last executing test programs:

9.164744694s ago: executing program 2 (id=1093):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000080)='asymmetric\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x10)
r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/timer_list\x00', 0x0, 0x0)
fsopen(0x0, 0x0)
sendfile(r0, r4, 0x0, 0x8000000002)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='mm_page_free_batched\x00', r5}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0x0)
setsockopt$sock_int(r6, 0x1, 0x0, &(0x7f0000000000)=0x8, 0x4)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000200)=0x800001, 0x4)
bind$inet6(r7, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}}, 0x1c)
listen(r7, 0x20)
socket$netlink(0x10, 0x3, 0x4)

7.162717731s ago: executing program 2 (id=1106):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x28, 0x0, 0x0, 0x0, 0x0, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x28}}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)

4.354695972s ago: executing program 2 (id=1122):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="00e789da34e04a1ffbfd4b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d672eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235b33bc18c4ed0351cd285197b0241569048b5b416ba1c57217be5a338392f681617ee8c35bb21f0a9eed63b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076afc3752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855b3250f8f73e16bc593730b88d7a3346b945e276875915040ce498f262cd8ce8191ee84e3ce5526a0a4bb707cc711a3311f27b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a8bb29b90ffffff51eeab4747b94c35beac5fd2ed195e20ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65eca23c742443c84e21a440998c6c69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b05ac96b838c932b35511628ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b0900227769f5350adae56f07284be80bd0279c9dfbaa9521d746dd6c44d670b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d57deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a6893ff038d8099c229bda0801f8b8171dd73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14fae4e03197f5da8b8d36d9b3467beee619b9d9882f7eabfb5a6d1b5d39ec6703d50d8abf4a102f61296f46e519e1617e34dc711020a54ec92971f7025d4c7a0e4f9b6dcca1a00ae9bbeb6f2e72d78ccac527c4a8c8f007e77b7fe095516907060a7f1570128de98254e60d32373ef40fb2ea6ab7cc92374e3eed77ca5cef0c71bbf2e3dc32d54ff4346c9c82313274ad31fb7118ede1d0209fb983c47e2cc5a08d8f3b96cd171c3b469edc7857f14433a2c95f1ce2f36e41d09a59d10858c3f29d2310000000000000000000000000000000000000000b0eac1950f898d1e3649cfa40d0d6549d34da1ced0cf2119cd734024077ff83afaeed177d20012166256f2c60030af505a8f031eff7f713c3c"], 0x1, 0x11f4, &(0x7f0000002480)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000380)=""/4109, 0x100d)

4.17145042s ago: executing program 2 (id=1123):
r0 = creat(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40, 0x0)
mkdir(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
open(0x0, 0x14da42, 0x0)
r5 = open(&(0x7f0000002000)='./bus\x00', 0x143142, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x82402)
ioctl$BLKDISCARD(r6, 0x1277, &(0x7f00000000c0)=0x800)
write$cgroup_netprio_ifpriomap(r5, &(0x7f0000000100)=ANY=[], 0xa)
sendfile(r5, 0xffffffffffffffff, 0x0, 0x1000000201005)
socket(0x18, 0x0, 0x1)

3.245811712s ago: executing program 4 (id=1133):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="00e789da34e04a1ffbfd4b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d672eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235b33bc18c4ed0351cd285197b0241569048b5b416ba1c57217be5a338392f681617ee8c35bb21f0a9eed63b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076afc3752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855b3250f8f73e16bc593730b88d7a3346b945e276875915040ce498f262cd8ce8191ee84e3ce5526a0a4bb707cc711a3311f27b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a8bb29b90ffffff51eeab4747b94c35beac5fd2ed195e20ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65eca23c742443c84e21a440998c6c69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b05ac96b838c932b35511628ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b0900227769f5350adae56f07284be80bd0279c9dfbaa9521d746dd6c44d670b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d57deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a6893ff038d8099c229bda0801f8b8171dd73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14fae4e03197f5da8b8d36d9b3467beee619b9d9882f7eabfb5a6d1b5d39ec6703d50d8abf4a102f61296f46e519e1617e34dc711020a54ec92971f7025d4c7a0e4f9b6dcca1a00ae9bbeb6f2e72d78ccac527c4a8c8f007e77b7fe095516907060a7f1570128de98254e60d32373ef40fb2ea6ab7cc92374e3eed77ca5cef0c71bbf2e3dc32d54ff4346c9c82313274ad31fb7118ede1d0209fb983c47e2cc5a08d8f3b96cd171c3b469edc7857f14433a2c95f1ce2f36e41d09a59d10858c3f29d2310000000000000000000000000000000000000000b0eac1950f898d1e3649cfa40d0d6549d34da1ced0cf2119cd734024077ff83afaeed177d20012166256f2c60030af505a8f031eff7f713c3c"], 0x1, 0x11f4, &(0x7f0000002480)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000380)=""/4109, 0x100d)

3.201120158s ago: executing program 2 (id=1135):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x42, &(0x7f00000000c0)=ANY=[@ANYBLOB="6673796e635f6d6f64653d706f7369782c6e6f696e6c696e655f646174612c6469736361726400aa19fd46b492dc6cf59d696e6c696e655f64656e7472792c00"], 0x1, 0x54f3, &(0x7f000000ab40)="$eJzs3M9rI+UbAPAn7XZ/f/dbRNDbDixCC5uw6XYXvVXdxR/Ypfjj4EnTZBqym2RKk6a1Jw8exYP/iSh48ujf4MGzt8WD4k1QMjPRrSgITRu7/Xxg8sz75s0zz5tD4ZkpCeDMWkx++akS1+JSRMxHxNWI/LxSHrm1IjwfEdcjYu6Jo1LO/zFxPiIuR8S1cfIiZ6V86/Oboxt3fnzz52++u3Duyhdffz+7XQOz9kJE9LaL871eEbN2ER+W841RJ4+91VEZizd6j8pxVsS9dDPPsNeYrGvk8Xa7WJ9t7w7GcavbaI5ju7OVz2/3iwsORu1JnvwDDxs7+biVbuaxM8jy2D4o6to/KP62HQyGRZ5Wme+jPH0Mh5NYzKf7abGf7Ud5bPaH5XyRN2ul++M4KmN5uWhm3VZex+ZRvun/trc6/d39ZJTuDDpZP7lTq79Yq9+t1neyVjpMV6uNXuvuarLU7o6XVYdpo7fWzrJ2N601s95ystRuNqv1erJ0L93sNPpJvV67XbtVvbNcnt1MXnvwXtJtJUvj+EqnvzvsdAfJVraTFJ9YTlZqt19aTm7Uk3fWN5KNt+/fX99494N77z94ef2NV8tFh8t6nK4mSyu3Vlaq9VvVlfryGdr/J2XRU9w/HEll1gUAnD76f2AWTnv/H/r/qThV/e+krLPa/x/D/uFI9P8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGfWDwtfvp6fLBbjK+X8/8qpZ8pxJSLmIuK3vzEf5w/lnC/zLPzD+oW/1PBtJfIM42tcKI/LEbFWHr/+/7i/BQAAAHh6ffXx9c+Kbr14WZx1QZyk4qbN3NUPp5SvEhELi4+nlG1u/PLslJLFcxFxLvanlC2/gXVxSsmKW27nppXtX5k/FC4+ESpFmDvRcgAAgBNxuBM42S4EAACAk/TprAtgNioxeZQ5eRac/+f9nw8ELx0aAQAAAKdQZdYFAAAAAMcu7//9/h8AAAA83Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5n535yUoeiOACfFvoe74+RGOduxRkswyU4dGhYgJtgCbgFN8AacOYSDBjaEq3BxKS3bSTfl7SX25Afp4TJuZcUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuvRcrOaP91cPbXO2u3bS3A0AAABwzKZYzcsX02r+r75+Vl+6qOdZROQRcax3H8WvRuaozim+eH/xqYaniDJh/xm/6+NvRFzXx+t5198CAAAAnK71YjmruvXqNB26IPpULdrk/28S5WURUUxfEqXl+9NlorDy9z2Ou0Rp5QLWJFFYteQ2TpX2LaPGMPkwZNWQ91oOAADQi2Yn0G8XAgAAQJ9uhy6AYWRx2Mo87AWX/7x/3xD805gBAAAAP1A2dAEAAABA58r+3/P/AAAA4LRVz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS5tiNV8vlrO2OdtdO2nuBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Y3/eUSAEwiAM9q7vTOb+h5UGTU1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODN7/7yf2JqnEnmXhtLzyPJ2qmxdWrsnRtHfxhfvwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnft5jaOKAwD+ZmZna6viGmUPEVHwoBe73dbWXj0owYN/ghDSbY1u/dHmYEsRcvEmOfciehQRlHjr/9BzC73UWw57iCAeI/MrmfwAt4TMbJLPB9687w6bed83CSHfeS8LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZfLATJ9mhV8Rxee7R5r2lrH+8p888WHsyn7UsjppM+nh4vf4i6reXCAAAAKdHUtX3IYSn6fpC1se9vP5Pq/dkNf9PLxZxVc/vrfurvqr9s/bnHxuvbg/UK8bJLnp9eTy6sD+VztHNckb8u1XYc/ql//3CTn7n82cvSf4NiT9efWWS5vcz+uHhww+7eXjmqBIHAA7rfNWXQfX3UNYP20wMgFOjUyu8q/o/6bWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEATJqvh+SqOQgjznZ0483jz3tJB/YO1J/NVu3L//lr9mtkl0hDC9eXx6EKDc5l1t+/c/WJxPB7daj54I4TQ3uhl8OkU7wmhzQwFhw3i8md9VvI5HkHLv5gAADhx0rJldf3TdH0hOxfNhbD18+76/+1aHKas/zc+u/KoPla9/h82NsPZN1i5+fXg9p277y7fXLwxujH68r2Lw/eHl65evnx1kD8rGXhiAgAAwOF0y1av/+O5/ev/52pxmLL+/+bH4Xf1sRL1/4F2Fv3azgQAAOB0e/nNf/6ODjgfdbvh28WVlVvD4rj9+mJxbCHVZ3ambPX6P5lrOysAAACgCZPVaNf6/7VaHKZc/3/hl9d+q18zCSGcLdf/zy99Nb7W3HRmWhP/Ttz2HAEAAGjX2bLV1//TfP9/vL3lIQ4hvPNWEZcfAzhV/Z989P2v9bHq+/8vNTfFmRT3i/uR9/0QOv22MwIAAOAke65sWbH/V7q+8Pnv5z7p2v8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LT/AgAA//8Yl0ni")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
fchmod(0xffffffffffffffff, 0x0)
fallocate(r0, 0x20, 0x0, 0x2000140000)

3.149657156s ago: executing program 3 (id=1137):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000080)='asymmetric\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x10)
r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/timer_list\x00', 0x0, 0x0)
fsopen(0x0, 0x0)
sendfile(r0, r4, 0x0, 0x8000000002)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='mm_page_free_batched\x00', r5}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0x0)
setsockopt$sock_int(r6, 0x1, 0x0, &(0x7f0000000000)=0x8, 0x4)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000200)=0x800001, 0x4)
bind$inet6(r7, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}}, 0x1c)
listen(r7, 0x20)
socket$netlink(0x10, 0x3, 0x4)

3.067710079s ago: executing program 0 (id=1138):
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0xc020660b, &(0x7f0000000140)=@v1={0x0, @aes128, 0x0, @desc1})

3.06524682s ago: executing program 4 (id=1139):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x5c, r4, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x34, 0x8, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x3}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}]}, 0x5c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001d80)=[{{0x0, 0x0, &(0x7f0000001d00)=[{&(0x7f0000000a40)=""/254, 0xfe}, {0x0}, {&(0x7f0000000b80)=""/55, 0x37}], 0x3}}], 0x1, 0x0, &(0x7f0000001e80)={0x0, 0x989680})
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @dev}})

3.020029486s ago: executing program 0 (id=1140):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
io_setup(0x0, &(0x7f0000000240))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$unix(0x1, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x2000077d, &(0x7f0000000100)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000140)='sit0\x00', 0x10)
setsockopt$inet_mtu(r3, 0x0, 0xa, 0x0, 0x0)
sendmsg$inet(r3, &(0x7f0000000680)={0x0, 0x60, &(0x7f0000000600)=[{&(0x7f00000000c0)="d2", 0x200000c1}], 0x1}, 0x240)

2.077830711s ago: executing program 3 (id=1142):
execveat(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000000640)=[&(0x7f0000000340)='syzkaller0\x00', &(0x7f0000000380)='/dev/net/tun\x00', &(0x7f00000003c0)='\xff\xff\xff\xff\xff\xff', &(0x7f0000000440)='\x00', &(0x7f0000000480)='/dev/net/tun\x00', &(0x7f00000004c0)='*&#*{\\.\x7f\x00', 0x0, &(0x7f0000000580)='#}\x00', &(0x7f00000005c0)='@&-\x97\x00', &(0x7f0000000600)='/dev/net/tun\x00'], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x121a42, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socket(0x11, 0xa, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b23000d"], 0xffdd)

2.005099412s ago: executing program 0 (id=1143):
open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
fallocate(r1, 0x0, 0x0, 0xa75)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000100)=0x2, 0x4)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
sendto$inet6(r2, &(0x7f0000000000)="ec", 0x1, 0x0, &(0x7f0000000540)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)
recvmmsg(r2, &(0x7f0000000080), 0x21e, 0x40010002, 0x0)
sendfile(r2, r0, 0x0, 0xffffffff054)

1.859544385s ago: executing program 1 (id=1144):
sendto$packet(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000040)={@broadcast, @dev, @val={@void}, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @multicast, @loopback, @link_local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)

1.858994045s ago: executing program 0 (id=1145):
r0 = creat(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40, 0x0)
mkdir(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
open(0x0, 0x14da42, 0x0)
r5 = open(&(0x7f0000002000)='./bus\x00', 0x143142, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x82402)
ioctl$BLKDISCARD(r6, 0x1277, &(0x7f00000000c0)=0x800)
write$cgroup_netprio_ifpriomap(r5, &(0x7f0000000100)=ANY=[], 0xa)
sendfile(r5, 0xffffffffffffffff, 0x0, 0x1000000201005)
socket(0x18, 0x0, 0x1)

1.82163853s ago: executing program 1 (id=1146):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000880)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = dup3(r1, r0, 0x0)
r3 = accept$inet(r2, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
accept$inet6(r2, 0x0, 0x0)

1.696343059s ago: executing program 1 (id=1147):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000001380)=@updsa={0x188, 0x1a, 0x1, 0x0, 0x0, {{@in=@empty, @in, 0x0, 0x0, 0x0, 0x0, 0x2}, {@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x33}, @in=@multicast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_aead={0x4c, 0x12, {{'morus1280-generic\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'sha256\x00'}}}]}, 0x188}}, 0x0)

