127.407434][ T4350] uclogic 0003:256C:006D.0005: input,hiddev0,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.5-1/input0
[  127.447308][ T4256] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  127.462992][ T4350] usb 6-1: USB disconnect, device number 2
[  127.547133][ T4347] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  127.568626][ T4347] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.607205][ T4347] usb 4-1: config 0 descriptor??
[  127.630857][ T4347] cp210x 4-1:0.0: cp210x converter detected
[  127.750652][ T5189] fido_id[5189]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  127.852825][ T4256] hid-generic 0003:046D:C31C.0007: unknown main item tag 0x0
[  127.876871][ T4256] hid-generic 0003:046D:C31C.0007: hidraw1: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.2-1/input0
[  128.052831][ T4347] cp210x 4-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  128.089488][ T4347] usb 4-1: cp210x converter now attached to ttyUSB0
[  128.099908][ T5200] loop5: detected capacity change from 0 to 7
[  128.173012][ T5200] Dev loop5: unable to read RDB block 7
[  128.193010][ T4481] usb 3-1: USB disconnect, device number 3
[  128.220933][ T5200]  loop5: AHDI p1 p3 p4
[  128.261808][ T5200] loop5: partition table partially beyond EOD, truncated
[  128.305496][ T4350] usb 4-1: USB disconnect, device number 4
[  128.318287][ T5200] loop5: p1 size 100663296 extends beyond EOD, truncated
[  128.335626][ T4350] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  128.380797][ T4350] cp210x 4-1:0.0: device disconnected
[  128.382026][ T5200] loop5: p3 size 4261412863 extends beyond EOD, 
[  128.408929][ T5205] fido_id[5205]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  128.435564][ T5200] truncated
[  128.591035][ T5122] udevd[5122]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  128.606881][ T4369] udevd[4369]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  128.877691][ T5221] ALSA: mixer_oss: invalid OSS volume ''
[  129.082837][ T5229] vivid-002: disconnect
[  129.110211][ T5223] vivid-002: reconnect
[  129.111027][ T5228] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  129.121410][ T5228] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  129.161584][ T5228] vhci_hcd vhci_hcd.0: Device attached
[  129.403630][ T5240] ALSA: mixer_oss: invalid OSS volume ':'
[  129.409443][ T5240] ALSA: mixer_oss: invalid OSS volume '010000E0'
[  129.422769][ T4350] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[  129.423226][ T4481] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  129.452732][ T5240] ALSA: mixer_oss: invalid OSS volume '5'
[  129.458722][ T5240] ALSA: mixer_oss: invalid OSS volume '010000E0'
[  129.482774][ T5240] ALSA: mixer_oss: invalid OSS volume '6'
[  129.489637][ T5240] ALSA: mixer_oss: invalid OSS volume '010000E0'
[  129.496713][ T5240] ALSA: mixer_oss: invalid OSS volume '7'
[  129.512800][   T27] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  129.606610][ T5218] overlayfs: statfs failed on './file0'
[  129.622776][ T4481] usb 2-1: Using ep0 maxpacket: 8
[  129.630065][ T4481] usb 2-1: config 0 has no interfaces?
[  129.643994][ T4481] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  129.659855][ T4481] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.687947][ T4481] usb 2-1: config 0 descriptor??
[  129.718130][   T27] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.749009][   T27] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.775980][   T27] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  129.795422][ T5249] Illegal XDP return value 4294967294 on prog  (id 12) dev N/A, expect packet loss!
[  129.807840][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.838394][   T27] usb 1-1: config 0 descriptor??
[  129.883244][ T5247] loop5: detected capacity change from 0 to 8192
[  129.935391][ T5231] vhci_hcd: connection closed
[  129.939182][ T4313] usb 2-1: USB disconnect, device number 5
[  129.960336][   T46] vhci_hcd: stop threads
[  129.970214][   T46] vhci_hcd: release socket
[  129.994799][   T46] vhci_hcd: disconnect device
[  130.268776][   T27] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  130.290394][   T27] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  130.312212][   T27] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.0008/input/input12
[  130.379131][   T27] cm6533_jd 0003:0D8C:0022.0008: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
[  130.543295][   T27] usb 1-1: USB disconnect, device number 3
[  130.608227][ T5265] netlink: 8 bytes leftover after parsing attributes in process `syz.2.227'.
[  130.711751][ T5268] loop3: detected capacity change from 0 to 256
[  130.735078][ T5262] fido_id[5262]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  130.998652][ T5273] loop5: detected capacity change from 0 to 512
[  131.297501][ T5280] loop3: detected capacity change from 0 to 512
[  131.326787][ T5280] ext2: Unknown parameter 'nouser_xattr'
[  131.451912][ T5273] EXT4-fs (loop5): Test dummy encryption mode enabled
[  131.471028][ T5273] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  131.534778][ T5273] EXT4-fs error (device loop5): ext4_orphan_get:1431: comm syz.5.231: bad orphan inode 131083
[  131.552732][   T27] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  131.570231][ T5273] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  131.732829][   T27] usb 1-1: Using ep0 maxpacket: 8
[  131.749911][   T27] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  131.777674][ T4689] EXT4-fs (loop5): unmounting filesystem.
[  131.790153][   T27] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  131.817793][   T27] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  131.839832][   T27] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  131.862815][   T27] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  131.882767][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.895166][ T5272] loop1: detected capacity change from 0 to 32768
[  132.106173][ T5272] XFS (loop1): Mounting V5 Filesystem
[  132.130592][   T27] usb 1-1: GET_CAPABILITIES returned 0
[  132.136265][   T27] usbtmc 1-1:16.0: can't read capabilities
[  132.212570][ T5299] loop3: detected capacity change from 0 to 4096
[  132.242966][ T5299] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[  132.289418][ T5272] XFS (loop1): Ending clean mount
[  132.346844][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  132.378799][ T4347] usb 1-1: USB disconnect, device number 4
[  132.562342][ T4279] XFS (loop1): Unmounting Filesystem
[  132.590480][ T5283] loop2: detected capacity change from 0 to 40427
[  132.667204][ T5283] F2FS-fs (loop2): build fault injection attr: rate: 14, type: 0x3ffff
[  132.725213][ T5283] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0xe4
[  132.782557][ T5283] F2FS-fs (loop2): invalid crc value
[  132.835469][ T5283] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 22694528485)
[  132.873605][ T5309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.242'.
[  132.907696][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  132.914238][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  132.938997][ T5283] F2FS-fs (loop2) : inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x432/0xa20
[  133.261819][ T5283] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  133.347808][ T5283] F2FS-fs (loop2) : inject no more block in inc_valid_node_count of f2fs_new_node_page+0x178/0x910
[  133.400213][ T5283] F2FS-fs (loop2) : inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x123/0xbd0
[  133.639600][ T5305] loop5: detected capacity change from 0 to 40427
[  133.791058][ T5305] F2FS-fs (loop5): Found nat_bits in checkpoint
[  133.993521][ T5305] F2FS-fs (loop5): Cannot turn on quotas: -2 on 2
[  134.021614][ T5305] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  134.103535][ T5335] xt_hashlimit: max too large, truncated to 1048576
[  134.567046][ T5347] syz.0.251 sent an empty control message without MSG_MORE.
[  134.922762][   T27] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  135.008889][ T4280] Bluetooth: unknown link type 4
[  135.104632][   T27] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  135.145462][   T27] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  135.178561][   T27] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  135.215051][   T27] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.253181][ T5349] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  135.494396][ T4481] usb 6-1: USB disconnect, device number 3
[  135.590249][ T5375] netlink: 32 bytes leftover after parsing attributes in process `syz.2.261'.
[  136.197008][ T5397] device syzkaller1 entered promiscuous mode
[  136.207577][ T5399] loop2: detected capacity change from 0 to 256
[  136.896500][ T4350] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  137.062858][ T4280] Bluetooth: hci0: command 0x0409 tx timeout
[  137.085426][ T4350] usb 4-1: Using ep0 maxpacket: 32
[  137.096209][ T4350] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.132540][ T4350] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  137.203638][ T4350] usb 4-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  137.230155][ T4350] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  137.244642][ T4350] usb 4-1: Product: syz
[  137.248961][ T4350] usb 4-1: Manufacturer: syz
[  137.258100][ T4350] usb 4-1: SerialNumber: syz
[  137.314903][ T4350] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input13
[  137.518103][ T4350] usb 4-1: USB disconnect, device number 5
[  137.585567][ T4350] appletouch 4-1:1.0: input: appletouch disconnected
[  137.761497][ T5437] loop2: detected capacity change from 0 to 7
[  137.775012][ T5437] Dev loop2: unable to read RDB block 7
[  137.782051][ T5437]  loop2: unable to read partition table
[  137.798826][ T5437] loop2: partition table beyond EOD, truncated
[  137.810969][ T5437] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  137.927035][ T5425] loop5: detected capacity change from 0 to 32768
[  138.029631][ T5425] XFS (loop5): Mounting V5 Filesystem
[  138.187414][ T5425] XFS (loop5): Ending clean mount
[  138.219724][   T26] audit: type=1800 audit(1776796649.902:14): pid=5425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.277" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=6155 res=0 errno=0
[  138.365957][ T4689] XFS (loop5): Unmounting Filesystem
[  138.568359][ T5464] netlink: 16 bytes leftover after parsing attributes in process `syz.0.286'.
[  138.922846][ T5471] loop3: detected capacity change from 0 to 128
[  139.237826][ T5484] loop0: detected capacity change from 0 to 1024
[  139.299205][ T5484] EXT4-fs: Ignoring removed bh option
[  139.349220][ T5489] loop2: detected capacity change from 0 to 2048
[  139.361909][ T5484] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  139.371294][ T5484] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.421167][ T5489] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  139.492886][ T5489] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.516675][ T5489] EXT4-fs (loop2): shut down requested (0)
[  139.551210][ T5496] EXT4-fs error (device loop0): ext4_map_blocks:747: inode #15: comm syz.0.292: lblock 0 mapped to illegal pblock 0 (length 6)
[  139.567812][ T5498] loop5: detected capacity change from 0 to 512
[  139.582726][ T4350] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  139.627320][ T5496] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117
[  139.674268][ T5498] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002]
[  139.682422][ T5498] System zones: 1-20
[  139.734706][ T5496] EXT4-fs (loop0): This should not happen!! Data will be lost
[  139.734706][ T5496] 
[  139.746132][ T5498] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  139.785092][ T4350] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.842922][ T4350] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.882746][ T4350] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  139.936536][ T4350] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  139.976266][ T4350] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.011544][ T4350] usb 4-1: config 0 descriptor??
