last executing test programs:

7m5.680066703s ago: executing program 0 (id=1):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file0\x00', 0x8c0, &(0x7f0000000280)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4", @ANYRESOCT], 0x1, 0x4441, &(0x7f0000010200)="$eJzs3c9vFNcdAPA3Y1NsiqmhHKhUqSsVqVVbWTantkaqMQZjg0tFC4delrW9gJO1F9nrKAcOzg0pp0g5RDmgRMrNJ2QpZ/In5JIjOSMlh1wiRUJxtLOzxjO7GxbLawf0+Rx2PO+3/Z15++YwfnGqdm9prbC0ViitFKoLd9bOFd6pVtaXyyE+IG37P3Jw/dOdXlwnP9fm5/s2ctq5fvHyf2+dC+GLxa+ebW9vb4e6/tDW2K6fv//uwcLuY1Ocq1Nvt31r++X/IYTTLeOq6wshDIQQohDChTRtMj0OhhCG0rxbD96/Xdin0Tx+Wj5ffD73cGv87Ozmo63Ov3sUwseV3/3t7vI3f+wb//ov+9Q9AAAAAAAAAAAAAAAAAACvuekb12/+Z3QsPIlC/2bU+r7udHrs9H7s9j4YSlr5Q+9/WQAAAAAAAAAAAAAAAAAAAPiFevH+fyE61eb9/6n0ONGh/va/ej9Gemfm39enLo2Opfu/Ry35f0+Tvr3QF0622fc9v//7hVz99vu/t/azV83xNfsdDlE8kjmP45GRED5NN34/Ex2LK9W12l/vVNdXFvdtGK+tbPwbu/dnopNu6N9l/OPJXPu93///ty1XU/389v5dYm+0bPz7Opb77L2oq/v/Yq7eQcSfvcvGvz9JG9xdYKIxAdTj/0F/Pu59LfGfyrXfq/ifCAOhENXHWsjMAPU1TD2903qFrGz8jyRpmakz/UN2uv9/yMX/Uq79w5r/N/JfRLSVjf+vkrSBTImjyWcS//jl8//lXPuHEf/6+Dd8/3clG/9GrEN/pkjyl2w//7fGfzrXfsf4H21N2n6Fcd+M03GeiDJXwGbUSO/0/+rIysZ/oCX/xfNf3NX670qu/kE9/zX7bT7/Naf/P0eN5z/ay8Z/sGO5bu//mVy9Xs//E8n6j73Kxv9YkpZdOw8nn93GfzbXfq/inzyVDDTj/2I++fFoI/0T67+uZOP/60ZivLvERvKZrP+il6//r+baP4z1X338G3Fve31TZON/vGO5evy/7OL7/1quXu/jH8Kotf6eZeM/1LFccv8PvDz+c7l6vY7/n3rZOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBrYDI9DocoHsmcx/HISAgX0/Mz4Vg0X1oszleqC2+vhTCVphfCqehupTpfqhSXVqqL5WKpUqkuhHApzT8dBqK1SrVWXC7dv7zT1mB0r1xarc2XS7UQwnSa/vsw1Gxrfqm2XLofQriyk/ebuLp6/15ppbi4tPrP0dHR0TCzM4aTUfndWnml1ui9kRvC7E7d4WjX4JLsqztjOR69VV1fXSlVkvRru+pUqgulyq46c2neh+FkVFtdX1ko1crFSvVus7/DNJEep2Zu/O/GtbGW/NtR4zh5sMMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4BU9Gf/HRyGE/sZZHEKYaP4QtSv/+Gn5fPH53MOt8bOzm4+2nnUqBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzEDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbpHzWBIIoD8JsJ5E+XY6Raki7thkBIimwIeAI9hofRo3gJ72BhYWshguyirruwIHbf1zyYHzPvwTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAY5uu/Gv29vkWkeNw9RCwmy9Vp/lPX2Uf3/buhje6vm5Pb+P6tPo9/mC7y9/poXeZDut1Mx9FRG/PWnrT36bzPU+9cffvWN1/T9zlSLiKirPOXlHNRDHsLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANizAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRd8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvwIAAP//gmMaYw==")
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1000000000000000edf1139c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a00400", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'geneve0\x00'})
r1 = openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000000)={0x7fff, 0x101, 0xe48b8c52ee879aff, {0x9, @pix_mp={0x1, 0xbf4d, 0x41495043, 0x9, 0x6, [{0x9, 0x7fc0000}, {0xbdf2, 0x15b}, {0x80000000, 0x9}, {0x4, 0x4}, {0x1, 0xac}, {0x7a, 0x1}, {0xff, 0xfffff76d}, {0xcdc, 0x8}], 0x2, 0x9, 0x6, 0x1, 0x6}}, 0x2})

7m1.619983351s ago: executing program 0 (id=13):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
close(r0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0xf8, 0x8, 0x4, 0x6, {0x8, 0x0, 0x0, 0x5, 0x0, 0x8001, 0x1, 0x1, 0x0, 0xfffe, 0x8, 0x6, 0xffffffff, 0x77, "ba9a42182e2cbb318719fb31f6699332292cc81f89f0758000"}})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1f00000004000000060000000700000080130000", @ANYRES32, @ANYBLOB="0000000000000000008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000001"], 0x50)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
socket$kcm(0x10, 0x5, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000304fc0400"/20, @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000240012800b00010062726964676500001400028005001900060000000500180001000000"], 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x18, 0x5, &(0x7f00000001c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a7fbb}, @ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}], {0x95, 0x0, 0x0, 0x20}}, &(0x7f0000000000)='syzkaller\x00', 0x5}, 0x94)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000200))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
io_setup(0x4, &(0x7f0000000040))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r5, &(0x7f0000000240)={0x10, 0x0, 0x25dfdbfc, 0x1000}, 0xc)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r7 = dup(r6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r7, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)

6m57.694463568s ago: executing program 0 (id=19):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0)
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x80, 0x141)
getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000)

6m56.149456422s ago: executing program 32 (id=19):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0)
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x80, 0x141)
getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000)

22.870042004s ago: executing program 4 (id=674):
socket$pppoe(0x18, 0x1, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r1, 0x40047438, 0x0)
ioctl$PPPIOCBRIDGECHAN(r1, 0x40047435, 0x0)
close(0x3)

20.753216985s ago: executing program 4 (id=681):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x4040001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz1\x00', 0x10})
ioctl$UI_DEV_CREATE(r3, 0x5501)
ioctl$UI_DEV_DESTROY(r3, 0x5502)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)={0x0, &(0x7f00000004c0)=""/72, &(0x7f0000000740)="effc933fe97c092030c80851ca0cc117e36a7e03595e3af0c20ebb7e88059987afe046f064cfa53bb46c81b7863201e3f14db67db895893f0f", &(0x7f00000007c0)="df74c55f844757ee72779411b6043dd1c270b9048ad1f690a1dd3174496dc63d4f16ba8ef113afbf4139d33458e94867b75fd01544123aeb56aa0f50817c7bb7eef34c440e32c12df88697d1ffa6fe1a918b750f3768ac90aaa83e573281748a56722a4805f9", 0x1, 0xffffffffffffffff, 0x4}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000001c0)='./cgroup\x00', 0x3)
io_submit(0x0, 0x1, &(0x7f00000012c0)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x2004, 0xffffffffffffffff, 0x0, 0xfffffe60, 0x800, 0x0, 0x6}])

17.2118115s ago: executing program 5 (id=683):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(0xffffffffffffffff, 0x40045402, 0x0)
read(0xffffffffffffffff, &(0x7f0000000200)=""/129, 0x81)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x8, 0x0, 0x8}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in=@remote, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x5, 0x0, 0xb7}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0xd, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x3f1f}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x7, 0x9, 0x0, 0x0, 0x5c}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x7}, {0x18, 0x2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x6, 0x1, 0x6, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x5}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',group_id'])
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x0}, 0x94)

16.896145036s ago: executing program 5 (id=686):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000100)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
r0 = open(&(0x7f0000000000)='./file2\x00', 0x109042, 0x0)
pwritev(r0, 0x0, 0x0, 0x0, 0x0)

15.762549537s ago: executing program 3 (id=687):
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c9200a00060002"], 0xf)
syz_clone(0x1222080, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x6, 0x10001, 0x34324152, 0x0, 0xb, [{}, {0x10}, {0x2}, {0x0, 0x1}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$inet6_int(r1, 0x29, 0x4e, 0x0, &(0x7f0000000280))
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000000)=@filename='./file0\x00', 0x0, &(0x7f0000000180)='./file0\x00')
quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000902, 0x0, &(0x7f0000000300))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x7, &(0x7f0000000240))

14.382323529s ago: executing program 5 (id=689):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bd2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
setrlimit(0x8, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
tee(r4, 0xffffffffffffffff, 0x4e, 0x0)
write$binfmt_script(r5, &(0x7f0000000800)={'#! ', './file0'}, 0xb)

13.509945529s ago: executing program 5 (id=692):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000003c0)='mptcp_subflow_get_send\x00', r1}, 0x18)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x5ec0, @empty}, 0x1c)
listen(r0, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r0, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x3, 0x52, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000020000202505a1a440000000010109024000010100c07d090400fe1602020000"], 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000180), 0x10000001d, 0x8041)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)=@usbdevfs_connect)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001500)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x14000801}, 0x40000)

13.446651584s ago: executing program 4 (id=693):
mkdir(&(0x7f0000000400)='./file0\x00', 0x101)
pipe2$9p(&(0x7f0000001900), 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[], 0x1d0}, 0x1, 0x0, 0x0, 0x4048011}, 0xc080)
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0xe0, r0, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x800}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8001}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xf}]}, @TIPC_NLA_MON={0x4}, @TIPC_NLA_LINK={0x50, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}]}, @TIPC_NLA_NODE={0x4}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_MEDIA={0x28, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x97}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x1}, 0x20000010)
creat(&(0x7f0000000080)='./file0\x00', 0xa)
pipe2$9p(&(0x7f00000001c0), 0x0)
socket(0x1d, 0x2, 0x6)
socket$igmp6(0xa, 0x3, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000280), 0x3, 0x389001)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x4)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000080)=0x7f)

12.220794193s ago: executing program 2 (id=694):
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x2, 0x6}}, 0x20)
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c367634b7aac63a01000000000000004faa2ae2c084a0ea00ffffffffffffff7f0c00002000", "036c47c6335263a3bcef549ba197fce47ddfdd753abd9501ff00000000e8f20000000200000042e377d2eb637b4a73610200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
close_range(r1, 0xffffffffffffffff, 0x0)

12.13566339s ago: executing program 3 (id=695):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402505a8a4410001020b0109021b00010100c00009040000020701010009050102"], 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r2, 0x604, 0x0)
eventfd(0x5f0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x40a0ae49, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(0xffffffffffffffff, 0x4020aed2, &(0x7f0000000000)={0x8000000, 0x301000, 0x8})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r3 = openat$sndseq(0xffffff9c, &(0x7f0000000240), 0x80003)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r3, 0xc0605345, &(0x7f00000002c0)={0x44, 0x2, {0x2, 0x0, 0xfffffffb, 0x3, 0x2}, 0x7ff})
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fcntl$lock(r4, 0x6, &(0x7f0000000000)={0x0, 0x0, 0xc, 0xffffffffffffffff})
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x15, 0x5, 0x0)
openat$userio(0xffffffffffffff9c, 0x0, 0x800, 0x0)
setpriority(0x0, 0x0, 0x1fb)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x1c, &(0x7f0000000100)=ANY=[@ANYBLOB="1808000000010000000000000000000018", @ANYRES32=r7, @ANYRESHEX=r0, @ANYRES32=r6, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf980000000000005608f8ffffff00008500000007000000b70000000000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
pselect6(0x40, &(0x7f0000000080)={0x5, 0x0, 0x120000000000, 0x2, 0x500, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000180)={0x3fe, 0x7, 0x0, 0x9, 0x86, 0x800, 0x80000002}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

11.498393541s ago: executing program 1 (id=696):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000500)=ANY=[], 0x9, 0x201, &(0x7f0000000f40)="$eJzsVUtrU0EU/s7NJLfRLAru3BpsN9rmFsS1G7vXH2BIr7WY+OhENKFgdNONgvgnCv4JXQi6dyEiuNGFgi4qrioSOTNnJpMH9ra+NvPB5XznPY87M1f0TZ0C+LG71cI8DAg1vCWCArBA1rZXsfKryKHgo7J6Q+xPRH4QqXv9Vw8s7V9tttv5pu79mqQgYJ+YcTJtOvf04bHi+RPk5f1xC6FIFqnD9Po90i3ZlZ12PRqzpLNiJBeTlRsX/vEsDk+qU4N35FsNCC2f/mD3Mq9mGTNjiA70r88gXMAQwLu+16a3aZK8eWw7z4wpSXoV48uyL+FT/L93mQnfRYYkB0rXkP3Q5+8l+EJAGa93t1psvSS3GLvX7OeOhMli5XkQc1wBA4BKGJqiXEdJ7AKApW7nxpLu9U9tdJrr+Xp+LctWziy/OCpHdHgX2Gjny2SGYdMTJgoefE6rgZ//tHcj/wABKBgaeF4jsy/pLufFE0FIFUiC3KCGFHjm+6diu6U7uIiTmANwe8DuTBaoDq6mcJmntgpCSZSGCgeEPSSYM47TrevttW0QyKXtQPkajfcoeyUThRvlK2f99LdF1kWuitwZ9TNwb5d7k5Sp8Fm0xQFQwZ1mt7tpHi/L2FbxFYwtm/edE+nqXkPXrJ6iII4UDYyIiIiIiIiI+Ev4GQAA//8sQT03")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x48)
timer_create(0x2, 0x0, 0x0)
timer_settime(0x0, 0x5, 0x0, 0x0)
sigaltstack(&(0x7f0000000080)={0x0}, 0x0)
connect$inet(r4, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)