1.687745161s ago: executing program 2 (id=1148):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x54f6, &(0x7f0000005800)="$eJzs3M1rI2UcB/Bf2u2+uxbx4G0HFqGFTdh0X9Bb1V18wS7Fl4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJlnKltfQGm2sdvPB6bfmSeT3/yeUFqeSUgAp9Zi9stPlbgSFyJiPiIuRxT7lXIrrKZ4LiKuRsTcI1ulHP9j4GxEXIyIK5PiqWalfOiz6+Nrt3984+evvz135tLnX303u1kDs/Z8RPS30v5uP2XeSfmgHG+Mu0X2b43LTA/0H5bHecrd9kZRYbdxcF6jyJuddH6+tTOc5Gav0Zxkp7tZjG8N0gWH485BneIJDxrbxXGrvVFkd5gX2dlPfe3tp79t+8NRqtMq631YlI/R6CDTeHuvneaz9bDI5mBUjqe6eau9N8lxmeXlopn3WkUfG0d5pf/f3uwOdvaycXt72M0H2e1a/YVa/U61vp232qP2rWqj37pzK1vq9CanVUftRn+1k+edXrvWzPvL2VKn2azW69nS3fZGtzHI6vXazdqN6u3lcu969ur9d7NeK1ua5Mvdwc6o2xtmm/l2lp6xnK3Ubr64nF2rZ2+vrWfrb927t7b+zvt337v/0trrr5Qn/aWtbGnlxspKtX6julJfPrnzn/yv/0/z/7hseorzhyOpzLoBgJPH+h+YhZO+/g/r/6mw/j/d84cjsf4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi1vl/44rViZzEdXyrHnyqHnimPKxExFxG//Y35OHuo5nxZZ+Efzl/4Uw/fVKKoMLnGuXK7GBGr5fbr04/7VQAAAIAn15cfXf00rdbTj8VZN8RxSjdt5i5/MKV6lYhYWPxhClWivNkUzx69q2Ty+30m9qZUrbiBdX5KxdIttzPTqvavzB+K849EJcXcsbYDAAAci8MrgeNdhQAAAHCcPpl1A8xG8U5r+Vn88gP851KUbwheOHQEAAAAnECVWTcAAAAAPHbF+t/3/wEAAMCTLX3/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDv7NxPTupQFAfg00Lf4/0xEuPcrTiDZbgEhw4NC3ATLAG34AZYA85cggFDW6I1mJj0to3k+5L2chvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpediNX+8v3pom7PdtZPmbgAAAIBjNsVqXr6YVvN/9fWz+tJFPc8iIo+IY737KH41Mkd1TvHF+4tPNTxFlAn7z/hdH38j4ro+Xs+7/hYAAADgdK0Xy1nVrVen6dAF0adq0Sb/f5MoL4uIYvqSKC3fny4ThZW/73HcJUorF7AmicKqJbdxqrRvGTWGyYchq4a813IAAIBeNDuBfrsQAAAA+nQ7dAEMI4vDVuZhL7j85/37huCfxgwAAAD4gbKhCwAAAAA6V/b/nv8HAAAAp616/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd2hSr+XqxnLXN2e7aSXM3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb+zPOwqEQBiEwd71ncnc/7DSoKmpSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG9+95f/E1PjTDL32lh6HknWTo2tU2Pv3Dj6w/j6NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXP/vnFTcQDAn+3zlRYQR0A3BCGQGGCh12tp6coAihj4E5Ci9FoCV360GWhVIWVhQ5m7IBgRQgKFrf9D51bqUrYONxSJiQFkn528HpE4iGJfks9Hen5fW5bf9zlRlK+f7wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa5J3dOCs2vWmcVsfuPb61VvT3Z/rCna0Hy0Ur4qTJpA+Hl+OdpN9eIgAAABwfWV3fhxAe5tsrRZ/2yvo/r88pav7vnp3GdT0/W/fXfV37F+3XXx69uDNQbzpOcdHL6+PRmX+m0jm4WS625/71jE5558tnL1n5A0nf33xhkpf3M/nm7t13u2V4oolsAYD/43TdV0H9/1DRD9tMDIBjoxMV3nX9n/XazQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgCd3N8HQdJyGE5c5uXLj/+NZa2c/s39l6sFy3C7dvb8XXLC6RhxAur49HZ5qayCFw/cbNT1bH49G15oNXQgjtjV4FH85xTghtZijYb5BWv+uLks/hCFr+wwQAwJGTV62o6x/m2yvFsWQphL++f7L+fz2KQ1z/z/Rx/f/oowv34rHi+n/Y2AwX32Dj6ueD6zduvrl+dfXK6Mro07fODt8enrt4/vzFQfmsZOCJCQAAAPvTrVpc/6dLIUxm1v9PRXGYs/7/4tvhV/FYmfp/T7uLfm1nAgAAcLw9/+ofvyd7HE+63fDl6sbGteF0u7N/drptIdX/7ETV4vo/W2o7KwAAAKAJk83kifX/S1Ec5lz/f+aHl36Kr5mFEE5W6/+n1z4bX2puOi35c66zmvg48YFPFQAAgIV2smrx+n9evv+f7rzykIYQ3nhtGldfAzhX/Z+99/WP8Vjx+//nmpviQkr70/tR9v0QOv22MwIAAOAoe6pqRbH/W7698vHPpz7oev8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoGl/BwAA//+S5D5T")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000020240), 0x10010)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00))

1.673409353s ago: executing program 1 (id=1149):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="00e789da34e04a1ffbfd4b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d672eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235b33bc18c4ed0351cd285197b0241569048b5b416ba1c57217be5a338392f681617ee8c35bb21f0a9eed63b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076afc3752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855b3250f8f73e16bc593730b88d7a3346b945e276875915040ce498f262cd8ce8191ee84e3ce5526a0a4bb707cc711a3311f27b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a8bb29b90ffffff51eeab4747b94c35beac5fd2ed195e20ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65eca23c742443c84e21a440998c6c69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b05ac96b838c932b35511628ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b0900227769f5350adae56f07284be80bd0279c9dfbaa9521d746dd6c44d670b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d57deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a6893ff038d8099c229bda0801f8b8171dd73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14fae4e03197f5da8b8d36d9b3467beee619b9d9882f7eabfb5a6d1b5d39ec6703d50d8abf4a102f61296f46e519e1617e34dc711020a54ec92971f7025d4c7a0e4f9b6dcca1a00ae9bbeb6f2e72d78ccac527c4a8c8f007e77b7fe095516907060a7f1570128de98254e60d32373ef40fb2ea6ab7cc92374e3eed77ca5cef0c71bbf2e3dc32d54ff4346c9c82313274ad31fb7118ede1d0209fb983c47e2cc5a08d8f3b96cd171c3b469edc7857f14433a2c95f1ce2f36e41d09a59d10858c3f29d2310000000000000000000000000000000000000000b0eac1950f898d1e3649cfa40d0d6549d34da1ced0cf2119cd734024077ff83afaeed177d20012166256f2c60030af505a8f031eff7f713c3c"], 0x1, 0x11f4, &(0x7f0000002480)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000380)=""/4109, 0x100d)

1.673105503s ago: executing program 4 (id=1150):
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0xc020660b, &(0x7f0000000140)=@v1={0x0, @aes128, 0x0, @desc1})

1.665489514s ago: executing program 3 (id=1151):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0xc}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000340), &(0x7f0000000200)}, 0x15)

1.375047079s ago: executing program 4 (id=1152):
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./bus\x00', 0x4002, &(0x7f0000000700)={[{@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@numtail}, {@fat=@codepage={'codepage', 0x3d, '852'}}, {@shortname_mixed}, {@uni_xlate}, {@uni_xlate}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@shortname_win95}, {@shortname_lower}]}, 0x1, 0x227, &(0x7f0000001980)="$eJzs3TFrU1EUAOATm2opSDIIRRF84uIU2op7i1QQA4qSQSeLTVGaWrAQ0KF180/oX9DRVXAQV/+ACFIFF7t1UCLmJTVpEwxq8sR+35Cc3HfPe+e+hFySkPtunVxdWVpbX97e3oqJiVzk52IudnJRjEMxFqlHAQD8T3YajfjSSGVdCwAwGs35/1s+Isz/AHBQDPj5/+oISwIAhsz3/wBw8Fy/cfPyfLm8cC1JJiJWH9cr9Up6n26fX467UYtqTEchvkY0dqXxxUvlhenkh4/FqKxutvI365Wx7vyZKESxd/5MkurOH4/JVv67yajGbBTiWO/82Z75h+PsmY7jl6IQb2/HWtRiqfVrRzt/YyZJLlwp78k/0uwHAAAAAAAAAAAAAAAAAAAAAADDUEp29Vy/p1Tqtz3NH3x9oL3r8+TjRD7bsQMAAAAAAAAAAAAAAAAAAMC/Yv3Bw5XFWq2ai1zzcfV+u6UjuPfm2avult8K0iMWm7d/sp+/Exw9/eFJvz5j+87PCAt7eSrL0zJg8HrrzvFz61PnMytjPCL2t/R9aX0uRAypnueZPhftUf+y89TTucUXG+8/Dbrn0b4PAQAAAAAAAAAAAAAAAAAAnf9vz7oSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjOz+v/Dy/IeowAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA9AAD//8Q3lJU=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$KVM_SMI(r1, 0xaeb7)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
mkdir(&(0x7f0000000540)='./bus\x00', 0xb)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYRESDEC=0x0, @ANYBLOB])
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r7, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x12, r0, 0x0)
ftruncate(r0, 0x8979)

1.308025469s ago: executing program 3 (id=1153):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000080)='asymmetric\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x10)
r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/timer_list\x00', 0x0, 0x0)
fsopen(0x0, 0x0)
sendfile(r0, r4, 0x0, 0x8000000002)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='mm_page_free_batched\x00', r5}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0x0)
setsockopt$sock_int(r6, 0x1, 0x0, &(0x7f0000000000)=0x8, 0x4)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000200)=0x800001, 0x4)
bind$inet6(r7, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}}, 0x1c)
listen(r7, 0x20)
socket$netlink(0x10, 0x3, 0x4)

1.250518188s ago: executing program 1 (id=1154):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)

695.496593ms ago: executing program 0 (id=1155):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x30, 0x4, 0x0, 0x0, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x7e, 0x0, 0x9, [0x401, 0x1000, 0x5, 0x0, 0x5, 0x8]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@multicast1}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x34, 0x2c, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101, 0x800}, {@broadcast, 0x52b1}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @generic={0x83, 0xd, "56e6d8476f61c656505253"}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

372.519992ms ago: executing program 4 (id=1156):
sendto$packet(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000040)={@broadcast, @dev, @val={@void}, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @multicast, @loopback, @link_local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)

277.497777ms ago: executing program 3 (id=1157):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000880)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = dup3(r1, r0, 0x0)
r3 = accept$inet(r2, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
accept$inet6(r2, 0x0, 0x0)

208.796608ms ago: executing program 0 (id=1158):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x42, &(0x7f00000000c0)=ANY=[@ANYBLOB="6673796e635f6d6f64653d706f7369782c6e6f696e6c696e655f646174612c6469736361726400aa19fd46b492dc6cf59d696e6c696e655f64656e7472792c00"], 0x1, 0x54f3, &(0x7f000000ab40)="$eJzs3M9rI+UbAPAn7XZ/f/dbRNDbDixCC5uw6XYXvVXdxR/Ypfjj4EnTZBqym2RKk6a1Jw8exYP/iSh48ujf4MGzt8WD4k1QMjPRrSgITRu7/Xxg8sz75s0zz5tD4ZkpCeDMWkx++akS1+JSRMxHxNWI/LxSHrm1IjwfEdcjYu6Jo1LO/zFxPiIuR8S1cfIiZ6V86/Oboxt3fnzz52++u3Duyhdffz+7XQOz9kJE9LaL871eEbN2ER+W841RJ4+91VEZizd6j8pxVsS9dDPPsNeYrGvk8Xa7WJ9t7w7GcavbaI5ju7OVz2/3iwsORu1JnvwDDxs7+biVbuaxM8jy2D4o6to/KP62HQyGRZ5Wme+jPH0Mh5NYzKf7abGf7Ud5bPaH5XyRN2ul++M4KmN5uWhm3VZex+ZRvun/trc6/d39ZJTuDDpZP7lTq79Yq9+t1neyVjpMV6uNXuvuarLU7o6XVYdpo7fWzrJ2N601s95ystRuNqv1erJ0L93sNPpJvV67XbtVvbNcnt1MXnvwXtJtJUvj+EqnvzvsdAfJVraTFJ9YTlZqt19aTm7Uk3fWN5KNt+/fX99494N77z94ef2NV8tFh8t6nK4mSyu3Vlaq9VvVlfryGdr/J2XRU9w/HEll1gUAnD76f2AWTnv/H/r/qThV/e+krLPa/x/D/uFI9P8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGfWDwtfvp6fLBbjK+X8/8qpZ8pxJSLmIuK3vzEf5w/lnC/zLPzD+oW/1PBtJfIM42tcKI/LEbFWHr/+/7i/BQAAAHh6ffXx9c+Kbr14WZx1QZyk4qbN3NUPp5SvEhELi4+nlG1u/PLslJLFcxFxLvanlC2/gXVxSsmKW27nppXtX5k/FC4+ESpFmDvRcgAAgBNxuBM42S4EAACAk/TprAtgNioxeZQ5eRac/+f9nw8ELx0aAQAAAKdQZdYFAAAAAMcu7//9/h8AAAA83Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5n535yUoeiOACfFvoe74+RGOduxRkswyU4dGhYgJtgCbgFN8AacOYSDBjaEq3BxKS3bSTfl7SX25Afp4TJuZcUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuvRcrOaP91cPbXO2u3bS3A0AAABwzKZYzcsX02r+r75+Vl+6qOdZROQRcax3H8WvRuaozim+eH/xqYaniDJh/xm/6+NvRFzXx+t5198CAAAAnK71YjmruvXqNB26IPpULdrk/28S5WURUUxfEqXl+9NlorDy9z2Ou0Rp5QLWJFFYteQ2TpX2LaPGMPkwZNWQ91oOAADQi2Yn0G8XAgAAQJ9uhy6AYWRx2Mo87AWX/7x/3xD805gBAAAAP1A2dAEAAABA58r+3/P/AAAA4LRVz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS5tiNV8vlrO2OdtdO2nuBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Y3/eUSAEwiAM9q7vTOb+h5UGTU1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODN7/7yf2JqnEnmXhtLzyPJ2qmxdWrsnRtHfxhfvwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnft5jaOKAwD+ZmZna6viGmUPEVHwoBe73dbWXj0owYN/ghDSbY1u/dHmYEsRcvEmOfciehQRlHjr/9BzC73UWw57iCAeI/MrmfwAt4TMbJLPB9687w6bed83CSHfeS8LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZfLATJ9mhV8Rxee7R5r2lrH+8p888WHsyn7UsjppM+nh4vf4i6reXCAAAAKdHUtX3IYSn6fpC1se9vP5Pq/dkNf9PLxZxVc/vrfurvqr9s/bnHxuvbg/UK8bJLnp9eTy6sD+VztHNckb8u1XYc/ql//3CTn7n82cvSf4NiT9efWWS5vcz+uHhww+7eXjmqBIHAA7rfNWXQfX3UNYP20wMgFOjUyu8q/o/6bWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEATJqvh+SqOQgjznZ0483jz3tJB/YO1J/NVu3L//lr9mtkl0hDC9eXx6EKDc5l1t+/c/WJxPB7daj54I4TQ3uhl8OkU7wmhzQwFhw3i8md9VvI5HkHLv5gAADhx0rJldf3TdH0hOxfNhbD18+76/+1aHKas/zc+u/KoPla9/h82NsPZN1i5+fXg9p277y7fXLwxujH68r2Lw/eHl65evnx1kD8rGXhiAgAAwOF0y1av/+O5/ev/52pxmLL+/+bH4Xf1sRL1/4F2Fv3azgQAAOB0e/nNf/6ODjgfdbvh28WVlVvD4rj9+mJxbCHVZ3ambPX6P5lrOysAAACgCZPVaNf6/7VaHKZc/3/hl9d+q18zCSGcLdf/zy99Nb7W3HRmWhP/Ttz2HAEAAGjX2bLV1//TfP9/vL3lIQ4hvPNWEZcfAzhV/Z989P2v9bHq+/8vNTfFmRT3i/uR9/0QOv22MwIAAOAke65sWbH/V7q+8Pnv5z7p2v8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LT/AgAA//8Yl0ni")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
fchmod(0xffffffffffffffff, 0x0)
fallocate(r0, 0x20, 0x0, 0x2000140000)

208.351607ms ago: executing program 4 (id=1159):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xd, 0x3, &(0x7f0000000000)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0xb1}}, &(0x7f0000000480)='GPL\x00'}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000840)={[{@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@fat=@errors_continue}, {@utf8no}, {@shortname_mixed}, {@shortname_win95}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@uni_xlateno}, {@shortname_mixed}, {@utf8}, {@shortname_lower}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@utf8}, {@utf8no}]}, 0x1, 0x2a8, &(0x7f0000000580)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIL1zMSslCXah4b0GaILRQ8A/GrgRXblz6BILQnS/hxjfwAQR3dlE4MslMk9Q07UDT+ufz2fT0nPOd8zuTaUsXOfnw5fHB0zz2T778LTqdLBr96MdZFr1oROXrWNL/LgCAf7OzlOKPNFMnl0VEZ3NlAQAbVPvv/+nGSwIANuydd997a3cw2Hs7zzvxePzN8bD4z774Ohvf3Y9PYhTP4mF04zwiXZi1H6eUJs280IvXx5PjYZEcf/BLef3d3yOm+Z3oRm/atZx/MtjbyWcW8pOijufL9ftF/lF048UV6z8Z7D1akY9hK954baH+B9GNXz+OT2MUT6dFzPNf7eT5m+n7P794vyivyGeT42F7Om8ubd3xSwMAAAAAAAAAAAAAAAAAAAAAwH/Yg/LsnHZMz+8pusrzd7bOi2+2I6/0ls/nmeWz6kKXzgeapPihOl/nYZ7nqZw4zzfjpWY072fXAAAAAAAAAAAAAAAAAAAA8M9y9NnnBx+NRs8Ob6VRnQZQva2//nVOp6n+Qs+rsT7Vnq/VKJtrloitak4WsbaeYhO3dFuuazx3Vc0//lT3gp3r52wXa3VucRfVy73QE1VPtvoeti8md6qH5OeqJ6WUWnHD1VtXDaVaj19r5VC39t1ovTBtTNbMieyqwr59Zf5zWQ5ll3fRWrrPS43tsrEQv/Rs1Hqe//67InNaBwAAAAAAAAAAAAAAAAAAbNT8Tb8rBk/WRhupvbGyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBOzT//v0ZjUoZvMLkVh0f3vEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+B/4KAAD//+KpXP8=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000001280)=""/4089, 0xff9)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r2, 0x6, 0x15, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000300)=0x2, 0x54)
sendmmsg$inet6(r0, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f00000011c0)="dc", 0x1}], 0x1}}], 0x1, 0x0)
sendto$inet6(r0, &(0x7f0000000100)="89", 0x1, 0x0, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