[  140.045225][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  140.123951][ T4689] EXT4-fs (loop5): unmounting filesystem.
[  140.396320][ T4294] EXT4-fs error (device loop0): ext4_map_blocks:747: inode #15: block 8: comm kworker/u4:5: lblock 8 mapped to illegal pblock 8 (length 8)
[  140.419270][ T4294] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  140.435362][ T4350] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[  140.445347][ T4294] EXT4-fs (loop0): This should not happen!! Data will be lost
[  140.445347][ T4294] 
[  140.463102][ T4350] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  140.528839][ T4294] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm kworker/u4:5: bg 0: block 112: padding at end of block bitmap is not set
[  140.604031][ T4294] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2060 with max blocks 116 with error 28
[  140.642706][ T4294] EXT4-fs (loop0): This should not happen!! Data will be lost
[  140.642706][ T4294] 
[  140.682700][ T4294] EXT4-fs (loop0): Total free blocks count 0
[  140.688770][ T4294] EXT4-fs (loop0): Free/Dirty block details
[  140.714373][ T4350] usb 4-1: USB disconnect, device number 6
[  140.737413][ T4294] EXT4-fs (loop0): free_blocks=0
[  140.746179][ T5515] fido_id[5515]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  141.349368][ T4481] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  141.367798][ T4477] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  141.381964][ T5542] loop3: detected capacity change from 0 to 256
[  141.395110][ T5542] exfat: Deprecated parameter 'utf8'
[  141.400629][ T5542] exfat: Deprecated parameter 'utf8'
[  141.409798][ T5542] exfat: Deprecated parameter 'utf8'
[  141.449190][ T5542] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x0afbdf60, utbl_chksum : 0xe619d30d)
[  141.482564][ T5542] process 'syz.3.304' launched '...' with NULL argv: empty string added
[  141.539394][ T4481] usb 6-1: unable to get BOS descriptor or descriptor too short
[  141.565834][ T4481] usb 6-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice= 0.40
[  141.582904][ T4477] usb 3-1: Using ep0 maxpacket: 32
[  141.590015][ T4477] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  141.601542][ T4481] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.610058][ T4477] usb 3-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  141.634854][ T4481] usb 6-1: Product: syz
[  141.639110][ T4481] usb 6-1: Manufacturer: syz
[  141.644495][ T4477] usb 3-1: config 0 interface 0 has no altsetting 0
[  141.651271][ T4481] usb 6-1: SerialNumber: syz
[  141.667457][ T4477] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  141.703928][ T4477] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.722843][ T4477] usb 3-1: Product: syz
[  141.732974][ T4477] usb 3-1: Manufacturer: syz
[  141.743961][ T4477] usb 3-1: SerialNumber: syz
[  141.767116][ T4477] usb 3-1: config 0 descriptor??
[  141.777495][ T5528] loop0: detected capacity change from 0 to 40427
[  141.818035][ T5528] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  141.835289][ T5528] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  141.869812][ T5528] F2FS-fs (loop0): invalid crc value
[  141.916093][ T5528] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  142.074174][ T5528] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  142.082025][ T5528] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  142.195279][ T4477] gs_usb 3-1:0.0: Configuring for 159 interfaces
[  142.306669][ T4481] usb 6-1: unit 5 not found!
[  142.311544][ T4481] usb 6-1: unit 3 not found!
[  142.334663][ T4268] syz-executor: attempt to access beyond end of device
[  142.334663][ T4268] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  142.713873][ T4481] usb_set_interface error
[  142.719523][ T4481] snd-usb-us122l: probe of 6-1:1.1 failed with error -22
[  142.773881][ T4481] usb 6-1: USB disconnect, device number 4
[  142.811423][ T4477] gs_usb 3-1:0.0: Couldn't get bit timing const for channel 2 (-EPROTO)
[  142.984080][ T4477] gs_usb: probe of 3-1:0.0 failed with error -71
[  143.025800][ T4477] usb 3-1: USB disconnect, device number 4
[  143.054843][ T4347] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  143.127913][ T5568] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  143.146194][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  143.163908][ T5568] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  143.402409][ T5576] loop3: detected capacity change from 0 to 256
[  143.472760][ T5576] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  143.526580][ T5576] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  143.584484][ T5576] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  143.784981][ T5586] loop5: detected capacity change from 0 to 256
[  143.821854][ T5586] exfat: Deprecated parameter 'utf8'
[  143.863156][ T5586] exfat: Deprecated parameter 'utf8'
[  143.900960][ T5594] loop1: detected capacity change from 0 to 512
[  143.919495][ T5586] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  144.026706][ T5594] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  144.090857][ T5594] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.190568][ T4350] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.575065][ T4279] EXT4-fs (loop1): unmounting filesystem.
[  144.682868][ T4481] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  144.891415][ T4481] usb 4-1: Using ep0 maxpacket: 16
[  144.903971][ T4481] usb 4-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.941699][ T4481] usb 4-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 25
[  144.971666][ T4481] usb 4-1: config 0 interface 0 has no altsetting 0
[  144.985355][ T4481] usb 4-1: New USB device found, idVendor=0f30, idProduct=0111, bcdDevice= 0.00
[  145.009042][ T5619] ALSA: mixer_oss: invalid OSS volume ''
[  145.029495][ T4481] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.083548][ T4481] usb 4-1: config 0 descriptor??
[  145.117187][ T4481] usbhid 4-1:0.0: fixing wrong optional hid class descriptors count
[  145.223210][ T4350] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.500989][ T4481] pantherlord 0003:0F30:0111.000A: unknown main item tag 0x0
[  145.522524][ T4481] pantherlord 0003:0F30:0111.000A: unknown main item tag 0x0
[  145.536808][ T4481] pantherlord 0003:0F30:0111.000A: unknown main item tag 0x0
[  145.554222][ T4481] pantherlord 0003:0F30:0111.000A: unknown main item tag 0x0
[  145.581472][ T4481] pantherlord 0003:0F30:0111.000A: item fetching failed at offset 7/41
[  145.619673][ T5638] loop5: detected capacity change from 0 to 1024
[  145.635901][ T4481] pantherlord 0003:0F30:0111.000A: parse failed
[  145.645382][   T26] audit: type=1326 audit(1776796657.332:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.332" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f344819c819 code=0x0
[  145.659844][ T4481] pantherlord: probe of 0003:0F30:0111.000A failed with error -22
[  145.728808][ T4481] usb 4-1: USB disconnect, device number 7
[  145.743474][ T5638] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  145.776433][ T5638] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.905038][   T26] audit: type=1800 audit(1776796657.592:16): pid=5638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.331" name="file1" dev="loop5" ino=15 res=0 errno=0
[  145.927095][ T5638] EXT4-fs (loop5): shut down requested (2)
[  145.970253][   T26] audit: type=1800 audit(1776796657.622:17): pid=5638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.331" name="file1" dev="loop5" ino=15 res=0 errno=0
[  146.028390][ T4689] EXT4-fs (loop5): unmounting filesystem.
[  146.127896][ T4481] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  146.263614][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  146.343132][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  146.483248][ T5666] netlink: 'syz.1.340': attribute type 1 has an invalid length.
[  146.776289][ T5679] loop3: detected capacity change from 0 to 1024
[  146.985032][ T4481] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.093464][   T26] audit: type=1326 audit(1776796659.783:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5659 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f138fd9c819 code=0x7fc00000
[  147.095691][   T27] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  147.170343][ T5692] tipc: Started in network mode
[  147.188563][ T5692] tipc: Node identity ac14140f, cluster identity 4711
[  147.217271][ T5692] tipc: New replicast peer: 255.255.255.255
[  147.221337][ T4324] hfsplus: b-tree write err: -5, ino 3
[  147.253180][ T5692] tipc: Enabled bearer <udp:syz2>, priority 10
[  147.364749][ T5700] loop5: detected capacity change from 0 to 512
[  147.392773][   T27] usb 3-1: Using ep0 maxpacket: 16
[  147.400436][   T27] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.437010][   T27] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.460605][ T5700] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  147.485364][   T27] usb 3-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  147.515278][   T27] usb 3-1: config 0 interface 0 has no altsetting 0
[  147.527929][   T27] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  147.554342][ T5700] EXT4-fs (loop5): 1 truncate cleaned up
[  147.575284][ T5700] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  147.588494][   T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.656821][   T27] usb 3-1: config 0 descriptor??
[  147.740753][ T4689] EXT4-fs (loop5): unmounting filesystem.
[  148.115208][ T5683] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.153102][ T5683] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.182542][ T5722] loop5: detected capacity change from 0 to 1024
[  148.189019][   T27] hid (null): unknown global tag 0xc
[  148.189377][   T27] hid (null): invalid report_size 686824678
[  148.226763][   T27] hid (null): invalid report_count 34888
[  148.232567][   T27] hid (null): unknown global tag 0xc
[  148.261946][   T27] hid (null): unknown global tag 0xe
[  148.312785][ T4481] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  148.358494][ T4313] net_ratelimit: 3 callbacks suppressed
[  148.358510][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  148.403997][ T4350] tipc: Node number set to 2886997007
[  148.434738][ T5725] netlink: 132 bytes leftover after parsing attributes in process `syz.1.355'.
[  148.472506][ T4313] usb 3-1: USB disconnect, device number 5
[  148.518669][ T4481] usb 1-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40
[  148.540715][ T4481] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.591122][ T4481] usb 1-1: Product: syz
[  148.598936][ T4481] usb 1-1: Manufacturer: syz
[  148.614074][ T4481] usb 1-1: SerialNumber: syz
[  148.717148][ T5727] loop3: detected capacity change from 0 to 2048
[  148.765933][ T5729] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  148.793356][   T26] audit: type=1800 audit(1776796661.483:19): pid=5727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.356" name="file1" dev="loop3" ino=15 res=0 errno=0
[  148.892027][ T5727] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  148.909050][ T5727] Remounting filesystem read-only
[  149.063446][ T4267] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  149.185144][ T4347] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.271159][ T5737] loop2: detected capacity change from 0 to 1024
[  149.401230][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.477902][ T4481] rtl8150 1-1:1.0: eth5: rtl8150 is detected
[  149.581244][ T4324] hfsplus: b-tree write err: -5, ino 3
[  149.673051][ T4481] usb 1-1: USB disconnect, device number 5
[  149.983987][ T5754] netlink: 8 bytes leftover after parsing attributes in process `syz.3.364'.