11.027563969s ago: executing program 2 (id=697):
fanotify_mark(0xffffffffffffffff, 0x80, 0x8, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x3)
socket$nl_xfrm(0x10, 0x3, 0x6)
shmget$private(0x0, 0x1000, 0x0, &(0x7f00008f0000/0x1000)=nil)
shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
r3 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000240)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1008a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1517, &(0x7f0000001240)="$eJzs3AuYTlX7MPD7XmttxjTxNMlhWGvdmycNlkOSHJLkkCTJK0lOCaFJkoTEOEsakiTHSXIYQnKYxqRxPh9yTpKkSZKQkLC+S3993rf30Pf+/32f63vn/l3Xvqz72c+99r2fez/2s/dzPfNdj1F1mtWt2YSI4H8E/+ufZACIAYBhAJAPAAIAqBhfMf7y+jwSk/9nG2F/rofTrnUF7Fri/uds3P+cjfufs3H/czbuf87G/c/ZuP85G/efsZxs2+zCN/CScxe+/5+T8fn/P0h2mUlfbShzU89/I4X7n7Nx/3M27n/Oxv3P2bj/ORv3P2fj/uds3H/GcrL//r1j/u7gP2G51scfY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLGc4Zy/SgHAb+NrXRdjjDHGGGOMMcb+PD73ta6AMcYYY4wxxhhj//chCJCACJALckMM5IFYuA7i4HrIC/kgAjdAPNwI+eEmKAAFoRAUhgQoAkVBgwELBCEUg+IQhZuhBNwCiVASSkFpcFAGykI5KA+3QgW4DSrC7VAJ7oDKUAWqQjW4E6rDXVAD7oaacA/UgtpQB+rCvVAP7oP6cD80gAegITwIjeAhaAx/gSbwMDSFR6AZPArN4TFoAS2hFbSGNv+t/BehD7wEfaEfJEN/GAADYRAMhiEwFIbByzAcXoER8CqkwEgYBa/BaHgdxsAbMBbehHHwFoyHCTARJsFkmAKp8DZMhXdgGrwL02EGzIRZkAazYQ68B3NhHsyH92EBfAALYREshiWQDh9CBiyFTPgIlsHHkAXLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBp/AdtgBO2EX7IY9sBc+hX3wGeyHz+EAfPFv5p/9XX5PBAQUKFChwlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBQNGiQkVFeOpBJYAhMxEUthKXTosCyWxfJ4K1bAClgRK2IlrISVsQpWwWpYDatjdayBNbAm1sRaWAvrYB28F+/F+7A+1scG2AAbYkNshI2wMTbGJtgEm2JTbIbNsDk2xxbYAlthK2yDbbAttsV22A47YAfsiB2xM3bGJEzCLtgFu2JX7IbdsDt2xx7YA3tiL+yFL+KL+BK+hP2wluiPA3AADsJBOASH4lB8GYfjK/gKvoopOBJH4Wv4Gr6OY/AMjsU3cRyOw+piAk7ESUhiCqZiKk7FqTgNp+F0nIEzcBam4Wycg3NwLs7Defg+LsAP8ANchItwCaZjOmbgUszETFyGZzELl+MKXImrcDWuwrW4DtfiBtyIG3AzbsatuBU/wU9wB+7AXbgL91x+rfFT/Aw/wxQ8gAfwIB7EQ3gID+NhzMZsPIJH8CgexWN4DI/jcTyBJ/EUnsTTeBrP4Fk8h+fwPJ7HC/h8wjdN95RcnwLiMiWUyCVyiRgRI2JFrIgTcSKvyCsiIiLiRbzIL/KLAqKAKCQKiQSRIIqKosIII0iEopgoJqIiKkqIEiJRJIpSopRwwomyoqwoL8qLCqKCqChuF5XEHaKyqCLau2qimqguOrga4m5RU9QUtURtUUfUFXVFPVFP1Bf1RQPRQDQUDUUj8ZBoLPrjEHxYXO5MMzESm4tR2EK0FK1Ea/E6Pi7aijHYTrQXHcST4k0ci51FW5cknhZdxETsKp4Vk/A50V1MwR7iBdFT9BK9xYuij2jn+op+Yjr2FwPELBwkBoshYqiYi7XF5Y7VEa+KFDFSjBKviSX4uvjtGB8n3hLjxQQxUUwSk8UUkSreFlPFO2KaeFdMFzPETDFLpInZYo54T8wV88R88b5YID4QC8UisVgsEeniQ5EhlopM8ZFYJj4WWWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im3iE7Fd7BA7xS6xW+wRe8WnYp/4TOwXn4sD4gtxUHwpDomvxGHxtcgW34gj4ltxVHwnjonvxXHxgzghTopT4kdxWvwkzoiz4pz4WZwXv4gL4qK4JLwAiVJIKZUMZC6ZW8bIPDJWXifj5PUyr8wnI/IGGS9vlPnlTbKALCgLycIyQRaRRaWWRlpJMpTFZHEZlTfLEvIWmShLylKytHSyjCwry8ny8lZZQd4mK8rbZSV5h6wsq8iqspq8U1aXd8ka8m5ZU94ja8naso6sK++V9eR9sr68XzaQD8iG8kHZSD4kG8u/yCbyYdlUPiKbyUdlc/mYbCFbylaytWwjH5dt5ROynWwvO8gnZUfZSXaWT8kk+bTsIp+RXeWzspt8TnaXz8se8gXZU/aSveVFeUl62Vf2k8myvxwgB8pBcrAcIofKYfJlOVy+IkfIV2VKDADI1+Ro+bocI9+QY+Wbcpx8S46XE+REOUlOllNkqnxbTpXvyGnyXTldzpAz5SyZJmfLIVdmmv9/kP/OP8gfIVPkSLlVbpOfyO1yh9wpd8ndco/cK/fKfXKf3C/3ywPygDwoD8pD8pA8LA/LbJktj8gj8qg8Ko/JY/K4PC5PyJPyZ/mjPC1/kmfkWXlW/izPy/PywpXXABQqoaRSKlC5VG4Vo/KoWHWdilPXq7wqn4qoG1S8ulHlVzepAqqgKqQKqwRVRBVVWhllFalQFVPFVVTdjFfeIqqUKq2cKqPKqnL/Tr4qoW5Riark3+T/UX1tVBvVVrVV7VQ71UF1UB1VR9VZdVZJKkl1UV1UV9VVdVPdVHfVXfVQPVRP1VP1Vr1VH9VH9VV9VbJKVgPUQDVIDVZD1FA1rD+o4Wq4GqFGqBSVokapUWq0Gq3GqDFqrBqrxqlxarwaryaqiWqymqxSVaqaqqaqaWqamq6mq5lqpkpTaWqOmqPmqrlqvpqvFqgFaqFaqBarxSpdpasMlaEyVaZappapLLVcLVcr1Uq1Wq1Wa9VatV6tVxvVRrVZbVZZapvaprar7Wqn2ql2q91qr9qr9ql9ar/arw6oA+qgOqgOqUPqsDqsslW2OqKOqKPqqDqmjqnj6rg6oU6oU+qUOq1OqzPqjDqnzqnz6ry6oC6oS+qSggACEYhABSrIFeQKYoKYIDaIDeKCuCBvkDeIBJEgPogP8gc3BQWCgkGhoHCQEBQJigY6MIENKAiDYkHxIBrcHJQIbgkSg5JBqaB04IIyQdmgXFA+uDWoENwWVAxuDyoFdwSVgypB1aBacGdQPbgrqBHcHdQM7glqBbWDOkHd4N6gXnBfUD+4P2gQPBA0DB4MGgUPBY2DvwRNgoeDpsEjQbPg0aB58FjQImgZtApaB23+rPkVBE0D788UfML11f10su6vB+iBepAerIfooXqYflkP16/oEfpVnaJH6lH6NT1av67H6Df0WP2mHqff0uP1BD1RT9KT9RSdqt/WU/U7epp+V0/XM/RMPUun6dl6jn5Pz9Xz9Hz9vl6gP9AL9SK9WC/R6fpDnaGX6kz9kV6mP9ZZerleoVfqVXq1XqPX6nV6vd6gN+pNerPeorfqbfoTvV3v0Dv1Lr1b79F79ad6n/5M79ef6wP6C31Qf6kP6a/0Yf21ztbf6CP6W31Uf6eP6e/1cf2DPqFP6lP6R31a/6TP6LP6nP5Zn9e/6Av6or6k/eUP95dP70YZZXKZXCbGxJhYE2viTJzJa/KaiImYeBNv8pv8poApYAqZQibBJJiipqi5jAyZYqaYiZqoKWFKmESTaEqZUsYZZ8qasqa8KW8qmAqmoqloKplKprKpbKqaquZOc6e5y9xl7jZ3m3vMPaa2qW3qmrqmnqln6pv6poFpYBqahqaRaWQam8amiWlimpqmpplpZpqb5qaFaWFamVamjWlj2pq2pp1pZzqYDqaj6Wg6m84mySSZLqaL6Wq6mm6mm+luupsepofpaXqa3qa36WP6mL6mr0k2yWaAGWAGmUFmiBlihplhZrgZbkaYESbFpJhRZpQZbUabMWaMGWveNOPMW2a8mWAmmklmspliUk2qmWqmmmlmmpluppuZZqZJM2lmjplj5pq5Zr6ZbxaYBWahWWgWm8Um3aSbDJNhMk2mWWaWmSyTZVaYFWaVWWXWmDVmnVlnNpgNZpPZZLaYLWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W8OmAPmoDnoEcAcNodNtsk2R8wRc9QcNcfMMXPcHDcnzAlzypwyp81pc8acMefMOXPe/GIumIvmkvEmxuaxsfY6G2evt3ltPvv7uJAtbBNsEVvUalvAFvyb2FhrE21JW+q3S0xbziZePpfa0tbZMrasLWcr2yq2qq1m77TV7V22xu/jfGDvs/Xt/baBfcDWtffaen8VN7QP2kb2UdvYPmab2Ja2qW1tm9lHbXP7mG1hW9pWtrXtaDvZzvYpm2Sftl3sM38XZ9ildp1dbzfYjXaf/cyesz/bo/Y7e97+YvvafnaYfdkOt6/YEfZVm2JH/l08zr5lx9sJdqKdZCfbKX8Xz7SzbJqdbefY9+xcO+/v4nT7oV1gM+1Cu8gutkt+jS/XlGk/ssvsxzbLLrcr7Eq7yq62a+za/13rSrvZbrFb7V77qd1ud9iddpfdbff8Gl/ej/32c3vAfmGP2G/tIfuVPWyP2Wz7za/x5f07Zr+3x+0P9oQ9aU/ZH+1p+5M9Y89e3n9/ed9/tBftJestEJIgSYoCykW5KYbyUCxdR3F0PeWlfBShGyiebqT8dBMVoIJUiApTAhWhoqTJkCWikIpRcYrSzVSCbqFEKkmlqDQ5KkNlqRyVp1upAt1GFel2qkR3UGWqQlWpGt1J1ekuqkF3U026h2pRbapDdeleqkf3UX26nxrQA9SQHqRG9BA1pr9QE3qYmtIj1Iwepeb0GLWgltSKWlMbepza0hPUjtpTB3qSOlIn6kxPURI9TV3oGepKz1I3eo660/PUg16gntSLetOL1Ideor7Uj5KpPw2ggTSIBtMQGkrD6GUaTq/QCHqVUmgkjaLXaDS9TmPoDRpLb9I4eovG0wSaSJNoMk2hVHqbptI7NI3epek0g2bSLEqj2TSH3qO5NI/m0/u0gD6ghbSIFtMSSqcPKYOWUiZ9RMvoY8qi5bSCVtIqWk1raC2to/W0gTbSJtpMW2grbaNPaDvtoJ20i3bTHtpLn9I+ynPlDfcFHaQv6RB9RYfpa8qmb+gIfUtH6Ts6Rt/TcfqBTtBJOkU/0mn6ic7QWTpHP9N5+oUu0EW6RJ4gxFCEMlRhEOYKc4cxYZ4wNrwujAuvD/OG+cJIeEMYH94Y5g9vCguEBcNCYeEwISwSFg11aEIbUhiGxcLiYTS8OSwR3hImhiXDUmHp0IVlwrJhubB8eGtYIbwtrBjeHlYK7wgrh1XCRx+oFt4ZVg/vCmuEd4c1w3vCWmHtsE5YN7w3rBfeF9YP7w8bhA+EFcIHw0bhQyFc+b1K0/CRsFn4aNg8fCxsEbYMW4Wtwzbh42Hb8ImwXdg+7BA+GXYMO4Wdw6fCpPDpsEv4zB+uTw77hwPCgeHA0Pv75eLokmh69MNoRnRpNDP6UXRZ9ONoVnR5dEV0ZXRVdHV0TXRtdF10fXRDdGN0U3RzdEt0a9T7urnBoRNOOuUCl8vldjEuj4t117k4d73L6/K5iLvBxbsbXX53kyvgCrpCrrBLcEVcUaedcdaRC10xV9xF3c2uhLvFJbqSrpQr7Zwr48q61q6Na+PauidcO9fedXBPuiddJ9fJPeWeck+7Lu4Z19U967q551x397x73r3gerperrd70fVxL7m+rp9LdslugBvgBrlBbogb4oa5YW64G+5GuBEuxaW4UW6UG+1GuzFujBvrxrpxbpwb78a7iW6im+wmu1SX6qa6qW6am+YCAJjpZro0l+bmuDlurpvr5rv5bkHiArfQLXSL3WKX7tJdhstwmS7TLXPLXJbLcivcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXPb3Xa30+10u91ut9ftdfvcPrff7XcH3AF30B10h9whd9h97bLdN+6I+9Yddd+5Y+57d9z94E64k+6U+9Gddj+5M+6sO+d+dufdL+6Cu+guOe9SI29HpkbeiUyLvBuZHpkRmRmZFUmLzI7MibwXmRuZF5kfeT+yIPJBZGFkUWRxZEkkPfJhJCOyNJIZ+SiyLPJxJCuyPLIisjKyKrJagS+yPfTFfHEf9Tf7Ev4Wn+hL+lK+tHe+jM/ty/ny/lZfwd/mK/rbfSV/h6/sq/iq/jHfwrf0rXxr38Y/7tv6J3w739538E/6jr6T7+yf8kn+ad/FP+O7+md9N/+c7+6f9z38C76n7+V7+xd9H/+S7+v7+WTf3w/wA/0gP9gP8UP9MP+yH+5f8SP8qz7Fj/Sj/Gt+tH/dj/Fv+LH+TT/Ov+XH+wl+op/kJ/spPtW/7af6d/w0/66f7mf4mX6WT/Oz/Rz/np/r5/n5/n2/wH/gF/pFfrFf4tP9hz7DL/WZ/iO/zH/ss/xyv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8J3673+F3+l1+t9/j9/pP/T7/md/vP/cH/Bf+oP/SH/Jf+cP+a5/tv/FHsr71R/13/pj/3h/3P/gT/qQ/5X/0p/1P/ow/68/5n/15/4u/4C/6S//mb9Zq/xm3zhljjDHG/j808A/W9/8HjykAEFfGv3jvr99ROPuv10sA2FTgv8aDRULHCAA83a/Hw78ttWolJydfeW6WhKD4IgCI/G4DV+Ll0AE6QRK0h/L/sL7Botd5+hfzZ4yhydHbAWL/KicGrsZX5//yn8z/+JPjMiqF5+L/ef3RRQCJxa/mXL4K/y1eDh1+/eqwPVT4J/MXbPuv6s+SkOerVIB2f5UTBwDt8vy+/rLwBDwDSX/zzAb/cJuMMcYYY4wxxnKewaJqtz+4/vz1+jxBXc3JDVfjP7o+Z4wxxhhjjDHG2LX3XK/eTz2elNS+Gw94wIMcNuj0L55zrf9nYowxxhhjjP3Zrn7ov/pYnmtZEGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlgP9v/hLY9d6HxljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFr7X8FAAD//8HaM+M=")

10.360254833s ago: executing program 1 (id=698):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc1105511, 0x0)
bind$unix(r3, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
shutdown(r2, 0x0)
connect$unix(r2, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
accept(r3, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f00000001c0), &(0x7f0000000400)='./file0\x00', 0x809, &(0x7f0000000200)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYRESOCT, @ANYRES32, @ANYRES16, @ANYBLOB="8dc89e7744fa9283c8fa8c347820bdca1970caa5351156b73b183e1dc9fbec51f67262d0581ba26188990a74a6c6019862883960ebdace93bbf50ef802a5cdd5b03697b62f712512c7fe60cf519a4e60ca1894b0469dde3b32722ee8a3ea588ce873083729be815cc269c3"], 0xff, 0x210, &(0x7f0000000440)="$eJzsmb9rFEEUx7+zu9lNggg2FjYpDBgxyf44lTQHKoiVIERRy8NswukmJ5cVkoBwh42NpYigpf+AhcXVdjZiY6GFPxAsvFKwEEZmdnZvbm/3PGFFJO9TzL15b968mdm5b7ELgiD2LZ8+fv/w4NzK5UUABzAPR/m/moMxhjb+/eM7Jx7Wzz95/u7Zy62Dd3v5+eoAOB/0X38eX58BHZy1S+Pzonk07LsCA8eVfRVZ7k8uSTohGK6rwE3Nbs0oIwqXb7SitfVmFHqi8UUTiKam17IA9LsMawCm5d44Z1p8e3fvViOKwnbemOJpneFQWr84q9AYc3yd1KirX7E+8byu3b/XFf1l5fdgJGcJwIcBX9k1MKwqewUO5gBkR6Lt/4g1mN+cZP//ymA/kmsgPIeWKi9h4k+ynqL4Evz/xuJbYNjDnepr4czfWDzLe8QfOvMc7vdejWZ9qaS6kLvRkFPNvljZZZPCBe15XVBj3sxG0cXJF9/JK5c9TstEYEbqB7OAY5o+WbAy/XDjzdvu9u7eUnOzsRFuhFtBUDvtnfS8U4G73nTguVKhSwXQwrTUp1lt/qmSsTazsdOI47a/A8RtP+sHSasp7uqL1jeZY0j9M7BwNJlDHLLctlNcg2nFmRy9YJYuniAIgiAIgiAIgiAIgiAI4rekLyMZgDkwJJ9A5IcqXkJwSWb8CgAA//8pOFyp")

9.564389578s ago: executing program 2 (id=699):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000100)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
r0 = open(&(0x7f0000000000)='./file2\x00', 0x109042, 0x0)
pwritev(r0, 0x0, 0x0, 0x0, 0x0)

7.55530903s ago: executing program 5 (id=700):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={0x0})
close(r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1f00000004000000060000000700000080130000", @ANYRES32, @ANYBLOB="0000000000000000008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000001"], 0x50)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000304fc0400"/20, @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000240012800b00010062726964676500001400028005001900060000000500180001000000"], 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x18, 0x5, &(0x7f00000001c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a7fbb}, @ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}], {0x95, 0x0, 0x0, 0x20}}, &(0x7f0000000000)='syzkaller\x00', 0x5}, 0x94)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000200))
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
io_setup(0x4, &(0x7f0000000040))
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r5, &(0x7f0000000240)={0x10, 0x0, 0x25dfdbfc, 0x1000}, 0xc)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r7 = dup(r6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r7, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)

7.55368657s ago: executing program 4 (id=701):
socket$nl_rdma(0x10, 0x3, 0x14)
recvmsg$qrtr(0xffffffffffffffff, 0x0, 0x0, 0x12022)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, 0x0, 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x40f00, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x64, 0x30, 0xb, 0x1, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x1, 0x0, 0x40}}, @TCA_CT_ZONE={0x6, 0x4, 0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001100c9a3e2dc7e2cbd7000fedbdf25fe8000000000000000ee2000ec4000bb130004d60aeb32000c0015005d0735006e000000"], 0x34}}, 0x8000)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000600)='/proc/bus/input/handlers\x00', 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)

7.293129361s ago: executing program 1 (id=702):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000500)=ANY=[], 0x9, 0x201, &(0x7f0000000f40)="$eJzsVUtrU0EU/s7NJLfRLAru3BpsN9rmFsS1G7vXH2BIr7WY+OhENKFgdNONgvgnCv4JXQi6dyEiuNGFgi4qrioSOTNnJpMH9ra+NvPB5XznPY87M1f0TZ0C+LG71cI8DAg1vCWCArBA1rZXsfKryKHgo7J6Q+xPRH4QqXv9Vw8s7V9tttv5pu79mqQgYJ+YcTJtOvf04bHi+RPk5f1xC6FIFqnD9Po90i3ZlZ12PRqzpLNiJBeTlRsX/vEsDk+qU4N35FsNCC2f/mD3Mq9mGTNjiA70r88gXMAQwLu+16a3aZK8eWw7z4wpSXoV48uyL+FT/L93mQnfRYYkB0rXkP3Q5+8l+EJAGa93t1psvSS3GLvX7OeOhMli5XkQc1wBA4BKGJqiXEdJ7AKApW7nxpLu9U9tdJrr+Xp+LctWziy/OCpHdHgX2Gjny2SGYdMTJgoefE6rgZ//tHcj/wABKBgaeF4jsy/pLufFE0FIFUiC3KCGFHjm+6diu6U7uIiTmANwe8DuTBaoDq6mcJmntgpCSZSGCgeEPSSYM47TrevttW0QyKXtQPkajfcoeyUThRvlK2f99LdF1kWuitwZ9TNwb5d7k5Sp8Fm0xQFQwZ1mt7tpHi/L2FbxFYwtm/edE+nqXkPXrJ6iII4UDYyIiIiIiIiI+Ev4GQAA//8sQT03")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x48)
timer_settime(0x0, 0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x10012, r5, 0x1000)
sigaltstack(&(0x7f0000000080)={0x0}, 0x0)
connect$inet(r4, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)

6.902357533s ago: executing program 3 (id=703):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000500)=ANY=[], 0x9, 0x201, &(0x7f0000000f40)="$eJzsVUtrU0EU/s7NJLfRLAru3BpsN9rmFsS1G7vXH2BIr7WY+OhENKFgdNONgvgnCv4JXQi6dyEiuNGFgi4qrioSOTNnJpMH9ra+NvPB5XznPY87M1f0TZ0C+LG71cI8DAg1vCWCArBA1rZXsfKryKHgo7J6Q+xPRH4QqXv9Vw8s7V9tttv5pu79mqQgYJ+YcTJtOvf04bHi+RPk5f1xC6FIFqnD9Po90i3ZlZ12PRqzpLNiJBeTlRsX/vEsDk+qU4N35FsNCC2f/mD3Mq9mGTNjiA70r88gXMAQwLu+16a3aZK8eWw7z4wpSXoV48uyL+FT/L93mQnfRYYkB0rXkP3Q5+8l+EJAGa93t1psvSS3GLvX7OeOhMli5XkQc1wBA4BKGJqiXEdJ7AKApW7nxpLu9U9tdJrr+Xp+LctWziy/OCpHdHgX2Gjny2SGYdMTJgoefE6rgZ//tHcj/wABKBgaeF4jsy/pLufFE0FIFUiC3KCGFHjm+6diu6U7uIiTmANwe8DuTBaoDq6mcJmntgpCSZSGCgeEPSSYM47TrevttW0QyKXtQPkajfcoeyUThRvlK2f99LdF1kWuitwZ9TNwb5d7k5Sp8Fm0xQFQwZ1mt7tpHi/L2FbxFYwtm/edE+nqXkPXrJ6iII4UDYyIiIiIiIiI+Ev4GQAA//8sQT03")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x48)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x10012, r5, 0x1000)
prlimit64(r1, 0xa, &(0x7f0000000300)={0x9, 0x2}, &(0x7f0000000340))