80.773918ms ago: executing program 3 (id=1160):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
exit(0x0)

0s ago: executing program 1 (id=1161):
open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
fallocate(r1, 0x0, 0x0, 0xa75)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000100)=0x2, 0x4)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
sendto$inet6(r2, &(0x7f0000000000)="ec", 0x1, 0x0, &(0x7f0000000540)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)
recvmmsg(r2, &(0x7f0000000080), 0x21e, 0x40010002, 0x0)
sendfile(r2, r0, 0x0, 0xffffffff054)

kernel console output (not intermixed with test programs):


[   43.821605][ T1171] EXT4-fs error (device loop0): ext4_orphan_get:1240: comm syz.0.295: couldn't read orphan inode 15 (err -117)
[   43.830335][ T1177] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   43.839837][ T1171] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   43.858272][ T1171] ext2 filesystem being mounted at /root/syzkaller.Qggfgq/74/file0 supports timestamps until 2038 (0x7fffffff)
[   44.135661][ T1187] binder: 1181:1187 ioctl c0306201 0 returned -14
[   44.319189][ T1148] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   44.559563][ T1197] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6099: Corrupt filesystem
[   44.888699][  T121] r8152 2-1:0.0: Unknown version 0x0000
[   44.897814][  T121] usb 2-1: USB disconnect, device number 2
[   45.318227][ T1206] FAT-fs (loop2): bogus number of FAT sectors
[   45.338538][ T1206] FAT-fs (loop2): Can't find a valid FAT filesystem
[   45.435308][ T1218] FAT-fs (loop3): Directory bread(block 64) failed
[   45.444368][ T1221] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=108 sclass=netlink_route_socket pid=1221 comm=syz.2.308
[   45.457358][ T1218] FAT-fs (loop3): Directory bread(block 65) failed
[   45.469522][ T1218] FAT-fs (loop3): Directory bread(block 66) failed
[   45.486039][ T1218] FAT-fs (loop3): Directory bread(block 67) failed
[   45.494720][ T1218] FAT-fs (loop3): Directory bread(block 68) failed
[   45.508837][ T1218] FAT-fs (loop3): Directory bread(block 69) failed
[   45.520949][ T1218] FAT-fs (loop3): Directory bread(block 70) failed
[   45.527335][ T1218] FAT-fs (loop3): Directory bread(block 71) failed
[   45.534847][ T1223] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   45.538742][ T1218] FAT-fs (loop3): Directory bread(block 72) failed
[   45.564142][ T1218] FAT-fs (loop3): Directory bread(block 73) failed
[   45.797898][  T881] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[   45.812932][  T881] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6099: Corrupt filesystem
[   45.984022][ T1231] netlink: 1 bytes leftover after parsing attributes in process `syz.2.310'.
[   46.319960][ T1237] binder: 1234:1237 ioctl c0306201 0 returned -14
[   46.649348][ T1214] F2FS-fs (loop4): Test dummy encryption mode enabled
[   46.661584][ T1214] F2FS-fs (loop4): invalid crc value
[   46.673012][ T1214] F2FS-fs (loop4): Found nat_bits in checkpoint
[   46.720881][ T1242] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.727822][ T1242] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.733324][ T1214] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   46.735885][ T1242] device bridge_slave_0 entered promiscuous mode
[   46.749036][ T1242] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.755900][ T1242] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.763539][ T1242] device bridge_slave_1 entered promiscuous mode
[   46.772187][ T1233] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   46.788512][ T1233] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   46.796590][   T23] audit: type=1400 audit(1719597310.260:230): avc:  denied  { create } for  pid=1212 comm="syz.4.305" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   46.818563][ T1233] F2FS-fs (loop0): invalid crc value
[   46.825807][ T1233] F2FS-fs (loop0): Found nat_bits in checkpoint
[   46.841956][ T1257] FAT-fs (loop2): bogus number of FAT sectors
[   46.847956][ T1214] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)"
[   46.868471][ T1257] FAT-fs (loop2): Can't find a valid FAT filesystem
[   46.901650][ T1233] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   46.908648][ T1233] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   46.930658][   T23] audit: type=1400 audit(1719597310.400:231): avc:  denied  { write } for  pid=1212 comm="syz.4.305" name="file0" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   46.957393][   T23] audit: type=1400 audit(1719597310.400:232): avc:  denied  { add_name } for  pid=1212 comm="syz.4.305" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   46.978276][   T23] audit: type=1400 audit(1719597310.400:233): avc:  denied  { create } for  pid=1212 comm="syz.4.305" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[   46.999411][ T1242] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.006246][ T1242] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.013421][ T1242] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.020267][ T1242] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.300192][   T23] audit: type=1326 audit(1719597310.760:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1270 comm="syz.3.320" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f35c8bb9b99 code=0x0
[   47.986429][  T341] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.996245][  T341] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.181517][  T121] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   48.190294][  T121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   48.199999][  T121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   48.208371][  T121] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.216487][  T121] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.223345][  T121] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.232312][  T422] device bridge_slave_1 left promiscuous mode
[   48.238306][  T422] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.245810][  T422] device bridge_slave_0 left promiscuous mode
[   48.252437][  T422] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.280080][ T1282] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   48.316757][ T1282] EXT4-fs error (device loop3): ext4_orphan_get:1236: inode #15: comm syz.3.325: iget: bad i_size value: -67835469387268086
[   48.349533][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   48.349857][ T1282] EXT4-fs error (device loop3): ext4_orphan_get:1240: comm syz.3.325: couldn't read orphan inode 15 (err -117)
[   48.357897][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.380264][ T1282] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   48.389294][ T1282] ext2 filesystem being mounted at /root/syzkaller.YHF5hH/61/file0 supports timestamps until 2038 (0x7fffffff)
[   48.399097][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.407669][  T372] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.426038][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   48.444364][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.464546][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   48.484806][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.512574][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   48.529161][   T18] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   48.529887][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.589118][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   48.609928][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.778941][   T18] usb 3-1: Using ep0 maxpacket: 16
[   48.888688][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   48.896816][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.908336][ T1287] netlink: 'syz.4.321': attribute type 4 has an invalid length.
[   48.916178][ T1287] netlink: 8 bytes leftover after parsing attributes in process `syz.4.321'.
[   48.931584][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.950393][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.979456][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.987904][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   49.291791][ T1302] netlink: 1 bytes leftover after parsing attributes in process `syz.4.327'.
[   49.302337][   T18] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   49.322292][   T23] audit: type=1400 audit(1719597312.780:235): avc:  denied  { create } for  pid=1303 comm="syz.3.329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   49.332578][   T18] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   49.353402][   T23] audit: type=1400 audit(1719597312.780:236): avc:  denied  { setopt } for  pid=1303 comm="syz.3.329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   49.384657][   T18] usb 3-1: Product: syz
[   49.391245][   T18] usb 3-1: Manufacturer: syz
[   49.394646][ T1309] tipc: Started in network mode
[   49.395658][   T18] usb 3-1: SerialNumber: syz
[   49.401749][   T18] usb 3-1: config 0 descriptor??
[   49.411140][   T23] audit: type=1400 audit(1719597312.820:237): avc:  denied  { remove_name } for  pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=858 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   49.414153][ T1309] tipc: Own node identity 6ea397753bb4, cluster identity 4711
[   49.441560][ T1309] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   49.448370][ T1315] 
��: renamed from syzkaller0
[   49.454383][ T1315] tipc: Disabling bearer <eth:syzkaller0>
[   49.474897][   T23] audit: type=1400 audit(1719597312.820:238): avc:  denied  { rename } for  pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=858 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   49.497499][   T23] audit: type=1400 audit(1719597312.820:239): avc:  denied  { create } for  pid=144 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   49.522103][ T1313] FAT-fs (loop1): bogus number of FAT sectors
[   49.529970][ T1313] FAT-fs (loop1): Can't find a valid FAT filesystem
[   49.933078][ T1280] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   50.017588][ T1280] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6099: Corrupt filesystem
[   50.038673][   T18] r8152 3-1:0.0: Unknown version 0x0000
[   50.055670][   T18] usb 3-1: USB disconnect, device number 4
[   50.081849][ T1332] netlink: 'syz.4.337': attribute type 4 has an invalid length.
[   50.089405][ T1332] netlink: 8 bytes leftover after parsing attributes in process `syz.4.337'.
[   50.218624][  T391] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   50.367096][ T1337] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   50.377250][ T1337] EXT4-fs error (device loop4): ext4_orphan_get:1236: inode #15: comm syz.4.339: iget: bad i_size value: -67835469387268086
[   50.399094][ T1337] EXT4-fs error (device loop4): ext4_orphan_get:1240: comm syz.4.339: couldn't read orphan inode 15 (err -117)
[   50.414055][ T1337] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   50.422912][ T1337] ext2 filesystem being mounted at /root/syzkaller.MM2ffV/13/file0 supports timestamps until 2038 (0x7fffffff)
[   50.433873][ T1311] F2FS-fs (loop3): Test dummy encryption mode enabled
[   50.469164][  T391] usb 2-1: Using ep0 maxpacket: 16
[   50.482631][ T1311] F2FS-fs (loop3): invalid crc value
[   50.490482][ T1311] F2FS-fs (loop3): Found nat_bits in checkpoint
[   50.561244][ T1311] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   51.144653][  T391] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   51.168313][ T1140] EXT4-fs error (device loop2): ext4_map_blocks:617: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[   51.183594][ T1140] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6099: Corrupt filesystem
[   51.197577][  T391] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   51.207509][  T391] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   51.220623][  T391] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[   51.229713][  T391] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.259472][  T391] usb 2-1: config 0 descriptor??
[   51.645334][ T1363] netlink: 1 bytes leftover after parsing attributes in process `syz.4.346'.
[   51.729752][ T1365] netlink: 'syz.0.348': attribute type 4 has an invalid length.
[   51.746544][ T1365] netlink: 8 bytes leftover after parsing attributes in process `syz.0.348'.
[   51.850814][  T391] gt683r_led 0003:1770:FF00.0001: unknown main item tag 0x0
[   51.861083][  T391] gt683r_led 0003:1770:FF00.0001: unknown main item tag 0x0
[   51.876519][  T391] gt683r_led 0003:1770:FF00.0001: unbalanced collection at end of report description
[   51.891257][  T391] gt683r_led 0003:1770:FF00.0001: hid parsing failed
[   51.915326][  T391] gt683r_led: probe of 0003:1770:FF00.0001 failed with error -22
[   51.926082][ T1366] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.938132][ T1366] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.950919][ T1366] device bridge_slave_0 entered promiscuous mode
[   51.961838][ T1366] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.968840][ T1366] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.976317][ T1366] device bridge_slave_1 entered promiscuous mode
[   52.070621][ T1366] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.077469][ T1366] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.085102][ T1366] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.091958][ T1366] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.125381][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.135056][  T471] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.142816][  T471] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.156412][ T1377] tipc: Started in network mode
[   52.161428][ T1377] tipc: Own node identity 364551012ff6, cluster identity 4711
[   52.168992][ T1377] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   52.180080][ T1377] 
��: renamed from syzkaller0
[   52.186530][ T1377] tipc: Disabling bearer <eth:syzkaller0>
[   52.193448][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   52.202865][   T18] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.209758][   T18] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.217154][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   52.225822][   T18] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.232695][   T18] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.250156][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   52.258080][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   52.330134][  T121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   52.368474][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   52.376795][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   52.395095][  T179] device bridge_slave_1 left promiscuous mode
[   52.410657][  T179] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.426472][  T179] device bridge_slave_0 left promiscuous mode
[   52.433229][  T179] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.512267][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   52.520676][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   52.560113][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   52.568296][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   52.596283][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   52.606374][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   52.619018][   T23] audit: type=1400 audit(1719597316.090:240): avc:  denied  { ioctl } for  pid=1389 comm="syz.0.356" path="/dev/rtc0" dev="devtmpfs" ino=840 ioctlcmd=0x7003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   52.733476][ T1380] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.740907][ T1380] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.748484][ T1380] device bridge_slave_0 entered promiscuous mode
[   52.757906][ T1380] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.765699][ T1380] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.777740][ T1380] device bridge_slave_1 entered promiscuous mode
[   53.182109][ T1407] netlink: 1 bytes leftover after parsing attributes in process `syz.0.361'.
[   53.214949][  T471] usb 2-1: USB disconnect, device number 3
[   53.306169][ T1418] netlink: 'syz.1.366': attribute type 4 has an invalid length.
[   53.313800][ T1418] netlink: 8 bytes leftover after parsing attributes in process `syz.1.366'.
[   53.356464][ T1380] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.363340][ T1380] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.370501][ T1380] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.377332][ T1380] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.391641][  T372] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.401911][  T372] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.435457][ T1425] syz.2.369[1425] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.435570][ T1425] syz.2.369[1425] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.479407][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   53.498329][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.512702][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.521305][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.549612][   T18] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.556484][   T18] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.578291][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.604243][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.649468][   T18] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.656346][   T18] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.733621][   T23] audit: type=1326 audit(1719597317.190:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1428 comm="syz.2.371" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa880104b99 code=0x0
[   53.768180][   T23] audit: type=1326 audit(1719597317.190:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1428 comm="syz.2.371" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa880104b99 code=0x0
[   53.790911][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   53.793208][   T23] audit: type=1326 audit(1719597317.240:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1428 comm="syz.2.371" exe="/root/syz-executor" sig=31 arch=c000003e syscall=436 compat=0 ip=0x7fa880104b99 code=0x0
[   53.821595][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.842678][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   53.859184][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.898957][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   53.917533][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   53.939348][  T391] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   53.958956][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   53.977012][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   54.007736][  T525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   54.026241][  T525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   54.054674][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   54.065136][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   54.086105][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   54.104671][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   54.208665][  T391] usb 2-1: Using ep0 maxpacket: 16
[   54.548895][  T179] device bridge_slave_1 left promiscuous mode
[   54.555241][  T179] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.568693][  T391] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   54.588622][  T391] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   54.598530][  T179] device bridge_slave_0 left promiscuous mode