[  150.008321][ T5754] netlink: 8 bytes leftover after parsing attributes in process `syz.3.364'.
[  150.184500][ T4481] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.429192][ T4312] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.462013][ T5765] loop0: detected capacity change from 0 to 164
[  150.592154][ T5765] rock: directory entry would overflow storage
[  150.603346][ T5765] rock: sig=0x5252, size=5, remaining=3
[  151.131831][ T5780] loop5: detected capacity change from 0 to 2048
[  151.172124][ T5780] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  151.182858][ T5780] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.202847][ T4347] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  151.232402][ T5780] EXT4-fs (loop5): shut down requested (0)
[  151.402735][ T4347] usb 1-1: Using ep0 maxpacket: 16
[  151.415553][ T4347] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.463727][ T4350] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  151.472726][ T4347] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.498400][ T4347] usb 1-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  151.516682][ T5756] loop1: detected capacity change from 0 to 40427
[  151.531518][ T5763] loop3: detected capacity change from 0 to 40427
[  151.549811][ T4347] usb 1-1: config 0 interface 0 has no altsetting 0
[  151.558130][ T5756] F2FS-fs (loop1): build fault injection attr: rate: 14, type: 0x3ffff
[  151.588251][ T5763] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  151.591589][ T4347] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  151.612109][ T5756] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0xe4
[  151.622228][ T5763] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  151.644552][ T5756] F2FS-fs (loop1): invalid crc value
[  151.651285][ T4347] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.664049][ T5763] F2FS-fs (loop3): invalid crc value
[  151.688143][ T5756] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 22694528485)
[  151.723889][ T4347] usb 1-1: config 0 descriptor??
[  151.740975][ T5763] F2FS-fs (loop3): Found nat_bits in checkpoint
[  151.749998][ T5756] F2FS-fs (loop1) : inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x432/0xa20
[  151.881239][ T4689] EXT4-fs (loop5): unmounting filesystem.
[  152.068831][ T5763] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  152.093653][ T5763] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  152.117999][ T5756] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  152.139820][ T5778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  152.213231][ T5778] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.260602][ T4347] hid (null): unknown global tag 0xc
[  152.273047][ T4347] hid (null): invalid report_size 686824678
[  152.295257][ T4347] hid (null): invalid report_count 34888
[  152.314373][ T4347] hid (null): unknown global tag 0xc
[  152.319752][ T4347] hid (null): unknown global tag 0xe
[  152.330067][ T5756] F2FS-fs (loop1) : inject no more block in inc_valid_node_count of f2fs_new_node_page+0x178/0x910
[  152.365149][ T5763] syz.3.367: attempt to access beyond end of device
[  152.365149][ T5763] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  152.441952][ T5756] F2FS-fs (loop1) : inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x123/0xbd0
[  152.485544][ T5806] syz.3.367: attempt to access beyond end of device
[  152.485544][ T5806] loop3: rw=2051, sector=45096, nr_sectors = 8 limit=40427
[  152.506615][ T4350] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  152.514807][ T4477] usb 1-1: USB disconnect, device number 6
[  152.711310][   T46] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  152.804024][   T46] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  152.952428][ T5814] device syzkaller1 entered promiscuous mode
[  153.223084][ T4477] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  153.487349][ T5801] loop2: detected capacity change from 0 to 40427
[  153.531818][ T5801] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  153.543552][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  153.570438][ T5801] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  153.594973][ T5824] loop1: detected capacity change from 0 to 2048
[  153.612284][ T5801] F2FS-fs (loop2): invalid crc value
[  153.691700][ T5801] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  153.719614][ T5830] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  153.807485][   T26] audit: type=1800 audit(1776796666.493:20): pid=5824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.390" name="file1" dev="loop1" ino=15 res=0 errno=0
[  153.875484][ T5824] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  153.917207][ T5824] Remounting filesystem read-only
[  154.064328][ T5801] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  154.064968][ T4279] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  154.071470][ T5801] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  154.122744][ T4477] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  154.295294][ T5842] loop0: detected capacity change from 0 to 512
[  154.336601][ T4477] usb 4-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40
[  154.372793][ T4477] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.380883][ T4477] usb 4-1: Product: syz
[  154.413350][ T4477] usb 4-1: Manufacturer: syz
[  154.418042][ T4477] usb 4-1: SerialNumber: syz
[  154.441437][ T4269] syz-executor: attempt to access beyond end of device
[  154.441437][ T4269] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  154.582948][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  154.702879][ T4481] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  154.765650][ T5849] loop0: detected capacity change from 0 to 2048
[  154.788792][ T5851] loop2: detected capacity change from 0 to 256
[  154.809171][ T5851] exfat: Deprecated parameter 'utf8'
[  154.838937][ T5851] exfat: Deprecated parameter 'utf8'
[  154.855537][ T5851] exfat: Deprecated parameter 'utf8'
[  154.865796][ T5849] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  154.882526][ T5849] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.903384][ T4481] usb 2-1: Using ep0 maxpacket: 32
[  154.910906][ T4481] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.934664][ T5849] EXT4-fs (loop0): shut down requested (0)
[  154.957068][ T5851] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x0afbdf60, utbl_chksum : 0xe619d30d)
[  154.981043][ T4481] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  155.028339][ T4481] usb 2-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  155.094101][ T4481] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  155.102565][ T4481] usb 2-1: Product: syz
[  155.135353][ T4481] usb 2-1: Manufacturer: syz
[  155.140085][ T4481] usb 2-1: SerialNumber: syz
[  155.158227][ T4481] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input14
[  155.204148][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  155.247807][ T4350] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  155.259649][ T4477] rtl8150 4-1:1.0: eth5: rtl8150 is detected
[  155.277626][ T4350] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  155.493310][ T4481] usb 4-1: USB disconnect, device number 8
[  155.522219][ T4486] usb 2-1: USB disconnect, device number 6
[  155.597719][ T4486] appletouch 2-1:1.0: input: appletouch disconnected
[  155.667457][ T4350] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.092694][ T4477] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  156.265722][ T4486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.284702][ T4477] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.311808][ T4477] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.383034][ T4477] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  156.424874][ T4477] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  156.453768][ T4477] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.504191][ T4477] usb 3-1: config 0 descriptor??
[  156.743221][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.789974][ T5893] netlink: 8 bytes leftover after parsing attributes in process `syz.5.403'.
[  156.927064][ T4477] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  156.952051][ T4477] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  157.215138][ T4477] usb 3-1: USB disconnect, device number 6
[  157.264425][ T4486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.342802][ T4313] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  157.429029][ T5909] loop3: detected capacity change from 0 to 512
[  157.479104][ T4369] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  157.494423][ T5909] tipc: Started in network mode
[  157.499366][ T5909] tipc: Node identity 2d7755a7e347459e002e, cluster identity 4711
[  157.545585][ T4313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.573681][ T4313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.593849][ T4313] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  157.615894][ T5915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.409'.
[  157.647471][ T4313] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  157.653068][ T5915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.409'.
[  157.688455][ T4313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.725185][ T4313] usb 2-1: config 0 descriptor??
[  157.783287][ T4312] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.860431][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.869377][ T4350] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  157.913915][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.941422][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.057416][ T4350] usb 6-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40
[  158.074276][ T4350] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.103027][ T4350] usb 6-1: Product: syz
[  158.113462][ T4350] usb 6-1: Manufacturer: syz
[  158.139134][ T4350] usb 6-1: SerialNumber: syz
[  158.162854][ T4486] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  158.170723][ T4313] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[  158.199227][ T4313] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  158.352700][ T4486] usb 1-1: Using ep0 maxpacket: 32
[  158.361350][ T4486] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.394089][ T4486] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  158.449702][ T4486] usb 1-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  158.476367][ T4486] usb 1-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  158.490204][ T4486] usb 1-1: Product: syz
[  158.497810][ T4486] usb 1-1: Manufacturer: syz
[  158.508559][ T4486] usb 1-1: SerialNumber: syz
[  158.565512][ T4486] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input15
[  158.813897][ T4313] usb 1-1: USB disconnect, device number 7
[  158.823009][   T27] net_ratelimit: 3 callbacks suppressed
[  158.823024][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.860116][ T4313] appletouch 1-1:1.0: input: appletouch disconnected
[  159.046368][ T4350] rtl8150 6-1:1.0: eth5: rtl8150 is detected
[  159.261439][ T4350] usb 6-1: USB disconnect, device number 5
[  159.305373][ T4477] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.478144][    C0] plantronics 0003:047F:FFFF.000F: usb_submit_urb(ctrl) failed: -1
[  159.497816][ T4486] usb 2-1: USB disconnect, device number 7
[  159.863370][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  160.016333][ T5970] loop5: detected capacity change from 0 to 512
[  160.067002][ T5970] tipc: Started in network mode
[  160.082463][ T5970] tipc: Node identity 2d7755a7e347459e002e, cluster identity 4711
[  160.351387][ T5982] loop3: detected capacity change from 0 to 256
[  160.400695][ T5982] exFAT-fs (loop3): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  160.457619][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  160.550049][ T4486] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  160.662816][ T4477] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  160.689131][ T5987] loop2: detected capacity change from 0 to 2048
[  160.719676][ T5987] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  160.751379][ T4486] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.778030][ T4486] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.801913][ T4486] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  160.831529][   T26] audit: type=1800 audit(1776796673.513:21): pid=5987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.440" name="file1" dev="loop2" ino=1367 res=0 errno=0
[  160.846948][ T4486] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  160.882767][ T4477] usb 6-1: Using ep0 maxpacket: 16
[  160.890701][ T4477] usb 6-1: config 1 has an invalid interface number: 105 but max is 0
[  160.903245][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  160.909579][ T4486] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.958542][ T4477] usb 6-1: config 1 has no interface number 0
[  160.984228][ T4486] usb 2-1: config 0 descriptor??