6.173898051s ago: executing program 4 (id=704):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_print_times', 0x101a02, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x8042, 0x0)
fallocate(r3, 0x3, 0x80007, 0x8000c60)

6.141502414s ago: executing program 1 (id=705):
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
fsetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
writev(0xffffffffffffffff, &(0x7f00000003c0)=[{0x0}], 0x1)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

5.120529997s ago: executing program 3 (id=706):
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xfe5d, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, 0x0)
ioctl$TCFLSH(r3, 0x400455c8, 0x4)
mbind(&(0x7f00003bf000/0x1000)=nil, 0x1000, 0x3, &(0x7f00000001c0)=0xaf, 0x8, 0x5)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000080)=0x7f)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000380)={0x320, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000300)={0x1}, 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x5c, 0x5c, 0x8, [@enum={0x3, 0xa, 0x0, 0x6, 0x4, [{0x5, 0x4}, {0x7, 0x1ff}, {0x1, 0x9}, {0x9, 0x900}, {0x4, 0x2}, {0xd, 0x9}, {0xd, 0x5}, {0xb, 0x6481}, {0x4, 0xfffffff9}, {0xf, 0x8}]}]}, {0x0, [0x0, 0x0, 0x2e, 0x2e, 0x0, 0x2e]}}, &(0x7f0000000340)=""/2, 0x7c, 0x2, 0x1, 0x47}, 0x28)

4.159584743s ago: executing program 4 (id=707):
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c367634b7aac63a01000000000000004faa2ae2c084a0ea00ffffffffffffff7f0c00002000", "036c47c6335263a3bcef549ba197fce47ddfdd753abd9501ff00000000e8f20000000200000042e377d2eb637b4a73610200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
close_range(r1, 0xffffffffffffffff, 0x0)

4.025873414s ago: executing program 2 (id=708):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bd2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
setrlimit(0x8, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
tee(r4, 0xffffffffffffffff, 0x4e, 0x0)
write$binfmt_script(r5, &(0x7f0000000800)={'#! ', './file0'}, 0xb)

3.118908147s ago: executing program 2 (id=709):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc4c85513, &(0x7f00000005c0)={{0x7, 0x2, 0xb175, 0x1, 'syz1\x00', 0x9f}, 0x1, [0x0, 0x4, 0x3, 0x4, 0x6, 0x5, 0x40, 0xfffffffffffffffb, 0x2, 0x0, 0x480000000000, 0x8, 0x80, 0x6, 0x7, 0x2, 0x9, 0x7, 0x5, 0xffffffffffffffff, 0x7f, 0x2, 0x6, 0x7326, 0x6, 0x8e17, 0x619, 0x6657, 0x1, 0x6, 0xd, 0x8, 0x100000001, 0x6, 0x0, 0x7fffffff, 0x5, 0x0, 0x7fff, 0x8000, 0x5, 0x5b1e, 0x4ced, 0x1, 0x80000001, 0x80, 0x8, 0x4, 0x0, 0x1000, 0x390, 0x6, 0x3, 0x9, 0x0, 0x0, 0x8, 0x0, 0x3e, 0x10, 0x46, 0x1, 0xfffffffffffffbff, 0xffffffffffff0001, 0x5, 0x8, 0x3, 0x3, 0x6, 0x4, 0xff, 0x7, 0x2493, 0xc, 0xe, 0xc5, 0x2, 0x0, 0x0, 0x5, 0x8, 0x9, 0xfff, 0x100, 0x2, 0x2, 0x81, 0x9, 0x5, 0x7, 0x2, 0x3, 0x9, 0x4, 0x8e9, 0x7, 0x1, 0x6, 0x100010000000, 0x2, 0xacc, 0x906d, 0xb, 0x10001, 0x9, 0x7, 0xfffffffffffffffe, 0x2f80, 0x0, 0xb3af, 0x80000001, 0xfffffffeffffffff, 0x2, 0x1, 0x5, 0x4, 0x8, 0x85a, 0xffffffffffff4e0a, 0x0, 0x200, 0x9, 0x1, 0x10000, 0x8, 0x2, 0x6, 0xd491]})
bind$unix(r3, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
shutdown(r2, 0x0)
connect$unix(r2, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
accept(r3, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f00000001c0), &(0x7f0000000400)='./file0\x00', 0x809, &(0x7f0000000200)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYRESOCT, @ANYRES32, @ANYRES16, @ANYBLOB="8dc89e7744fa9283c8fa8c347820bdca1970caa5351156b73b183e1dc9fbec51f67262d0581ba26188990a74a6c6019862883960ebdace93bbf50ef802a5cdd5b03697b62f712512c7fe60cf519a4e60ca1894b0469dde3b32722ee8a3ea588ce873083729be815cc269c3"], 0xff, 0x210, &(0x7f0000000440)="$eJzsmb9rFEEUx7+zu9lNggg2FjYpDBgxyf44lTQHKoiVIERRy8NswukmJ5cVkoBwh42NpYigpf+AhcXVdjZiY6GFPxAsvFKwEEZmdnZvbm/3PGFFJO9TzL15b968mdm5b7ELgiD2LZ8+fv/w4NzK5UUABzAPR/m/moMxhjb+/eM7Jx7Wzz95/u7Zy62Dd3v5+eoAOB/0X38eX58BHZy1S+Pzonk07LsCA8eVfRVZ7k8uSTohGK6rwE3Nbs0oIwqXb7SitfVmFHqi8UUTiKam17IA9LsMawCm5d44Z1p8e3fvViOKwnbemOJpneFQWr84q9AYc3yd1KirX7E+8byu3b/XFf1l5fdgJGcJwIcBX9k1MKwqewUO5gBkR6Lt/4g1mN+cZP//ymA/kmsgPIeWKi9h4k+ynqL4Evz/xuJbYNjDnepr4czfWDzLe8QfOvMc7vdejWZ9qaS6kLvRkFPNvljZZZPCBe15XVBj3sxG0cXJF9/JK5c9TstEYEbqB7OAY5o+WbAy/XDjzdvu9u7eUnOzsRFuhFtBUDvtnfS8U4G73nTguVKhSwXQwrTUp1lt/qmSsTazsdOI47a/A8RtP+sHSasp7uqL1jeZY0j9M7BwNJlDHLLctlNcg2nFmRy9YJYuniAIgiAIgiAIgiAIgiAI4rekLyMZgDkwJJ9A5IcqXkJwSWb8CgAA//8pOFyp")

2.460229681s ago: executing program 5 (id=710):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000003c0)='mptcp_subflow_get_send\x00', r1}, 0x18)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x5ec0, @empty}, 0x1c)
listen(r0, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r0, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x3, 0x52, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000020000202505a1a440000000010109024000010100c07d090400fe1602020000"], 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000180), 0x10000001d, 0x8041)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)=@usbdevfs_connect)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001500)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x14000801}, 0x40000)

2.262419467s ago: executing program 1 (id=711):
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c9200a0006000200"], 0xf)
syz_clone(0x1222080, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x6, 0x10001, 0x34324152, 0x0, 0xb, [{}, {0x10}, {0x2}, {0x0, 0x1}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, 0x0, &(0x7f0000000280))
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000000)=@filename='./file0\x00', 0x0, &(0x7f0000000180)='./file0\x00')
quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000902, 0x0, &(0x7f0000000300))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x7, &(0x7f0000000240))

1.48264294s ago: executing program 3 (id=712):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000500)=ANY=[], 0x9, 0x201, &(0x7f0000000f40)="$eJzsVUtrU0EU/s7NJLfRLAru3BpsN9rmFsS1G7vXH2BIr7WY+OhENKFgdNONgvgnCv4JXQi6dyEiuNGFgi4qrioSOTNnJpMH9ra+NvPB5XznPY87M1f0TZ0C+LG71cI8DAg1vCWCArBA1rZXsfKryKHgo7J6Q+xPRH4QqXv9Vw8s7V9tttv5pu79mqQgYJ+YcTJtOvf04bHi+RPk5f1xC6FIFqnD9Po90i3ZlZ12PRqzpLNiJBeTlRsX/vEsDk+qU4N35FsNCC2f/mD3Mq9mGTNjiA70r88gXMAQwLu+16a3aZK8eWw7z4wpSXoV48uyL+FT/L93mQnfRYYkB0rXkP3Q5+8l+EJAGa93t1psvSS3GLvX7OeOhMli5XkQc1wBA4BKGJqiXEdJ7AKApW7nxpLu9U9tdJrr+Xp+LctWziy/OCpHdHgX2Gjny2SGYdMTJgoefE6rgZ//tHcj/wABKBgaeF4jsy/pLufFE0FIFUiC3KCGFHjm+6diu6U7uIiTmANwe8DuTBaoDq6mcJmntgpCSZSGCgeEPSSYM47TrevttW0QyKXtQPkajfcoeyUThRvlK2f99LdF1kWuitwZ9TNwb5d7k5Sp8Fm0xQFQwZ1mt7tpHi/L2FbxFYwtm/edE+nqXkPXrJ6iII4UDYyIiIiIiIiI+Ev4GQAA//8sQT03")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x48)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x10012, r5, 0x1000)
prlimit64(r1, 0xa, &(0x7f0000000300)={0x9, 0x2}, &(0x7f0000000340))

102.702302ms ago: executing program 3 (id=713):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402505a8a4410001020b0109021b00010100c00009040000020701010009050102"], 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r2, 0x604, 0x0)
eventfd(0x5f0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x40a0ae49, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(0xffffffffffffffff, 0x4020aed2, &(0x7f0000000000)={0x8000000, 0x301000, 0x8})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r3 = openat$sndseq(0xffffff9c, &(0x7f0000000240), 0x80003)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r3, 0xc0605345, &(0x7f00000002c0)={0x44, 0x2, {0x2, 0x0, 0xfffffffb, 0x3, 0x2}, 0x7ff})
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fcntl$lock(r4, 0x6, &(0x7f0000000000)={0x0, 0x0, 0xc, 0xffffffffffffffff})
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x15, 0x5, 0x0)
openat$userio(0xffffffffffffff9c, 0x0, 0x800, 0x0)
setpriority(0x0, 0x0, 0x1fb)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x1c, &(0x7f0000000100)=ANY=[@ANYBLOB="1808000000010000000000000000000018", @ANYRES32=r7, @ANYRESHEX=r0, @ANYRES32=r6, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf980000000000005608f8ffffff00008500000007000000b70000000000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
pselect6(0x40, &(0x7f0000000080)={0x5, 0x0, 0x120000000000, 0x2, 0x500, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000180)={0x3fe, 0x7, 0x0, 0x9, 0x86, 0x800, 0x80000002}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

88.692472ms ago: executing program 1 (id=714):
socket$nl_rdma(0x10, 0x3, 0x14)
recvmsg$qrtr(0xffffffffffffffff, 0x0, 0x0, 0x12022)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, 0x0, 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x40f00, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x64, 0x30, 0xb, 0x1, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x1, 0x0, 0x40}}, @TCA_CT_ZONE={0x6, 0x4, 0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001100c9a3e2dc7e2cbd7000fedbdf25fe8000000000000000ee2000ec4000bb130004d60aeb32000c0015005d0735006e000000"], 0x34}}, 0x8000)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000600)='/proc/bus/input/handlers\x00', 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)

0s ago: executing program 2 (id=715):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bd2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
setrlimit(0x8, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
tee(0xffffffffffffffff, r4, 0x4e, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000800)={'#! ', './file0'}, 0xb)

kernel console output (not intermixed with test programs):