[   54.608617][  T391] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   54.612992][  T179] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.629203][  T391] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[   54.648532][  T391] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   54.673067][  T391] usb 2-1: config 0 descriptor??
[   54.903599][ T1458] netlink: 'syz.4.382': attribute type 4 has an invalid length.
[   54.921311][ T1458] netlink: 8 bytes leftover after parsing attributes in process `syz.4.382'.
[   55.033509][ T1427] F2FS-fs (loop3): Test dummy encryption mode enabled
[   55.075443][ T1427] F2FS-fs (loop3): invalid crc value
[   55.122728][ T1427] F2FS-fs (loop3): Found nat_bits in checkpoint
[   55.216463][ T1427] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   55.361914][  T391] gt683r_led 0003:1770:FF00.0002: unknown main item tag 0x0
[   55.381065][  T376] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   55.382233][  T391] gt683r_led 0003:1770:FF00.0002: unknown main item tag 0x0
[   55.408656][  T391] gt683r_led 0003:1770:FF00.0002: unbalanced collection at end of report description
[   55.423626][  T391] gt683r_led 0003:1770:FF00.0002: hid parsing failed
[   55.430340][  T391] gt683r_led: probe of 0003:1770:FF00.0002 failed with error -22
[   56.038702][  T376] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   56.059955][  T376] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   56.093958][  T376] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   56.129712][  T376] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   56.156018][  T376] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.184299][  T376] usb 1-1: config 0 descriptor??
[   56.208675][ T1468] raw-gadget gadget: fail, usb_ep_enable returned -22
[   56.284002][   T23] audit: type=1400 audit(1719597319.750:244): avc:  denied  { getopt } for  pid=1490 comm="syz.3.387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   56.361495][ T1499] capability: warning: `syz.3.397' uses deprecated v2 capabilities in a way that may be insecure
[   56.654087][  T371] usb 2-1: USB disconnect, device number 4
[   56.677881][  T376] plantronics 0003:047F:FFFF.0003: unknown main item tag 0xd
[   56.691896][  T376] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[   56.737898][  T376] plantronics 0003:047F:FFFF.0003: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   57.011914][  T372] usb 1-1: USB disconnect, device number 3
[   57.714300][ T1501] F2FS-fs (loop3): Test dummy encryption mode enabled
[   57.767468][ T1501] F2FS-fs (loop3): invalid crc value
[   57.774668][ T1501] F2FS-fs (loop3): Found nat_bits in checkpoint
[   57.823995][ T1501] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   57.896027][ T1540] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue
[   57.941011][ T1540] ext4 filesystem being mounted at /root/syzkaller.Qs6OdI/18/file0 supports timestamps until 2038 (0x7fffffff)
[   58.082632][   T23] audit: type=1326 audit(1719597321.550:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1555 comm="syz.0.419" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f64d31b3b99 code=0x0
[   58.132784][   T23] audit: type=1326 audit(1719597321.600:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1555 comm="syz.0.419" exe="/root/syz-executor" sig=31 arch=c000003e syscall=436 compat=0 ip=0x7f64d31b3b99 code=0x0
[   58.138635][  T371] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   58.219241][   T23] audit: type=1400 audit(1719597321.690:247): avc:  denied  { mount } for  pid=1563 comm="syz.4.422" name="/" dev="tmpfs" ino=19409 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   58.241472][   T23] audit: type=1400 audit(1719597321.690:248): avc:  denied  { unmount } for  pid=1380 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   58.708859][ T1573] FAT-fs (loop3): bogus logical sector size 2175
[   58.715066][ T1573] FAT-fs (loop3): Can't find a valid FAT filesystem
[   58.718634][  T371] usb 2-1: Using ep0 maxpacket: 16
[   58.738847][  T525] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   58.838807][  T371] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   58.849625][  T371] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   58.859180][  T371] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   58.871827][  T371] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[   58.880842][  T371] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.889484][  T371] usb 2-1: config 0 descriptor??
[   59.110528][  T525] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   59.121508][  T525] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   59.132453][  T525] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   59.145490][  T525] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   59.154438][  T525] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.163257][  T525] usb 3-1: config 0 descriptor??
[   59.178676][ T1570] raw-gadget gadget: fail, usb_ep_enable returned -22
[   59.219390][ T1583] device syzkaller0 entered promiscuous mode
[   59.530113][  T371] gt683r_led 0003:1770:FF00.0004: unknown main item tag 0x0
[   59.537336][  T371] gt683r_led 0003:1770:FF00.0004: unknown main item tag 0x0
[   59.544412][  T371] gt683r_led 0003:1770:FF00.0004: unbalanced collection at end of report description
[   59.621308][   T23] audit: type=1400 audit(1719597323.070:249): avc:  denied  { create } for  pid=1594 comm="syz.4.433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   59.687691][  T525] plantronics 0003:047F:FFFF.0005: unknown main item tag 0xd
[   59.782026][  T525] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[   59.785285][  T371] gt683r_led 0003:1770:FF00.0004: hid parsing failed
[   59.797035][ T1600] xt_CT: You must specify a L4 protocol and not use inversions on it
[   59.799145][  T371] gt683r_led: probe of 0003:1770:FF00.0004 failed with error -22
[   59.812091][   T23] audit: type=1400 audit(1719597323.080:250): avc:  denied  { connect } for  pid=1594 comm="syz.4.433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   59.833727][  T525] plantronics 0003:047F:FFFF.0005: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   59.848065][   T23] audit: type=1400 audit(1719597323.080:251): avc:  denied  { setopt } for  pid=1594 comm="syz.4.433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   59.869818][   T23] audit: type=1400 audit(1719597323.080:252): avc:  denied  { shutdown } for  pid=1594 comm="syz.4.433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   59.965731][    T0] NOHZ: local_softirq_pending 08
[   60.011277][  T525] usb 3-1: USB disconnect, device number 5
[   60.173023][ T1610] device syzkaller0 entered promiscuous mode
[   60.309394][ T1614] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,delalloc,jqfmt=vfsv0,grpquota,noblock_validity,,errors=continue
[   60.523117][ T1631] xt_CT: You must specify a L4 protocol and not use inversions on it
[   60.669632][ T1639] device syzkaller0 entered promiscuous mode
[   60.762484][   T23] audit: type=1400 audit(1719597324.230:253): avc:  denied  { bind } for  pid=1642 comm="syz.2.453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   60.841296][ T1647] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,delalloc,jqfmt=vfsv0,grpquota,noblock_validity,,errors=continue
[   60.880813][  T471] usb 2-1: USB disconnect, device number 5
[   60.969641][ T1655] xt_CT: You must specify a L4 protocol and not use inversions on it
[   61.174914][ T1662] device syzkaller0 entered promiscuous mode
[   61.299396][ T1669] device syzkaller0 entered promiscuous mode
[   61.348636][  T371] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   61.393879][ T1682] xt_CT: You must specify a L4 protocol and not use inversions on it
[   61.421424][ T1680] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,delalloc,jqfmt=vfsv0,grpquota,noblock_validity,,errors=continue
[   61.588623][  T471] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   61.598772][   T23] kauditd_printk_skb: 2 callbacks suppressed
[   61.598784][   T23] audit: type=1326 audit(1719597325.070:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1686 comm="syz.3.470" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f35c8bb9b99 code=0x0
[   61.630081][   T23] audit: type=1326 audit(1719597325.100:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1686 comm="syz.3.470" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f35c8bb9b99 code=0x0
[   61.693176][ T1694] device syzkaller0 entered promiscuous mode
[   61.708881][  T371] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   61.728621][  T371] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   61.740409][  T371] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   61.753621][  T371] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   61.762765][  T371] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.776553][  T371] usb 1-1: config 0 descriptor??
[   61.798709][ T1661] raw-gadget gadget: fail, usb_ep_enable returned -22
[   61.868640][  T471] usb 2-1: Using ep0 maxpacket: 16
[   61.988688][  T471] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   62.003421][  T471] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   62.013632][  T471] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   62.027752][  T471] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[   62.036850][  T471] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.045984][  T471] usb 2-1: config 0 descriptor??
[   62.239960][  T371] plantronics 0003:047F:FFFF.0006: unknown main item tag 0xd
[   62.249305][  T371] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[   62.268016][  T371] plantronics 0003:047F:FFFF.0006: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   62.540149][  T376] usb 1-1: USB disconnect, device number 4
[   62.629989][  T471] gt683r_led 0003:1770:FF00.0007: unknown main item tag 0x0
[   62.637193][  T471] gt683r_led 0003:1770:FF00.0007: unknown main item tag 0x0
[   62.646092][  T471] gt683r_led 0003:1770:FF00.0007: unbalanced collection at end of report description
[   62.657800][  T471] gt683r_led 0003:1770:FF00.0007: hid parsing failed
[   62.665349][  T471] gt683r_led: probe of 0003:1770:FF00.0007 failed with error -22
[   62.812288][    T0] NOHZ: local_softirq_pending 08
[   63.018210][ T1709] device syzkaller0 entered promiscuous mode
[   63.115714][   T23] audit: type=1400 audit(1719597326.580:258): avc:  denied  { sys_module } for  pid=1710 comm="syz.2.480" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   63.176977][ T1715] xt_CT: You must specify a L4 protocol and not use inversions on it
[   63.271667][ T1717] EXT4-fs (loop0): mounted filesystem without journal. Opts: norecovery,delalloc,jqfmt=vfsv0,grpquota,noblock_validity,,errors=continue
[   63.615825][ T1732] device syzkaller0 entered promiscuous mode
[   63.805959][ T1739] ======================================================
[   63.805959][ T1739] WARNING: the mand mount option is being deprecated and
[   63.805959][ T1739]          will be removed in v5.15!
[   63.805959][ T1739] ======================================================
[   63.862044][ T1739] EXT4-fs (loop0): orphan cleanup on readonly fs
[   63.869710][ T1739] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz.0.491: bg 0: block 248: padding at end of block bitmap is not set
[   63.884207][ T1739] Quota error (device loop0): write_blk: dquota write failed
[   63.891827][ T1739] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   63.902466][ T1739] EXT4-fs (loop0): 1 truncate cleaned up
[   63.908224][ T1739] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   63.926093][ T1739] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.491: deleted inode referenced: 12
[   64.095348][  T376] usb 2-1: USB disconnect, device number 6
[   64.127602][   T23] audit: type=1400 audit(1719597327.590:259): avc:  denied  { create } for  pid=1742 comm="syz.2.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   64.151657][   T23] audit: type=1400 audit(1719597327.620:260): avc:  denied  { write } for  pid=1742 comm="syz.2.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   64.171931][   T23] audit: type=1400 audit(1719597327.620:261): avc:  denied  { read } for  pid=1742 comm="syz.2.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   64.208667][  T371] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   64.449462][  T371] usb 1-1: Using ep0 maxpacket: 32
[   64.528725][  T341] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   64.588769][  T371] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   64.604016][  T371] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   64.614214][  T371] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   64.623910][  T371] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.654682][  T371] usb 1-1: config 0 descriptor??
[   64.699374][  T371] hub 1-1:0.0: USB hub found
[   64.733017][ T1755] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,delalloc,jqfmt=vfsv0,grpquota,noblock_validity,,errors=continue
[   64.821980][ T1762] device syzkaller0 entered promiscuous mode
[   64.888716][  T341] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   64.901956][  T341] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   64.901974][  T341] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   64.902004][  T341] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   64.902018][  T341] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.907571][  T341] usb 3-1: config 0 descriptor??
[   64.968821][  T371] hub 1-1:0.0: 1 port detected
[   64.973656][ T1746] raw-gadget gadget: fail, usb_ep_enable returned -22
[   65.002085][   T23] audit: type=1400 audit(1719597328.470:262): avc:  denied  { setattr } for  pid=1767 comm="syz.1.502" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   65.122723][ T1775] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   65.199647][ T1779] x_tables: unsorted underflow at hook 4
[   65.282716][   T23] audit: type=1326 audit(1719597328.750:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1771 comm="syz.1.504" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55c8da9b99 code=0x0
[   65.450227][  T341] plantronics 0003:047F:FFFF.0008: unknown main item tag 0xd
[   65.469133][  T341] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[   65.492479][  T341] plantronics 0003:047F:FFFF.0008: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   65.738791][  T376] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   65.758246][  T525] usb 3-1: USB disconnect, device number 6
[   65.998617][  T376] usb 4-1: Using ep0 maxpacket: 16
[   66.118692][  T376] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   66.138627][  T376] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   66.138709][  T341] hub 1-1:0.0: hub_ext_port_status failed (err = 0)
[   66.148166][  T376] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   66.148203][  T376] usb 4-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[   66.177023][  T376] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.190826][  T376] usb 4-1: config 0 descriptor??
[   66.338868][   T13] cfg80211: failed to load regulatory.db
[   66.346330][ T1739] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.491: deleted inode referenced: 12
[   66.360736][ T1739] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.491: deleted inode referenced: 12
[   66.390286][ T1739] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.491: deleted inode referenced: 12
[   66.417516][ T1739] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.491: deleted inode referenced: 12
[   66.624291][   T23] kauditd_printk_skb: 2 callbacks suppressed
[   66.624304][   T23] audit: type=1400 audit(1719597330.090:266): avc:  denied  { write } for  pid=1801 comm="syz.2.516" name="tcp" dev="proc" ino=4026532423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   66.696272][ T1806] x_tables: unsorted underflow at hook 4
[   66.790133][  T376] gt683r_led 0003:1770:FF00.0009: unknown main item tag 0x0
[   66.807733][  T376] gt683r_led 0003:1770:FF00.0009: unknown main item tag 0x0
[   66.816650][  T376] gt683r_led 0003:1770:FF00.0009: unbalanced collection at end of report description
[   66.828476][  T376] gt683r_led 0003:1770:FF00.0009: hid parsing failed
[   66.836092][  T376] gt683r_led: probe of 0003:1770:FF00.0009 failed with error -22
[   67.046805][   T23] audit: type=1400 audit(1719597330.510:267): avc:  denied  { ioctl } for  pid=1818 comm="syz.0.524" path="socket:[21401]" dev="sockfs" ino=21401 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   67.072948][  T376] usb 1-1: USB disconnect, device number 5
[   67.078776][   T13] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   67.342882][ T1831] x_tables: unsorted underflow at hook 4
[   67.458735][   T13] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   67.481372][   T13] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   67.496311][   T13] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   67.511260][   T13] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   67.521361][   T13] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.537412][   T13] usb 3-1: config 0 descriptor??
[   67.568665][ T1813] raw-gadget gadget: fail, usb_ep_enable returned -22
[   67.594289][ T1840] EXT4-fs (loop0): orphan cleanup on readonly fs
[   67.602903][ T1840] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz.0.534: bg 0: block 248: padding at end of block bitmap is not set
[   67.620030][ T1840] Quota error (device loop0): write_blk: dquota write failed
[   67.628375][ T1840] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   67.640492][ T1840] EXT4-fs (loop0): 1 truncate cleaned up
[   67.646999][ T1840] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   67.685377][ T1840] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.534: deleted inode referenced: 12
[   67.968647][  T471] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   68.030244][   T13] plantronics 0003:047F:FFFF.000A: unknown main item tag 0xd
[   68.039325][   T13] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[   68.052052][   T13] plantronics 0003:047F:FFFF.000A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   68.208684][  T471] usb 1-1: Using ep0 maxpacket: 32
[   68.328757][  T471] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   68.335250][   T13] usb 3-1: USB disconnect, device number 7
[   68.343037][  T471] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.366357][  T471] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   68.378404][  T471] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.390868][  T471] usb 1-1: config 0 descriptor??
[   68.514190][  T471] hub 1-1:0.0: USB hub found
[   68.527761][  T525] usb 4-1: USB disconnect, device number 3
[   68.554681][   T23] audit: type=1400 audit(1719597332.020:268): avc:  denied  { name_bind } for  pid=1852 comm="syz.3.538" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   68.635779][ T1854] fuse: Bad value for 'fd'
[   68.738950][  T471] hub 1-1:0.0: 1 port detected
[   68.819571][   T23] audit: type=1400 audit(1719597332.070:269): avc:  denied  { nlmsg_write } for  pid=1852 comm="syz.3.538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   68.891059][ T1860] x_tables: unsorted underflow at hook 4