[  160.989390][ T4477] usb 6-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  161.022889][ T4477] usb 6-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  161.061131][ T4477] usb 6-1: config 1 interface 105 has no altsetting 0
[  161.096091][ T4477] usb 6-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  161.128600][ T4477] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  161.151330][ T4477] usb 6-1: Product: syz
[  161.170784][ T4477] usb 6-1: Manufacturer: syz
[  161.181352][ T4477] usb 6-1: SerialNumber: syz
[  161.225566][ T5984] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  161.246256][ T5984] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  161.428379][ T4486] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving
[  161.450794][ T4486] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  161.591987][ T5991] loop3: detected capacity change from 0 to 32768
[  161.710159][ T5984] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  161.722876][ T5984] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  161.739631][ T5991] XFS (loop3): Mounting V5 Filesystem
[  161.760708][ T4479] usb 2-1: USB disconnect, device number 8
[  161.859745][ T5991] XFS (loop3): Ending clean mount
[  161.943264][ T4350] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  162.006648][ T4267] XFS (loop3): Unmounting Filesystem
[  162.345517][ T4477] aqc111 6-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  162.370973][ T4477] aqc111 6-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  162.392023][ T4477] aqc111 6-1:1.105 eth5: register 'aqc111' at usb-dummy_hcd.5-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, e6:e1:64:20:5b:41
[  162.421505][ T4477] usb 6-1: USB disconnect, device number 6
[  162.440136][ T4477] aqc111 6-1:1.105 eth5: unregister 'aqc111' usb-dummy_hcd.5-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  162.503626][ T4477] aqc111 6-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  162.519828][ T4477] aqc111 6-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  162.529683][ T4477] aqc111 6-1:1.105 eth5 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  162.983211][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.263514][ T4481] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  163.290968][ T4481] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  163.543005][ T4481] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.835289][ T6050] loop0: detected capacity change from 0 to 2048
[  163.992403][ T6050] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  164.023222][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.224158][   T27] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  164.282083][ T6068] loop5: detected capacity change from 0 to 1024
[  164.417257][   T27] usb 3-1: Using ep0 maxpacket: 16
[  164.430371][   T27] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[  164.469028][   T27] usb 3-1: config 1 has no interface number 0
[  164.489623][   T27] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  164.520380][   T27] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  164.551154][   T27] usb 3-1: config 1 interface 105 has no altsetting 0
[  164.581207][   T27] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  164.621159][   T27] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  164.650891][   T27] usb 3-1: Product: syz
[  164.655642][   T27] usb 3-1: Manufacturer: syz
[  164.660292][   T27] usb 3-1: SerialNumber: syz
[  164.689345][ T6059] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  164.701370][ T6059] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  164.852963][ T6078] netlink: 4 bytes leftover after parsing attributes in process `syz.1.457'.
[  164.868279][ T6078] chnl_net:caif_netlink_parms(): no params data found
[  165.063145][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.152405][ T6086] loop1: detected capacity change from 0 to 2048
[  165.172438][ T6059] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  165.181857][ T6059] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  165.230586][ T6086] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  165.311349][   T26] audit: type=1800 audit(1776796677.993:22): pid=6086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.460" name="file1" dev="loop1" ino=1367 res=0 errno=0
[  165.483738][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  165.590057][ T4294] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.669183][ T6081] overlayfs: statfs failed on './file0'
[  165.758440][ T4294] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.807855][   T27] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  165.829328][   T27] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  165.881807][ T4294] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.910881][   T27] aqc111 3-1:1.105 eth5: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, ee:45:a2:25:2e:9c
[  165.935921][   T27] usb 3-1: USB disconnect, device number 7
[  165.951468][   T27] aqc111 3-1:1.105 eth5: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  166.053911][   T27] aqc111 3-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  166.077783][   T27] aqc111 3-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  166.088307][ T6095] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[  166.109190][   T27] aqc111 3-1:1.105 eth5 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  166.133963][ T4312] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.149771][ T4294] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.352515][ T6098] loop3: detected capacity change from 0 to 512
[  166.426233][ T6098] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002]
[  166.468107][ T6098] System zones: 1-20
[  166.555252][ T6098] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  166.582918][ T4477] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.705347][ T4294] tipc: Disabling bearer <udp:syz2>
[  166.723432][ T4294] tipc: Left network mode
[  166.833284][ T4477] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.898291][ T4312] kernel write not supported for file /vcs (pid: 4312 comm: kworker/1:4)
[  166.914431][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  167.035315][ T4280] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  167.053109][ T4280] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  167.062482][ T4280] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  167.103506][ T4280] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  167.113126][ T4280] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  167.129151][ T4280] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  167.160935][ T4256] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.240307][ T6121] loop5: detected capacity change from 0 to 512
[  167.296597][ T6121] EXT4-fs: Ignoring removed oldalloc option
[  167.373697][ T6121] EXT4-fs (loop5): 1 truncate cleaned up
[  167.380019][ T6121] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  167.648238][ T4689] EXT4-fs (loop5): unmounting filesystem.
[  168.017978][ T6111] loop2: detected capacity change from 0 to 32768
[  168.067876][ T6111] (syz.2.470,6111,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  168.093089][ T4477] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  168.146169][ T6111] (syz.2.470,6111,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  168.197349][ T4350] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.239626][ T6111] JBD2: Ignoring recovery information on journal
[  168.294793][ T4477] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.316869][ T4477] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  168.342759][ T4477] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  168.356126][ T6115] chnl_net:caif_netlink_parms(): no params data found
[  168.372761][ T4477] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.414226][ T4477] usb 6-1: config 0 descriptor??
[  168.485851][ T6111] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  168.834721][ T4477] plantronics 0003:047F:FFFF.0012: unbalanced delimiter at end of report description
[  168.868956][ T4477] plantronics 0003:047F:FFFF.0012: parse failed
[  168.892574][ T4477] plantronics: probe of 0003:047F:FFFF.0012 failed with error -22
[  169.051739][ T4486] usb 6-1: USB disconnect, device number 7
[  169.140692][ T4269] ocfs2: Unmounting device (7,2) on (node local)
[  169.143860][ T4270] Bluetooth: hci1: command 0x0409 tx timeout
[  169.206366][ T6115] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.223162][ T4350] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  169.231765][ T6115] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.246419][ T6115] device bridge_slave_0 entered promiscuous mode
[  169.309492][ T4294] device hsr_slave_0 left promiscuous mode
[  169.316468][ T4294] device hsr_slave_1 left promiscuous mode
[  169.327468][ T4294] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.335368][ T4294] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.354321][ T4294] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.361951][ T4294] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.373567][ T4294] device bridge_slave_1 left promiscuous mode
[  169.380004][ T4294] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.409585][ T4294] device bridge_slave_0 left promiscuous mode
[  169.423973][ T4294] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.504288][ T4294] device veth1_macvtap left promiscuous mode
[  169.510620][ T4294] device veth0_macvtap left promiscuous mode
[  169.518132][ T4294] device veth1_vlan left promiscuous mode
[  169.524299][ T4294] device veth0_vlan left promiscuous mode
[  169.542495][ T6164] loop2: detected capacity change from 0 to 2048
[  169.568433][ T6164] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  169.625290][ T4477] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  169.625383][ T6168] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  169.902559][ T6173] loop1: detected capacity change from 0 to 512
[  170.024997][ T6173] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002]
[  170.050851][ T6173] System zones: 1-20
[  170.061010][ T6173] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  170.162485][ T4279] EXT4-fs (loop1): unmounting filesystem.
[  170.276131][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.467646][ T6182] loop1: detected capacity change from 0 to 4096
[  170.540102][ T6182] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  170.601010][ T6182] ntfs3: loop1: Failed to load $Extend.
[  171.017806][ T4294] team0 (unregistering): Port device team_slave_1 removed
[  171.068626][ T4294] team0 (unregistering): Port device team_slave_0 removed
[  171.120274][ T4294] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  171.172557][ T4294] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  171.224391][ T4270] Bluetooth: hci1: command 0x041b tx timeout
[  171.304472][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.545932][ T4294] bond0 (unregistering): Released all slaves
[  171.649603][ T6115] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.656767][ T6115] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.667366][ T6115] device bridge_slave_1 entered promiscuous mode
[  171.703951][ T6165] device syzkaller1 entered promiscuous mode
[  171.809605][ T6115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.843395][ T6115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  172.029108][ T6115] team0: Port device team_slave_0 added
[  172.054997][ T6115] team0: Port device team_slave_1 added
[  172.193932][ T6115] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.216001][ T6115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.259560][ T6115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.305377][ T6115] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.342928][ T4256] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.355388][ T6115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.429495][ T6115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.543794][ T6207] device hsr0 entered promiscuous mode
[  172.563299][ T6207] device macsec1 entered promiscuous mode
[  172.651633][ T6211] loop2: detected capacity change from 0 to 512
[  172.673166][ T4481] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.791243][ T6211] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  172.807017][ T6115] device hsr_slave_0 entered promiscuous mode
[  172.813612][ T6211] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.847910][ T6115] device hsr_slave_1 entered promiscuous mode
[  172.875545][ T6115] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.905392][ T6115] Cannot create hsr debugfs directory
[  173.210486][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  173.305506][ T4270] Bluetooth: hci1: command 0x040f tx timeout
[  173.383174][ T4350] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.407589][ T6115] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  173.477779][ T6115] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  173.529508][ T6228] device syzkaller1 entered promiscuous mode
[  173.589353][ T6115] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  173.723095][ T6115] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  173.941630][ T6115] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.033475][ T6115] 8021q: adding VLAN 0 to HW filter on device team0
[  174.040505][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  174.069800][ T6244] loop1: detected capacity change from 0 to 1024
[  174.083734][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  174.132921][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  174.148833][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  174.205983][ T4294] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.213233][ T4294] bridge0: port 1(bridge_slave_0) entered forwarding state
[  174.227377][ T6248] loop5: detected capacity change from 0 to 128
[  174.251201][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  174.282062][ T6244] hfsplus: walked past end of dir
[  174.293685][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  174.324093][ T6250] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.336268][ T6251] hfsplus: walked past end of dir
[  174.343530][ T4294] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.350881][ T4294] bridge0: port 2(bridge_slave_1) entered forwarding state
[  174.363702][ T6250] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.390691][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  174.399448][ T6250] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.453022][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.483449][ T6250] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.496239][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  174.513338][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  174.521775][ T6250] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.528283][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  174.565398][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  174.573897][ T6250] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.618757][ T6250] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.640668][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  174.696437][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  174.706337][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  174.715116][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  174.732098][ T6115] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  174.744530][ T6115] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  174.756487][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  174.765551][ T6250] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.803478][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  174.845915][ T6249] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.868577][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  175.383911][ T4270] Bluetooth: hci1: command 0x0419 tx timeout
[  175.831548][ T4327] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  175.840902][ T4327] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  175.857660][ T6286] netlink: 52 bytes leftover after parsing attributes in process `syz.2.517'.