6229][ T4635] usb 3-1: USB disconnect, device number 4
[  101.353520][ T4635] usblp0: removed
[  101.390320][ T4503] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.738240][ T4706] device batadv_slave_1 entered promiscuous mode
[  101.762204][ T4363] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  101.997194][ T4363] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  102.461154][ T4363] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  102.681231][ T4705] device batadv_slave_1 left promiscuous mode
[  103.129064][ T4363] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  103.530343][ T4363] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  103.585009][ T4363] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  103.638401][ T4363] usb 4-1: Product: syz
[  103.658280][ T4363] usb 4-1: Manufacturer: syz
[  103.703588][ T4363] usb 4-1: SerialNumber: syz
[  103.958904][ T4363] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  104.375126][   T41] usb 4-1: USB disconnect, device number 2
[  105.739877][ T4728] usblp0: removed
[  105.995318][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  106.100757][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  106.156265][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  106.187571][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  106.241708][ T4503] device veth0_vlan entered promiscuous mode
[  106.295030][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  106.322685][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  106.357838][ T4503] device veth1_vlan entered promiscuous mode
[  107.320094][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  107.340498][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  107.402060][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  107.410976][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  107.463515][ T4503] device veth0_macvtap entered promiscuous mode
[  107.492457][ T4503] device veth1_macvtap entered promiscuous mode
[  107.628671][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.670069][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.696711][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.712762][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.722986][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.733741][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.744068][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.865699][ T4760] netlink: 12 bytes leftover after parsing attributes in process `syz.2.67'.
[  108.473996][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.522026][ T4309] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  108.522171][ T4503] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.611831][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  108.976263][ T4309] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  108.996120][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  109.024633][ T4309] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  109.032923][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  109.037739][ T4309] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  109.064531][ T4309] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  109.082232][ T4309] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  109.090591][ T4309] usb 4-1: Product: syz
[  109.102800][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.123075][ T4309] usb 4-1: Manufacturer: syz
[  109.144146][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.157414][ T4309] usb 4-1: SerialNumber: syz
[  109.177077][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.216897][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.229848][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.245794][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.256216][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.275176][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.296319][ T4503] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.312788][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  109.330348][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  109.347313][ T4503] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.368267][ T4503] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.380211][ T4503] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.398382][ T4309] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  109.411633][ T4503] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.568483][ T4553] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.584654][ T4553] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.862158][ T4445] usb 4-1: USB disconnect, device number 3
[  110.051792][ T4778] loop4: detected capacity change from 0 to 256
[  111.819742][ T4775] usblp0: removed
[  112.207598][ T4439] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  112.426721][ T4747] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.502983][ T4747] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.586556][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  116.210000][ T4809] loop2: detected capacity change from 0 to 512
[  116.272967][ T4809] EXT4-fs: Ignoring removed orlov option
[  116.353058][ T4809] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  116.495659][ T4809] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  116.632819][ T4821] netlink: 12 bytes leftover after parsing attributes in process `syz.5.79'.
[  117.169221][ T4809] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.78: corrupted in-inode xattr
[  117.279366][ T4809] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.78: couldn't read orphan inode 15 (err -117)
[  117.296005][ T4809] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  117.962604][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  118.182843][ T4832] fuse: Bad value for 'fd'
[  118.535171][ T4846] netlink: 3 bytes leftover after parsing attributes in process `syz.5.81'.
[  118.732405][ T4446] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  118.934117][ T4446] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  118.958114][ T4446] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  118.970755][ T4446] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  118.999755][ T4446] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  119.046448][ T4446] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  119.076011][ T4446] usb 3-1: Product: syz
[  119.086843][ T4446] usb 3-1: Manufacturer: syz
[  119.098835][ T4446] usb 3-1: SerialNumber: syz
[  119.335221][ T4446] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  119.346411][ T4859] input: syz1 as /devices/virtual/input/input7
[  119.663157][ T4582] usb 3-1: USB disconnect, device number 5
[  121.303373][ T4863] usblp0: removed
[  121.750449][ T4875] block device autoloading is deprecated and will be removed.
[  123.587799][ T4894] fuse: Bad value for 'group_id'
[  123.712179][ T4582] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  125.261450][ T4582] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  125.286797][ T4582] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  125.316709][ T4582] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  125.686531][ T4906] loop4: detected capacity change from 0 to 256
[  126.253307][ T4582] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  126.269902][ T4582] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  126.347769][ T4582] usb 2-1: Product: syz
[  126.364850][ T4582] usb 2-1: Manufacturer: syz
[  126.383260][ T4582] usb 2-1: SerialNumber: syz
[  126.494276][ T4582] usb 2-1: can't set config #1, error -71
[  126.501247][ T4582] usb 2-1: USB disconnect, device number 3
[  126.877633][ T4916] loop4: detected capacity change from 0 to 256
[  127.980596][ T4929] fuse: Bad value for 'group_id'
[  128.861836][ T4932] loop4: detected capacity change from 0 to 512
[  129.003259][ T4932] EXT4-fs: Ignoring removed orlov option
[  129.061807][ T4932] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  129.162045][ T4277] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  129.955302][ T4932] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  129.977224][ T4932] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.100: corrupted in-inode xattr
[  130.034116][ T4932] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.100: couldn't read orphan inode 15 (err -117)
[  130.105167][ T4277] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  130.124772][ T4932] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  130.132038][ T4277] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  130.152113][ T4277] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  130.226944][ T4277] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  130.240271][ T4277] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  130.262266][ T4277] usb 2-1: Product: syz
[  130.266478][ T4277] usb 2-1: Manufacturer: syz
[  130.271087][ T4277] usb 2-1: SerialNumber: syz
[  131.029126][ T4947] netlink: 12 bytes leftover after parsing attributes in process `syz.3.102'.
[  131.485684][ T4275] EXT4-fs (loop4): unmounting filesystem.
[  131.516251][ T4277] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  131.582392][ T4277] usb 2-1: USB disconnect, device number 4
[  131.644447][ T4277] usblp0: removed
[  131.764226][ T4954] fuse: Bad value for 'group_id'
[  132.725964][ T1264] ieee802154 phy0 wpan0: encryption failed: -22
[  132.732801][ T1264] ieee802154 phy1 wpan1: encryption failed: -22
[  133.478452][ T4965] fuse: Bad value for 'group_id'
[  134.346482][ T4280] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11
[  134.660721][ T4984] netlink: 'syz.1.105': attribute type 4 has an invalid length.
[  135.702573][ T4989] netlink: 'syz.2.112': attribute type 4 has an invalid length.
[  136.032862][ T4997] netlink: 12 bytes leftover after parsing attributes in process `syz.5.114'.
[  137.184416][ T4363] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  137.376660][ T4363] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  137.404702][ T4363] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  137.467935][ T4363] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  137.539543][ T4363] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  137.581828][ T4363] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  137.630909][ T4363] usb 6-1: Product: syz
[  137.646993][ T4363] usb 6-1: Manufacturer: syz
[  137.667537][ T4363] usb 6-1: SerialNumber: syz
[  137.906567][ T4363] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  138.131048][ T5016] fuse: Bad value for 'group_id'
[  139.061728][ T4370] usb 6-1: USB disconnect, device number 2
[  140.002801][ T5018] usblp0: removed
[  141.982161][ T4277] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  142.812003][ T4277] usb 3-1: Using ep0 maxpacket: 32
[  142.818641][ T4277] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  142.962835][ T4277] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  143.094337][ T5056] netlink: 12 bytes leftover after parsing attributes in process `syz.5.125'.
[  143.712865][ T4277] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  143.891768][ T4277] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  143.922136][ T4277] usb 3-1: config 1 has no interface number 0
[  143.932252][ T4277] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  143.968449][ T4277] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.046289][ T4277] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  144.209242][ T4277] snd_usb_pod 3-1:1.1: endpoint not available, using fallback values
[  144.232483][ T4277] snd_usb_pod 3-1:1.1: invalid control EP
[  144.272178][ T4277] snd_usb_pod 3-1:1.1: cannot start listening: -22
[  144.294233][ T4277] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  144.303382][ T4277] snd_usb_pod: probe of 3-1:1.1 failed with error -22
[  144.492095][ T4363] usb 3-1: USB disconnect, device number 6
[  144.619339][ T5065] netlink: 36 bytes leftover after parsing attributes in process `syz.4.127'.
[  144.917296][ T5069] Zero length message leads to an empty skb
[  146.332428][ T5082] fuse: Bad value for 'group_id'
[  147.093580][ T5083] netlink: 'syz.1.131': attribute type 4 has an invalid length.
[  147.662070][ T4277] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  147.947309][ T4277] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  147.965569][ T4277] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  147.975742][ T4277] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  148.010560][ T4277] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  148.080298][ T4277] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  148.132542][ T4277] usb 3-1: Product: syz
[  148.136754][ T4277] usb 3-1: Manufacturer: syz
[  148.151584][ T4277] usb 3-1: SerialNumber: syz
[  148.372854][ T4277] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  148.804339][ T5114] netlink: 12 bytes leftover after parsing attributes in process `syz.5.137'.
[  148.848578][ T5110] loop4: detected capacity change from 0 to 256
[  150.930819][ T4277] usb 3-1: USB disconnect, device number 7
[  150.939055][ T4277] usblp0: removed
[  151.962017][ T4370] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  152.462901][ T4370] usb 5-1: Using ep0 maxpacket: 32
[  152.508481][ T4370] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  152.916888][ T4370] usb 5-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  153.022594][ T4370] usb 5-1: config 1 interface 0 has no altsetting 0
[  153.110562][ T4370] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  153.134862][ T4370] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  153.244550][ T5145] fuse: Bad value for 'group_id'
[  153.942012][ T4370] usb 5-1: SerialNumber: syz
[  153.969121][ T4370] cdc_acm 5-1:1.0: Zero length descriptor references
[  153.975905][ T4370] cdc_acm: probe of 5-1:1.0 failed with error -22
[  155.648536][ T4446] usb 5-1: USB disconnect, device number 2
[  157.276234][ T5180] netlink: 'syz.5.149': attribute type 4 has an invalid length.
[  160.009853][ T5194] device batadv_slave_1 entered promiscuous mode
[  160.911213][ T5190] device batadv_slave_1 left promiscuous mode
[  162.330699][ T5201] fuse: Bad value for 'group_id'
[  162.928545][ T5206] loop5: detected capacity change from 0 to 512
[  162.953868][ T5206] EXT4-fs: Ignoring removed orlov option
[  163.017383][ T5206] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  163.049092][ T5206] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  163.102796][ T5206] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.157: corrupted in-inode xattr
[  163.267236][ T5206] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.157: couldn't read orphan inode 15 (err -117)
[  163.325782][ T5222] fuse: Bad value for 'group_id'
[  163.433640][ T5206] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  164.590817][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  164.912026][ T4446] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  166.393406][ T4446] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  166.409948][ T4446] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  166.435390][ T5239] device batadv_slave_1 entered promiscuous mode
[  166.450694][ T4446] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  166.487916][ T4446] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  168.042010][ T4446] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  168.050134][ T4446] usb 5-1: Product: syz
[  168.054699][ T4446] usb 5-1: Manufacturer: syz
[  168.059319][ T4446] usb 5-1: SerialNumber: syz
[  168.186867][ T4446] usb 5-1: can't set config #1, error -71
[  168.202424][ T5237] device batadv_slave_1 left promiscuous mode
[  168.209655][ T4446] usb 5-1: USB disconnect, device number 3
[  168.630952][ T5256] netlink: 12 bytes leftover after parsing attributes in process `syz.5.163'.
[  169.726740][ T5275] loop4: detected capacity change from 0 to 512
[  169.768427][ T5275] EXT4-fs: Ignoring removed orlov option
[  169.816547][ T5275] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  169.881382][ T5278] netlink: 'syz.2.168': attribute type 4 has an invalid length.
[  169.892648][ T5275] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  169.906320][ T5275] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.171: corrupted in-inode xattr
[  169.940670][ T5275] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.171: couldn't read orphan inode 15 (err -117)
[  170.001574][ T5275] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  170.699588][ T4275] EXT4-fs (loop4): unmounting filesystem.
[  171.192332][ T5291] fuse: Bad value for 'group_id'
[  173.392022][ T4446] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  173.625062][ T4446] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  173.991722][ T4446] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  174.778007][ T4446] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  174.798837][ T4446] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  174.798867][ T4446] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  174.798886][ T4446] usb 6-1: Product: syz
[  174.798899][ T4446] usb 6-1: Manufacturer: syz
[  174.798913][ T4446] usb 6-1: SerialNumber: syz
[  174.976564][ T5298] loop1: detected capacity change from 0 to 40427
[  175.013560][ T4446] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  175.362288][ T4370] usb 6-1: USB disconnect, device number 3
[  176.754968][ T5310] usblp0: removed
[  179.549795][ T5358] fuse: Bad value for 'group_id'
[  183.259238][ T5384] netlink: 'syz.5.190': attribute type 4 has an invalid length.
[  184.556640][ T5396] netlink: 3 bytes leftover after parsing attributes in process `syz.4.192'.
[  185.199815][ T5386] loop2: detected capacity change from 0 to 40427
[  185.247354][ T5386] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff
[  185.281748][ T5386] F2FS-fs (loop2): invalid crc value
[  185.366512][ T5386] F2FS-fs (loop2): Found nat_bits in checkpoint
[  185.442149][ T4309] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  185.569523][ T5386] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  185.638044][ T4309] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  185.682193][ T4309] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  185.722783][ T4309] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  185.773419][ T4309] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  185.812136][ T4309] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  185.840596][ T4309] usb 4-1: Product: syz
[  185.850373][ T4309] usb 4-1: Manufacturer: syz
[  185.865473][ T4309] usb 4-1: SerialNumber: syz
[  186.002040][ T4269] Bluetooth: hci4: command 0x0406 tx timeout
[  186.002088][ T4272] Bluetooth: hci3: command 0x0406 tx timeout
[  186.008150][ T4269] Bluetooth: hci1: command 0x0406 tx timeout
[  186.020611][ T4269] Bluetooth: hci0: command 0x0406 tx timeout
[  186.090399][ T4309] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  186.158580][ T4270] syz-executor: attempt to access beyond end of device
[  186.158580][ T4270] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  186.419381][ T4309] usb 4-1: USB disconnect, device number 4
[  186.540886][ T5435] usblp0: removed
[  188.482266][ T5449] netlink: 3 bytes leftover after parsing attributes in process `syz.1.196'.
[  188.872029][ T5461] netlink: 12 bytes leftover after parsing attributes in process `syz.5.200'.
[  189.521110][ T5466] fuse: Bad value for 'group_id'
[  192.283490][ T5483] loop1: detected capacity change from 0 to 512
[  192.311094][ T5483] EXT4-fs: Ignoring removed orlov option
[  192.342986][ T5483] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  192.377399][ T5483] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  192.424844][ T5483] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.208: corrupted in-inode xattr
[  192.473077][ T5483] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.208: couldn't read orphan inode 15 (err -117)
[  192.504009][ T5483] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  192.930409][ T5493] netlink: 'syz.4.207': attribute type 4 has an invalid length.
[  193.531253][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  193.843380][ T5505] fuse: Bad value for 'group_id'
[  193.932047][ T4445] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  194.169201][ T1264] ieee802154 phy0 wpan0: encryption failed: -22
[  194.177839][ T1264] ieee802154 phy1 wpan1: encryption failed: -22
[  194.873603][ T4445] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  194.902016][ T4445] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  194.932762][ T4445] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  194.979559][ T4445] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  195.012572][ T4445] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  195.039553][ T4445] usb 3-1: Product: syz
[  195.057250][ T4445] usb 3-1: Manufacturer: syz
[  195.075268][ T4445] usb 3-1: SerialNumber: syz
[  195.306972][ T4445] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  195.452815][ T5515] device batadv_slave_1 entered promiscuous mode
[  196.247240][ T5514] device batadv_slave_1 left promiscuous mode
[  197.209313][ T4445] usb 3-1: USB disconnect, device number 8
[  197.249725][ T4445] usblp0: removed
[  197.482231][ T5527] fuse: Bad value for 'group_id'
[  198.373987][ T5532] device bridge1 entered promiscuous mode
[  198.594818][ T5538] loop3: detected capacity change from 0 to 512
[  198.603158][ T5538] EXT4-fs: Ignoring removed orlov option
[  198.624179][ T5538] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  198.644973][ T5538] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  198.655554][ T5538] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.220: corrupted in-inode xattr
[  198.674982][ T5538] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.220: couldn't read orphan inode 15 (err -117)
[  198.690482][ T5538] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  199.559546][ T4273] EXT4-fs (loop3): unmounting filesystem.
[  200.322096][ T4282] Bluetooth: hci5: command 0x1003 tx timeout
[  200.329448][ T4272] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  200.556291][ T5550] netlink: 12 bytes leftover after parsing attributes in process `syz.3.222'.
[  201.311888][ T5561] netlink: 'syz.4.225': attribute type 4 has an invalid length.
[  201.432440][ T5564] netlink: 'syz.4.225': attribute type 4 has an invalid length.
[  201.613966][ T4446] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  201.805844][ T5566] netlink: 'syz.1.223': attribute type 4 has an invalid length.
[  201.823518][ T4446] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  201.841168][ T4446] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  201.924101][ T4446] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  202.019655][ T4446] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  202.091540][ T4446] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  202.122209][ T4446] usb 4-1: Product: syz
[  202.134799][ T4446] usb 4-1: Manufacturer: syz
[  202.139689][ T4446] usb 4-1: SerialNumber: syz
[  202.401528][ T4446] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  202.778266][ T4582] usb 4-1: USB disconnect, device number 5
[  204.029635][ T5572] usblp0: removed
[  204.792356][ T5578] device batadv_slave_1 entered promiscuous mode
[  205.725059][ T5577] device batadv_slave_1 left promiscuous mode