[   69.440838][   T23] audit: type=1400 audit(1719597332.910:270): avc:  denied  { mount } for  pid=1873 comm="syz.2.546" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   69.543406][   T23] audit: type=1400 audit(1719597332.910:271): avc:  denied  { remount } for  pid=1873 comm="syz.2.546" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   69.564978][   T23] audit: type=1400 audit(1719597332.940:272): avc:  denied  { unmount } for  pid=1366 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   69.602450][   T23] audit: type=1400 audit(1719597333.070:273): avc:  denied  { create } for  pid=1877 comm="syz.3.548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   69.627856][ T1880] netlink: 84 bytes leftover after parsing attributes in process `syz.3.548'.
[   69.657273][ T1880] netlink: 12 bytes leftover after parsing attributes in process `syz.3.548'.
[   69.911442][ T1891] x_tables: unsorted underflow at hook 4
[   70.113790][ T1897] EXT4-fs error (device loop1): ext4_orphan_get:1236: inode #16: comm syz.1.555: iget: bad extended attribute block 128
[   70.129908][ T1897] EXT4-fs error (device loop1): ext4_orphan_get:1240: comm syz.1.555: couldn't read orphan inode 16 (err -117)
[   70.143881][  T376] hub 1-1:0.0: hub_ext_port_status failed (err = 0)
[   70.152007][ T1897] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   70.164346][ T1897] ext4 filesystem being mounted at /root/syzkaller.aXcnZ5/27/file1 supports timestamps until 2038 (0x7fffffff)
[   70.191464][ T1897] EXT4-fs error (device loop1): ext4_validate_block_bitmap:418: comm syz.1.555: bg 0: block 352: padding at end of block bitmap is not set
[   70.206134][ T1897] EXT4-fs error (device loop1): ext4_xattr_block_set:2199: inode #15: comm syz.1.555: bad block 19
[   70.358302][ T1840] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.534: deleted inode referenced: 12
[   70.436995][ T1913] fuse: Bad value for 'fd'
[   70.626098][ T1840] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.534: deleted inode referenced: 12
[   70.691286][ T1921] x_tables: unsorted underflow at hook 4
[   70.719361][ T1840] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.534: deleted inode referenced: 12
[   70.758602][ T1919] netlink: 84 bytes leftover after parsing attributes in process `syz.2.562'.
[   70.778024][ T1919] netlink: 12 bytes leftover after parsing attributes in process `syz.2.562'.
[   70.789148][ T1840] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.534: deleted inode referenced: 12
[   70.968232][ T1930] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.975589][ T1930] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.984267][ T1930] device bridge_slave_0 entered promiscuous mode
[   70.994031][ T1930] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.000914][ T1930] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.008209][ T1930] device bridge_slave_1 entered promiscuous mode
[   71.220300][ T1946] EXT4-fs error (device loop1): __ext4_iget:5217: inode #14: block 1886221359: comm syz.1.573: invalid block
[   71.343898][ T1946] EXT4-fs error (device loop1): ext4_orphan_get:1240: comm syz.1.573: couldn't read orphan inode 14 (err -117)
[   71.357398][ T1946] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   71.368131][ T1946] ext4 filesystem being mounted at /root/syzkaller.aXcnZ5/34/file1 supports timestamps until 2038 (0x7fffffff)
[   71.386827][ T1946] SELinux:  Context system_u:object_r:autofs_device_t:s0 is not valid (left unmapped).
[   71.444218][ T1930] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.451078][ T1930] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.458169][ T1930] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.464981][ T1930] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.490450][ T1954] netlink: 84 bytes leftover after parsing attributes in process `syz.3.575'.
[   71.499669][ T1954] netlink: 12 bytes leftover after parsing attributes in process `syz.3.575'.
[   71.516342][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   71.527906][  T471] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.551261][  T471] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.553278][ T1963] xt_TCPMSS: Only works on TCP SYN packets
[   71.591198][  T376] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   71.606082][  T376] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.612963][  T376] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.622674][  T376] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   71.631602][  T376] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.638433][  T376] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.667666][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   71.675849][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   71.688039][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   71.727824][   T23] kauditd_printk_skb: 6 callbacks suppressed
[   71.727837][   T23] audit: type=1400 audit(1719597335.190:280): avc:  denied  { ioctl } for  pid=1973 comm="syz.0.584" path="socket:[22855]" dev="sockfs" ino=22855 ioctlcmd=0x48d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   71.759292][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   71.786062][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   71.804291][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   71.813673][  T371] usb 1-1: USB disconnect, device number 6
[   71.815476][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   71.833301][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   71.842054][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   71.850868][ T1305] device bridge_slave_1 left promiscuous mode
[   71.856849][ T1305] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.868999][ T1305] device bridge_slave_0 left promiscuous mode
[   71.875634][ T1305] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.890247][ T1977] EXT4-fs error (device loop3): __ext4_iget:5217: inode #14: block 1886221359: comm syz.3.586: invalid block
[   71.910929][ T1991] xt_TCPMSS: Only works on TCP SYN packets
[   71.916808][ T1977] EXT4-fs error (device loop3): ext4_orphan_get:1240: comm syz.3.586: couldn't read orphan inode 14 (err -117)
[   71.949702][ T1977] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   71.963409][ T1977] ext4 filesystem being mounted at /root/syzkaller.YHF5hH/125/file1 supports timestamps until 2038 (0x7fffffff)
[   72.076357][ T2001] EXT4-fs (loop1): orphan cleanup on readonly fs
[   72.111492][ T2001] EXT4-fs error (device loop1): ext4_validate_block_bitmap:418: comm syz.1.594: bg 0: block 248: padding at end of block bitmap is not set
[   72.152850][ T2001] Quota error (device loop1): write_blk: dquota write failed
[   72.161177][ T2001] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   72.172297][ T2001] EXT4-fs (loop1): 1 truncate cleaned up
[   72.178030][ T2001] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   72.221097][ T2001] EXT4-fs error (device loop1): ext4_lookup:1818: inode #2: comm syz.1.594: deleted inode referenced: 12
[   72.246231][ T2021] xt_TCPMSS: Only works on TCP SYN packets
[   72.498888][  T372] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   72.708742][ T2052] xt_TCPMSS: Only works on TCP SYN packets
[   72.768641][  T372] usb 2-1: Using ep0 maxpacket: 32
[   72.808607][   T13] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   72.888747][  T372] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   72.914557][ T2078] xt_TCPMSS: Only works on TCP SYN packets
[   72.915540][  T372] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   72.931246][  T372] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   72.942929][  T372] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.004465][  T372] usb 2-1: config 0 descriptor??
[   73.049383][  T372] hub 2-1:0.0: USB hub found
[   73.069186][   T13] usb 4-1: Using ep0 maxpacket: 16
[   73.191137][   T13] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.271750][  T372] hub 2-1:0.0: 1 port detected
[   73.461292][   T13] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   73.470893][   T13] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 63, changing to 9
[   73.566865][   T23] audit: type=1400 audit(1719597337.030:281): avc:  denied  { mounton } for  pid=2105 comm="syz.0.642" path="/root/syzkaller.Qggfgq/140/bus/file0" dev="loop0" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[   73.635637][  T381] tipc: Left network mode
[   73.639886][   T13] usb 4-1: New USB device found, idVendor=04d9, idProduct=a081, bcdDevice= 0.40
[   73.650565][   T13] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.653574][ T2103] F2FS-fs (loop2): invalid crc value
[   73.658858][   T13] usb 4-1: Product: 亻װ밴䌅῞硜醻럊珊牮嫜겫ঠ㥨黹έ咶㛄エს䎒믔ﴍ琴䔁档㩚ᩔ辜뵠
[   73.667851][ T2103] F2FS-fs (loop2): Found nat_bits in checkpoint
[   73.675911][   T13] usb 4-1: Manufacturer: ␁
[   73.686422][   T13] usb 4-1: SerialNumber: 袶媑煬鱼芠ⲫ䛹ຬ茉ᔸࣴꚕ계랔轰赍锍蛔
[   73.762572][ T2103] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   73.795826][ T1366] attempt to access beyond end of device
[   73.795826][ T1366] loop2: rw=2049, want=45104, limit=40427
[   73.856527][ T2115] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.863478][ T2115] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.870956][ T2115] device bridge_slave_0 entered promiscuous mode
[   73.878028][ T2115] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.885012][ T2115] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.892609][ T2115] device bridge_slave_1 entered promiscuous mode
[   73.968957][   T13] usbhid 4-1:1.0: can't add hid device: -22
[   73.974750][   T13] usbhid: probe of 4-1:1.0 failed with error -22
[   74.055018][ T2115] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.061887][ T2115] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.069030][ T2115] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.075858][ T2115] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.172775][  T372] usb 4-1: USB disconnect, device number 4
[   74.211666][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   74.521921][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.529571][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.550093][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   74.558150][  T341] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.565018][  T341] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.573057][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   74.581591][  T341] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.588423][  T341] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.616445][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   74.625850][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   74.628816][  T471] hub 2-1:0.0: hub_ext_port_status failed (err = 0)
[   74.640306][  T381] device bridge_slave_1 left promiscuous mode
[   74.647430][  T381] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.656312][  T381] device bridge_slave_0 left promiscuous mode
[   74.662774][  T381] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.675558][ T2137] EXT4-fs error (device loop2): __ext4_iget:5217: inode #14: block 1886221359: comm syz.2.653: invalid block
[   74.687350][ T2137] EXT4-fs error (device loop2): ext4_orphan_get:1240: comm syz.2.653: couldn't read orphan inode 14 (err -117)
[   74.699730][ T2137] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   74.708500][ T2137] ext4 filesystem being mounted at /root/syzkaller.BilbhQ/82/file1 supports timestamps until 2038 (0x7fffffff)
[   74.745688][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   74.760925][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   74.787631][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   74.808042][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   74.820403][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   74.858472][ T2001] EXT4-fs error (device loop1): ext4_lookup:1818: inode #2: comm syz.1.594: deleted inode referenced: 12
[   75.193004][ T2150] EXT4-fs error (device loop1): ext4_lookup:1818: inode #2: comm syz.1.594: deleted inode referenced: 12
[   75.367535][ T2001] EXT4-fs error (device loop1): ext4_lookup:1818: inode #2: comm syz.1.594: deleted inode referenced: 12
[   75.395879][ T2001] EXT4-fs error (device loop1): ext4_lookup:1818: inode #2: comm syz.1.594: deleted inode referenced: 12
[   75.811814][ T2173] EXT4-fs error (device loop3): __ext4_iget:5217: inode #14: block 1886221359: comm syz.3.664: invalid block
[   75.823670][ T2173] EXT4-fs error (device loop3): ext4_orphan_get:1240: comm syz.3.664: couldn't read orphan inode 14 (err -117)
[   75.835862][ T2173] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   75.853595][ T2173] ext4 filesystem being mounted at /root/syzkaller.YHF5hH/130/file1 supports timestamps until 2038 (0x7fffffff)
[   76.020939][ T2180] fuse: Bad value for 'fd'
[   76.279692][   T23] audit: type=1400 audit(1719597339.750:282): avc:  denied  { lock } for  pid=2191 comm="syz.4.671" path="socket:[24663]" dev="sockfs" ino=24663 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[   76.453774][ T2200] EXT4-fs error (device loop4) in ext4_do_update_inode:5534: error 27
[   76.462906][ T2200] EXT4-fs error (device loop4) in ext4_do_update_inode:5534: error 27
[   76.471589][ T2200] Quota error (device loop4): write_blk: dquota write failed
[   76.479473][ T2200] Quota error (device loop4): qtree_write_dquot: Error -27 occurred while creating quota
[   76.491177][ T2200] EXT4-fs (loop4): 1 orphan inode deleted
[   76.496719][ T2200] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   76.506143][ T2200] ext4 filesystem being mounted at /root/syzkaller.R9AhyG/27/file1 supports timestamps until 2038 (0x7fffffff)
[   76.523878][   T23] audit: type=1400 audit(1719597339.990:283): avc:  denied  { remove_name } for  pid=2199 comm="syz.4.674" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   76.547930][ T2200] EXT4-fs warning (device loop4): ext4_empty_dir:3013: inode #12: comm syz.4.674: directory missing '..'
[   76.572809][   T23] audit: type=1400 audit(1719597340.020:284): avc:  denied  { rmdir } for  pid=2199 comm="syz.4.674" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   76.604140][   T23] audit: type=1400 audit(1719597340.040:285): avc:  denied  { create } for  pid=2199 comm="syz.4.674" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   76.628515][ T2195] F2FS-fs (loop3): invalid crc value
[   76.663783][ T2195] F2FS-fs (loop3): Found nat_bits in checkpoint
[   76.721882][ T2195] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[   76.783562][  T372] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   76.791488][  T376] usb 2-1: USB disconnect, device number 7
[   76.822404][ T2213] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   76.831415][ T2213] ext4 filesystem being mounted at /root/syzkaller.aXcnZ5/43/file0 supports timestamps until 2038 (0x7fffffff)
[   76.831614][  T478] attempt to access beyond end of device
[   76.831614][  T478] loop3: rw=2049, want=45104, limit=40427
[   76.855080][ T2213] EXT4-fs error (device loop1) in ext4_do_update_inode:5534: error 27
[   76.938976][   T23] audit: type=1400 audit(1719597340.380:286): avc:  denied  { read } for  pid=2215 comm="syz.0.679" dev="nsfs" ino=4026532516 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   76.960745][ T2213] EXT4-fs error (device loop1) in ext4_do_update_inode:5534: error 27
[   77.018328][ T2224] EXT4-fs error (device loop1): ext4_get_first_dir_block:3604: inode #18: comm syz.1.677: directory missing '.'
[   77.097513][   T23] audit: type=1400 audit(1719597340.380:287): avc:  denied  { open } for  pid=2215 comm="syz.0.679" path="net:[4026532516]" dev="nsfs" ino=4026532516 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   77.122738][   T23] audit: type=1400 audit(1719597340.480:288): avc:  denied  { rename } for  pid=2212 comm="syz.1.677" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   77.168713][  T372] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.179513][  T372] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[   77.188328][  T372] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.198122][  T372] usb 3-1: config 0 descriptor??
[   77.238672][  T391] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   77.369791][   T23] audit: type=1400 audit(1719597340.840:289): avc:  denied  { mounton } for  pid=2238 comm="syz.3.686" path="/root/syzkaller.YHF5hH/135/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   77.482127][  T391] usb 5-1: Using ep0 maxpacket: 16
[   77.641995][ T2247] fuse: Bad value for 'fd'
[   77.878689][  T391] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.889578][  T391] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   77.899238][  T391] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 63, changing to 9
[   77.964969][ T2252] EXT4-fs (loop1): orphan cleanup on readonly fs
[   77.972199][ T2252] EXT4-fs error (device loop1): ext4_validate_block_bitmap:418: comm syz.1.689: bg 0: block 248: padding at end of block bitmap is not set
[   77.987930][ T2252] Quota error (device loop1): write_blk: dquota write failed
[   77.997227][ T2252] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   78.010226][ T2252] EXT4-fs (loop1): 1 truncate cleaned up
[   78.017527][ T2252] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   78.026766][  T372] usbhid 3-1:0.0: can't add hid device: -71
[   78.034296][  T372] usbhid: probe of 3-1:0.0 failed with error -71
[   78.123624][  T372] usb 3-1: USB disconnect, device number 8
[   78.224508][ T2252] EXT4-fs error (device loop1): ext4_lookup:1818: inode #2: comm syz.1.689: deleted inode referenced: 12
[   78.257051][  T391] usb 5-1: New USB device found, idVendor=04d9, idProduct=a081, bcdDevice= 0.40
[   78.265922][  T391] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.273739][  T391] usb 5-1: Product: 亻װ밴䌅῞硜醻럊珊牮嫜겫ঠ㥨黹έ咶㛄エს䎒믔ﴍ琴䔁档㩚ᩔ辜뵠
[   78.285875][  T391] usb 5-1: Manufacturer: ␁
[   78.290303][  T391] usb 5-1: SerialNumber: 袶媑煬鱼芠ⲫ䛹ຬ茉ᔸࣴꚕ계랔轰赍锍蛔
[   78.499088][  T371] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   78.520922][ T2259] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   78.529919][ T2259] ext4 filesystem being mounted at /root/syzkaller.YHF5hH/137/file0 supports timestamps until 2038 (0x7fffffff)
[   78.552560][ T2259] EXT4-fs error (device loop3) in ext4_do_update_inode:5534: error 27
[   78.560910][  T391] usbhid 5-1:1.0: can't add hid device: -22
[   78.562162][ T2259] EXT4-fs error (device loop3) in ext4_do_update_inode:5534: error 27
[   78.566787][  T391] usbhid: probe of 5-1:1.0 failed with error -22
[   78.595436][ T2259] EXT4-fs error (device loop3): ext4_get_first_dir_block:3604: inode #18: comm syz.3.691: directory missing '.'
[   78.778650][  T371] usb 2-1: Using ep0 maxpacket: 32
[   78.899255][  T371] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.956908][  T371] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   78.996485][  T371] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   79.005754][  T371] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.022923][  T371] usb 2-1: config 0 descriptor??
[   79.029356][   T13] usb 5-1: USB disconnect, device number 3
[   79.039944][ T2279] EXT4-fs error (device loop0) in ext4_do_update_inode:5534: error 27
[   79.048428][ T2279] EXT4-fs error (device loop0) in ext4_do_update_inode:5534: error 27
[   79.057746][ T2279] Quota error (device loop0): write_blk: dquota write failed
[   79.065567][  T371] hub 2-1:0.0: USB hub found
[   79.067364][ T2279] Quota error (device loop0): qtree_write_dquot: Error -27 occurred while creating quota
[   79.081073][ T2279] EXT4-fs (loop0): 1 orphan inode deleted
[   79.086604][ T2279] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   79.103181][ T2279] ext4 filesystem being mounted at /root/syzkaller.49TJai/8/file1 supports timestamps until 2038 (0x7fffffff)