[  175.887371][ T6286] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.897337][ T6286] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.935913][ T6115] 8021q: adding VLAN 0 to HW filter on device batadv0
[  176.903191][ T4313] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  177.124639][ T4313] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.143382][ T4313] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x83 has invalid maxpacket 16
[  177.186743][ T4313] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  177.202864][ T4256] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  177.220746][ T4313] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.241254][ T4313] usb 6-1: Product: syz
[  177.257814][ T4313] usb 6-1: Manufacturer: syz
[  177.273272][ T4313] usb 6-1: SerialNumber: syz
[  177.298937][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  177.317195][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  177.368535][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  177.383198][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  177.394861][ T6115] device veth0_vlan entered promiscuous mode
[  177.404706][ T4256] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  177.415987][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  177.432779][ T4256] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.436694][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  177.464628][ T4256] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  177.487082][ T6311] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  177.496060][ T6115] device veth1_vlan entered promiscuous mode
[  177.515836][ T4256] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  177.532793][ T4256] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.551237][ T4256] usb 2-1: Product: syz
[  177.561363][ T4256] usb 2-1: Manufacturer: syz
[  177.571451][ T4256] usb 2-1: SerialNumber: syz
[  177.605864][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  177.619523][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  177.637347][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  177.648342][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  177.660349][ T6115] device veth0_macvtap entered promiscuous mode
[  177.675938][ T6115] device veth1_macvtap entered promiscuous mode
[  177.718626][ T6115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.750097][ T6115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.772700][ T6115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.786349][ T6115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.819682][ T6115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.849503][ T6115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.886136][ T6115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.910170][ T6115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.946649][ T6115] batman_adv: batadv0: Interface activated: batadv_slave_0
[  177.965628][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  177.986171][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  178.028316][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  178.077913][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  178.105761][ T6115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.109386][ T6311] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  178.123914][ T6115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.158814][ T6115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.189813][ T6115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.217709][ T6115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.280096][ T6115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.310745][ T6115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.362175][ T6115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.369918][ T4313] cdc_ncm 6-1:1.0: bind() failure
[  178.384678][ T6115] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.395279][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  178.413121][ T6340] vivid-000: disconnect
[  178.419050][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  178.445936][ T6115] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.451985][ T4313] cdc_ncm: probe of 6-1:1.1 failed with error -71
[  178.462043][ T6115] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.478592][ T6115] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.481225][ T4313] cdc_mbim: probe of 6-1:1.1 failed with error -71
[  178.490418][ T6333] vivid-000: reconnect
[  178.508659][ T6115] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.547043][ T4313] usbtest: probe of 6-1:1.1 failed with error -71
[  178.613138][ T4313] usb 6-1: USB disconnect, device number 8
[  178.653559][ T4256] cdc_ncm 2-1:1.0: SET_NTB_FORMAT failed
[  178.680127][ T4256] cdc_ncm 2-1:1.0: bind() failure
[  178.710331][ T4256] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  178.725644][ T4256] cdc_ncm 2-1:1.1: bind() failure
[  178.769285][ T4256] usb 2-1: USB disconnect, device number 9
[  178.822992][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.852497][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.895095][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  178.967063][ T4296] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.980912][ T4296] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.038832][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  179.570937][ T6361] loop5: detected capacity change from 0 to 2048
[  179.651803][ T6361] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  179.704856][ T4256] net_ratelimit: 7 callbacks suppressed
[  179.704874][ T4256] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.763431][   T26] audit: type=1800 audit(1776796692.453:23): pid=6361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.537" name="file1" dev="loop5" ino=1367 res=0 errno=0
[  180.218295][ T6377] loop1: detected capacity change from 0 to 16
[  180.255353][ T6370] loop6: detected capacity change from 0 to 8192
[  180.398399][ T6377] erofs: (device loop1): mounted with root inode @ nid 36.
[  180.422603][ T6386] capability: warning: `syz.2.545' uses deprecated v2 capabilities in a way that may be insecure
[  180.539279][   T26] audit: type=1800 audit(1776796693.223:24): pid=6377 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.542" name="file1" dev="loop1" ino=86 res=0 errno=0
[  180.743706][ T4256] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.776050][ T6393] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  180.826656][ T6393] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  181.538444][ T6413] netlink: 'syz.3.553': attribute type 1 has an invalid length.
[  181.785162][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.793385][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.934625][ T6399] loop1: detected capacity change from 0 to 32768
[  181.968429][ T6397] loop2: detected capacity change from 0 to 32768
[  181.986199][ T6399] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  182.044104][ T4313] hid-generic 0005:0005:0008.0013: unknown main item tag 0x0
[  182.053434][ T4313] hid-generic 0005:0005:0008.0013: item fetching failed at offset 1/2
[  182.062179][ T4313] hid-generic: probe of 0005:0005:0008.0013 failed with error -22
[  182.176534][ T6397] I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  182.272728][ T6397] lbmIODone: I/O error in JFS log
[  182.280975][ T6397] *** Log Format Error ! ***
[  182.353147][ T6397] lmLogInit: exit(-22)
[  182.357713][ T6397] lmLogOpen: exit(-22)
[  182.446780][ T6397] non-latin1 character 0xffff found in JFS file name
[  182.502998][ T6397] mount with iocharset=utf8 to access
[  182.542832][ T6397] jfs_dirty_inode called on read-only volume
[  182.584589][ T6397] Is remount racy?
[  182.605084][ T4369] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  183.688675][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.725642][ T6433] loop5: detected capacity change from 0 to 131072
[  183.742151][ T6433] F2FS-fs (loop5): invalid crc value
[  183.806675][ T6433] F2FS-fs (loop5): Found nat_bits in checkpoint
[  183.873771][ T6433] F2FS-fs (loop5): Cannot turn on quotas: -2 on 2
[  183.891728][ T6433] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  183.908385][ T6447] loop2: detected capacity change from 0 to 512
[  184.044726][ T6454] loop1: detected capacity change from 0 to 256
[  184.056496][ T6447] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  184.072984][ T6447] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.402810][ T4486] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  184.489377][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  184.605120][ T4486] usb 2-1: unable to get BOS descriptor or descriptor too short
[  184.640913][ T4486] usb 2-1: not running at top speed; connect to a high speed hub
[  184.677834][ T4486] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  184.768905][ T4486] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 147, changing to 4
[  184.852759][ T4486] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  184.881140][ T6438] loop3: detected capacity change from 0 to 32768
[  184.931799][ T4486] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  184.984937][ T4486] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.059143][ T4486] usb 2-1: Product: syz
[  185.097430][ T4486] usb 2-1: Manufacturer: syz
[  185.130010][ T4486] usb 2-1: SerialNumber: syz
[  185.171542][ T4481] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.358004][ T6459] loop6: detected capacity change from 0 to 131072
[  185.367946][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.379127][ T6459] F2FS-fs (loop6): Segment count (31) mismatch with total segments from devices (0)
[  185.388950][ T6459] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  185.417578][ T6459] F2FS-fs (loop6): invalid crc value
[  185.507277][ T6459] F2FS-fs (loop6): Found nat_bits in checkpoint
[  185.545062][ T4486] usb 2-1: USB disconnect, device number 10
[  185.564080][ T6459] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  185.571336][ T6459] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  185.636326][ T6459] F2FS-fs (loop6): checksum invalid, nid = 7, ino_of_node = 7, 32dd6215 vs. 1de10dc4
[  185.647584][ T6459] F2FS-fs (loop6): checksum invalid, nid = 7, ino_of_node = 7, 32dd6215 vs. 1de10dc4
[  185.902723][ T4479] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  185.915269][ T5122] udevd[5122]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  186.030908][ T4486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.085567][ T4479] usb 3-1: unable to get BOS descriptor or descriptor too short
[  186.107231][ T4479] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[  186.219614][ T4479] usb 3-1: New USB device found, idVendor=0582, idProduct=004c, bcdDevice= 0.40
[  186.259529][ T4479] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.306552][ T4479] usb 3-1: Product: syz
[  186.321062][ T4479] usb 3-1: Manufacturer: syz
[  186.353081][ T4479] usb 3-1: SerialNumber: syz
[  186.423771][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.589457][ T4479] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  186.797603][ T4479] usb 3-1: 2:1 : unknown format tag 0x4 is detected.  processed as MPEG.
[  186.826817][ T4479] usb 3-1: found format II with max.bitrate = 4, frame size=7372
[  187.203005][ T4479] usb 3-1: 2:1 : unknown format tag 0x4 is detected.  processed as MPEG.
[  187.211544][ T4479] usb 3-1: found format II with max.bitrate = 4, frame size=7372
[  187.426401][ T4479] usb 3-1: parse_audio_format_rates_v2v3(): unable to retrieve number of sample rates (clock 0)
[  187.463772][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.494432][ T6510] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  187.501040][ T6510] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  187.548462][ T6510] vhci_hcd vhci_hcd.0: Device attached
[  187.565907][ T4479] usb 3-1: USB disconnect, device number 8
[  187.722714][ T4350] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  187.812750][ T4313] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  187.834490][ T4369] udevd[4369]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  187.902759][ T4477] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  187.913123][ T4350] usb 2-1: Using ep0 maxpacket: 32
[  187.921727][ T4350] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  187.977208][ T4350] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  188.004148][ T4350] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  188.038190][ T4350] usb 2-1: Product: syz
[  188.042545][ T4350] usb 2-1: Manufacturer: syz
[  188.090563][ T4350] usb 2-1: SerialNumber: syz
[  188.102886][ T4477] usb 6-1: Using ep0 maxpacket: 8
[  188.110040][ T4477] usb 6-1: config 0 has no interfaces?
[  188.125099][ T4477] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  188.129295][ T4350] usb 2-1: config 0 descriptor??
[  188.167464][ T4477] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.186376][ T6512] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  188.213681][ T4477] usb 6-1: config 0 descriptor??