[  206.008232][ T5585] fuse: Bad value for 'group_id'
[  206.482017][ T4272] Bluetooth: hci2: command 0x0406 tx timeout
[  208.471795][ T5603] netlink: 'syz.1.235': attribute type 4 has an invalid length.
[  208.882208][ T4272] Bluetooth: hci5: command 0x1003 tx timeout
[  208.882234][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  209.022368][ T4256] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  209.456193][ T4256] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  209.492837][ T4256] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  209.552801][ T4256] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  209.669885][ T4256] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  209.770626][ T4256] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  209.770643][ T4256] usb 3-1: Product: syz
[  209.770652][ T4256] usb 3-1: Manufacturer: syz
[  209.770659][ T4256] usb 3-1: SerialNumber: syz
[  209.994544][ T4256] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  210.378389][ T4582] usb 3-1: USB disconnect, device number 9
[  210.815662][ T5619] usblp0: removed
[  214.230886][ T5642] input: syz1 as /devices/virtual/input/input10
[  216.752880][ T5657] fuse: Bad value for 'group_id'
[  220.013850][ T5327] Bluetooth: hci5: Frame reassembly failed (-84)
[  220.270761][ T5681] loop1: detected capacity change from 0 to 512
[  220.343685][ T5681] EXT4-fs: Ignoring removed orlov option
[  220.411500][ T5681] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  220.459698][ T5681] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  220.486004][ T5681] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.256: corrupted in-inode xattr
[  220.535160][ T5681] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.256: couldn't read orphan inode 15 (err -117)
[  220.571688][ T5681] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  220.635648][ T5675] loop2: detected capacity change from 0 to 40427
[  220.823210][ T5675] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff
[  220.848016][ T5675] F2FS-fs (loop2): invalid crc value
[  221.263209][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  221.274040][ T5675] F2FS-fs (loop2): Found nat_bits in checkpoint
[  221.446069][ T5691] device batadv_slave_1 entered promiscuous mode
[  221.460608][ T5675] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  222.002029][ T4272] Bluetooth: hci5: command 0x1003 tx timeout
[  222.009413][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  222.339901][ T5690] device batadv_slave_1 left promiscuous mode
[  224.088874][ T5698] loop1: detected capacity change from 0 to 256
[  225.333110][ T5713] device batadv_slave_1 entered promiscuous mode
[  226.964862][ T5712] device batadv_slave_1 left promiscuous mode
[  227.406407][ T5729] fuse: Bad value for 'group_id'
[  231.161519][ T5754] loop1: detected capacity change from 0 to 512
[  231.192861][ T5754] EXT4-fs: Ignoring removed orlov option
[  231.212096][ T5754] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  231.259905][ T5754] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  231.282030][ T5754] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.272: corrupted in-inode xattr
[  231.304820][ T5754] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.272: couldn't read orphan inode 15 (err -117)
[  231.332064][ T5754] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  231.343989][ T5744] loop4: detected capacity change from 0 to 40427
[  231.502306][ T5744] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  231.532104][ T5744] F2FS-fs (loop4): invalid crc value
[  231.575651][ T5744] F2FS-fs (loop4): Found nat_bits in checkpoint
[  232.110764][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  232.162338][ T5744] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  232.568211][ T4275] syz-executor: attempt to access beyond end of device
[  232.568211][ T4275] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  232.699206][ T5773] loop1: detected capacity change from 0 to 512
[  232.727815][ T5773] EXT4-fs: Ignoring removed orlov option
[  232.822065][ T5773] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  232.930706][ T5773] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  233.084688][ T5773] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.277: corrupted in-inode xattr
[  233.191129][ T5773] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.277: couldn't read orphan inode 15 (err -117)
[  233.281425][ T5782] fuse: Bad value for 'group_id'
[  233.999724][ T5773] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  234.213448][ T5778] input: syz1 as /devices/virtual/input/input11
[  234.620471][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  235.533192][ T5802] loop3: detected capacity change from 0 to 512
[  235.582232][ T5802] EXT4-fs: Ignoring removed orlov option
[  235.615538][ T5802] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  235.712015][ T5802] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  235.759692][ T5802] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.283: corrupted in-inode xattr
[  235.815512][ T5802] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.283: couldn't read orphan inode 15 (err -117)
[  235.887207][ T5802] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  237.649881][ T5808] loop1: detected capacity change from 0 to 256
[  237.730610][ T4273] EXT4-fs (loop3): unmounting filesystem.
[  238.020265][ T5811] loop3: detected capacity change from 0 to 512
[  238.073150][ T5811] EXT4-fs: Ignoring removed orlov option
[  238.093975][ T5811] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  238.306844][ T5811] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  238.372300][ T5811] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.285: corrupted in-inode xattr
[  238.389525][ T5811] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.285: couldn't read orphan inode 15 (err -117)
[  238.413234][ T5811] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  238.606823][ T4549] Bluetooth: hci5: Frame reassembly failed (-84)
[  239.003899][ T4273] EXT4-fs (loop3): unmounting filesystem.
[  239.586035][ T5827] netlink: 'syz.3.287': attribute type 4 has an invalid length.
[  239.782013][ T4635] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  239.991994][ T4635] usb 5-1: Using ep0 maxpacket: 16
[  240.012736][ T4635] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  240.079967][ T4635] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  240.131783][ T4635] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  240.193316][ T4635] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.236592][ T4635] usb 5-1: Product: syz
[  240.251773][ T4635] usb 5-1: Manufacturer: syz
[  240.273369][ T4635] usb 5-1: SerialNumber: syz
[  240.299387][ T4635] usb 5-1: config 0 descriptor??
[  240.394295][ T5822] loop5: detected capacity change from 0 to 40427
[  240.437496][ T5822] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x3ffff
[  240.454525][ T5822] F2FS-fs (loop5): invalid crc value
[  240.496105][ T5822] F2FS-fs (loop5): Found nat_bits in checkpoint
[  240.552347][ T5834] netlink: 3 bytes leftover after parsing attributes in process `syz.2.291'.
[  240.641995][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  240.642134][ T4272] Bluetooth: hci5: command 0x1003 tx timeout
[  240.684811][ T5822] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  240.847748][ T4503] syz-executor: attempt to access beyond end of device
[  240.847748][ T4503] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  241.420629][ T5840] device bridge1 entered promiscuous mode
[  241.782248][ T4445] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  242.003758][ T4445] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  242.019754][ T4445] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  242.055352][ T4445] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  242.109911][ T4445] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  242.154892][ T4445] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  242.193590][ T4445] usb 4-1: Product: syz
[  242.208629][ T4445] usb 4-1: Manufacturer: syz
[  242.227954][ T4445] usb 4-1: SerialNumber: syz
[  242.466440][ T4445] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  242.565246][ T5842] loop1: detected capacity change from 0 to 40427
[  242.588438][ T5842] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x3ffff
[  242.641431][ T5842] F2FS-fs (loop1): invalid crc value
[  242.673117][ T5842] F2FS-fs (loop1): Found nat_bits in checkpoint
[  242.855326][ T4445] usb 4-1: USB disconnect, device number 6
[  244.224779][ T5850] usblp0: removed
[  244.937818][ T4635] usb 5-1: USB disconnect, device number 4
[  245.002497][ T5855] device batadv_slave_1 entered promiscuous mode
[  245.870051][ T5854] device batadv_slave_1 left promiscuous mode
[  251.012569][ T5895] fuse: Bad value for 'group_id'
[  253.444512][ T5907] tty tty1: ldisc open failed (-12), clearing slot 0
[  253.451517][ T5908] tty tty2: ldisc open failed (-12), clearing slot 1
[  255.098422][ T5906] loop5: detected capacity change from 0 to 40427
[  255.129569][ T5906] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x3ffff
[  255.249285][ T5917] loop3: detected capacity change from 0 to 256
[  255.776756][ T1264] ieee802154 phy0 wpan0: encryption failed: -22
[  255.783135][ T1264] ieee802154 phy1 wpan1: encryption failed: -22
[  255.810920][ T5906] F2FS-fs (loop5): invalid crc value
[  255.855491][ T5906] F2FS-fs (loop5): Failed to start F2FS issue_checkpoint_thread (-12)
[  256.921516][ T4256] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  257.448832][ T5931] device bridge1 entered promiscuous mode
[  257.889638][ T5941] netlink: 12 bytes leftover after parsing attributes in process `syz.1.313'.
[  258.433587][ T4256] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  258.503902][ T4256] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  258.546120][ T4256] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  258.580657][ T4256] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  258.590932][ T4256] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  258.599744][ T4256] usb 6-1: Product: syz
[  258.604478][ T4256] usb 6-1: Manufacturer: syz
[  258.609225][ T4256] usb 6-1: SerialNumber: syz
[  258.865616][ T5949] fuse: Bad value for 'group_id'
[  258.884682][ T4256] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  259.842848][ T4256] usb 6-1: USB disconnect, device number 4
[  261.272965][ T4256] usblp0: removed
[  261.697418][ T5957] fuse: Bad value for 'group_id'
[  262.840598][ T5964] loop5: detected capacity change from 0 to 256
[  269.684862][ T5997] device bridge2 entered promiscuous mode
[  269.945958][ T6005] netlink: 12 bytes leftover after parsing attributes in process `syz.5.327'.
[  270.459655][ T6003] loop4: detected capacity change from 0 to 512
[  270.516454][ T6003] EXT4-fs: Ignoring removed orlov option
[  270.632038][ T6003] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  270.653005][ T6003] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  270.688906][ T6003] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.331: corrupted in-inode xattr
[  270.702414][ T6003] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.331: couldn't read orphan inode 15 (err -117)
[  270.752112][ T6003] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  271.082134][ T4309] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  271.546468][ T4275] EXT4-fs (loop4): unmounting filesystem.
[  271.632828][ T4309] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  272.305098][ T4309] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  272.315091][ T4309] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  272.348407][ T4309] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  272.363603][ T4309] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  272.371770][ T4309] usb 6-1: Product: syz
[  272.377180][ T4309] usb 6-1: Manufacturer: syz
[  272.381805][ T4309] usb 6-1: SerialNumber: syz
[  272.384114][ T5991] loop2: detected capacity change from 0 to 40427
[  272.563995][ T6019] loop4: detected capacity change from 0 to 512
[  272.582336][ T6019] EXT4-fs: Ignoring removed orlov option
[  272.598295][ T6019] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  272.609747][ T4309] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  272.648505][ T6019] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  272.671110][ T6019] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.334: corrupted in-inode xattr
[  272.735373][ T6019] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.334: couldn't read orphan inode 15 (err -117)
[  272.798705][ T6019] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  274.327693][ T4370] usb 6-1: USB disconnect, device number 5
[  274.558680][ T6028] usblp0: removed
[  277.128571][ T6053] loop5: detected capacity change from 0 to 512
[  277.170366][ T6053] EXT4-fs: Ignoring removed orlov option
[  277.273765][ T6053] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  277.309854][ T6053] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  277.320652][ T6053] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.342: corrupted in-inode xattr
[  277.356456][ T6053] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.342: couldn't read orphan inode 15 (err -117)
[  277.382538][ T4275] EXT4-fs (loop4): unmounting filesystem.
[  277.388806][ T6053] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  278.116055][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  278.831164][ T6065] netlink: 3 bytes leftover after parsing attributes in process `syz.4.343'.
[  281.350242][ T6072] loop2: detected capacity change from 0 to 40427
[  281.407701][ T6072] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff
[  281.429101][ T6072] F2FS-fs (loop2): invalid crc value
[  281.469790][ T6072] F2FS-fs (loop2): Found nat_bits in checkpoint
[  281.749402][ T6072] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  281.906808][ T4270] syz-executor: attempt to access beyond end of device
[  281.906808][ T4270] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  282.642350][ T4445] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  282.776198][ T6108] loop3: detected capacity change from 0 to 256
[  283.424643][ T4445] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  283.448452][ T4445] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  283.467604][ T4445] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  283.483166][ T4445] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  283.572035][ T4445] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  283.585711][ T4445] usb 6-1: Product: syz
[  283.589921][ T4445] usb 6-1: Manufacturer: syz
[  283.594614][ T4445] usb 6-1: SerialNumber: syz
[  283.762119][   T14] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  283.850874][ T4445] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  284.751953][   T14] usb 3-1: Using ep0 maxpacket: 32
[  284.758582][ T6112] input: syz1 as /devices/virtual/input/input14
[  284.762979][   T14] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  284.773442][   T14] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  284.782819][   T14] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  284.795912][ T4370] usb 6-1: USB disconnect, device number 6
[  284.823415][ T4370] usblp0: removed
[  286.228303][   T14] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  286.417421][   T14] usb 3-1: config 1 has no interface number 0
[  286.428269][   T14] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  286.437413][   T14] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.545003][   T14] usb 3-1: can't set config #1, error -71
[  286.555256][   T14] usb 3-1: USB disconnect, device number 10
[  286.934628][ T6127] loop5: detected capacity change from 0 to 512
[  286.993485][ T6127] EXT4-fs: Ignoring removed orlov option
[  287.055948][ T6127] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  287.222915][ T6127] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  287.244733][ T6127] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.363: corrupted in-inode xattr
[  287.292926][ T6127] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.363: couldn't read orphan inode 15 (err -117)
[  287.329928][ T6127] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  287.961001][ T6136] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  288.023711][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  288.532398][ T4309] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  288.723575][ T4309] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  288.747822][ T4309] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  288.791105][ T4309] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  288.870392][ T4309] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  288.914530][ T4309] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  288.969252][ T4309] usb 6-1: Product: syz
[  288.995248][ T4309] usb 6-1: Manufacturer: syz
[  289.014812][ T4309] usb 6-1: SerialNumber: syz
[  289.257509][ T4309] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  289.641508][ T4370] usb 6-1: USB disconnect, device number 7
[  291.038022][ T6153] usblp0: removed
[  291.432812][ T6158] loop4: detected capacity change from 0 to 512
[  291.440344][ T6158] EXT4-fs: Ignoring removed orlov option
[  291.480609][ T6158] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  291.545008][ T6158] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  291.593336][ T6158] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.367: corrupted in-inode xattr
[  291.636033][ T6158] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.367: couldn't read orphan inode 15 (err -117)
[  291.688870][ T6158] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  292.159598][ T6163] device bridge2 entered promiscuous mode
[  292.357463][ T4275] EXT4-fs (loop4): unmounting filesystem.
[  293.844019][   T14] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  294.094541][   T14] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  294.139317][   T14] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  294.214250][   T14] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  294.243682][   T14] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  294.272041][   T14] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  294.300056][   T14] usb 3-1: Product: syz
[  294.308353][   T14] usb 3-1: Manufacturer: syz
[  294.318459][   T14] usb 3-1: SerialNumber: syz
[  294.515829][ T6189] device batadv_slave_1 entered promiscuous mode
[  295.415651][ T6188] device batadv_slave_1 left promiscuous mode
[  295.460923][   T14] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  295.753606][   T14] usb 3-1: USB disconnect, device number 11
[  295.781418][ T6194] loop5: detected capacity change from 0 to 512
[  295.814307][   T14] usblp0: removed
[  295.819322][ T6194] EXT4-fs: Ignoring removed orlov option
[  295.879133][ T6194] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  295.952619][ T6194] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  295.994887][ T6194] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.377: corrupted in-inode xattr
[  296.044852][ T6194] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.377: couldn't read orphan inode 15 (err -117)
[  296.092527][ T6194] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  296.857429][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  301.886308][ T6224] loop5: detected capacity change from 0 to 32768
[  301.976191][ T6224] (syz.5.385,6224,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  302.145880][ T6224] (syz.5.385,6224,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  302.241274][ T6224] JBD2: Ignoring recovery information on journal
[  302.419932][ T6224] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  303.397106][ T6254] loop2: detected capacity change from 0 to 512
[  303.881953][ T6254] EXT4-fs: Ignoring removed orlov option
[  303.999948][ T6254] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  304.302782][ T4503] ocfs2: Unmounting device (7,5) on (node local)
[  304.576255][ T6254] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  304.615223][ T6254] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.393: corrupted in-inode xattr
[  304.670550][ T6254] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.393: couldn't read orphan inode 15 (err -117)
[  304.720052][ T6254] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  305.874338][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  308.339030][ T6275] loop5: detected capacity change from 0 to 512
[  308.462377][ T6275] EXT4-fs: Ignoring removed orlov option
[  308.545838][ T6275] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  308.562822][ T6275] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  308.577678][ T6275] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.394: corrupted in-inode xattr
[  308.601267][ T6275] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.394: couldn't read orphan inode 15 (err -117)
[  308.613897][ T6275] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  308.949754][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  309.024259][ T4446] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  309.103504][ T6283] netlink: 'syz.3.399': attribute type 4 has an invalid length.
[  309.233612][ T4446] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  309.287380][ T4446] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  309.300406][ T4446] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  309.338026][ T4446] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  309.370434][ T4446] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  309.419513][ T4446] usb 2-1: Product: syz
[  309.434500][ T4446] usb 2-1: Manufacturer: syz
[  309.450467][ T4446] usb 2-1: SerialNumber: syz
[  309.741012][ T4446] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  310.219841][ T4370] usb 2-1: USB disconnect, device number 5
[  311.762196][ T6299] usblp0: removed
[  311.883475][ T6298] loop2: detected capacity change from 0 to 32768
[  311.949850][ T6298] (syz.2.404,6298,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  311.990159][ T6298] (syz.2.404,6298,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  312.104677][ T6298] JBD2: Ignoring recovery information on journal
[  312.267593][ T6298] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  312.410613][ T6309] netlink: 12 bytes leftover after parsing attributes in process `syz.4.405'.
[  313.177428][ T4270] ocfs2: Unmounting device (7,2) on (node local)
[  313.422707][ T4445] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  313.653619][ T4445] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  314.379882][ T4445] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  314.403914][ T4445] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  314.440760][ T4445] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  314.456066][ T4445] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  314.465279][ T4445] usb 5-1: Product: syz
[  314.469506][ T4445] usb 5-1: Manufacturer: syz
[  314.707706][ T4445] usb 5-1: SerialNumber: syz
[  315.325767][ T6332] device batadv_slave_1 entered promiscuous mode
[  315.524146][ T4445] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  316.286352][ T6331] device batadv_slave_1 left promiscuous mode