[   79.124424][ T2279] EXT4-fs warning (device loop0): ext4_empty_dir:3013: inode #12: comm syz.0.698: directory missing '..'
[   79.251373][   T23] audit: type=1400 audit(1719597342.720:290): avc:  denied  { transfer } for  pid=2288 comm="syz.0.701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   79.251427][ T2289] binder: transaction release 11 bad handle 1, ret = -22
[   79.289165][  T371] hub 2-1:0.0: 1 port detected
[   79.513886][ T2291] F2FS-fs (loop0): invalid crc value
[   79.530319][ T2291] F2FS-fs (loop0): Found nat_bits in checkpoint
[   79.578271][   T23] audit: type=1400 audit(1719597343.040:291): avc:  denied  { map } for  pid=2303 comm="syz.4.706" path="/dev/ashmem" dev="devtmpfs" ino=845 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   79.654605][ T2291] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   79.701427][ T2115] attempt to access beyond end of device
[   79.701427][ T2115] loop0: rw=2049, want=45104, limit=40427
[   80.248425][ T2343] overlayfs: missing 'lowerdir'
[   80.255266][ T2344] binder: transaction release 30 bad handle 1, ret = -22
[   80.268679][  T372] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   80.368686][ T2360] syz.3.731 (pid 2360) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   80.389728][ T2360] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)"
[   80.425203][ T2370] overlayfs: missing 'lowerdir'
[   80.448507][ T2374] binder: transaction release 44 bad handle 1, ret = -22
[   80.479514][  T371] hub 2-1:0.0: hub_ext_port_status failed (err = 0)
[   80.508700][  T372] usb 5-1: Using ep0 maxpacket: 16
[   80.600914][ T2380] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   80.610411][ T2380] ext4 filesystem being mounted at /root/syzkaller.YHF5hH/154/file0 supports timestamps until 2038 (0x7fffffff)
[   80.637021][ T2380] EXT4-fs error (device loop3) in ext4_do_update_inode:5534: error 27
[   80.645209][  T372] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.656198][ T2380] EXT4-fs error (device loop3) in ext4_do_update_inode:5534: error 27
[   80.664631][  T372] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.674153][ T2380] EXT4-fs error (device loop3): ext4_get_first_dir_block:3604: inode #18: comm syz.3.740: directory missing '.'
[   80.685841][  T372] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 63, changing to 9
[   80.693572][ T2252] EXT4-fs error (device loop1): ext4_lookup:1818: inode #2: comm syz.1.689: deleted inode referenced: 12
[   80.716754][ T2252] EXT4-fs error (device loop1): ext4_lookup:1818: inode #2: comm syz.1.689: deleted inode referenced: 12
[   80.746467][ T2252] EXT4-fs error (device loop1): ext4_lookup:1818: inode #2: comm syz.1.689: deleted inode referenced: 12
[   80.758607][  T371] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   80.772549][ T2252] EXT4-fs error (device loop1): ext4_lookup:1818: inode #2: comm syz.1.689: deleted inode referenced: 12
[   80.831705][ T2398] overlayfs: missing 'lowerdir'
[   80.848871][  T372] usb 5-1: New USB device found, idVendor=04d9, idProduct=a081, bcdDevice= 0.40
[   80.914659][ T2411] device pim6reg1 entered promiscuous mode
[   80.936108][  T372] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.944346][  T372] usb 5-1: Product: 亻װ밴䌅῞硜醻럊珊牮嫜겫ঠ㥨黹έ咶㛄エს䎒믔ﴍ琴䔁档㩚ᩔ辜뵠
[   80.956541][  T372] usb 5-1: Manufacturer: ␁
[   80.961039][  T372] usb 5-1: SerialNumber: 袶媑煬鱼芠ⲫ䛹ຬ茉ᔸࣴꚕ계랔轰赍锍蛔
[   81.008623][  T371] usb 1-1: Using ep0 maxpacket: 32
[   81.106461][ T2415] fuse: Bad value for 'fd'
[   81.232330][  T372] usbhid 5-1:1.0: can't add hid device: -22
[   81.283378][  T372] usbhid: probe of 5-1:1.0 failed with error -22
[   81.338747][  T371] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   81.343953][ T2426] overlayfs: missing 'lowerdir'
[   81.350452][  T371] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   81.364164][  T371] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   81.375441][  T371] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.385328][  T371] usb 1-1: config 0 descriptor??
[   81.429319][  T371] hub 1-1:0.0: USB hub found
[   81.446086][  T391] usb 5-1: USB disconnect, device number 4
[   81.648663][  T371] hub 1-1:0.0: 1 port detected
[   81.708633][  T372] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   81.718867][  T471] usb 2-1: USB disconnect, device number 8
[   81.866473][ T2449] overlayfs: missing 'lowerdir'
[   82.127132][ T2378] sit: non-ECT from 172.30.0.1 with TOS=0x1
[   82.159509][ T2462] EXT4-fs (loop4): orphan cleanup on readonly fs
[   82.171386][ T2462] EXT4-fs error (device loop4): ext4_validate_block_bitmap:418: comm syz.4.777: bg 0: block 248: padding at end of block bitmap is not set
[   82.189536][ T2462] __quota_error: 4 callbacks suppressed
[   82.189555][ T2462] Quota error (device loop4): write_blk: dquota write failed
[   82.204352][ T2462] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   82.218316][ T2462] EXT4-fs (loop4): 1 truncate cleaned up
[   82.226769][ T2462] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   82.248050][  T371] usb 1-1: USB disconnect, device number 7
[   82.269722][ T2462] EXT4-fs error (device loop4): ext4_lookup:1818: inode #2: comm syz.4.777: deleted inode referenced: 12
[   82.298670][  T372] usb 3-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b
[   82.307614][  T372] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.315383][  T372] usb 3-1: Product: syz
[   82.319490][  T372] usb 3-1: Manufacturer: syz
[   82.323913][  T372] usb 3-1: SerialNumber: syz
[   82.329198][  T372] usb 3-1: config 0 descriptor??
[   82.548683][  T471] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   82.754177][  T376] usb 3-1: USB disconnect, device number 9
[   82.873443][  T471] usb 5-1: Using ep0 maxpacket: 32
[   82.998786][  T471] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.009959][  T471] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.024957][  T471] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   83.034113][  T471] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.043062][  T471] usb 5-1: config 0 descriptor??
[   83.054786][ T2499] device pim6reg1 entered promiscuous mode
[   83.089221][  T471] hub 5-1:0.0: USB hub found
[   83.145007][   T23] audit: type=1400 audit(1719597346.610:296): avc:  denied  { bind } for  pid=2507 comm="syz.0.795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   83.210152][   T23] audit: type=1400 audit(1719597346.680:297): avc:  denied  { listen } for  pid=2507 comm="syz.0.795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   83.230949][   T23] audit: type=1400 audit(1719597346.680:298): avc:  denied  { getopt } for  pid=2507 comm="syz.0.795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   83.318661][  T471] hub 5-1:0.0: 1 port detected
[   83.388662][  T376] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   83.682262][  T376] usb 4-1: Using ep0 maxpacket: 32
[   83.748673][  T525] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   83.798752][  T376] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.810726][  T376] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.820344][  T376] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   83.829170][  T376] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.837758][  T376] usb 4-1: config 0 descriptor??
[   83.848638][   T13] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   83.879345][  T376] hub 4-1:0.0: USB hub found
[   84.088631][   T13] usb 1-1: Using ep0 maxpacket: 16
[   84.098912][  T376] hub 4-1:0.0: 1 port detected
[   84.208728][   T13] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   84.218727][   T13] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   84.229353][   T13] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[   84.238772][   T13] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[   84.248256][   T13] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   84.334495][  T525] usb 2-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b
[   84.344117][  T525] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   84.348804][   T13] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[   84.352336][  T525] usb 2-1: Product: syz
[   84.365168][   T13] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   84.370913][  T525] usb 2-1: Manufacturer: syz
[   84.373404][   T13] usb 1-1: Manufacturer: syz
[   84.378218][  T525] usb 2-1: SerialNumber: syz
[   84.382399][   T23] audit: type=1400 audit(1719597347.860:299): avc:  denied  { read } for  pid=2545 comm="syz.2.811" name="ppp" dev="devtmpfs" ino=9265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   84.389009][  T525] usb 2-1: config 0 descriptor??
[   84.417229][   T23] audit: type=1400 audit(1719597347.860:300): avc:  denied  { open } for  pid=2545 comm="syz.2.811" path="/dev/ppp" dev="devtmpfs" ino=9265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   84.422410][   T13] usb 1-1: config 0 descriptor??
[   84.442931][   T23] audit: type=1400 audit(1719597347.890:301): avc:  denied  { ioctl } for  pid=2545 comm="syz.2.811" path="/dev/ppp" dev="devtmpfs" ino=9265 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   84.528701][  T121] hub 5-1:0.0: hub_ext_port_status failed (err = 0)
[   84.582678][ T2503] sit: non-ECT from 172.30.0.4 with TOS=0x1
[   84.614468][  T376] usb 4-1: USB disconnect, device number 5
[   84.687535][  T121] usb 2-1: USB disconnect, device number 9
[   84.733734][ T2462] EXT4-fs error (device loop4): ext4_lookup:1818: inode #2: comm syz.4.777: deleted inode referenced: 12
[   84.747983][ T2462] EXT4-fs error (device loop4): ext4_lookup:1818: inode #2: comm syz.4.777: deleted inode referenced: 12
[   84.771558][ T2462] EXT4-fs error (device loop4): ext4_lookup:1818: inode #2: comm syz.4.777: deleted inode referenced: 12
[   84.807021][ T2462] EXT4-fs error (device loop4): ext4_lookup:1818: inode #2: comm syz.4.777: deleted inode referenced: 12
[   85.384073][ T2610] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=2610 comm=syz.1.839
[   85.396554][   T23] audit: type=1400 audit(1719597348.860:302): avc:  denied  { nlmsg_write } for  pid=2609 comm="syz.1.839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   85.615512][ T2590] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   85.637057][ T2590] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   85.648629][  T371] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   85.668676][   T13] usb 5-1: reset high-speed USB device number 5 using dummy_hcd
[   85.934681][  T376] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   86.058641][  T371] usb 4-1: Using ep0 maxpacket: 32
[   86.098733][   T13] usb 5-1: device firmware changed
[   86.103955][   T13] usb 5-1: USB disconnect, device number 5
[   86.178889][  T371] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   86.189651][  T371] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   86.199156][  T371] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   86.208010][  T371] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.216735][  T371] usb 4-1: config 0 descriptor??
[   86.259245][  T371] hub 4-1:0.0: USB hub found
[   86.458616][   T13] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   86.468701][  T376] usb 2-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b
[   86.477639][  T376] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.478795][  T371] hub 4-1:0.0: 1 port detected
[   86.485458][  T376] usb 2-1: Product: syz
[   86.493960][  T376] usb 2-1: Manufacturer: syz
[   86.498379][  T376] usb 2-1: SerialNumber: syz
[   86.503780][  T376] usb 2-1: config 0 descriptor??
[   86.614561][ T2638] EXT4-fs (loop2): orphan cleanup on readonly fs
[   86.621752][ T2638] EXT4-fs error (device loop2): ext4_validate_block_bitmap:418: comm syz.2.852: bg 0: block 248: padding at end of block bitmap is not set
[   86.636416][ T2638] Quota error (device loop2): write_blk: dquota write failed
[   86.644693][ T2638] EXT4-fs (loop2): 1 truncate cleaned up
[   86.650642][ T2638] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   86.664557][ T2638] EXT4-fs error (device loop2): ext4_lookup:1818: inode #2: comm syz.2.852: deleted inode referenced: 12
[   86.704810][  T376] usb 1-1: USB disconnect, device number 8
[   86.755284][  T391] usb 2-1: USB disconnect, device number 10
[   86.818940][   T13] usb 5-1: New USB device found, idVendor=0dba, idProduct=3000, bcdDevice=26.ea
[   86.827839][   T13] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.836574][   T13] usb 5-1: config 0 descriptor??
[   86.879426][   T13] usb 5-1: Invalid firmware size=18.
[   86.928958][ T2608] sit: non-ECT from 172.30.0.4 with TOS=0x1
[   86.939271][  T471] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[   86.960889][  T371] usb 4-1: USB disconnect, device number 6
[   87.238693][  T471] usb 3-1: Using ep0 maxpacket: 32
[   87.300225][  T391] usb 5-1: USB disconnect, device number 6
[   87.358689][  T471] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   87.369465][  T471] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   87.379204][  T471] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   87.388101][  T471] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.396766][  T471] usb 3-1: config 0 descriptor??
[   87.439393][  T471] hub 3-1:0.0: USB hub found
[   87.574557][   T23] kauditd_printk_skb: 2 callbacks suppressed
[   87.574568][   T23] audit: type=1400 audit(1719597351.049:304): avc:  denied  { create } for  pid=2658 comm="syz.1.860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   87.599802][   T23] audit: type=1400 audit(1719597351.049:305): avc:  denied  { write } for  pid=2658 comm="syz.1.860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   87.633345][ T2663] netlink: 8 bytes leftover after parsing attributes in process `syz.1.862'.
[   87.642059][  T471] hub 3-1:0.0: 1 port detected
[   87.681363][ T2667] overlayfs: unrecognized mount option "\" or missing value
[   87.918667][   T13] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[   87.990296][ T2685] netlink: 8 bytes leftover after parsing attributes in process `syz.3.873'.
[   88.038631][  T391] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   88.108851][  T525] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   88.168734][   T13] usb 2-1: Using ep0 maxpacket: 16
[   88.488762][  T391] usb 1-1: Using ep0 maxpacket: 16
[   88.493982][   T13] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   88.504254][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   88.515054][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[   88.524515][   T13] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[   88.534161][   T13] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   88.608731][  T391] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.619544][   T13] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[   88.628365][   T13] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   88.636333][  T391] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.645870][  T391] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 63, changing to 9
[   88.656545][   T13] usb 2-1: Manufacturer: syz
[   88.661842][   T13] usb 2-1: config 0 descriptor??
[   88.688801][  T525] usb 5-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b
[   88.697737][  T525] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.705605][  T525] usb 5-1: Product: syz
[   88.712610][  T525] usb 5-1: Manufacturer: syz
[   88.717069][  T525] usb 5-1: SerialNumber: syz
[   88.722336][  T525] usb 5-1: config 0 descriptor??
[   88.808702][  T471] hub 3-1:0.0: hub_ext_port_status failed (err = 0)
[   88.828737][  T391] usb 1-1: New USB device found, idVendor=04d9, idProduct=a081, bcdDevice= 0.40
[   88.838020][  T391] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.845959][  T391] usb 1-1: Product: 亻װ밴䌅῞硜醻럊珊牮嫜겫ঠ㥨黹έ咶㛄エს䎒믔ﴍ琴䔁档㩚ᩔ辜뵠
[   88.858139][  T391] usb 1-1: Manufacturer: ␁
[   88.862527][  T391] usb 1-1: SerialNumber: 袶媑煬鱼芠ⲫ䛹ຬ茉ᔸࣴꚕ계랔轰赍锍蛔
[   88.966344][  T471] usb 5-1: USB disconnect, device number 7
[   89.026705][ T2638] EXT4-fs error (device loop2): ext4_lookup:1818: inode #2: comm syz.2.852: deleted inode referenced: 12
[   89.044234][ T2638] EXT4-fs error (device loop2): ext4_lookup:1818: inode #2: comm syz.2.852: deleted inode referenced: 12
[   89.071664][ T2638] EXT4-fs error (device loop2): ext4_lookup:1818: inode #2: comm syz.2.852: deleted inode referenced: 12
[   89.090862][ T2638] EXT4-fs error (device loop2): ext4_lookup:1818: inode #2: comm syz.2.852: deleted inode referenced: 12
[   89.128820][  T391] usbhid 1-1:1.0: can't add hid device: -22
[   89.134642][  T391] usbhid: probe of 1-1:1.0 failed with error -22
[   89.318628][  T371] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   89.334236][  T391] usb 1-1: USB disconnect, device number 9
[   89.516763][   T23] audit: type=1400 audit(1719597352.997:306): avc:  denied  { read } for  pid=2707 comm="syz.4.881" name="loop-control" dev="devtmpfs" ino=9194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   89.541146][   T23] audit: type=1400 audit(1719597352.997:307): avc:  denied  { open } for  pid=2707 comm="syz.4.881" path="/dev/loop-control" dev="devtmpfs" ino=9194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   89.714047][   T23] audit: type=1400 audit(1719597353.187:308): avc:  denied  { ioctl } for  pid=2707 comm="syz.4.881" path="/dev/loop-control" dev="devtmpfs" ino=9194 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   89.748986][  T471] usb 3-1: USB disconnect, device number 10
[   89.869100][  T371] usb 4-1: New USB device found, idVendor=0dba, idProduct=3000, bcdDevice=26.ea
[   89.877955][  T371] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.887219][ T2704] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   89.888149][  T371] usb 4-1: config 0 descriptor??
[   89.910054][ T2704] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   89.939432][  T371] usb 4-1: Invalid firmware size=18.
[   90.026891][ T2720] netlink: 8 bytes leftover after parsing attributes in process `syz.2.885'.
[   90.245030][  T525] usb 4-1: USB disconnect, device number 7
[   90.338780][  T471] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[   90.418639][  T376] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[   90.562439][ T2744] netlink: 8 bytes leftover after parsing attributes in process `syz.4.896'.
[   90.610442][ T2749] syz.4.898 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   90.670417][ T2753] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrjquota=,noblock_validity,nodelalloc,errors=remount-ro,min_batch_time=0x0000000000000076,delalloc,delalloc,auto_da_alloc=0x0000000000000003,errors=remount-ro,
[   90.694197][ T2753] EXT4-fs error (device loop4): ext4_validate_block_bitmap:418: comm syz.4.900: bg 0: block 161: padding at end of block bitmap is not set
[   90.708337][ T2753] EXT4-fs (loop4): Remounting filesystem read-only
[   90.714998][  T471] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.716307][ T2753] EXT4-fs error (device loop4) in ext4_evict_inode:276: Readonly filesystem
[   90.726058][  T471] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[   90.743256][  T471] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.752037][  T471] usb 3-1: config 0 descriptor??
[   91.180550][  T371] usb 2-1: USB disconnect, device number 11
[   91.199508][  T376] usb 1-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b
[   91.208359][  T376] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.216443][  T376] usb 1-1: Product: syz