[  188.220381][ T4350] hub 2-1:0.0: bad descriptor, ignoring hub
[  188.239286][ T4350] hub: probe of 2-1:0.0 failed with error -5
[  188.249043][ T4481] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.443680][ T4477] usb 6-1: USB disconnect, device number 9
[  188.450621][ T6513] vhci_hcd: connection closed
[  188.457903][    T9] vhci_hcd: stop threads
[  188.488271][    T9] vhci_hcd: release socket
[  188.503274][ T4350] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.537063][    T9] vhci_hcd: disconnect device
[  188.583191][ T4313] usb 43-1: device descriptor read/64, error -71
[  188.782769][ T4313] vhci_hcd: vhci_device speed not set
[  188.827182][ T6542] loop2: detected capacity change from 0 to 128
[  188.841523][ T6542] FAT-fs (loop2): Unrecognized mount option "utf8=1ower" or missing value
[  188.952792][ T6512] usb 2-1: reset high-speed USB device number 11 using dummy_hcd
[  189.177773][ T6512] usb 2-1: device firmware changed
[  189.183802][ T6547] 
[  189.186233][ T6547] =====================================================
[  189.193241][ T6547] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
[  189.200755][ T6547] syzkaller #0 Not tainted
[  189.205252][ T6547] -----------------------------------------------------
[  189.212305][ T6547] syz.5.592/6547 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  189.219896][ T6547] ffffffff8c80a058 (tasklist_lock){.+.+}-{2:2}, at: send_sigurg+0xec/0x3c0
[  189.228586][ T6547] 
[  189.228586][ T6547] and this task is already holding:
[  189.235990][ T6547] ffff88807cfb8db0 (&f->f_owner.lock){....}-{2:2}, at: send_sigurg+0x25/0x3c0
[  189.244961][ T6547] which would create a new lock dependency:
[  189.251069][ T6547]  (&f->f_owner.lock){....}-{2:2} -> (tasklist_lock){.+.+}-{2:2}
[  189.258861][ T6547] 
[  189.258861][ T6547] but this new dependency connects a HARDIRQ-irq-safe lock:
[  189.268336][ T6547]  (&dev->event_lock#2){-.-.}-{2:2}
[  189.268371][ T6547] 
[  189.268371][ T6547] ... which became HARDIRQ-irq-safe at:
[  189.281446][ T6547]   lock_acquire+0x1bb/0x4a0
[  189.286079][ T6547]   _raw_spin_lock_irqsave+0xb0/0x100
[  189.291495][ T6547]   input_event+0x76/0xb0
[  189.295863][ T6547]   psmouse_report_standard_packet+0x4f/0x200
[  189.301984][ T6547]   psmouse_process_byte+0x42b/0x620
[  189.307307][ T6547]   psmouse_handle_byte+0x43/0x490
[  189.312449][ T6547]   psmouse_interrupt+0x699/0x1130
[  189.317590][ T6547]   serio_interrupt+0x87/0x130
[  189.322400][ T6547]   i8042_interrupt+0x365/0x710
[  189.327313][ T6547]   __handle_irq_event_percpu+0x293/0xa50
[  189.333063][ T6547]   handle_irq_event+0x87/0x1e0
[  189.337940][ T6547]   handle_edge_irq+0x243/0xb20
[  189.342827][ T6547]   __common_interrupt+0xd7/0x1e0
[  189.347884][ T6547]   common_interrupt+0x59/0xd0
[  189.352670][ T6547]   asm_common_interrupt+0x22/0x40
[  189.357811][ T6547]   _raw_spin_unlock_irqrestore+0xbc/0x120
[  189.363645][ T6547]   rcu_core+0xa13/0x1740
[  189.367998][ T6547]   handle_softirqs+0x2a1/0x930
[  189.372870][ T6547]   __irq_exit_rcu+0x13b/0x230
[  189.377654][ T6547]   irq_exit_rcu+0x5/0x20
[  189.382007][ T6547]   sysvec_apic_timer_interrupt+0xa0/0xc0
[  189.387752][ T6547]   asm_sysvec_apic_timer_interrupt+0x16/0x20
[  189.393844][ T6547]   console_emit_next_record+0x970/0xba0
[  189.399509][ T6547]   console_unlock+0x223/0x630
[  189.404298][ T6547]   vprintk_emit+0x4b3/0x6a0
[  189.408919][ T6547]   _printk+0xda/0x130
[  189.413023][ T6547]   usb_register_driver+0x2cd/0x3d0
[  189.418264][ T6547]   do_one_initcall+0x26a/0x840
[  189.423168][ T6547]   do_initcall_level+0x137/0x1e4
[  189.428244][ T6547]   do_initcalls+0x4b/0x8a
[  189.432783][ T6547]   kernel_init_freeable+0x415/0x5be
[  189.438101][ T6547]   kernel_init+0x19/0x1b0
[  189.442553][ T6547]   ret_from_fork+0x1f/0x30
[  189.447101][ T6547] 
[  189.447101][ T6547] to a HARDIRQ-irq-unsafe lock:
[  189.454142][ T6547]  (tasklist_lock){.+.+}-{2:2}
[  189.454170][ T6547] 
[  189.454170][ T6547] ... which became HARDIRQ-irq-unsafe at:
[  189.466911][ T6547] ...
[  189.466921][ T6547]   lock_acquire+0x1bb/0x4a0
[  189.474175][ T6547]   _raw_read_lock+0x32/0x40
[  189.478840][ T6547]   do_wait+0x2b6/0xb60
[  189.483032][ T6547]   kernel_wait+0xd3/0x1c0
[  189.487486][ T6547]   call_usermodehelper_exec_work+0xb5/0x220
[  189.493681][ T6547]   process_one_work+0x8a2/0x1160
[  189.498736][ T6547]   worker_thread+0xaa2/0x1270
[  189.503529][ T6547]   kthread+0x29d/0x330
[  189.507708][ T6547]   ret_from_fork+0x1f/0x30
[  189.512257][ T6547] 
[  189.512257][ T6547] other info that might help us debug this:
[  189.512257][ T6547] 
[  189.522680][ T6547] Chain exists of:
[  189.522680][ T6547]   &dev->event_lock#2 --> &f->f_owner.lock --> tasklist_lock
[  189.522680][ T6547] 
[  189.535934][ T6547]  Possible interrupt unsafe locking scenario:
[  189.535934][ T6547] 
[  189.544269][ T6547]        CPU0                    CPU1
[  189.549735][ T6547]        ----                    ----
[  189.555132][ T6547]   lock(tasklist_lock);
[  189.559400][ T6547]                                local_irq_disable();
[  189.566171][ T6547]                                lock(&dev->event_lock#2);
[  189.573406][ T6547]                                lock(&f->f_owner.lock);
[  189.580623][ T6547]   <Interrupt>
[  189.584109][ T6547]     lock(&dev->event_lock#2);
[  189.588985][ T6547] 
[  189.588985][ T6547]  *** DEADLOCK ***
[  189.588985][ T6547] 
[  189.597252][ T6547] 2 locks held by syz.5.592/6547:
[  189.602303][ T6547]  #0: ffff888078ed5e80 (&u->lock){+.+.}-{2:2}, at: queue_oob+0x1de/0x4f0
[  189.610886][ T6547]  #1: ffff88807cfb8db0 (&f->f_owner.lock){....}-{2:2}, at: send_sigurg+0x25/0x3c0
[  189.620265][ T6547] 
[  189.620265][ T6547] the dependencies between HARDIRQ-irq-safe lock and the holding lock:
[  189.630693][ T6547]   -> (&dev->event_lock#2){-.-.}-{2:2} {
[  189.636465][ T6547]      IN-HARDIRQ-W at:
[  189.640658][ T6547]                         lock_acquire+0x1bb/0x4a0
[  189.647215][ T6547]                         _raw_spin_lock_irqsave+0xb0/0x100
[  189.654540][ T6547]                         input_event+0x76/0xb0
[  189.660811][ T6547]                         psmouse_report_standard_packet+0x4f/0x200
[  189.668831][ T6547]                         psmouse_process_byte+0x42b/0x620
[  189.676068][ T6547]                         psmouse_handle_byte+0x43/0x490
[  189.683121][ T6547]                         psmouse_interrupt+0x699/0x1130
[  189.690182][ T6547]                         serio_interrupt+0x87/0x130
[  189.696981][ T6547]                         i8042_interrupt+0x365/0x710
[  189.703863][ T6547]                         __handle_irq_event_percpu+0x293/0xa50
[  189.711535][ T6547]                         handle_irq_event+0x87/0x1e0
[  189.718386][ T6547]                         handle_edge_irq+0x243/0xb20
[  189.725199][ T6547]                         __common_interrupt+0xd7/0x1e0
[  189.732188][ T6547]                         common_interrupt+0x59/0xd0
[  189.738891][ T6547]                         asm_common_interrupt+0x22/0x40
[  189.745983][ T6547]                         _raw_spin_unlock_irqrestore+0xbc/0x120
[  189.753821][ T6547]                         rcu_core+0xa13/0x1740
[  189.760087][ T6547]                         handle_softirqs+0x2a1/0x930
[  189.766867][ T6547]                         __irq_exit_rcu+0x13b/0x230
[  189.773592][ T6547]                         irq_exit_rcu+0x5/0x20
[  189.779854][ T6547]                         sysvec_apic_timer_interrupt+0xa0/0xc0
[  189.787513][ T6547]                         asm_sysvec_apic_timer_interrupt+0x16/0x20
[  189.795524][ T6547]                         console_emit_next_record+0x970/0xba0
[  189.803099][ T6547]                         console_unlock+0x223/0x630
[  189.809840][ T6547]                         vprintk_emit+0x4b3/0x6a0
[  189.816370][ T6547]                         _printk+0xda/0x130
[  189.822392][ T6547]                         usb_register_driver+0x2cd/0x3d0
[  189.829527][ T6547]                         do_one_initcall+0x26a/0x840
[  189.836334][ T6547]                         do_initcall_level+0x137/0x1e4
[  189.843305][ T6547]                         do_initcalls+0x4b/0x8a
[  189.849746][ T6547]                         kernel_init_freeable+0x415/0x5be
[  189.856981][ T6547]                         kernel_init+0x19/0x1b0
[  189.863335][ T6547]                         ret_from_fork+0x1f/0x30
[  189.869779][ T6547]      IN-SOFTIRQ-W at:
[  189.873958][ T6547]                         lock_acquire+0x1bb/0x4a0
[  189.880492][ T6547]                         _raw_spin_lock_irqsave+0xb0/0x100
[  189.887801][ T6547]                         input_event+0x76/0xb0
[  189.894067][ T6547]                         psmouse_report_standard_packet+0x4f/0x200
[  189.902159][ T6547]                         psmouse_process_byte+0x42b/0x620
[  189.909377][ T6547]                         psmouse_handle_byte+0x43/0x490
[  189.916422][ T6547]                         psmouse_interrupt+0x699/0x1130