[  317.045888][ T1264] ieee802154 phy0 wpan0: encryption failed: -22
[  317.077272][ T1264] ieee802154 phy1 wpan1: encryption failed: -22
[  318.287796][ T4445] usb 5-1: USB disconnect, device number 5
[  318.493224][ T4445] usblp0: removed
[  319.247698][ T4370] kernel write not supported for file /input/event2 (pid: 4370 comm: kworker/1:5)
[  319.953323][ T6354] loop5: detected capacity change from 0 to 256
[  320.828892][ T6357] netlink: 12 bytes leftover after parsing attributes in process `syz.1.416'.
[  324.127393][ T6380] netlink: 3 bytes leftover after parsing attributes in process `syz.5.423'.
[  324.301920][ T4370] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  324.486458][ T6381] device bridge3 entered promiscuous mode
[  324.520658][ T6388] device batadv_slave_1 entered promiscuous mode
[  324.529217][ T4370] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  324.549149][ T4370] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  325.420106][ T6387] device batadv_slave_1 left promiscuous mode
[  326.199664][ T4370] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  326.286497][ T4370] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  327.333279][ T4370] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  327.380160][ T4370] usb 5-1: Product: syz
[  327.388120][ T4370] usb 5-1: Manufacturer: syz
[  327.400409][ T4370] usb 5-1: SerialNumber: syz
[  327.423843][ T4370] usb 5-1: can't set config #1, error -71
[  327.443057][ T4370] usb 5-1: USB disconnect, device number 6
[  327.931919][ T4370] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  328.186667][ T4370] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  329.228173][ T4370] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  329.228200][ T4370] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  329.238298][ T4370] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  329.238327][ T4370] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  329.238345][ T4370] usb 3-1: Product: syz
[  329.238357][ T4370] usb 3-1: Manufacturer: syz
[  329.238364][ T4370] usb 3-1: SerialNumber: syz
[  329.448551][ T4370] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  329.792188][ T4445] usb 3-1: USB disconnect, device number 12
[  329.870145][ T6424] usblp0: removed
[  331.924728][ T6429] loop2: detected capacity change from 0 to 512
[  331.964269][ T6429] EXT4-fs: Ignoring removed orlov option
[  332.002079][ T6429] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  332.042043][ T6429] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  332.077564][ T6429] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.440: corrupted in-inode xattr
[  332.120647][ T6429] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.440: couldn't read orphan inode 15 (err -117)
[  332.140570][ T6422] loop4: detected capacity change from 0 to 40427
[  332.147657][ T6429] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  332.171092][ T6422] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  332.222279][   T22] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  332.268928][ T6422] F2FS-fs (loop4): invalid crc value
[  332.290934][ T6433] loop3: detected capacity change from 0 to 512
[  332.303346][ T6433] EXT4-fs: Ignoring removed orlov option
[  332.314308][ T6433] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  332.331771][ T6422] F2FS-fs (loop4): Found nat_bits in checkpoint
[  332.380606][ T6433] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  332.395144][ T6433] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.442: corrupted in-inode xattr
[  332.402046][ T6422] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  332.418197][ T6433] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.442: couldn't read orphan inode 15 (err -117)
[  332.434044][   T22] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  332.438925][ T6433] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  332.459245][   T22] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  332.495948][   T22] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  332.532336][   T22] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  332.551633][   T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  332.562110][   T22] usb 2-1: Product: syz
[  332.566367][   T22] usb 2-1: Manufacturer: syz
[  332.571077][   T22] usb 2-1: SerialNumber: syz
[  332.592704][ T4275] syz-executor: attempt to access beyond end of device
[  332.592704][ T4275] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  332.706858][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  332.782893][   T22] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  333.131496][ T4449] usb 2-1: USB disconnect, device number 6
[  333.332810][ T6446] usblp0: removed
[  334.538914][ T4273] EXT4-fs (loop3): unmounting filesystem.
[  334.831933][ T4370] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  335.519588][ T6462] loop2: detected capacity change from 0 to 512
[  335.520450][ T6462] EXT4-fs: Ignoring removed orlov option
[  335.532116][ T6462] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  335.542709][ T6462] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  335.598252][ T4370] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  335.627492][ T4370] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  335.640497][ T6462] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.450: corrupted in-inode xattr
[  335.667731][ T6462] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.450: couldn't read orphan inode 15 (err -117)
[  335.685115][ T4370] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  335.732311][ T6462] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  335.780197][ T4370] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  335.932803][ T4370] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  335.941123][ T4370] usb 6-1: Product: syz
[  335.945796][ T4370] usb 6-1: Manufacturer: syz
[  335.962379][ T4370] usb 6-1: SerialNumber: syz
[  336.236777][ T4370] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  338.183560][ T4370] usb 6-1: USB disconnect, device number 8
[  338.191211][ T4370] usblp0: removed
[  338.210992][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  338.467878][ T6467] loop1: detected capacity change from 0 to 32768
[  338.496413][ T6467] (syz.1.451,6467,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  338.524403][ T6467] (syz.1.451,6467,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  338.566455][ T6467] JBD2: Ignoring recovery information on journal
[  338.687598][ T6467] JBD2: recovery failed
[  338.692932][ T4445] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  338.720099][ T6467] (syz.1.451,6467,0):ocfs2_journal_load:1134 ERROR: Failed to load journal!
[  338.738380][ T6467] (syz.1.451,6467,1):ocfs2_check_volume:2433 ERROR: ocfs2 journal load failed! -5
[  338.748356][ T6467] (syz.1.451,6467,1):ocfs2_check_volume:2489 ERROR: status = -5
[  338.756856][ T6467] (syz.1.451,6467,1):ocfs2_mount_volume:1821 ERROR: status = -5
[  338.799581][ T6467] (syz.1.451,6467,1):ocfs2_fill_super:1176 ERROR: status = -5
[  338.891959][ T4445] usb 3-1: Using ep0 maxpacket: 16
[  338.900143][ T4445] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  338.933884][ T4445] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  338.963355][ T4445] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.981650][ T4445] usb 3-1: Product: syz
[  338.991775][ T4445] usb 3-1: Manufacturer: syz
[  339.022302][ T4445] usb 3-1: SerialNumber: syz
[  339.051115][ T4445] usb 3-1: config 0 descriptor??
[  339.196261][ T6478] loop4: detected capacity change from 0 to 40427
[  339.219596][ T6478] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  339.255219][ T6478] F2FS-fs (loop4): invalid crc value
[  339.317069][ T6478] F2FS-fs (loop4): Found nat_bits in checkpoint
[  339.625507][ T6494] netlink: 'syz.3.457': attribute type 4 has an invalid length.
[  339.675692][ T6478] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  339.799206][ T4275] syz-executor: attempt to access beyond end of device
[  339.799206][ T4275] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  341.541937][ T4370] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  341.706875][ T6511] device batadv_slave_1 entered promiscuous mode
[  341.735629][ T6510] device batadv_slave_1 left promiscuous mode
[  341.747378][ T4370] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  341.787239][ T4370] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  341.846949][ T4370] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  342.110283][ T4370] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  342.129633][ T4370] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  342.147235][ T4370] usb 4-1: Product: syz
[  342.168302][ T4370] usb 4-1: Manufacturer: syz
[  342.168385][ T4370] usb 4-1: SerialNumber: syz
[  342.385993][ T4370] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  342.577415][ T4370] usb 3-1: USB disconnect, device number 13
[  342.715458][ T4309] usb 4-1: USB disconnect, device number 7
[  344.099518][ T6520] usblp0: removed
[  344.536381][ T6523] 9pnet_fd: Insufficient options for proto=fd
[  346.066421][ T6526] loop4: detected capacity change from 0 to 32768
[  346.155464][ T6526] (syz.4.466,6526,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  346.240700][ T6526] (syz.4.466,6526,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  346.303193][ T6538] loop5: detected capacity change from 0 to 512
[  346.310319][ T6538] EXT4-fs: Ignoring removed orlov option
[  346.359459][ T6526] JBD2: Ignoring recovery information on journal
[  346.366360][ T6538] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  346.417058][ T6538] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  346.467424][ T6538] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.470: corrupted in-inode xattr
[  346.471609][ T6526] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  346.496814][ T6538] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.470: couldn't read orphan inode 15 (err -117)
[  346.558813][ T6538] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  346.861991][ T4445] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  347.572447][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  347.583783][ T6526] ocfs2: Unmounting device (7,4) on (node local)
[  347.632481][ T6554] input: syz1 as /devices/virtual/input/input16
[  347.682088][ T4445] usb 4-1: Using ep0 maxpacket: 32
[  347.688741][ T4445] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  347.725144][ T4445] usb 4-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  347.770615][ T4445] usb 4-1: config 1 interface 0 has no altsetting 0
[  348.741327][ T4445] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  348.774865][ T4445] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  348.912084][ T4445] usb 4-1: SerialNumber: syz
[  348.934328][ T4445] cdc_acm 4-1:1.0: Zero length descriptor references
[  348.946625][ T4445] cdc_acm: probe of 4-1:1.0 failed with error -22
[  349.084268][ T6561] loop2: detected capacity change from 0 to 512
[  349.101406][ T6561] EXT4-fs: Ignoring removed orlov option
[  349.120969][ T6561] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  349.138310][ T4445] usb 4-1: USB disconnect, device number 8
[  349.319684][ T6561] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  349.498207][ T6566] loop4: detected capacity change from 0 to 512
[  349.505941][ T6561] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.473: corrupted in-inode xattr
[  349.596854][ T6566] EXT4-fs: Ignoring removed orlov option
[  349.656130][ T6566] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  349.701374][ T6561] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.473: couldn't read orphan inode 15 (err -117)
[  349.848251][ T6566] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  349.921063][ T6561] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  350.102211][ T6566] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.475: corrupted in-inode xattr
[  350.182848][ T6566] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.475: couldn't read orphan inode 15 (err -117)
[  350.211596][ T6566] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  351.202943][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  352.123254][ T4275] EXT4-fs (loop4): unmounting filesystem.
[  352.268887][ T6578] loop5: detected capacity change from 0 to 512
[  352.402956][ T6578] EXT4-fs: Ignoring removed orlov option
[  352.461768][ T6578] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  354.042260][ T6578] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  354.410332][ T6578] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.477: corrupted in-inode xattr
[  354.616494][ T6578] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.477: couldn't read orphan inode 15 (err -117)
[  354.674793][ T6578] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  354.851091][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  355.119240][ T6601] loop5: detected capacity change from 0 to 512
[  355.130766][ T6601] EXT4-fs: Ignoring removed orlov option
[  355.141277][ T6601] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  355.148134][ T6601] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  355.149094][ T6601] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.484: corrupted in-inode xattr
[  355.149354][ T6601] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.484: couldn't read orphan inode 15 (err -117)
[  355.149529][ T6601] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  356.173513][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  357.852374][ T4309] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  358.003400][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  358.007391][ T6613] loop4: detected capacity change from 0 to 32768
[  358.072156][ T4309] usb 3-1: Using ep0 maxpacket: 32
[  358.084351][ T4309] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  358.119028][ T4309] usb 3-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  358.439679][ T6613] (syz.4.486,6613,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  358.830495][ T6613] (syz.4.486,6613,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  358.965881][ T4309] usb 3-1: config 1 interface 0 has no altsetting 0
[  359.027331][ T6613] JBD2: Ignoring recovery information on journal
[  359.060540][ T4309] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  359.393636][ T4309] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  359.422647][ T4309] usb 3-1: SerialNumber: syz
[  359.427163][ T6613] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  359.438262][ T4309] cdc_acm 3-1:1.0: Zero length descriptor references
[  359.438290][ T4309] cdc_acm: probe of 3-1:1.0 failed with error -22
[  359.628872][ T6631] loop5: detected capacity change from 0 to 512
[  359.655722][   T22] usb 3-1: USB disconnect, device number 14
[  360.412025][ T6613] loop4: detected capacity change from 32768 to 0
[  360.423019][ T6631] EXT4-fs: Ignoring removed orlov option
[  360.429418][ T6631] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  360.436032][    C1] I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  360.507474][ T6631] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  360.550089][ T6631] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.490: corrupted in-inode xattr
[  360.563051][ T6631] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.490: couldn't read orphan inode 15 (err -117)
[  361.339670][ T6631] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  361.487536][   T11] loop: Write error at byte offset 9223372036855068671, length 512.
[  361.551967][   T11] loop: Write error at byte offset 9223372036855068671, length 512.
[  361.573066][   T11] loop: Write error at byte offset 9223372036855068671, length 512.
[  361.591311][   T11] loop: Write error at byte offset 9223372036855068671, length 512.
[  361.605499][   T11] loop: Write error at byte offset 9223372036855068671, length 512.
[  361.631143][   T11] loop: Write error at byte offset 9223372036855068671, length 512.
[  361.647255][   T11] loop: Write error at byte offset 9223372036855068671, length 512.
[  361.659499][    C0] I/O error, dev loop4, sector 572 op 0x1:(WRITE) flags 0x9800 phys_seg 7 prio class 2
[  361.669666][ T6626] Aborting journal on device loop4-29.
[  361.684340][   T11] loop: Write error at byte offset 9223372036855058431, length 512.
[  362.036857][    C1] I/O error, dev loop4, sector 552 op 0x1:(WRITE) flags 0x9800 phys_seg 1 prio class 2
[  362.046621][    C1] Buffer I/O error on dev loop4, logical block 552, lost sync page write
[  362.055126][ T6626] JBD2: I/O error when updating journal superblock for loop4-29.
[  362.082826][ T6613] (syz.4.486,6613,0):ocfs2_start_trans:381 ERROR: status = -30
[  362.372783][ T6613] OCFS2: abort (device loop4): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal
[  362.464733][ T6613] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  362.474888][ T6613] OCFS2: Returning error to the calling process.
[  362.481332][ T6613] (syz.4.486,6613,1):ocfs2_modify_bh:105 ERROR: status = -30
[  362.489979][ T6613] (syz.4.486,6613,1):ocfs2_local_free_info:856 ERROR: status = -30
[  362.570827][ T6613] (syz.4.486,6613,0):ocfs2_start_trans:381 ERROR: status = -30
[  362.601103][ T6613] OCFS2: abort (device loop4): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal
[  362.645876][ T6613] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  362.679089][ T6613] OCFS2: Returning error to the calling process.
[  362.699103][ T6613] (syz.4.486,6613,0):ocfs2_modify_bh:105 ERROR: status = -30
[  362.740590][ T6613] (syz.4.486,6613,0):ocfs2_local_free_info:856 ERROR: status = -30
[  362.767096][    C0] I/O error, dev loop4, sector 23 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  362.776796][ T6613] (syz.4.486,6613,0):ocfs2_assign_bh:2414 ERROR: status = -5
[  362.794092][ T6613] (syz.4.486,6613,0):ocfs2_inode_lock_full_nested:2509 ERROR: status = -5
[  362.808654][ T6613] (syz.4.486,6613,0):ocfs2_shutdown_local_alloc:411 ERROR: status = -5
[  362.819468][   T34] loop: Write error at byte offset 9223372036863447039, length 512.
[  362.829886][    C0] I/O error, dev loop4, sector 16936 op 0x1:(WRITE) flags 0x0 phys_seg 1 prio class 2
[  362.839526][    C0] Buffer I/O error on dev loop4, logical block 16936, lost sync page write
[  362.849060][ T6613] (syz.4.486,6613,0):ocfs2_write_block:78 ERROR: status = -5
[  362.857927][ T6613] (syz.4.486,6613,0):ocfs2_update_disk_slot:199 ERROR: status = -5
[  363.646745][ T6613] (syz.4.486,6613,1):ocfs2_put_slot:517 ERROR: status = -5
[  363.655355][ T6613] (syz.4.486,6613,1):ocfs2_journal_shutdown:1074 ERROR: status = -5
[  363.666322][ T6613] ocfs2: Unmounting device (7,4) on (node local)
[  363.798847][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  363.950663][ T6659] 9pnet_fd: Insufficient options for proto=fd
[  364.147579][ T6651] loop2: detected capacity change from 0 to 40427
[  364.155963][ T6651] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff
[  364.161930][ T5621] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  364.180809][ T6651] F2FS-fs (loop2): invalid crc value
[  364.190061][ T6651] F2FS-fs (loop2): Found nat_bits in checkpoint
[  364.261960][   T22] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  364.317736][ T6651] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  364.352151][ T5621] usb 2-1: Using ep0 maxpacket: 16
[  364.365682][ T5621] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  364.434032][ T5621] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  364.462180][   T22] usb 5-1: Using ep0 maxpacket: 32
[  364.469627][   T22] usb 5-1: config index 0 descriptor too short (expected 35577, got 27)
[  364.483141][ T5621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.493539][   T22] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  364.505594][ T4270] syz-executor: attempt to access beyond end of device
[  364.505594][ T4270] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  364.505823][ T5621] usb 2-1: Product: syz
[  364.524663][   T22] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92
[  364.534257][   T22] usb 5-1: config 1 has no interface number 0
[  364.556127][ T5621] usb 2-1: Manufacturer: syz
[  364.570628][   T22] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 17
[  364.600640][ T5621] usb 2-1: SerialNumber: syz
[  364.630518][ T5621] usb 2-1: config 0 descriptor??
[  364.662149][   T22] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  364.672140][   T22] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.712845][   T22] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found
[  366.312115][   T22] snd_usb_pod 5-1:1.1: endpoint not available, using fallback values
[  366.369158][   T22] snd_usb_pod 5-1:1.1: invalid control EP
[  366.391986][   T22] snd_usb_pod 5-1:1.1: cannot start listening: -22
[  366.446499][   T22] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected
[  366.545477][   T22] snd_usb_pod: probe of 5-1:1.1 failed with error -22
[  366.620396][   T22] usb 5-1: USB disconnect, device number 7
[  369.598254][ T6688] input: syz1 as /devices/virtual/input/input17
[  370.250239][   T22] usb 2-1: USB disconnect, device number 7
[  370.390544][ T6697] netlink: 3 bytes leftover after parsing attributes in process `syz.4.506'.
[  370.471469][ T6694] loop2: detected capacity change from 0 to 32768
[  370.493715][ T6694] (syz.2.508,6694,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  370.585868][ T6694] (syz.2.508,6694,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  370.654441][ T6694] JBD2: Ignoring recovery information on journal
[  370.751760][ T6694] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  370.864694][ T6694] loop2: detected capacity change from 32768 to 0
[  370.989610][    C0] I/O error, dev loop2, sector 23 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  370.999328][ T6708] (syz.2.508,6708,0):ocfs2_assign_bh:2414 ERROR: status = -5
[  371.016803][ T6708] (syz.2.508,6708,0):ocfs2_inode_lock_full_nested:2509 ERROR: status = -5
[  371.034709][ T6699] device bridge4 entered promiscuous mode
[  371.040561][ T6708] (syz.2.508,6708,0):ocfs2_shutdown_local_alloc:411 ERROR: status = -5
[  371.055835][ T4458] loop: Write error at byte offset 9223372036863447039, length 512.
[  371.086254][    C0] I/O error, dev loop2, sector 16936 op 0x1:(WRITE) flags 0x0 phys_seg 1 prio class 2
[  371.095886][    C0] Buffer I/O error on dev loop2, logical block 16936, lost sync page write
[  371.104699][ T6708] (syz.2.508,6708,0):ocfs2_write_block:78 ERROR: status = -5
[  371.116145][ T6708] (syz.2.508,6708,0):ocfs2_update_disk_slot:199 ERROR: status = -5
[  371.131548][ T6708] (syz.2.508,6708,0):ocfs2_put_slot:517 ERROR: status = -5
[  371.150698][ T4458] loop: Write error at byte offset 9223372036855068671, length 512.
[  371.161443][ T4458] loop: Write error at byte offset 9223372036855068671, length 512.
[  371.184683][ T4458] loop: Write error at byte offset 9223372036855068671, length 512.
[  371.215435][ T4458] loop: Write error at byte offset 9223372036855068671, length 512.
[  371.235539][ T4458] loop: Write error at byte offset 9223372036855068671, length 512.
[  371.263818][ T4458] loop: Write error at byte offset 9223372036855068671, length 512.
[  371.297410][ T4458] loop: Write error at byte offset 9223372036855068671, length 512.