[   91.220551][  T376] usb 1-1: Manufacturer: syz
[   91.225023][  T376] usb 1-1: SerialNumber: syz
[   91.230574][  T376] usb 1-1: config 0 descriptor??
[   91.334106][ T2775] netlink: 8 bytes leftover after parsing attributes in process `syz.1.907'.
[   91.378609][  T121] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   91.388776][  T471] usbhid 3-1:0.0: can't add hid device: -71
[   91.394574][  T471] usbhid: probe of 3-1:0.0 failed with error -71
[   91.409556][  T471] usb 3-1: USB disconnect, device number 11
[   91.473115][  T376] usb 1-1: USB disconnect, device number 10
[   91.609425][   T23] audit: type=1400 audit(1719597355.086:309): avc:  denied  { ioctl } for  pid=2794 comm="syz.1.916" path="socket:[28695]" dev="sockfs" ino=28695 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   91.641060][ T2795] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   91.758794][  T121] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[   91.771796][  T121] usb 5-1: New USB device found, idVendor=056a, idProduct=00de, bcdDevice= 0.00
[   91.780790][  T121] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.789471][  T121] usb 5-1: config 0 descriptor??
[   91.892503][ T2809] netlink: 20 bytes leftover after parsing attributes in process `syz.2.921'.
[   91.907371][ T2809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.921'.
[   91.920106][ T2809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.921'.
[   91.929149][ T2809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.921'.
[   91.978622][  T372] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   92.128737][  T121] usb 5-1: string descriptor 0 read error: -71
[   92.135365][  T121] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[   92.399998][  T121] usb 5-1: USB disconnect, device number 8
[   92.568719][  T372] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   92.596956][  T372] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   92.606884][  T372] usb 4-1: New USB device found, idVendor=28bd, idProduct=0074, bcdDevice= 0.00
[   92.625908][  T372] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.635999][  T372] usb 4-1: config 0 descriptor??
[   92.794435][ T2854] netlink: 20 bytes leftover after parsing attributes in process `syz.2.937'.
[   92.807386][ T2854] netlink: 8 bytes leftover after parsing attributes in process `syz.2.937'.
[   92.820176][ T2854] netlink: 8 bytes leftover after parsing attributes in process `syz.2.937'.
[   92.858625][ T2854] netlink: 8 bytes leftover after parsing attributes in process `syz.2.937'.
[   92.970214][ T2866] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1006 sclass=netlink_audit_socket pid=2866 comm=syz.4.944
[   93.140470][  T372] uclogic 0003:28BD:0074.000B: interface is invalid, ignoring
[   93.289503][ T2891] netlink: 20 bytes leftover after parsing attributes in process `syz.0.955'.
[   93.298408][ T2891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.955'.
[   93.307054][  T391] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   93.314421][ T2891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.955'.
[   93.323216][ T2891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.955'.
[   93.342284][  T371] usb 4-1: USB disconnect, device number 8
[   93.739228][ T2905] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1006 sclass=netlink_audit_socket pid=2905 comm=syz.1.959
[   93.784886][ T2911] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   93.928706][  T391] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   93.939697][  T391] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.951585][  T391] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.961733][  T391] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   93.983795][ T2922] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   94.000018][   T23] audit: type=1400 audit(1719597357.470:310): avc:  denied  { write } for  pid=2921 comm="syz.1.966" path="socket:[29102]" dev="sockfs" ino=29102 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   94.028143][   T23] audit: type=1326 audit(1719597357.500:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2921 comm="syz.1.966" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55c8da9b99 code=0x0
[   94.060766][ T2925] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   94.069814][ T2925] ext4 filesystem being mounted at /root/syzkaller.YHF5hH/194/file0 supports timestamps until 2038 (0x7fffffff)
[   94.105524][  T391] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   94.118074][  T391] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   94.126054][   T23] audit: type=1400 audit(1719597357.590:312): avc:  denied  { ioctl } for  pid=2924 comm="syz.3.967" path="/root/syzkaller.YHF5hH/194/file0/file0/file0" dev="loop3" ino=13 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   94.153591][  T391] usb 5-1: Manufacturer: syz
[   94.159244][  T391] usb 5-1: config 0 descriptor??
[   94.265723][ T2935] input: syz1 as /devices/virtual/input/input10
[   94.280482][   T23] audit: type=1400 audit(1719597357.750:313): avc:  denied  { read } for  pid=147 comm="acpid" name="event3" dev="devtmpfs" ino=29120 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   94.328874][   T23] audit: type=1400 audit(1719597357.750:314): avc:  denied  { open } for  pid=147 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=29120 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   94.372893][   T23] audit: type=1400 audit(1719597357.750:315): avc:  denied  { ioctl } for  pid=147 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=29120 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   94.446896][   T23] audit: type=1400 audit(1719597357.910:316): avc:  denied  { name_bind } for  pid=2942 comm="syz.0.974" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   94.470508][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[   94.471593][ T2945] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   94.621754][  T391] appleir 0003:05AC:8243.000C: unknown main item tag 0x0
[   94.635716][  T391] appleir 0003:05AC:8243.000C: No inputs registered, leaving
[   94.704791][  T391] appleir 0003:05AC:8243.000C: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[   94.888728][  T391] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[   94.922904][   T23] audit: type=1400 audit(1719597358.390:317): avc:  denied  { create } for  pid=2957 comm="syz.1.978" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[   94.958605][   T23] audit: type=1400 audit(1719597358.420:318): avc:  denied  { write } for  pid=2957 comm="syz.1.978" name="bus" dev="sda1" ino=2019 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[   94.989724][  T371] usb 5-1: USB disconnect, device number 9
[   95.008660][   T23] audit: type=1400 audit(1719597358.420:319): avc:  denied  { open } for  pid=2957 comm="syz.1.978" path="/root/syzkaller.aXcnZ5/104/bus" dev="sda1" ino=2019 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[   95.498671][  T391] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.516844][  T391] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.526463][ T2971] input: syz1 as /devices/virtual/input/input11
[   95.527033][  T391] usb 4-1: New USB device found, idVendor=28bd, idProduct=0074, bcdDevice= 0.00
[   95.541826][  T391] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.565199][  T391] usb 4-1: config 0 descriptor??
[   95.609827][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[   96.109555][ T2991] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrjquota=,noblock_validity,nodelalloc,errors=remount-ro,min_batch_time=0x0000000000000076,delalloc,delalloc,auto_da_alloc=0x0000000000000003,errors=remount-ro,
[   96.139130][  T372] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[   96.149229][ T2991] EXT4-fs error (device loop4): ext4_validate_block_bitmap:418: comm syz.4.991: bg 0: block 161: padding at end of block bitmap is not set
[   96.164166][ T2991] EXT4-fs (loop4): Remounting filesystem read-only
[   96.171225][ T2991] EXT4-fs error (device loop4) in ext4_evict_inode:276: Readonly filesystem
[   96.232897][ T2999] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   96.270225][  T391] uclogic 0003:28BD:0074.000D: interface is invalid, ignoring
[   96.479108][  T525] usb 4-1: USB disconnect, device number 9
[   96.518720][  T372] usb 1-1: config 0 has no interfaces?
[   96.524034][  T372] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   96.533666][  T372] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.542342][  T372] usb 1-1: config 0 descriptor??
[   96.578663][  T121] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[   96.798635][  T391] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[   96.938687][  T121] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   96.949440][  T121] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   96.960173][  T121] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   96.969763][  T121] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   96.984706][ T2981] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   96.995765][  T525] usb 1-1: USB disconnect, device number 11
[   97.059094][  T121] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   97.068078][  T121] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   97.070327][ T3016] input: syz1 as /devices/virtual/input/input12
[   97.079912][  T121] usb 2-1: Manufacturer: syz
[   97.087966][  T121] usb 2-1: config 0 descriptor??
[   97.158792][  T391] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[   97.182589][  T391] usb 3-1: New USB device found, idVendor=056a, idProduct=00de, bcdDevice= 0.00
[   97.210313][  T391] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.219717][  T391] usb 3-1: config 0 descriptor??
[   97.240474][ T3024] cgroup: syz.3.1004 (3024) created nested cgroup for controller "memory" which has incomplete hierarchy support. Nested cgroups may change behavior in the future.
[   97.256728][ T3024] cgroup: "memory" requires setting use_hierarchy to 1 on the root
[   97.518703][  T391] usb 3-1: string descriptor 0 read error: -71
[   97.525813][  T391] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[   97.533737][  T391] usb 3-1: USB disconnect, device number 12
[   97.643831][  T121] appleir 0003:05AC:8243.000E: unknown main item tag 0x0
[   97.655378][  T121] appleir 0003:05AC:8243.000E: No inputs registered, leaving
[   97.674890][  T121] appleir 0003:05AC:8243.000E: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[   97.989830][  T121] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[   98.004015][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[   98.022959][  T391] usb 2-1: USB disconnect, device number 12
[   98.179175][ T3048] kvm: emulating exchange as write
[   98.296308][ T3066] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1020'.
[   98.348677][  T121] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.368610][  T121] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.378174][  T121] usb 1-1: New USB device found, idVendor=28bd, idProduct=0074, bcdDevice= 0.00
[   98.392491][  T121] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.401570][  T121] usb 1-1: config 0 descriptor??
[   98.462863][ T3070] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   98.552024][  T525] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   98.669546][ T3092] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1033'.
[   98.684687][ T3093] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   98.880902][  T121] uclogic 0003:28BD:0074.000F: interface is invalid, ignoring
[   98.913369][ T3104] device syzkaller0 entered promiscuous mode
[   99.019007][  T525] usb 5-1: config 0 has no interfaces?
[   99.024910][  T525] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   99.116220][  T525] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.133399][  T121] usb 1-1: USB disconnect, device number 12
[   99.146531][  T525] usb 5-1: config 0 descriptor??
[   99.286530][   T23] kauditd_printk_skb: 4 callbacks suppressed
[   99.286542][   T23] audit: type=1400 audit(1719597362.759:324): avc:  denied  { read } for  pid=3116 comm="syz.2.1042" name="msr" dev="devtmpfs" ino=9174 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   99.317069][   T23] audit: type=1400 audit(1719597362.759:325): avc:  denied  { open } for  pid=3116 comm="syz.2.1042" path="/dev/cpu/0/msr" dev="devtmpfs" ino=9174 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   99.602507][ T3064] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   99.615965][  T372] usb 5-1: USB disconnect, device number 10
[   99.792905][ T3131] device syzkaller0 entered promiscuous mode
[   99.818630][  T121] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[   99.960664][ T3143] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   99.987038][   T23] audit: type=1326 audit(1719597363.459:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3142 comm="syz.2.1053" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa880104b99 code=0x0
[  100.002151][ T3137] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.017237][ T3137] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.025534][ T3137] device bridge_slave_0 entered promiscuous mode
[  100.033236][ T3137] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.045191][ T3137] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.053313][ T3137] device bridge_slave_1 entered promiscuous mode
[  100.081095][ T3153] bridge: RTM_DELNEIGH with unconfigured vlan 1 on bridge_slave_0
[  100.161446][ T3137] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.168331][ T3137] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.175466][ T3137] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.182314][ T3137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.238707][  T121] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  100.243432][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.250066][  T121] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.268140][  T121] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.278031][  T121] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  100.320073][ T3162] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  100.399103][  T121] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  100.465135][  T121] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  100.479678][ T3162] EXT4-fs error (device loop4): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  100.492121][  T391] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.495735][  T121] usb 2-1: Manufacturer: syz
[  100.512113][  T121] usb 2-1: config 0 descriptor??
[  100.519619][  T391] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.536043][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.544133][  T391] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.551100][  T391] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.558636][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.566678][  T391] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.573537][  T391] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.587809][  T525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  100.596087][  T525] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  100.606741][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  100.616569][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  100.639850][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  100.648923][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  100.665221][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  100.674060][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  100.690141][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  100.698366][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  100.714603][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  100.723733][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  100.740842][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  100.749864][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  100.826886][ T3168] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  100.836973][ T3168] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  100.855595][ T3168] F2FS-fs (loop4): Found nat_bits in checkpoint
[  100.868850][ T3177] overlayfs: './file1' not a directory
[  100.909759][ T3168] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  100.916845][ T3168] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  100.944382][ T3186] fuse: Unknown parameter './file0'
[  100.999368][ T3185] device syzkaller0 entered promiscuous mode
[  101.012319][   T23] audit: type=1400 audit(1719597364.489:327): avc:  denied  { mounton } for  pid=3167 comm="syz.4.1060" path="/root/syzkaller.R9AhyG/75/file2/bus" dev="loop4" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  101.033874][  T121] appleir 0003:05AC:8243.0010: unknown main item tag 0x0
[  101.060033][  T121] appleir 0003:05AC:8243.0010: No inputs registered, leaving
[  101.079072][ T3188] bridge: RTM_DELNEIGH with unconfigured vlan 1 on bridge_slave_0
[  101.100199][  T121] appleir 0003:05AC:8243.0010: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  101.129591][ T1930] attempt to access beyond end of device
[  101.129591][ T1930] loop4: rw=524288, want=45072, limit=40427
[  101.180095][   T23] audit: type=1400 audit(1719597364.529:328): avc:  denied  { setattr } for  pid=3167 comm="syz.4.1060" name="work" dev="loop4" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  101.233504][ T1930] attempt to access beyond end of device
[  101.233504][ T1930] loop4: rw=0, want=45072, limit=40427
[  101.376729][   T23] audit: type=1326 audit(1719597364.849:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3196 comm="syz.3.1071" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f35c8bb9b99 code=0x0
[  101.409460][  T179] attempt to access beyond end of device
[  101.409460][  T179] loop4: rw=2049, want=41056, limit=40427
[  101.488919][  T121] usb 2-1: USB disconnect, device number 13
[  101.527377][ T3201] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  101.548678][   T23] audit: type=1326 audit(1719597365.019:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3200 comm="syz.0.1072" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa17698eb99 code=0x0
[  101.580017][ T3193] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.586867][ T3193] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.594634][ T3193] device bridge_slave_0 entered promiscuous mode
[  101.601756][ T3193] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.608688][ T3193] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.616156][ T3193] device bridge_slave_1 entered promiscuous mode
[  101.682626][ T3193] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.689487][ T3193] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.696614][ T3193] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.703383][ T3193] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.736227][  T121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  101.745067][  T121] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.753663][  T121] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.771448][  T121] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  101.780506][  T121] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.787409][  T121] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.795093][  T121] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  101.803565][  T121] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.810422][  T121] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.829086][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.859234][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.880779][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  101.899312][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  101.916202][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  101.952126][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  101.962724][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  102.078424][ T3209] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.093068][ T3209] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.107243][ T3209] device bridge_slave_0 entered promiscuous mode
[  102.128890][ T3209] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.136455][ T3209] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.144642][ T3209] device bridge_slave_1 entered promiscuous mode
[  102.157459][   T23] audit: type=1400 audit(1719597365.629:331): avc:  denied  { write } for  pid=3214 comm="syz.1.1075" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  102.182382][  T422] device bridge_slave_1 left promiscuous mode
[  102.188458][  T422] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.196007][  T422] device bridge_slave_0 left promiscuous mode
[  102.202077][  T422] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.209452][   T23] audit: type=1400 audit(1719597365.629:332): avc:  denied  { add_name } for  pid=3214 comm="syz.1.1075" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  102.238605][   T23] audit: type=1400 audit(1719597365.629:333): avc:  denied  { create } for  pid=3214 comm="syz.1.1075" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  102.309857][ T3208] F2FS-fs (loop2): Wrong segment_count / block_count (64 > 16384)
[  102.317926][ T3208] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  102.346770][ T3208] F2FS-fs (loop2): Found nat_bits in checkpoint
[  102.394267][ T3208] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  102.401168][ T3208] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  102.401811][ T3220] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  102.425767][ T3208] attempt to access beyond end of device
[  102.425767][ T3208] loop2: rw=10241, want=53256, limit=40427
[  102.490399][ T3193] attempt to access beyond end of device
[  102.490399][ T3193] loop2: rw=2049, want=45104, limit=40427
[  102.591331][ T3232] device syzkaller0 entered promiscuous mode
[  102.662835][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  102.678029][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  102.700137][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  102.723565][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  102.732174][  T794] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.739046][  T794] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.746975][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  102.755243][  T794] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  102.763272][  T794] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.770115][  T794] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.977239][  T371] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  103.039778][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  103.047561][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  103.057735][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  103.066191][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  103.075930][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  103.130011][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  103.140473][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  103.161393][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  103.182491][  T525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  103.199846][  T525] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  103.208452][  T525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  103.227830][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  103.236978][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  103.338894][  T371] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  103.363829][  T371] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  103.448776][  T371] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  103.467841][  T371] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  103.477918][  T371] usb 4-1: SerialNumber: syz
[  103.742073][ T3252] F2FS-fs (loop1): Found nat_bits in checkpoint
[  103.769794][  T371] usb 4-1: 0:2 : does not exist
[  103.774987][  T371] usb 4-1: unit 254 not found!
[  103.790151][ T3250] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  103.794336][ T3252] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  103.822634][  T371] usb 4-1: USB disconnect, device number 10
[  103.828441][ T3250] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  103.841047][ T3250] F2FS-fs (loop4): invalid crc value
[  103.848489][ T1242] attempt to access beyond end of device
[  103.848489][ T1242] loop1: rw=2049, want=45104, limit=40427
[  103.879818][  T422] device bridge_slave_1 left promiscuous mode
[  103.887134][ T3250] F2FS-fs (loop4): Found nat_bits in checkpoint
[  103.893828][  T422] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.908659][  T422] device bridge_slave_0 left promiscuous mode
[  103.921189][  T422] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.931793][ T3256] F2FS-fs (loop2): Wrong segment_count / block_count (64 > 16384)
[  103.946874][ T3250] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  103.957282][ T3256] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  103.964769][ T3250] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  103.979506][ T3256] F2FS-fs (loop2): Found nat_bits in checkpoint
[  104.032152][ T3256] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  104.039253][ T3256] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  104.079790][ T3256] attempt to access beyond end of device
[  104.079790][ T3256] loop2: rw=10241, want=53256, limit=40427
[  104.109955][ T3193] attempt to access beyond end of device
[  104.109955][ T3193] loop2: rw=2049, want=45104, limit=40427
[  104.501657][ T3209] attempt to access beyond end of device
[  104.501657][ T3209] loop4: rw=2049, want=40968, limit=40427
[  105.152512][ T3296] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue
[  105.209712][ T3296] ext4 filesystem being mounted at /root/syzkaller.Mnmi8Q/6/bus supports timestamps until 2038 (0x7fffffff)
[  106.148628][   T13] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  106.218725][   T23] kauditd_printk_skb: 3 callbacks suppressed
[  106.218738][   T23] audit: type=1326 audit(1719597369.689:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3319 comm="syz.1.1104" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55c8da9b99 code=0x0
[  106.488763][  T376] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  106.528868][   T23] audit: type=1400 audit(1719597369.909:338): avc:  denied  { bind } for  pid=3325 comm="syz.3.1108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  106.564422][ T3313] F2FS-fs (loop4): Found nat_bits in checkpoint
[  106.597911][   T23] audit: type=1400 audit(1719597369.909:339): avc:  denied  { setopt } for  pid=3325 comm="syz.3.1108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  106.607287][   T13] usb 1-1: Using ep0 maxpacket: 16
[  106.626433][   T23] audit: type=1400 audit(1719597369.919:340): avc:  denied  { append } for  pid=3325 comm="syz.3.1108" name="loop0" dev="devtmpfs" ino=9195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  106.658314][ T3313] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  106.689779][ T3209] attempt to access beyond end of device
[  106.689779][ T3209] loop4: rw=2049, want=45104, limit=40427
[  106.758696][   T13] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  106.768850][   T13] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  106.780167][   T13] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  106.789804][   T13] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  106.799270][   T13] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  106.878751][  T376] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  106.889174][  T376] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  106.898867][   T13] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  106.908195][   T13] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  106.916033][   T13] usb 1-1: Manufacturer: syz
[  106.921613][   T13] usb 1-1: config 0 descriptor??
[  106.968711][  T376] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  106.977838][  T376] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  106.985839][  T376] usb 3-1: SerialNumber: syz
[  107.176489][ T3343] bridge: RTM_DELNEIGH with unconfigured vlan 1 on bridge_slave_0
[  107.259764][  T376] usb 3-1: 0:2 : does not exist
[  107.264612][  T376] usb 3-1: unit 254 not found!
[  107.280208][  T376] usb 3-1: USB disconnect, device number 13
[  107.294844][  T390] udevd[390]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  108.362027][ T3365] device syzkaller0 entered promiscuous mode
[  108.370870][ T3365] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 65487
[  108.406615][ T3363] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue
[  108.420936][ T3363] ext4 filesystem being mounted at /root/syzkaller.aXcnZ5/127/bus supports timestamps until 2038 (0x7fffffff)
[  108.873860][   T23] audit: type=1400 audit(1719597372.299:341): avc:  denied  { mounton } for  pid=3371 comm="syz.4.1121" path="/root/syzkaller.MpQzZZ/7/file0" dev="sda1" ino=2044 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=sock_file permissive=1
[  108.969953][ T3372] EXT4-fs (loop4): Unsupported blocksize for fs encryption
[  108.999461][ T3364] F2FS-fs (loop3): Found nat_bits in checkpoint
[  109.042374][ T3364] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  109.107024][  T478] attempt to access beyond end of device
[  109.107024][  T478] loop3: rw=2049, want=45104, limit=40427
[  109.572138][ T3396] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  109.598461][ T3396] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  109.713219][ T3407] device syzkaller0 entered promiscuous mode
[  110.175120][  T525] usb 1-1: USB disconnect, device number 13
[  110.207094][ T3425] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue
[  110.222366][ T3425] ext4 filesystem being mounted at /root/syzkaller.YHF5hH/241/bus supports timestamps until 2038 (0x7fffffff)
[  111.358474][   T23] audit: type=1400 audit(1719597374.829:342): avc:  denied  { write } for  pid=3442 comm="syz.1.1141" name="msr" dev="devtmpfs" ino=9174 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  111.374844][ T3447] device syzkaller0 entered promiscuous mode
[  111.417186][ T3420] F2FS-fs (loop2): Found nat_bits in checkpoint
[  111.494461][ T3420] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  111.574684][ T3193] attempt to access beyond end of device
[  111.574684][ T3193] loop2: rw=2049, want=45104, limit=40427
[  112.011454][ T3472] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue
[  112.025542][ T3472] ext4 filesystem being mounted at /root/syzkaller.YHF5hH/244/bus supports timestamps until 2038 (0x7fffffff)
[  112.586931][ T3482] EXT4-fs (loop1): Ignoring removed orlov option
[  112.604624][ T3482] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  112.985076][ T3482] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue
[  113.104768][   T23] audit: type=1400 audit(1719597376.579:343): avc:  denied  { map } for  pid=3480 comm="syz.1.1154" path="/root/syzkaller.aXcnZ5/136/file1/file0/bus" dev="devtmpfs" ino=9196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  113.124860][ T3482] EXT4-fs error (device loop1): get_max_inline_xattr_value_size:68: inode #12: comm syz.1.1154: corrupt xattr in inline inode
[  113.159272][ T3482] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2221: inode #12: comm syz.1.1154: corrupted in-inode xattr
[  113.215030][   T23] audit: type=1326 audit(1719597376.689:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3502 comm="syz.3.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35c8bb9b99 code=0x7ffc0000
[  113.238943][ T1242] ==================================================================
[  113.247265][ T1242] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xc1f/0xc30
[  113.255185][ T1242] Read of size 4 at addr ffff8881d5ab0000 by task syz-executor/1242
[  113.262982][ T1242] 
[  113.265183][ T1242] CPU: 1 PID: 1242 Comm: syz-executor Not tainted 5.4.274-syzkaller-00003-g51e9abf68baf #0
[  113.274962][ T1242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  113.284851][ T1242] Call Trace:
[  113.288011][ T1242]  dump_stack+0x1d8/0x241
[  113.292151][ T1242]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[  113.297796][ T1242]  ? printk+0xd1/0x111
[  113.301703][ T1242]  ? ext4_xattr_delete_inode+0xc1f/0xc30
[  113.307252][ T1242]  print_address_description+0x8c/0x600
[  113.312645][ T1242]  ? ext4_xattr_delete_inode+0xc1f/0xc30
[  113.318100][ T1242]  __kasan_report+0xf3/0x120
[  113.322614][ T1242]  ? ext4_xattr_delete_inode+0xc1f/0xc30
[  113.328079][ T1242]  kasan_report+0x30/0x60
[  113.332252][ T1242]  ext4_xattr_delete_inode+0xc1f/0xc30
[  113.337546][ T1242]  ? check_preemption_disabled+0x9f/0x320
[  113.343113][ T1242]  ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[  113.349015][ T1242]  ? __ext4_journal_start_sb+0x295/0x460
[  113.354500][ T1242]  ext4_evict_inode+0x1378/0x1ac0
[  113.359334][ T1242]  ? ext4_truncate_restart_trans+0xe0/0xe0
[  113.365082][ T1242]  ? wb_io_lists_depopulated+0x85/0x170
[  113.370464][ T1242]  ? ext4_truncate_restart_trans+0xe0/0xe0
[  113.376107][ T1242]  evict+0x29b/0x6a0
[  113.379846][ T1242]  vfs_rmdir+0x24b/0x3c0
[  113.383915][ T1242]  do_rmdir+0x2c1/0x580
[  113.387910][ T1242]  ? d_delete_notify+0xc0/0xc0
[  113.392523][ T1242]  ? _raw_spin_unlock_irq+0x4a/0x60
[  113.397569][ T1242]  do_syscall_64+0xca/0x1c0
[  113.401909][ T1242]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[  113.407627][ T1242] RIP: 0033:0x7f55c8da9217
[  113.411864][ T1242] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.431571][ T1242] RSP: 002b:00007fff4bc22a98 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  113.439820][ T1242] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f55c8da9217
[  113.447738][ T1242] RDX: 0000000000000200 RSI: 00007fff4bc23c40 RDI: 00000000ffffff9c
[  113.455712][ T1242] RBP: 00007f55c8e1764a R08: 0000000000000000 R09: 0000000000000000
[  113.463524][ T1242] R10: 0000000000000100 R11: 0000000000000207 R12: 00007fff4bc23c40
[  113.471348][ T1242] R13: 00007f55c8e1764a R14: 000000000001b75e R15: 00007fff4bc25e20
[  113.479249][ T1242] 
[  113.481405][ T1242] The buggy address belongs to the page:
[  113.486886][ T1242] page:ffffea000756ac00 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x1
[  113.496074][ T1242] flags: 0x8000000000000000()
[  113.500592][ T1242] raw: 8000000000000000 ffffea00075a1c08 ffffea00073d0408 0000000000000000
[  113.509006][ T1242] raw: 0000000000000001 0000000000000004 00000000ffffff7f 0000000000000000
[  113.517416][ T1242] page dumped because: kasan: bad access detected
[  113.523680][ T1242] page_owner tracks the page as freed
[  113.528884][ T1242] page last allocated via order 0, migratetype Movable, gfp_mask 0x100cca(GFP_HIGHUSER_MOVABLE)
[  113.539311][ T1242]  prep_new_page+0x18f/0x370
[  113.543715][ T1242]  get_page_from_freelist+0x2d13/0x2d90
[  113.549213][ T1242]  __alloc_pages_nodemask+0x393/0x840
[  113.554412][ T1242]  shmem_alloc_and_acct_page+0x492/0x9d0
[  113.559896][ T1242]  shmem_getpage_gfp+0xf5d/0x2440
[  113.564826][ T1242]  shmem_write_begin+0xc9/0x1a0
[  113.569513][ T1242]  generic_perform_write+0x2c7/0x560
[  113.574631][ T1242]  __generic_file_write_iter+0x224/0x530
[  113.580098][ T1242]  generic_file_write_iter+0x455/0x5f0
[  113.585393][ T1242]  __vfs_write+0x5d3/0x750
[  113.589660][ T1242]  vfs_write+0x206/0x4e0
[  113.593738][ T1242]  ksys_write+0x199/0x2c0
[  113.597908][ T1242]  do_syscall_64+0xca/0x1c0
[  113.602235][ T1242]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[  113.607960][ T1242] page last free stack trace:
[  113.612479][ T1242]  free_unref_page_prepare+0x297/0x380
[  113.617765][ T1242]  free_unref_page_list+0x10a/0x590
[  113.622802][ T1242]  release_pages+0xad8/0xb20
[  113.627229][ T1242]  __pagevec_release+0xc3/0x150
[  113.631915][ T1242]  shmem_undo_range+0x8a5/0x1ad0
[  113.636687][ T1242]  shmem_evict_inode+0x218/0x9a0
[  113.641464][ T1242]  evict+0x29b/0x6a0
[  113.645192][ T1242]  __dentry_kill+0x429/0x630
[  113.649621][ T1242]  dentry_kill+0xb8/0x280
[  113.653785][ T1242]  dput+0x3c/0x80
[  113.657255][ T1242]  __fput+0x443/0x680
[  113.661076][ T1242]  task_work_run+0x140/0x170
[  113.665501][ T1242]  exit_to_usermode_loop+0x190/0x1a0
[  113.670621][ T1242]  prepare_exit_to_usermode+0x199/0x200
[  113.676005][ T1242]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[  113.681729][ T1242] 
[  113.683897][ T1242] Memory state around the buggy address:
[  113.689382][ T1242]  ffff8881d5aaff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  113.697265][ T1242]  ffff8881d5aaff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  113.705167][ T1242] >ffff8881d5ab0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  113.713061][ T1242]                    ^
[  113.716969][ T1242]  ffff8881d5ab0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  113.724954][ T1242]  ffff8881d5ab0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  113.732848][ T1242] ==================================================================
[  113.740745][ T1242] Disabling lock debugging due to kernel taint
[  113.767119][   T23] audit: type=1400 audit(1719597376.689:345): avc:  denied  { unlink } for  pid=1242 comm="syz-executor" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  113.789419][   T23] audit: type=1400 audit(1719597376.689:346): avc:  denied  { unlink } for  pid=1242 comm="syz-executor" name="file1" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  113.812384][   T23] audit: type=1400 audit(1719597376.689:347): avc:  denied  { unmount } for  pid=1242 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  113.832482][   T23] audit: type=1400 audit(1719597376.709:348): avc:  denied  { unlink } for  pid=1242 comm="syz-executor" name="bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  113.862184][   T23] audit: type=1326 audit(1719597376.719:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3502 comm="syz.3.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f35c8bb9b99 code=0x7ffc0000
[  113.891518][ T3490] F2FS-fs (loop2): Found nat_bits in checkpoint
[  113.959064][ T3490] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  113.988851][   T23] audit: type=1400 audit(1719597377.469:350): avc:  denied  { map } for  pid=3487 comm="syz.2.1148" path="/root/syzkaller.Mnmi8Q/11/file0/cpuacct.usage_sys" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  114.015023][   T23] audit: type=1400 audit(1719597377.469:351): avc:  denied  { execmem } for  pid=3487 comm="syz.2.1148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  114.036970][ T3193] attempt to access beyond end of device
[  114.036970][ T3193] loop2: rw=2049, want=45104, limit=40427
[  114.073109][ T3496] F2FS-fs (loop0): Found nat_bits in checkpoint
[  114.121678][ T3496] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  114.147206][ T3137] attempt to access beyond end of device
[  114.147206][ T3137] loop0: rw=2049, want=45104, limit=40427