[  189.923467][ T6547]                         serio_interrupt+0x87/0x130
[  189.930175][ T6547]                         i8042_interrupt+0x365/0x710
[  189.937044][ T6547]                         __handle_irq_event_percpu+0x293/0xa50
[  189.944794][ T6547]                         handle_irq_event+0x87/0x1e0
[  189.951586][ T6547]                         handle_edge_irq+0x243/0xb20
[  189.958373][ T6547]                         __common_interrupt+0xd7/0x1e0
[  189.965339][ T6547]                         common_interrupt+0x59/0xd0
[  189.972059][ T6547]                         asm_common_interrupt+0x22/0x40
[  189.979154][ T6547]                         _raw_spin_unlock_irqrestore+0xbc/0x120
[  189.986909][ T6547]                         rcu_core+0xa13/0x1740
[  189.993196][ T6547]                         handle_softirqs+0x2a1/0x930
[  190.000133][ T6547]                         __irq_exit_rcu+0x13b/0x230
[  190.006854][ T6547]                         irq_exit_rcu+0x5/0x20
[  190.013129][ T6547]                         sysvec_apic_timer_interrupt+0xa0/0xc0
[  190.020835][ T6547]                         asm_sysvec_apic_timer_interrupt+0x16/0x20
[  190.028849][ T6547]                         console_emit_next_record+0x970/0xba0
[  190.036447][ T6547]                         console_unlock+0x223/0x630
[  190.043171][ T6547]                         vprintk_emit+0x4b3/0x6a0
[  190.049721][ T6547]                         _printk+0xda/0x130
[  190.055740][ T6547]                         usb_register_driver+0x2cd/0x3d0
[  190.062890][ T6547]                         do_one_initcall+0x26a/0x840
[  190.069690][ T6547]                         do_initcall_level+0x137/0x1e4
[  190.076662][ T6547]                         do_initcalls+0x4b/0x8a
[  190.083022][ T6547]                         kernel_init_freeable+0x415/0x5be
[  190.090255][ T6547]                         kernel_init+0x19/0x1b0
[  190.096608][ T6547]                         ret_from_fork+0x1f/0x30
[  190.103059][ T6547]      INITIAL USE at:
[  190.107147][ T6547]                        lock_acquire+0x1bb/0x4a0
[  190.113605][ T6547]                        _raw_spin_lock_irqsave+0xb0/0x100
[  190.120824][ T6547]                        input_inject_event+0xa7/0x310
[  190.127695][ T6547]                        led_trigger_event+0x12f/0x210
[  190.134584][ T6547]                        kbd_led_trigger_activate+0xb9/0x100
[  190.142016][ T6547]                        led_trigger_set+0x50c/0x910
[  190.148753][ T6547]                        led_trigger_set_default+0x19c/0x1e0
[  190.156157][ T6547]                        led_classdev_register_ext+0x625/0x860
[  190.163731][ T6547]                        input_leds_connect+0x4e7/0x6b0
[  190.170705][ T6547]                        input_register_device+0xdfd/0x1310
[  190.178016][ T6547]                        atkbd_connect+0x6f8/0x9a0
[  190.184547][ T6547]                        serio_driver_probe+0x76/0x90
[  190.191427][ T6547]                        really_probe+0x2aa/0xc70
[  190.198130][ T6547]                        __driver_probe_device+0x18c/0x330
[  190.205357][ T6547]                        driver_probe_device+0x4f/0x420
[  190.212329][ T6547]                        __driver_attach+0x44a/0x6e0
[  190.219038][ T6547]                        bus_for_each_dev+0x182/0x1f0
[  190.225832][ T6547]                        serio_handle_event+0x29c/0x840
[  190.232820][ T6547]                        process_one_work+0x8a2/0x1160
[  190.239743][ T6547]                        worker_thread+0xaa2/0x1270
[  190.246481][ T6547]                        kthread+0x29d/0x330
[  190.252591][ T6547]                        ret_from_fork+0x1f/0x30
[  190.258979][ T6547]    }
[  190.261675][ T6547]    ... key      at: [<ffffffff96fc2c80>] input_allocate_device.__key.5+0x0/0x20
[  190.271005][ T6547]  -> (&new->fa_lock){....}-{2:2} {
[  190.276352][ T6547]     INITIAL USE at:
[  190.280462][ T6547]                      lock_acquire+0x1bb/0x4a0
[  190.286751][ T6547]                      _raw_write_lock_irq+0xab/0xf0
[  190.293472][ T6547]                      fasync_remove_entry+0xf0/0x1c0
[  190.300274][ T6547]                      sock_fasync+0x84/0xf0
[  190.306292][ T6547]                      __fput+0x7a7/0x920
[  190.312043][ T6547]                      task_work_run+0x1d0/0x260
[  190.318430][ T6547]                      exit_to_user_mode_loop+0xe6/0x110
[  190.325499][ T6547]                      exit_to_user_mode_prepare+0xee/0x180
[  190.332874][ T6547]                      syscall_exit_to_user_mode+0x16/0x40
[  190.340096][ T6547]                      do_syscall_64+0x58/0xa0
[  190.346291][ T6547]                      entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.353960][ T6547]     INITIAL READ USE at:
[  190.358424][ T6547]                           lock_acquire+0x1bb/0x4a0
[  190.365130][ T6547]                           _raw_read_lock_irqsave+0xb8/0x100
[  190.372612][ T6547]                           kill_fasync+0x18e/0x4b0
[  190.379234][ T6547]                           sock_wake_async+0x128/0x150
[  190.386216][ T6547]                           sk_wake_async+0x184/0x280
[  190.393046][ T6547]                           sock_def_error_report+0x1a9/0x280
[  190.400569][ T6547]                           sk_error_report+0x3d/0x2d0
[  190.407470][ T6547]                           tcp_rcv_state_process+0x145e/0x4310
[  190.415319][ T6547]                           tcp_v4_do_rcv+0x739/0xb00
[  190.422123][ T6547]                           __release_sock+0x1e1/0x450
[  190.429004][ T6547]                           release_sock+0x5b/0x1b0
[  190.435619][ T6547]                           __inet_stream_connect+0x833/0xe10
[  190.443103][ T6547]                           inet_stream_connect+0x62/0xa0
[  190.450232][ T6547]                           __sys_connect+0x3cb/0x450
[  190.457022][ T6547]                           __x64_sys_connect+0x76/0x80
[  190.463995][ T6547]                           do_syscall_64+0x4c/0xa0
[  190.470740][ T6547]                           entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.478923][ T6547]   }
[  190.481528][ T6547]   ... key      at: [<ffffffff96cca5a0>] fasync_insert_entry.__key+0x0/0x20
[  190.490319][ T6547]   ... acquired at:
[  190.494234][ T6547]    _raw_read_lock_irqsave+0xb8/0x100
[  190.499723][ T6547]    kill_fasync+0x18e/0x4b0
[  190.504350][ T6547]    mousedev_notify_readers+0x6eb/0xc00
[  190.510014][ T6547]    mousedev_event+0x568/0x11f0
[  190.515012][ T6547]    input_pass_values+0x9c7/0x12f0
[  190.520241][ T6547]    input_event_dispose+0x346/0x6c0
[  190.525568][ T6547]    input_inject_event+0x1f5/0x310
[  190.530793][ T6547]    evdev_write+0x35b/0x490
[  190.535420][ T6547]    vfs_write+0x2e6/0xa30
[  190.539867][ T6547]    ksys_write+0x14c/0x250
[  190.544399][ T6547]    do_syscall_64+0x4c/0xa0
[  190.549018][ T6547]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.555117][ T6547] 
[  190.557460][ T6547] -> (&f->f_owner.lock){....}-{2:2} {
[  190.562874][ T6547]    INITIAL USE at:
[  190.566834][ T6547]                    lock_acquire+0x1bb/0x4a0
[  190.572944][ T6547]                    _raw_write_lock_irq+0xab/0xf0
[  190.579486][ T6547]                    __f_setown+0x37/0x330
[  190.585329][ T6547]                    fcntl_dirnotify+0x6de/0x8f0
[  190.591683][ T6547]                    do_fcntl+0x5ed/0x1270
[  190.597528][ T6547]                    __se_sys_fcntl+0xc9/0x190
[  190.603752][ T6547]                    do_syscall_64+0x4c/0xa0
[  190.609776][ T6547]                    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.617273][ T6547]    INITIAL READ USE at:
[  190.621637][ T6547]                         lock_acquire+0x1bb/0x4a0
[  190.628198][ T6547]                         _raw_read_lock_irqsave+0xb8/0x100
[  190.635512][ T6547]                         send_sigurg+0x25/0x3c0
[  190.641877][ T6547]                         sk_send_sigurg+0x6b/0xc0
[  190.648417][ T6547]                         queue_oob+0x3ed/0x4f0
[  190.654684][ T6547]                         unix_stream_sendmsg+0x8cf/0xa70
[  190.661842][ T6547]                         ____sys_sendmsg+0x5be/0x970
[  190.668650][ T6547]                         ___sys_sendmsg+0x2a2/0x360
[  190.675444][ T6547]                         __se_sys_sendmsg+0x1bb/0x2a0
[  190.682318][ T6547]                         do_syscall_64+0x4c/0xa0
[  190.688782][ T6547]                         entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.696816][ T6547]  }
[  190.699433][ T6547]  ... key      at: [<ffffffff96cc9920>] __alloc_file.__key+0x0/0x10
[  190.707803][ T6547]  ... acquired at:
[  190.711640][ T6547]    _raw_read_lock_irqsave+0xb8/0x100
[  190.717131][ T6547]    send_sigio+0x2f/0x360
[  190.721608][ T6547]    kill_fasync+0x224/0x4b0
[  190.726315][ T6547]    sock_wake_async+0x128/0x150
[  190.731281][ T6547]    sk_wake_async+0x184/0x280
[  190.736073][ T6547]    sock_def_error_report+0x1a9/0x280