[  371.312979][ T4458] loop: Write error at byte offset 9223372036855068671, length 512.
[  371.331360][ T4458] loop: Write error at byte offset 9223372036855068671, length 512.
[  371.351678][    C0] I/O error, dev loop2, sector 572 op 0x1:(WRITE) flags 0x9800 phys_seg 9 prio class 2
[  371.361776][ T6707] Aborting journal on device loop2-29.
[  371.377047][    C0] I/O error, dev loop2, sector 552 op 0x1:(WRITE) flags 0x9800 phys_seg 1 prio class 2
[  371.386773][    C0] Buffer I/O error on dev loop2, logical block 552, lost sync page write
[  371.400876][ T6707] JBD2: I/O error when updating journal superblock for loop2-29.
[  371.422177][ T6708] (syz.2.508,6708,0):ocfs2_journal_shutdown:1074 ERROR: status = -5
[  371.434749][ T6708] ocfs2: Unmounting device (7,2) on (node local)
[  374.007129][ T4363] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  374.103911][ T6726] netlink: 12 bytes leftover after parsing attributes in process `syz.3.514'.
[  374.721931][ T4363] usb 2-1: Using ep0 maxpacket: 32
[  374.730648][ T4363] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  374.813969][ T4363] usb 2-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  374.860374][ T4363] usb 2-1: config 1 interface 0 has no altsetting 0
[  374.894949][ T4363] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  374.917344][ T4363] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  374.973706][ T4363] usb 2-1: SerialNumber: syz
[  374.995119][ T4363] cdc_acm 2-1:1.0: Zero length descriptor references
[  375.012519][ T4363] cdc_acm: probe of 2-1:1.0 failed with error -22
[  375.096898][ T6720] loop4: detected capacity change from 0 to 40427
[  375.108203][ T6730] loop2: detected capacity change from 0 to 512
[  375.116310][ T6730] EXT4-fs: Ignoring removed orlov option
[  375.123788][ T6720] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  375.152011][ T5621] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  375.156922][ T6720] F2FS-fs (loop4): invalid crc value
[  375.168680][ T6730] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  375.188695][ T6720] F2FS-fs (loop4): Found nat_bits in checkpoint
[  375.198326][ T4363] usb 2-1: USB disconnect, device number 8
[  375.236248][ T6730] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  375.358573][ T6730] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.516: corrupted in-inode xattr
[  375.547419][ T6730] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.516: couldn't read orphan inode 15 (err -117)
[  375.846420][ T6730] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  376.054230][ T6720] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  376.213628][ T5621] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  376.231902][ T5621] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  376.247085][ T5621] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  376.338991][ T4275] syz-executor: attempt to access beyond end of device
[  376.338991][ T4275] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  376.838540][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  377.070999][ T5621] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  377.103481][ T5621] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  377.111733][ T5621] usb 4-1: Product: syz
[  377.115991][ T5621] usb 4-1: Manufacturer: syz
[  377.120597][ T5621] usb 4-1: SerialNumber: syz
[  377.345861][ T5621] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  377.632008][ T5621] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  378.483864][ T1264] ieee802154 phy0 wpan0: encryption failed: -22
[  378.490191][ T1264] ieee802154 phy1 wpan1: encryption failed: -22
[  379.045300][   T22] usb 4-1: USB disconnect, device number 9
[  379.119021][ T6755] usblp0: removed
[  379.236259][ T5621] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  379.331692][ T5621] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  379.446199][ T5621] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  379.719308][ T5621] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  379.719326][ T5621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  379.719337][ T5621] usb 2-1: Product: syz
[  379.719344][ T5621] usb 2-1: Manufacturer: syz
[  379.719352][ T5621] usb 2-1: SerialNumber: syz
[  379.759873][ T6760] input: syz1 as /devices/virtual/input/input19
[  379.962992][ T5621] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  380.281972][ T4445] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  380.764193][ T4309] usb 2-1: USB disconnect, device number 9
[  381.883283][ T4445] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  381.903565][ T4445] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  381.922176][ T6749] usblp0: removed
[  381.948009][ T4445] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  382.176021][ T4445] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  382.195310][ T4445] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  382.215367][ T4445] usb 4-1: Product: syz
[  382.230892][ T4445] usb 4-1: Manufacturer: syz
[  382.250061][ T4445] usb 4-1: SerialNumber: syz
[  382.490464][ T4445] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  382.759693][ T6776] netlink: 12 bytes leftover after parsing attributes in process `syz.1.525'.
[  383.566930][ T4309] usb 4-1: USB disconnect, device number 10
[  384.973554][ T6779] usblp0: removed
[  385.776818][ T6790] device bridge3 entered promiscuous mode
[  386.419155][ T6796] input: syz1 as /devices/virtual/input/input20
[  386.991913][  T128] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  387.181884][  T128] usb 2-1: Using ep0 maxpacket: 32
[  387.188965][  T128] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  387.191608][ T6791] loop2: detected capacity change from 0 to 40427
[  387.222753][  T128] usb 2-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  387.236989][  T128] usb 2-1: config 1 interface 0 has no altsetting 0
[  387.241522][ T6791] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff
[  387.255648][  T128] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  387.285956][  T128] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  387.291304][ T6791] F2FS-fs (loop2): invalid crc value
[  387.319316][  T128] usb 2-1: SerialNumber: syz
[  387.341186][  T128] cdc_acm 2-1:1.0: Zero length descriptor references
[  387.348175][  T128] cdc_acm: probe of 2-1:1.0 failed with error -22
[  387.448849][ T6791] F2FS-fs (loop2): Found nat_bits in checkpoint
[  387.548524][  T128] usb 2-1: USB disconnect, device number 10
[  387.613879][ T6791] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  387.936443][ T4270] syz-executor: attempt to access beyond end of device
[  387.936443][ T4270] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  388.937201][ T6826] netlink: 12 bytes leftover after parsing attributes in process `syz.3.537'.
[  392.038583][ T4309] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  393.652426][ T4309] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  394.141890][ T4309] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  394.155844][ T4309] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  394.193664][ T4309] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  394.211968][ T4309] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  394.220939][ T4309] usb 5-1: Product: syz
[  394.225951][ T4309] usb 5-1: Manufacturer: syz
[  394.230959][ T4309] usb 5-1: SerialNumber: syz
[  394.459474][ T4309] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  394.478229][ T6854] loop1: detected capacity change from 0 to 512
[  394.512724][ T6854] EXT4-fs: Ignoring removed orlov option
[  394.539405][ T6854] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  394.593216][ T6854] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  394.672074][ T6854] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.545: corrupted in-inode xattr
[  394.872805][ T4445] usb 5-1: USB disconnect, device number 8
[  396.224743][ T4445] usblp0: removed
[  396.714881][ T6854] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.545: couldn't read orphan inode 15 (err -117)
[  396.733130][ T6854] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  397.606018][ T6852] loop5: detected capacity change from 0 to 16
[  397.665215][ T6852] erofs: (device loop5): EXPERIMENTAL compressed inline data feature in use. Use at your own risk!
[  397.718453][ T6852] erofs: (device loop5): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  397.737646][ T6852] erofs: (device loop5): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  397.762084][ T4370] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  397.770757][ T6852] erofs: (device loop5): erofs_read_inode: bogus i_mode (0) @ nid 58320
[  397.961915][ T4370] usb 5-1: Using ep0 maxpacket: 32
[  397.969567][ T4370] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  398.059018][ T4370] usb 5-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  398.119011][ T4370] usb 5-1: config 1 interface 0 has no altsetting 0
[  398.147702][ T4370] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  398.190373][ T4370] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  398.225680][ T4370] usb 5-1: SerialNumber: syz
[  398.241482][ T6873] 9pnet_fd: Insufficient options for proto=fd
[  398.258308][ T4370] cdc_acm 5-1:1.0: Zero length descriptor references
[  398.285613][ T4370] cdc_acm: probe of 5-1:1.0 failed with error -22
[  398.457590][ T4370] usb 5-1: USB disconnect, device number 9
[  399.015879][ T6876] netlink: 3 bytes leftover after parsing attributes in process `syz.3.549'.
[  399.198365][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  399.797659][ T6890] netlink: 'syz.4.553': attribute type 4 has an invalid length.
[  400.081357][ T6895] input: syz1 as /devices/virtual/input/input22
[  400.261929][ T4309] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  400.463450][ T4309] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  400.495856][ T4309] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  400.542298][ T4309] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  400.618955][ T4309] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  400.684160][ T4309] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  400.724733][ T4309] usb 6-1: Product: syz
[  400.728912][ T4309] usb 6-1: Manufacturer: syz
[  400.762330][ T4309] usb 6-1: SerialNumber: syz
[  401.029086][ T4309] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  401.513506][   T41] usb 6-1: USB disconnect, device number 9
[  402.913501][   T41] usblp0: removed
[  403.900363][ T6906] input: syz1 as /devices/virtual/input/input23
[  405.443254][ T6920] fuse: Unknown parameter 'grou'
[  406.585741][ T6916] loop4: detected capacity change from 0 to 40427
[  406.598576][ T6916] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  406.613511][ T6916] F2FS-fs (loop4): invalid crc value
[  406.698849][ T6928] input: syz1 as /devices/virtual/input/input24
[  406.710618][ T6916] F2FS-fs (loop4): Found nat_bits in checkpoint
[  407.392225][ T6916] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  407.471690][ T4275] syz-executor: attempt to access beyond end of device
[  407.471690][ T4275] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  407.632187][ T4445] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  407.640736][ T6936] 9pnet_fd: Insufficient options for proto=fd
[  407.841900][ T4445] usb 2-1: Using ep0 maxpacket: 32
[  407.848783][ T4445] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  407.886363][ T4445] usb 2-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  407.917656][ T4445] usb 2-1: config 1 interface 0 has no altsetting 0
[  408.845658][ T4445] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  408.862096][ T4445] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  408.870344][ T4445] usb 2-1: SerialNumber: syz
[  408.889675][ T4445] cdc_acm 2-1:1.0: Zero length descriptor references
[  408.950858][ T4445] cdc_acm: probe of 2-1:1.0 failed with error -22
[  409.090746][ T4445] usb 2-1: USB disconnect, device number 11
[  410.020970][ T6951] device batadv_slave_1 entered promiscuous mode
[  410.960296][ T6950] device batadv_slave_1 left promiscuous mode
[  410.994014][ T4269] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11
[  411.381400][ T6958] loop1: detected capacity change from 0 to 512
[  411.404007][ T6958] EXT4-fs: Ignoring removed orlov option
[  412.328117][ T6958] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  412.651287][ T6964] fuse: Unknown parameter 'grou'
[  412.832577][ T6958] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  412.857689][ T6958] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.571: corrupted in-inode xattr
[  412.965147][ T6958] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.571: couldn't read orphan inode 15 (err -117)
[  413.133941][ T6958] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  413.893324][ T6973] loop4: detected capacity change from 0 to 40427
[  413.911958][ T4309] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  413.933684][ T6973] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  413.948000][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  414.099651][ T6973] F2FS-fs (loop4): invalid crc value
[  414.154450][ T4309] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  414.174671][ T6973] F2FS-fs (loop4): Found nat_bits in checkpoint
[  414.175102][ T4309] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  414.284518][ T4309] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  414.349463][ T4309] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  414.372936][ T4309] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  414.381230][ T4309] usb 6-1: Product: syz
[  414.401525][ T4309] usb 6-1: Manufacturer: syz
[  414.406426][ T6973] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  414.410237][ T4309] usb 6-1: SerialNumber: syz
[  414.556476][ T6986] netlink: 3 bytes leftover after parsing attributes in process `syz.2.574'.
[  414.594337][ T4275] syz-executor: attempt to access beyond end of device
[  414.594337][ T4275] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  414.657141][ T4309] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  414.751961][ T4370] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  414.942062][ T4370] usb 2-1: Using ep0 maxpacket: 32
[  414.958205][ T4370] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  416.467617][ T4370] usb 2-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  416.584619][ T2960] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[  416.610148][ T4370] usb 2-1: config 1 interface 0 has no altsetting 0
[  416.634241][   T41] usb 6-1: USB disconnect, device number 10
[  416.643268][ T4370] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  416.762296][ T6977] usblp0: removed
[  416.784315][ T4370] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  416.816621][ T4370] usb 2-1: SerialNumber: syz
[  416.878581][ T4370] cdc_acm 2-1:1.0: Zero length descriptor references
[  416.890935][ T6992] device bridge4 entered promiscuous mode
[  416.905224][ T4370] cdc_acm: probe of 2-1:1.0 failed with error -22
[  417.020907][ T7000] device bridge1 entered promiscuous mode
[  417.050549][ T4370] usb 2-1: USB disconnect, device number 12
[  417.637227][ T7009] netlink: 3 bytes leftover after parsing attributes in process `syz.2.582'.
[  418.061944][  T128] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  418.914423][  T128] usb 4-1: Using ep0 maxpacket: 8
[  418.920986][  T128] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  418.945403][  T128] usb 4-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  418.990905][  T128] usb 4-1: config 179 has no interface number 0
[  419.008725][  T128] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  419.068774][  T128] usb 4-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  419.125666][  T128] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  419.142304][  T128] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.116482][ T4449] usb 4-1: USB disconnect, device number 11
[  420.949583][ T7035] fuse: Unknown parameter 'group_'
[  422.110369][ T7043] netlink: 'syz.1.587': attribute type 10 has an invalid length.
[  422.362076][ T7043] batman_adv: batadv0: Adding interface: team0
[  422.368296][ T7043] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  422.393458][    C0] vkms_vblank_simulate: vblank timer overrun
[  422.402818][ T7043] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  423.360729][ T7052] loop4: detected capacity change from 0 to 16
[  423.701578][ T7037] loop3: detected capacity change from 0 to 40427
[  423.727071][ T7037] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x3ffff
[  423.777869][ T7037] F2FS-fs (loop3): invalid crc value
[  423.855324][ T7037] F2FS-fs (loop3): Found nat_bits in checkpoint
[  424.000885][ T7037] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  424.225022][ T4273] syz-executor: attempt to access beyond end of device
[  424.225022][ T4273] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  424.266998][ T7052] erofs: (device loop4): EXPERIMENTAL compressed inline data feature in use. Use at your own risk!
[  424.364497][ T7052] erofs: (device loop4): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  424.431748][ T7052] erofs: (device loop4): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  424.489689][ T7052] erofs: (device loop4): erofs_read_inode: bogus i_mode (0) @ nid 58320
[  424.591995][ T4449] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  424.812043][ T4449] usb 2-1: Using ep0 maxpacket: 32
[  424.831036][ T4449] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  424.866988][ T4449] usb 2-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  424.910475][ T4449] usb 2-1: config 1 interface 0 has no altsetting 0
[  424.967425][ T4449] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  425.016167][ T4449] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  425.041992][ T4449] usb 2-1: SerialNumber: syz
[  425.081468][ T4449] cdc_acm 2-1:1.0: Zero length descriptor references
[  425.121233][ T4449] cdc_acm: probe of 2-1:1.0 failed with error -22
[  425.280061][ T4449] usb 2-1: USB disconnect, device number 13
[  425.396814][ T7069] loop3: detected capacity change from 0 to 8
[  425.586190][ T7065] SQUASHFS error: Failed to read block 0x4de: -5
[  425.593406][ T7065] SQUASHFS error: Failed to read block 0x4de: -5
[  425.600299][   T26] audit: type=1800 audit(1756607934.316:6): pid=7065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.595" name="file1" dev="loop3" ino=5 res=0 errno=0
[  426.322794][ T7068] loop5: detected capacity change from 0 to 512
[  426.379427][ T7068] EXT4-fs: Ignoring removed orlov option
[  426.421952][ T7068] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  426.555695][ T7068] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  426.614410][ T7068] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.598: corrupted in-inode xattr
[  426.672299][ T7068] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.598: couldn't read orphan inode 15 (err -117)
[  426.744810][ T7068] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  427.407844][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  427.492961][ T7082] input: syz1 as /devices/virtual/input/input27
[  427.859009][ T7087] netlink: 12 bytes leftover after parsing attributes in process `syz.5.602'.
[  428.624569][ T7086] tty tty1: ldisc open failed (-12), clearing slot 0
[  428.970618][ T7095] netlink: 3 bytes leftover after parsing attributes in process `syz.1.600'.
[  431.313541][ T7108] loop3: detected capacity change from 0 to 512
[  431.321202][ T7100] loop5: detected capacity change from 0 to 32768
[  431.394320][ T7108] EXT4-fs: Ignoring removed orlov option
[  431.426226][ T7100] (syz.5.614,7100,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  431.471238][ T7100] (syz.5.614,7100,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  431.471646][ T7108] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  431.637811][ T7100] JBD2: Ignoring recovery information on journal
[  431.657522][ T7108] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  431.724338][ T7108] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.605: corrupted in-inode xattr
[  431.758880][ T7100] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  431.823876][ T7108] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.605: couldn't read orphan inode 15 (err -117)
[  432.119500][ T7115] loop2: detected capacity change from 0 to 16
[  432.286199][ T7108] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  432.361950][ T7115] erofs: (device loop2): EXPERIMENTAL compressed inline data feature in use. Use at your own risk!
[  432.494852][ T7099] ocfs2: Unmounting device (7,5) on (node local)
[  432.537916][ T7115] erofs: (device loop2): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  432.793428][ T7115] erofs: (device loop2): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  433.030089][ T7115] erofs: (device loop2): erofs_read_inode: bogus i_mode (0) @ nid 58320
[  433.496407][ T4273] EXT4-fs (loop3): unmounting filesystem.
[  434.592355][ T7129] loop3: detected capacity change from 0 to 16
[  434.842552][ T7129] erofs: (device loop3): EXPERIMENTAL compressed inline data feature in use. Use at your own risk!
[  435.102592][ T7129] erofs: (device loop3): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  435.944395][ T7129] erofs: (device loop3): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  435.962696][ T7129] erofs: (device loop3): erofs_read_inode: bogus i_mode (0) @ nid 58320
[  437.171904][ T4370] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  437.413039][ T7137] loop1: detected capacity change from 0 to 16
[  437.420896][ T4370] usb 3-1: Using ep0 maxpacket: 32
[  437.437254][ T7137] erofs: (device loop1): EXPERIMENTAL compressed inline data feature in use. Use at your own risk!
[  437.448337][ T7137] erofs: (device loop1): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  437.458871][ T7137] erofs: (device loop1): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  437.470087][ T7137] erofs: (device loop1): erofs_read_inode: bogus i_mode (0) @ nid 58320
[  437.480537][ T4370] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  437.810693][ T4259] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  438.309251][ T4370] usb 3-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  438.422414][ T4370] usb 3-1: config 1 interface 0 has no altsetting 0
[  438.462572][ T4370] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  438.500325][ T4370] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  438.520171][ T4370] usb 3-1: SerialNumber: syz
[  438.551450][ T4370] cdc_acm 3-1:1.0: Zero length descriptor references
[  438.582683][ T4370] cdc_acm: probe of 3-1:1.0 failed with error -22
[  438.756802][ T4370] usb 3-1: USB disconnect, device number 15
[  439.493084][ T7165] netlink: 3 bytes leftover after parsing attributes in process `syz.3.618'.
[  439.925038][ T1264] ieee802154 phy0 wpan0: encryption failed: -22
[  439.931370][ T1264] ieee802154 phy1 wpan1: encryption failed: -22
[  439.937952][  T128] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  440.167840][  T128] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  440.192412][  T128] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  440.245878][  T128] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  440.335818][  T128] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  440.364862][  T128] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  440.416353][  T128] usb 3-1: Product: syz
[  440.420530][  T128] usb 3-1: Manufacturer: syz
[  440.446907][  T128] usb 3-1: SerialNumber: syz
[  440.716834][  T128] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 16 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  441.562484][ T7162] loop1: detected capacity change from 0 to 32768
[  441.908726][ T4370] usb 3-1: USB disconnect, device number 16
[  443.254940][ T4370] usblp0: removed
[  443.720592][ T7183] netlink: 12 bytes leftover after parsing attributes in process `syz.5.622'.
[  445.072120][ T4449] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  445.282818][ T4449] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  445.306572][ T4449] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  445.341173][ T4449] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  445.413404][ T4449] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  445.480636][ T4449] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  445.526670][ T4449] usb 5-1: Product: syz
[  445.541875][ T4449] usb 5-1: Manufacturer: syz
[  445.569038][ T4449] usb 5-1: SerialNumber: syz
[  445.811361][ T4449] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  445.891991][ T4445] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  446.101944][ T4445] usb 4-1: Using ep0 maxpacket: 16
[  446.145274][   T22] usb 5-1: USB disconnect, device number 10
[  447.424757][ T4445] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  447.501540][ T7203] usblp0: removed
[  447.813787][ T4445] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  447.828028][ T4445] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.836125][ T4445] usb 4-1: Product: syz
[  447.840292][ T4445] usb 4-1: Manufacturer: syz
[  447.844980][ T4445] usb 4-1: SerialNumber: syz
[  447.851474][ T4445] usb 4-1: config 0 descriptor??
[  448.034170][ T7206] device bridge5 entered promiscuous mode
[  448.253587][ T4370] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  448.441900][ T4370] usb 3-1: Using ep0 maxpacket: 32
[  448.448538][ T4370] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  448.482011][ T4370] usb 3-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  448.570246][ T4370] usb 3-1: config 1 interface 0 has no altsetting 0
[  448.693594][ T4370] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  448.704951][ T4370] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  448.729824][ T4370] usb 3-1: SerialNumber: syz
[  448.797063][ T7222] netlink: 12 bytes leftover after parsing attributes in process `syz.4.633'.
[  448.921726][ T4370] cdc_acm 3-1:1.0: Zero length descriptor references
[  448.956044][ T4370] cdc_acm: probe of 3-1:1.0 failed with error -22
[  449.125707][ T4370] usb 3-1: USB disconnect, device number 17
[  449.553044][ T4309] usb 4-1: USB disconnect, device number 12
[  449.919598][ T7230] netlink: 3 bytes leftover after parsing attributes in process `syz.5.632'.
[  450.360982][ T7233] loop3: detected capacity change from 0 to 512
[  450.443957][ T7233] EXT4-fs: Ignoring removed orlov option
[  450.471958][ T7233] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  450.514977][ T7233] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  450.530741][ T7229] loop2: detected capacity change from 0 to 32768
[  450.538393][ T7233] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.636: corrupted in-inode xattr
[  450.576087][ T7233] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.636: couldn't read orphan inode 15 (err -117)
[  450.590473][ T7229] (syz.2.635,7229,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  450.635286][ T7233] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  450.688165][ T7229] (syz.2.635,7229,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  450.755764][ T7229] JBD2: Ignoring recovery information on journal
[  451.456782][ T4273] EXT4-fs (loop3): unmounting filesystem.
[  451.490992][ T7229] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  451.661325][ T7229] ocfs2: Unmounting device (7,2) on (node local)
[  452.913765][ T7253] device batadv_slave_1 entered promiscuous mode
[  453.123186][ T7252] device batadv_slave_1 left promiscuous mode
[  453.641943][ T4309] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  454.697428][ T7257] loop4: detected capacity change from 0 to 16
[  454.753075][ T7257] erofs: (device loop4): EXPERIMENTAL compressed inline data feature in use. Use at your own risk!
[  454.763984][ T7257] erofs: (device loop4): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  454.774679][ T7257] erofs: (device loop4): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  454.787262][ T7257] erofs: (device loop4): erofs_read_inode: bogus i_mode (0) @ nid 58320
[  454.942619][ T4309] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  454.977600][ T4309] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  455.027926][ T4309] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  455.095839][ T4309] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  455.182769][ T4309] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  455.219487][ T4309] usb 2-1: Product: syz
[  455.257692][ T4309] usb 2-1: Manufacturer: syz
[  455.270072][ T4309] usb 2-1: SerialNumber: syz
[  455.537249][ T4309] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 14 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  455.736076][ T7275] netlink: 12 bytes leftover after parsing attributes in process `syz.4.646'.
[  455.959655][   T22] usb 2-1: USB disconnect, device number 14
[  457.321999][ T7276] usblp0: removed
[  459.572794][ T7286] loop1: detected capacity change from 0 to 16
[  460.074700][ T7297] fuse: Bad value for 'fd'
[  460.774192][ T7286] erofs: (device loop1): EXPERIMENTAL compressed inline data feature in use. Use at your own risk!
[  460.941892][ T7286] erofs: (device loop1): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  461.045565][ T7286] erofs: (device loop1): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  461.107200][ T7286] erofs: (device loop1): erofs_read_inode: bogus i_mode (0) @ nid 58320
[  461.607147][ T7293] loop3: detected capacity change from 0 to 40427
[  461.669364][ T7293] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x3ffff
[  461.698296][ T7293] F2FS-fs (loop3): invalid crc value
[  461.759178][ T7293] F2FS-fs (loop3): Found nat_bits in checkpoint
[  461.887132][ T7293] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  462.079251][ T4273] syz-executor: attempt to access beyond end of device
[  462.079251][ T4273] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  462.871917][ T4449] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  463.102041][ T4337] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  463.109342][ T4449] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  463.109361][ T4449] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  463.109373][ T4449] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  463.111312][ T4449] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  463.111329][ T4449] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  463.111339][ T4449] usb 5-1: Product: syz
[  463.111347][ T4449] usb 5-1: Manufacturer: syz
[  463.111354][ T4449] usb 5-1: SerialNumber: syz
[  463.341922][ T4337] usb 4-1: Using ep0 maxpacket: 32
[  463.344001][ T4337] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  463.344041][ T4337] usb 4-1: config 1 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  463.344065][ T4337] usb 4-1: config 1 interface 0 has no altsetting 0
[  463.344947][ T4337] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  463.344971][ T4337] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  463.344988][ T4337] usb 4-1: SerialNumber: syz
[  463.347696][ T4449] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  463.348726][ T4337] cdc_acm 4-1:1.0: Zero length descriptor references
[  463.348748][ T4337] cdc_acm: probe of 4-1:1.0 failed with error -22
[  463.384983][ T7324] netlink: 12 bytes leftover after parsing attributes in process `syz.5.663'.
[  463.550459][ T4337] usb 4-1: USB disconnect, device number 13
[  463.705416][ T4445] usb 5-1: USB disconnect, device number 11
[  463.715538][ T7326] usblp0: removed
[  466.361905][ T4337] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  466.542038][ T4337] usb 4-1: Using ep0 maxpacket: 16
[  466.543414][ T4337] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.545145][ T4337] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  466.545170][ T4337] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  466.545188][ T4337] usb 4-1: Product: syz
[  466.545201][ T4337] usb 4-1: Manufacturer: syz
[  466.545219][ T4337] usb 4-1: SerialNumber: syz
[  466.552256][ T4337] usb 4-1: config 0 descriptor??
[  468.570378][ T4582] usb 4-1: USB disconnect, device number 14
[  468.986613][ T7349] fuse: Bad value for 'fd'
[  471.200023][ T7362] netlink: 12 bytes leftover after parsing attributes in process `syz.3.675'.
[  472.478039][ T4337] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  472.670885][ T4337] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  472.690675][ T4337] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  472.715988][ T4337] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  472.749992][ T4337] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  472.768010][ T4337] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  472.791111][ T4337] usb 4-1: Product: syz
[  472.800541][ T4337] usb 4-1: Manufacturer: syz
[  472.816125][ T4337] usb 4-1: SerialNumber: syz
[  472.936831][ T7373] loop1: detected capacity change from 0 to 32768
[  472.970979][ T7373] (syz.1.680,7373,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  473.003931][ T7373] (syz.1.680,7373,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  473.051360][ T4337] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 15 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  473.114422][ T7373] JBD2: Ignoring recovery information on journal
[  473.193377][ T7373] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  473.389058][  T128] usb 4-1: USB disconnect, device number 15
[  473.517055][ T7383] usblp0: removed
[  474.943942][ T7386] device bridge1 entered promiscuous mode
[  475.391078][ T7373] ocfs2: Unmounting device (7,1) on (node local)
[  476.703983][ T7395] fuse: Bad value for 'fd'
[  476.781249][ T7397] input: syz1 as /devices/virtual/input/input30
[  476.834466][ T7401] loop3: detected capacity change from 0 to 512
[  476.880202][ T7401] EXT4-fs: Ignoring removed orlov option
[  476.951421][ T7401] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  477.052179][ T7401] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  477.099923][ T7401] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.685: corrupted in-inode xattr
[  477.194157][ T7401] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.685: couldn't read orphan inode 15 (err -117)
[  477.257630][ T7401] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  477.913096][ T4273] EXT4-fs (loop3): unmounting filesystem.
[  478.746568][ T7416] netlink: 12 bytes leftover after parsing attributes in process `syz.1.688'.
[  480.741712][ T2960] Bluetooth: hci5: Frame reassembly failed (-84)
[  481.955796][ T4256] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  482.144726][ T4256] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  482.179225][ T4256] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  482.224461][ T4256] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  482.440501][ T4256] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  482.464617][ T4256] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  482.476412][ T4256] usb 4-1: Product: syz
[  482.480903][ T4256] usb 4-1: Manufacturer: syz
[  482.488088][ T4256] usb 4-1: SerialNumber: syz
[  482.802100][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  483.346521][ T4256] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 16 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  484.376061][ T4256] usb 4-1: USB disconnect, device number 16
[  485.727154][ T7454] usblp0: removed
[  486.345486][ T7463] netlink: 12 bytes leftover after parsing attributes in process `syz.4.701'.
[  486.416359][ T7466] device bridge2 entered promiscuous mode
[  487.530577][ T7472] loop4: detected capacity change from 0 to 512
[  487.562869][ T7472] EXT4-fs: Ignoring removed orlov option
[  487.594348][ T7472] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  487.815476][ T7472] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  487.829486][ T7472] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.704: corrupted in-inode xattr
[  487.915057][ T7480] loop3: detected capacity change from 0 to 8
[  487.994231][ T7480] SQUASHFS error: Failed to read block 0x4de: -5
[  488.005694][ T7480] SQUASHFS error: Failed to read block 0x4de: -5
[  488.034813][ T7480] SQUASHFS error: Failed to read block 0x4de: -5
[  488.045147][ T7480] SQUASHFS error: Failed to read block 0x4de: -5
[  488.053175][ T7480] SQUASHFS error: Failed to read block 0x4de: -5
[  488.060425][ T7480] SQUASHFS error: Failed to read block 0x4de: -5
[  488.272163][   T26] audit: type=1800 audit(1756607996.736:7): pid=7480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.703" name="file1" dev="loop3" ino=5 res=0 errno=0
[  488.372371][ T7472] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.704: couldn't read orphan inode 15 (err -117)
[  488.922571][ T7472] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  489.620164][ T4275] EXT4-fs (loop4): unmounting filesystem.
[  491.471512][ T7488] loop4: detected capacity change from 0 to 32768
[  491.534960][ T7488] (syz.4.707,7488,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  491.617052][ T7488] (syz.4.707,7488,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  491.697839][ T7488] JBD2: Ignoring recovery information on journal
[  492.023471][ T7488] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  492.202054][ T7488] loop4: detected capacity change from 32768 to 0
[  492.238344][    C0] I/O error, dev loop4, sector 512 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  492.251393][ T4598] lo_write_bvec: 1 callbacks suppressed
[  492.251409][ T4598] loop: Write error at byte offset 9223372036855059455, length 512.
[  492.297478][ T4598] loop: Write error at byte offset 9223372036855059455, length 512.
[  492.329566][ T4598] loop: Write error at byte offset 9223372036855059455, length 512.
[  492.473068][ T4598] loop: Write error at byte offset 9223372036855059455, length 512.
[  492.484462][ T4598] loop: Write error at byte offset 9223372036855059455, length 512.
[  492.497271][ T4598] loop: Write error at byte offset 9223372036855059455, length 512.
[  492.506711][ T4598] loop: Write error at byte offset 9223372036855059455, length 512.
[  492.589021][ T7513] loop3: detected capacity change from 0 to 8
[  493.248718][ T7512] SQUASHFS error: Failed to read block 0x4de: -5
[  493.255486][ T7512] SQUASHFS error: Failed to read block 0x4de: -5
[  493.262227][   T26] audit: type=1800 audit(1756608001.986:8): pid=7512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.712" name="file1" dev="loop3" ino=5 res=0 errno=0
[  493.264368][ T4598] loop: Write error at byte offset 9223372036855059455, length 512.
[  493.290743][ T7512] SQUASHFS error: Failed to read block 0x4de: -5
[  493.298160][ T7512] SQUASHFS error: Failed to read block 0x4de: -5
[  493.304668][ T7512] SQUASHFS error: Failed to read block 0x4de: -5
[  493.311032][ T7512] SQUASHFS error: Failed to read block 0x4de: -5
[  493.450327][ T4598] loop: Write error at byte offset 9223372036855059455, length 512.
[  493.458628][ T4598] loop: Write error at byte offset 9223372036855059455, length 512.
[  493.471884][    C0] I/O error, dev loop4, sector 554 op 0x1:(WRITE) flags 0x9800 phys_seg 17 prio class 2
[  493.488083][ T7508] Aborting journal on device loop4-29.
[  493.493989][    C0] I/O error, dev loop4, sector 552 op 0x1:(WRITE) flags 0x9800 phys_seg 1 prio class 2
[  493.503686][    C0] Buffer I/O error on dev loop4, logical block 552, lost sync page write
[  493.512188][ T7508] JBD2: I/O error when updating journal superblock for loop4-29.
[  493.520042][ T7508] (jbd2/loop4-29,7508,0):ocfs2_abort_trigger:596 ERROR: ocfs2_abort_trigger called by JBD2.  bh = 0xffff88805427a0e8, bh->b_blocknr = 16969
[  493.521425][ T7509] (syz.4.707,7509,1):ocfs2_start_trans:381 ERROR: status = -30
[  493.545587][ T7509] OCFS2: abort (device loop4): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal
[  493.559677][ T7509] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  493.569637][ T7509] OCFS2: Returning error to the calling process.
[  493.603274][ T7509] (syz.4.707,7509,1):ocfs2_modify_bh:105 ERROR: status = -30
[  493.626518][ T7509] (syz.4.707,7509,1):ocfs2_local_free_info:856 ERROR: status = -30
[  493.677440][ T7508] OCFS2: ERROR (device (efault)): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue
[  493.697387][ T7509] (syz.4.707,7509,1):ocfs2_start_trans:381 ERROR: status = -30
[  493.737413][ T7509] OCFS2: abort (device loop4): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal
[  493.842413][ T7508] general protection fault, probably for non-canonical address 0xdffffc00000000cf: 0000 [#1] PREEMPT SMP KASAN
[  493.854161][ T7508] KASAN: null-ptr-deref in range [0x0000000000000678-0x000000000000067f]
[  493.862567][ T7508] CPU: 0 PID: 7508 Comm: jbd2/loop4-29 Not tainted syzkaller #0
[  493.870180][ T7508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  493.880230][ T7508] RIP: 0010:ocfs2_handle_error+0x2a/0x250
[  493.882436][ T7509] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  493.885951][ T7508] Code: 55 41 57 41 56 41 55 41 54 53 48 89 fb 49 bd 00 00 00 00 00 fc ff df e8 34 1c 73 f7 4c 8d b3 78 06 00 00 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 67 38 c3 f7 4d 8b 26 4d 8d b4 24
[  493.915348][ T7508] RSP: 0018:ffffc9000474f748 EFLAGS: 00010206
[  493.921394][ T7508] RAX: 00000000000000cf RBX: 0000000000000000 RCX: ffff88807a3ed940
[  493.929349][ T7508] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  493.937302][ T7508] RBP: ffffc9000474f890 R08: dffffc0000000000 R09: fffff520008e9e91
[  493.945253][ T7508] R10: fffff520008e9e91 R11: 1ffff920008e9e90 R12: ffffffff8acc4280
[  493.953215][ T7508] R13: dffffc0000000000 R14: 0000000000000678 R15: 1ffff920008e9ef8
[  493.961163][ T7508] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  493.970072][ T7508] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  493.976809][ T7508] CR2: 00007fc2d9a5f190 CR3: 000000005b738000 CR4: 00000000003506f0
[  493.984761][ T7508] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  493.992730][ T7508] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  494.000679][ T7508] Call Trace:
[  494.003942][ T7508]  <TASK>
[  494.006853][ T7508]  __ocfs2_error+0x124/0x170
[  494.011421][ T7508]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  494.017295][ T7508]  ? cachefiles_withdraw_cache+0x9d0/0x9d0
[  494.023082][ T7508]  ? jbd2_journal_commit_transaction+0x1010/0x60e0
[  494.029566][ T7508]  ocfs2_abort_trigger+0xfc/0x130
[  494.034574][ T7508]  ? ocfs2_frozen_trigger+0x60/0x60
[  494.039752][ T7508]  jbd2_journal_commit_transaction+0x1314/0x60e0
[  494.046069][ T7508]  ? jbd2_journal_finish_inode_data_buffers+0xa0/0xa0
[  494.052833][ T7508]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  494.058794][ T7508]  ? lock_chain_count+0x20/0x20
[  494.063629][ T7508]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  494.069503][ T7508]  ? _raw_spin_unlock+0x40/0x40
[  494.074334][ T7508]  ? detach_timer+0x173/0x350
[  494.078990][ T7508]  ? timer_delete_sync+0x1f8/0x2a0
[  494.084084][ T7508]  ? try_to_del_timer_sync+0x1b0/0x1b0
[  494.089525][ T7508]  ? do_raw_read_unlock+0x70/0x70
[  494.094543][ T7508]  ? prepare_to_wait+0x16d/0x1f0
[  494.099460][ T7508]  ? prepare_to_wait+0x1a6/0x1f0
[  494.104375][ T7508]  kjournald2+0x412/0x810
[  494.108691][ T7508]  ? jbd2_seq_info_show+0x5c0/0x5c0
[  494.113869][ T7508]  ? wake_bit_function+0x200/0x200
[  494.118958][ T7508]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  494.125025][ T7508]  ? __kthread_parkme+0x162/0x1c0
[  494.130029][ T7508]  kthread+0x29d/0x330
[  494.134078][ T7508]  ? jbd2_seq_info_show+0x5c0/0x5c0
[  494.139259][ T7508]  ? kthread_blkcg+0xd0/0xd0
[  494.143831][ T7508]  ret_from_fork+0x1f/0x30
[  494.148252][ T7508]  </TASK>
[  494.151257][ T7508] Modules linked in:
[  494.161542][ T7519] netlink: 12 bytes leftover after parsing attributes in process `syz.1.714'.
[  494.641346][ T7508] ---[ end trace 0000000000000000 ]---
[  494.642460][ T7509] OCFS2: Returning error to the calling process.
[  494.647646][ T7508] RIP: 0010:ocfs2_handle_error+0x2a/0x250
[  494.661847][ T7508] Code: 55 41 57 41 56 41 55 41 54 53 48 89 fb 49 bd 00 00 00 00 00 fc ff df e8 34 1c 73 f7 4c 8d b3 78 06 00 00 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 67 38 c3 f7 4d 8b 26 4d 8d b4 24
[  494.699187][ T7508] RSP: 0018:ffffc9000474f748 EFLAGS: 00010206
[  494.705552][ T7509] (syz.4.707,7509,1):ocfs2_modify_bh:105 ERROR: status = -30
[  494.722102][ T7508] RAX: 00000000000000cf RBX: 0000000000000000 RCX: ffff88807a3ed940
[  494.730239][ T7509] (syz.4.707,7509,1):ocfs2_local_free_info:856 ERROR: status = -30
[  494.744523][  T128] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  494.749108][ T7508] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  494.763080][    C1] I/O error, dev loop4, sector 23 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  494.773601][ T7509] (syz.4.707,7509,1):ocfs2_assign_bh:2414 ERROR: status = -5
[  494.787628][ T7508] RBP: ffffc9000474f890 R08: dffffc0000000000 R09: fffff520008e9e91
[  494.804177][ T7509] (syz.4.707,7509,1):ocfs2_inode_lock_full_nested:2509 ERROR: status = -5
[  494.819655][ T7508] R10: fffff520008e9e91 R11: 1ffff920008e9e90 R12: ffffffff8acc4280
[  494.841847][ T7509] (syz.4.707,7509,0):ocfs2_shutdown_local_alloc:411 ERROR: status = -5
[  494.856697][ T7508] R13: dffffc0000000000 R14: 0000000000000678 R15: 1ffff920008e9ef8
[  494.864959][    C1] I/O error, dev loop4, sector 16936 op 0x1:(WRITE) flags 0x0 phys_seg 1 prio class 2
[  494.874540][    C1] Buffer I/O error on dev loop4, logical block 16936, lost sync page write
[  494.884592][ T7509] (syz.4.707,7509,0):ocfs2_write_block:78 ERROR: status = -5
[  494.897559][ T7508] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  494.911872][ T7509] (syz.4.707,7509,0):ocfs2_update_disk_slot:199 ERROR: status = -5
[  494.921947][ T7508] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  494.937086][ T7508] CR2: 0000001b2f817ff8 CR3: 0000000078f7b000 CR4: 00000000003506e0
[  494.948593][ T7509] (syz.4.707,7509,0):ocfs2_put_slot:517 ERROR: status = -5
[  494.960742][ T7508] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  494.973285][  T128] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  494.986840][ T7508] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  494.997484][  T128] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  495.010703][ T7508] Kernel panic - not syncing: Fatal exception
[  495.017047][ T7508] Kernel Offset: disabled
[  495.021371][ T7508] Rebooting in 86400 seconds..