[  190.741585][ T6547]    sk_error_report+0x3d/0x2d0
[  190.746472][ T6547]    tcp_rcv_state_process+0x145e/0x4310
[  190.752159][ T6547]    tcp_v4_do_rcv+0x739/0xb00
[  190.756965][ T6547]    __release_sock+0x1e1/0x450
[  190.761856][ T6547]    release_sock+0x5b/0x1b0
[  190.766482][ T6547]    __inet_stream_connect+0x833/0xe10
[  190.771964][ T6547]    inet_stream_connect+0x62/0xa0
[  190.777098][ T6547]    __sys_connect+0x3cb/0x450
[  190.781894][ T6547]    __x64_sys_connect+0x76/0x80
[  190.786870][ T6547]    do_syscall_64+0x4c/0xa0
[  190.791497][ T6547]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.797609][ T6547] 
[  190.799957][ T6547] 
[  190.799957][ T6547] the dependencies between the lock to be acquired
[  190.799966][ T6547]  and HARDIRQ-irq-unsafe lock:
[  190.813548][ T6547] -> (tasklist_lock){.+.+}-{2:2} {
[  190.818714][ T6547]    HARDIRQ-ON-R at:
[  190.822714][ T6547]                     lock_acquire+0x1bb/0x4a0
[  190.828914][ T6547]                     _raw_read_lock+0x32/0x40
[  190.835108][ T6547]                     do_wait+0x2b6/0xb60
[  190.840859][ T6547]                     kernel_wait+0xd3/0x1c0
[  190.846880][ T6547]                     call_usermodehelper_exec_work+0xb5/0x220
[  190.854460][ T6547]                     process_one_work+0x8a2/0x1160
[  190.861076][ T6547]                     worker_thread+0xaa2/0x1270
[  190.867428][ T6547]                     kthread+0x29d/0x330
[  190.873167][ T6547]                     ret_from_fork+0x1f/0x30
[  190.879261][ T6547]    SOFTIRQ-ON-R at:
[  190.883264][ T6547]                     lock_acquire+0x1bb/0x4a0
[  190.889451][ T6547]                     _raw_read_lock+0x32/0x40
[  190.895625][ T6547]                     do_wait+0x2b6/0xb60
[  190.901377][ T6547]                     kernel_wait+0xd3/0x1c0
[  190.907487][ T6547]                     call_usermodehelper_exec_work+0xb5/0x220
[  190.915067][ T6547]                     process_one_work+0x8a2/0x1160
[  190.921678][ T6547]                     worker_thread+0xaa2/0x1270
[  190.928040][ T6547]                     kthread+0x29d/0x330
[  190.933780][ T6547]                     ret_from_fork+0x1f/0x30
[  190.939882][ T6547]    INITIAL USE at:
[  190.943797][ T6547]                    lock_acquire+0x1bb/0x4a0
[  190.950080][ T6547]                    _raw_write_lock_irq+0xab/0xf0
[  190.956609][ T6547]                    copy_process+0x2557/0x4030
[  190.962904][ T6547]                    kernel_clone+0x24b/0x900
[  190.969088][ T6547]                    user_mode_thread+0x10d/0x180
[  190.975552][ T6547]                    rest_init+0x23/0x300
[  190.981308][ T6547]                    start_kernel+0x0/0x53c
[  190.987243][ T6547]                    start_kernel+0x493/0x53c
[  190.993339][ T6547]                    secondary_startup_64_no_verify+0xcf/0xdb
[  191.000846][ T6547]    INITIAL READ USE at:
[  191.005199][ T6547]                         lock_acquire+0x1bb/0x4a0
[  191.011756][ T6547]                         _raw_read_lock+0x32/0x40
[  191.018309][ T6547]                         do_wait+0x2b6/0xb60
[  191.024432][ T6547]                         kernel_wait+0xd3/0x1c0
[  191.030798][ T6547]                         call_usermodehelper_exec_work+0xb5/0x220
[  191.038726][ T6547]                         process_one_work+0x8a2/0x1160
[  191.045691][ T6547]                         worker_thread+0xaa2/0x1270
[  191.052397][ T6547]                         kthread+0x29d/0x330
[  191.058495][ T6547]                         ret_from_fork+0x1f/0x30
[  191.064944][ T6547]  }
[  191.067462][ T6547]  ... key      at: [<ffffffff8c80a058>] tasklist_lock+0x18/0x40
[  191.075221][ T6547]  ... acquired at:
[  191.079039][ T6547]    _raw_read_lock+0x32/0x40
[  191.083747][ T6547]    send_sigurg+0xec/0x3c0
[  191.088276][ T6547]    sk_send_sigurg+0x6b/0xc0
[  191.092985][ T6547]    queue_oob+0x3ed/0x4f0
[  191.097439][ T6547]    unix_stream_sendmsg+0x8cf/0xa70
[  191.102752][ T6547]    ____sys_sendmsg+0x5be/0x970
[  191.107722][ T6547]    ___sys_sendmsg+0x2a2/0x360
[  191.112783][ T6547]    __sys_sendmmsg+0x2c3/0x510
[  191.117760][ T6547]    __x64_sys_sendmmsg+0x9c/0xb0
[  191.122820][ T6547]    do_syscall_64+0x4c/0xa0
[  191.127444][ T6547]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  191.133718][ T6547] 
[  191.136207][ T6547] 
[  191.136207][ T6547] stack backtrace:
[  191.142122][ T6547] CPU: 1 PID: 6547 Comm: syz.5.592 Not tainted syzkaller #0
[  191.149466][ T6547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  191.159607][ T6547] Call Trace:
[  191.162921][ T6547]  <TASK>
[  191.165879][ T6547]  dump_stack_lvl+0x188/0x24e
[  191.170598][ T6547]  ? load_image+0x400/0x400
[  191.175155][ T6547]  ? show_regs_print_info+0x12/0x12
[  191.180416][ T6547]  ? load_image+0x400/0x400
[  191.184976][ T6547]  ? print_shortest_lock_dependencies+0xf0/0x160
[  191.191354][ T6547]  __lock_acquire+0x66c8/0x7d10
[  191.196252][ T6547]  ? verify_lock_unused+0x140/0x140
[  191.201486][ T6547]  ? verify_lock_unused+0x140/0x140
[  191.206725][ T6547]  lock_acquire+0x1bb/0x4a0
[  191.211266][ T6547]  ? send_sigurg+0xec/0x3c0
[  191.215816][ T6547]  ? read_lock_is_recursive+0x10/0x10
[  191.221220][ T6547]  ? do_raw_read_lock+0x39/0x80
[  191.226098][ T6547]  ? _raw_read_lock_irqsave+0xc4/0x100
[  191.231582][ T6547]  ? _raw_read_lock+0x40/0x40
[  191.236284][ T6547]  ? __lock_acquire+0x7d10/0x7d10
[  191.241343][ T6547]  ? do_raw_spin_lock+0x128/0x2f0
[  191.246485][ T6547]  _raw_read_lock+0x32/0x40
[  191.251032][ T6547]  ? send_sigurg+0xec/0x3c0
[  191.255563][ T6547]  send_sigurg+0xec/0x3c0
[  191.259927][ T6547]  sk_send_sigurg+0x6b/0xc0
[  191.264471][ T6547]  queue_oob+0x3ed/0x4f0
[  191.268753][ T6547]  ? scm_stat_add+0xc0/0xc0
[  191.273372][ T6547]  ? apparmor_socket_getpeersec_dgram+0x5/0x10
[  191.279550][ T6547]  ? security_socket_getpeersec_dgram+0x9d/0xc0
[  191.285816][ T6547]  unix_stream_sendmsg+0x8cf/0xa70
[  191.290981][ T6547]  ? __might_fault+0xa6/0x120
[  191.295707][ T6547]  ? unix_show_fdinfo+0x2c0/0x2c0
[  191.300893][ T6547]  ? tomoyo_socket_sendmsg_permission+0x1dd/0x2f0
[  191.307404][ T6547]  ? aa_sock_msg_perm+0x94/0x150
[  191.312372][ T6547]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  191.317685][ T6547]  ? security_socket_sendmsg+0x7c/0xa0
[  191.323186][ T6547]  ? unix_show_fdinfo+0x2c0/0x2c0
[  191.328243][ T6547]  ____sys_sendmsg+0x5be/0x970
[  191.333044][ T6547]  ? __sys_sendmsg_sock+0x30/0x30
[  191.338113][ T6547]  ? __import_iovec+0x315/0x500
[  191.342995][ T6547]  ? import_iovec+0x6f/0xa0
[  191.347679][ T6547]  ___sys_sendmsg+0x2a2/0x360
[  191.352391][ T6547]  ? __sched_text_start+0x8/0x8
[  191.357277][ T6547]  ? __sys_sendmsg+0x290/0x290
[  191.362089][ T6547]  __sys_sendmmsg+0x2c3/0x510
[  191.366806][ T6547]  ? __ia32_sys_sendmsg+0x80/0x80
[  191.371889][ T6547]  ? __ia32_sys_get_robust_list+0x100/0x100
[  191.377822][ T6547]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  191.383928][ T6547]  ? lock_chain_count+0x20/0x20
[  191.388815][ T6547]  __x64_sys_sendmmsg+0x9c/0xb0
[  191.393739][ T6547]  do_syscall_64+0x4c/0xa0
[  191.398190][ T6547]  ? clear_bhb_loop+0x60/0xb0
[  191.402898][ T6547]  ? clear_bhb_loop+0x60/0xb0
[  191.407756][ T6547]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  191.413692][ T6547] RIP: 0033:0x7f138fd9c819
[  191.418150][ T6547] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  191.437802][ T6547] RSP: 002b:00007f1390bf5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  191.446260][ T6547] RAX: ffffffffffffffda RBX: 00007f1390015fa0 RCX: 00007f138fd9c819
[  191.454263][ T6547] RDX: 0000000000000001 RSI: 0000200000006c40 RDI: 0000000000000003
[  191.462262][ T6547] RBP: 00007f138fe32c91 R08: 0000000000000000 R09: 0000000000000000
[  191.470350][ T6547] R10: 0000000004040011 R11: 0000000000000246 R12: 0000000000000000
[  191.478361][ T6547] R13: 00007f1390016038 R14: 00007f1390015fa0 R15: 00007ffd96d6f4e8
[  191.486374][ T6547]  </TASK>
[  191.495301][ T4256] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.506689][ T4486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.568426][ T4479] usb 2-1: USB disconnect, device number 11
[  192.508584][ T4313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.543288][ T4256] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.345550][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  194.351934][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  194.583055][ T4481] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.591262][ T4481] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.623287][ T4486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.631467][ T4486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.663067][ T4312] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.623329][ T4486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.703296][ T4312] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.743002][ T4256] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog