last executing test programs:

3m44.420651499s ago: executing program 0 (id=2904):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x48, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

3m43.287763704s ago: executing program 0 (id=2907):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x18, 0x2, 0x1, 0x1, 0x0, 0x0, {0xa, 0x0, 0x2}, [@CTA_TUPLE_ORIG={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20004841}, 0x90)

3m42.561710721s ago: executing program 0 (id=2910):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000000a0b040000000000000000020000002c00048028000180090001006c6173740000000018000280080001407fffffff0c0002400000554f000000000900010073797a30000000000900020073"], 0x80}}, 0x0)

3m41.664837304s ago: executing program 0 (id=2913):
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x143082, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
futex(&(0x7f0000004000), 0x5, 0x0, 0x0, &(0x7f0000004000), 0xb0024000)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f0000000d00)=[{&(0x7f0000000100)="89e7ee2c7cdad9b4b47380c988cafbe882cac5050093517d176c709a6db96cb03276db1bb7c9f6ca6878744421b3197464cdb25e2576bd8345f788", 0x3b}], 0x1)

3m40.126353531s ago: executing program 0 (id=2915):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x66, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd606410a60030000000"], 0x0)

3m39.406298978s ago: executing program 0 (id=2917):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x3c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$GTP_CMD_ECHOREQ(r0, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@GTPA_FAMILY={0x5, 0xd, 0x27}, @GTPA_MS_ADDR6={0x14, 0xc, @private1={0xfc, 0x1, '\x00', 0x1}}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010100}, @GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x8011)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x89f1, &(0x7f0000000900)={'ip6_vti0\x00', @random="0600002000"})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000400)={0x0, 0x1, &(0x7f00000003c0)=""/13, &(0x7f00000004c0)=""/106, &(0x7f0000000540)=""/194, 0x5000})

3m23.104007671s ago: executing program 32 (id=2917):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x3c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$GTP_CMD_ECHOREQ(r0, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@GTPA_FAMILY={0x5, 0xd, 0x27}, @GTPA_MS_ADDR6={0x14, 0xc, @private1={0xfc, 0x1, '\x00', 0x1}}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010100}, @GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x8011)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x89f1, &(0x7f0000000900)={'ip6_vti0\x00', @random="0600002000"})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000400)={0x0, 0x1, &(0x7f00000003c0)=""/13, &(0x7f00000004c0)=""/106, &(0x7f0000000540)=""/194, 0x5000})

3m14.231560492s ago: executing program 2 (id=2960):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x7)

3m13.405303984s ago: executing program 2 (id=2964):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r0, &(0x7f0000000700)=[{&(0x7f0000000040)="2e9b3d0007e03dd65193dfb6c575963f86dd", 0x12}, {0x0}], 0x2)

3m12.283596654s ago: executing program 2 (id=2966):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x58, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1b, 0x1f}}, @IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x58}}, 0x0)

3m11.006115231s ago: executing program 2 (id=2970):
openat$tun(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000a80)={@ifindex, 0xffffffffffffffff, 0xb, 0x0, 0x0, @void, @value}, 0x20)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
pivot_root(&(0x7f0000000080)='./file0\x00', 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r1, &(0x7f0000000280), 0x208e24b)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xa800}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

3m9.647828156s ago: executing program 2 (id=2973):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x208e24b)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='noinline_xattr,active_logs=4,active_logs=4,jqfmt=vfsv1,noinline_data,user_xattr,checkpoint=disable\x00fastboot,fsync_mode=strict,discarG_unit=section,\x00'], 0x21, 0x552d, &(0x7f000000abc0)="$eJzs3EtvG1UUAODjpOmbEiEW7DqoQkqk2qrTh2BXoBUP0aoqsGAFju1abmxPFDtOyIoFS8SCf4JAYsWS38CCNTvEAsQOCeS5E2gKlZDixKT5Pml85t65c+beURTpzFgO4NhazH77pRIX4kxEzEfE+Yhiv1JuhZspvBARFyNi7pGtUvb/1XEyIs5GxIVJ8pSzUh764vL40vWf3/712+9PnTj35Tc/zG7VwKy9FBH99bS/1U8x76T4sOxvjLtF7F8blzEd6K+V7TzFrfZqkWGrsTuuUcSrnTQ+X98cTuKDXqM5iZ3ug6J/fZAuOBx3dvMUJzxsbBTtVnu1iN1hXsTOTprX9k7637YzHKU8rTLfx0X6GI12Y+pvb7fTetbXitgcjMr+lDdvtbcncVzG8nLRzHutYh6r+7nT/2svvtMdbG5n4/bGsJsPsuu1+su1+o1qfSNvtUfta9VGv3XjWrbU6U2GVUftRv9mJ887vXatmfeXs6VOs1mt17OlW+3VbmOQ1eu1q7Ur1evL5d7l7I2772e9VrY0ia91B5ujbm+YPcg3snTGcrZSu/rKcnapnr1751527/7t23fuvffhrQ/uvnrnrdfLQf+YVra0cmVlpVq/Ul2pL+/vBhyp9X9aTnqK64d9qcx6AgBHj/ofmIWDq/837kccfP0f6v+pOFL173Gv/w9g/bAv6n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGPrx4Wv3ix2FlP7XNn/TNn1XNmuRMRcRPzxL+bj5J6c82WehSeMX3hsDt9VosgwucapcjsbETfL7fdnD/ouAAAAwNPr608ufp6q9fSxOOsJcZjSQ5u58x9NKV8lIhYWf5pStrnJx/NTSlb8fZ+I7SllKx5gnZ5SsvTI7cS0sv0n83vC6UdCJYW5x8+Y2moBAICZ2VsJHG4VAgAAwGH67IlH1g51HhyySuy+ytx9F1x88/7vl31nUturPwAAADi6KrOeAAAAAHDgivrf7/8BAADA0y39/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+ycy+5aQNxHID/NrjQl4qq7nuV7uAYPUKXXVYcoJfgCOQKuQBnILscIYIIj4NCRB7EY6xE3yfZgy3zmxkei5mRBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLV9VydvHv5/+2OZttO3l6AwAAAByzrpaz+sUkXX9u7n9tbn1vrouIKCPi2Nh9EB8OMgdNTvXI89WDNlxG1Am7OkbN8SkifqVjG9+6/hQAAADgXRruTqv5YppG6+k06btVtHbCd5gmbcovvzNVXURENbnOlFbu8n5kCqt/38P4mymtnsAaZwpLU27DXGkvUv/d97N243tFkYry6fdn6zsAAHBGg4PivKMQAAAAzulP3w2gCx+ffaKIu6XM/VLgKBXjgwiLfQAAAPB2FX03AAAAAOhcPf4/Zf+/6Gf/v7ix/x8AAAC8Wtr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC6tq+VsNV9M2+Zstu3k6Q0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7Ny/b9xUHADwZ/t8/QGII6AbghBIDLDQ67W0dEMMoIiBPwEpSq8l9MqPNgOtKqQsbChzFwQjQkigsPUfYOqG1EpdytbhhiKxsByyz845TSUuRLEvyecjPb/vOY7f99lSlK+fEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6bxon2aYzieNi373Ht1ay/v4TfebOxoPFrGVxVGfSB8Mr1Q9Rt7lEAAAAODqSsr4PITxMN5eyPu7k9X9aHpPV/N8/N4nLev7Jur/sy9o/a7/9+uilrYE6k3Gyk15aHQ5O70yltX+znG/P/+cRrfzK589ekvyGxB+uvzhK8+sZfXv37vvtPDxWR7YAwP9xquyLoPx9KOv7TSYGwJHRqhTeZf2fdJrNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAOo/XwTBlHIYTF1jTO3H98a+Vp/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8GkJoavR3i+lf+XiGg0No5PrsV/DPeDze1Xcdbz7nPQVxcbPnJZ+DETT4QwkAgEMpLVpW1z9MN5eyfdFCCOMfttf/b1TiMGP9/+iT8/eqY1Xr/35tM5x/vbWrX/Su37j51urV5cuDy4PP3j7Tf6d/9sK5cxd6+bOSnicmAAAA7E27aNX6P17Yuf5/shKHGev/L7/rfz0d6Y98q/7fabro13QmAAAAR9sLr/39V/SU/VG7Hb5aXlu71p9stz6fmWwbSHXXjhWtWv8nC01nBQAAANRhtB5tW/+/WInDjOv/z/748s/VcyYhhBPF+v+plc+HF+ubzlyr48+Jm54jAAAAzTpRtOr6f5q//x9vvfIQhxDefH0SF/8GcKb6P/ngm5+qYyWV9//P1jfFuRR3J9cj77shtLrbvvx7Y4kBAABwKB0vWlbs/5luLn36y8mP2t7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjbvwEAAP//E41CoA==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x4, 0xfc, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
fdatasync(r2)
ftruncate(r2, 0x81ff)

3m4.449582732s ago: executing program 2 (id=2981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={0x0, 0x48}}, 0x40000)

3m2.116186962s ago: executing program 33 (id=2981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={0x0, 0x48}}, 0x40000)

27.024378236s ago: executing program 4 (id=3388):
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000100)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
shmctl$SHM_STAT(0x0, 0xd, 0x0)

16.589296441s ago: executing program 4 (id=3395):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x40, 0x0, 0x0, 0x0, &(0x7f0000000300))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x3}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="9802"], 0x298)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
statfs(&(0x7f0000000000)='./file0\x00', 0x0)

14.918408176s ago: executing program 4 (id=3400):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f00000001c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

14.806957419s ago: executing program 5 (id=3401):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000000a0b040000000000000000020000002c00048028000180090001006c6173740000000018000280080001407fffffff0c0002400000554f000000000900010073"], 0x80}}, 0x0)

14.092046112s ago: executing program 4 (id=3405):
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000100)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
shmctl$SHM_STAT(0x0, 0xd, 0x0)

13.963715881s ago: executing program 5 (id=3406):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10000000, 0xfffffffffffffffe, 0x100, 0x0, 0x0, 0x5]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x2, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13.349704943s ago: executing program 4 (id=3409):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
socket$netlink(0x10, 0x3, 0x8000000004)
getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4)
syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)

13.141613893s ago: executing program 5 (id=3410):
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x6, 'pimreg1\x00', {0x5}, 0x5})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x121342, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000180)})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

12.330050843s ago: executing program 6 (id=3411):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2, &(0x7f0000000000)=0xbe, 0x4)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2, 0x4, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r4, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
sendto$inet6(r4, &(0x7f00000006c0)="f25133028d4d9d3d676508cb2bf12c52ee2cdc863cf77ba02c9a1b871886f48e7f701abb1241fe4a41db28c6c791a8d52d44cf2f84938ec8d56e3336076b03299390abb5c7245f5c57658b3876b94fbae68d46a597d8fe5543790977cfc3377a3544b672d64b8c5bb60ec89a9d7610b9eaf41a1712841e19c308dc033bfdb7146e3b52f7ce17e0fa6cae0359c7d0847606ded4b46a2b8a71acd9098bf73583d77c374ef2989f213082b2b39c8ae3488dbc209ed8a6fc67940ed7630b8989761d17feace1a36d227697df2852afb8a127e77f5a1ae1445781fe2453fb30194e85b5d4e51cb2b0ceb92319454057ed61b08c58c96eca83ac1e6f286f6de78f86afd9a31284ea58b74fbc6fec9273becbc8053a86326aa3abe60d77d000b3960500000000000000e330328a6cb62b45fc", 0x12f, 0x20008099, 0x0, 0x0)

10.813997182s ago: executing program 5 (id=3414):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x30, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x30}}, 0x0)

9.90125839s ago: executing program 5 (id=3416):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000000a0b040000000000000000020000002c00048028000180090001006c6173740000000018000280080001407fffffff0c0002400000554f000000000900010073"], 0x80}}, 0x0)

8.702052387s ago: executing program 6 (id=3418):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000080)='./file0\x00', 0x450, &(0x7f0000005f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES32], 0x2, 0x5558, &(0x7f0000000a00)="$eJzs3EtvG9UXAPBju2n/ff4jxIJdR6qQEqm26vQh2BVoxUO0qngsWIFju5Zb2xPFrhOyQoIlYsE3QSCxQmLDZ2DBmh1iAWKHBPLMmBLCo5XdOGl/P2l85t65PnPvyEp0ZiwH8MRaTn75qRRn4nhEVCLiVCmy/VKxZa7m4ZmIOBsR5T9tpaL/j46jEXEiIs5Mkkd8PczHTA59en587vKPr/381bfHjpz87MvvFrdqYNGejYj+Rr6/1c9j2snjnaK/Me5msX9pXMT8QP9u0U7zuNVezzJsNabjGlm82MnHpxv3hpN4u9doTmKnezvr3xjkJxyOO9M82RvuNDazdqu9nsXuMM1iZyef1/ZO/vdyZzjK87SKfO9n6WM0msa8v73dztezcTeLzcGo6M/zpq329iSOi1icLpppr5XNY32WK32wvd4d3NtOxu3NYTcdJJdr9edq9SvV+mbaao/al6qNfuvKpWSl05sMq47ajf7VTpp2eu1aM+2vJiudZrNarycr19rr3cYgqddrF2sXqpdXi73zycs33056rWRlEl/sDu4d7faGye10M8nfsZqs1S4+v5qcqydv3riV3Hrj+vUbt95699o7N1+48epLxaA900pW1i6srVXrF6pr9dUDsP7J/90HXP9olvV/VEz6IdZfmu3ywL/zAQN4aHvq/5hv/V8J9T+w12Gv/2Oe9f+kpFL//3f9W569/p+p/j2o9f8hXj/MRP0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDE+n7p81eyneW8fbLoP110PVW0SxFRjojf/kYlju7KWSnyLP3D+KW/zOGbUmQZJuc4VmwnIuJqsf36/0d9FQAAAODx9cUHZz/Jq/X8ZXnRE2I/5Tdtyqfem1O+UkQsLf8wp2zlycvTc0qWfb6PxPacsmU3sP43p2T5Lbcj88r2QCrT8OHp+53Zgkp5KO/rdAAAgH1R2RX2twoBAABgP3286AmwGKWYPsqcPgvOvnl//9Hm8V3HAAAAgEOotOgJAAAAAI9cVv/7/T8AAAB4vOW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3kpg1EcQB+NhjoPxVV3fcq3cExeoQuuywcoJfgCPQKuQBnILvss4kgwh4hOQIpCuNYoO+TbDM2+s0MsHljYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSfbWe///749+lObv9ZfLMBgAAADhlW63n9Ytp0/6Uzn9Jp76ldhERZUScqt0HMWplDlJOdeb91Ysx3EXUCYc+xmn7GBE/0/b0tetPAQAAAG7XZrmaNdV6s5v2PSDeU7NoU37+lSmviIhq+pAprTzsvmcKq3/fw/iTKa1ewJpkCmuW3Ianr41yddI2aB3STCaL+kusW2U3/QIAAH1qVwJnqhAAAABuwO++B0A/iuPueJ9x3BzSDcEPrRYAAABwhYq+BwAAAAB0rq7/r+H5f4/+lgAAAABv1jz/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/V8s1zNzl1fvDJnt79MvhkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8sz/3KBACYQxAs4u/ncz9DysRLa1t3oOBkDDFBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OZ3v/yfcDVHkqltw9x6JFk6NaydGrbODXs/jK+vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABO9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+6He//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu6fN24yDAD4c77z9Q8gQkAZAqhIDLDQ5FpaOsIAihj4CEhReimBK4U2A60iUBaYUOYuCEaEkEBh63fo3EhdytYhQ5CYQfbZV7e90qM09tH8ftJ773O2877P67OiPLETAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKO2+Ey8lRdzOXmaGcbntxt7GStbv3NNnrm3dnM9aFrceNtE3bz/+5Kfby9U3x+Yqb76qPxkAAAAOhnZZ30fErXR7KeuTmbz+T8tjspr/+2eGcVnP31v37+xtHC52zZf1/2+/3n5hNNHMcJ5s0NW1QX/x/lQ6+7TEqffsQ4/o5Gc+/91LO/9Akvc3n99N8/PZ+vb69Xe7eXiojmwBgEdxvOyLoPx5KOt7TSYGwIHRqRTeZf3fnmk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA67G7GU2Xcioj5zp04s7O3sTKuv7Z1c75sp69e3aqOmQ2RRsTq2qCf1riWaXfp8pVPlgeD/sWxQcQDd/334FhE7M/IDwhizK4PJ/jyiH8+prg8o55V/LugNR1pNBokxedTbOnWe9Xtb1Bee49/5Ia+IQEA8MRKi5bV9bfS7aVsW2s24q8f7q7/X6vEMWH9f/uj0zeqc1Xr/15tK5x+C+vnP1u4dPnKG2vnl8/1z/U/ffNE763eyTOnTp1ZyM7V4sJqJP3FptMEAADgf6xbtGr9n8zef///aCWOCev/z7/rfVmdq63+H+vOTb+mMwEAADiIuqPouVf+/KM15ohWtxtfLK+vX+wNX0fvTwxfa033ER0qWrX+b882nRUAAABQh93N1l33/89W4pjw/v/TP774c3XMdkQcibgQEf3jKxcGZ+tbzlSr4w+V84m6Ta8UAACAphwpWvX+f5o//5+MHnlIIuL1V4dx+b+uJqn/2+99/VN1rurz/yfrW+JUSuaG5yPv5yI6c01nBAAAwJPscNGyYv/3dHvp41+OftD1/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//1AjNPw=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000d80), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000015c0), 0x0, 0x0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x164)
listen(0xffffffffffffffff, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
connect$inet(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x1, 0x2000, 0x8504, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, @value=r0, @void, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfbd25000)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x12081ff)

8.624936079s ago: executing program 5 (id=3420):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000050000000900000001000000", @ANYRES32, @ANYBLOB="000000000000000000e70000000000", @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x1d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000680), 0x64, 0x50a, &(0x7f00000009c0)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
open(0x0, 0x141840, 0x0)

5.916033379s ago: executing program 3 (id=3425):
openat$vcsa(0xffffffffffffff9c, 0x0, 0x842, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x5}}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000600)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000180), &(0x7f00000002c0), &(0x7f0000000380)=<r4=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',privport,access=', @ANYRESDEC=r4])
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

5.551885617s ago: executing program 1 (id=3426):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x30, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x30}}, 0x0)

5.058066908s ago: executing program 3 (id=3427):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f00000001c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0xfffa, 0xfff3}, {}, {0x10, 0xfff9}}}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4.963357003s ago: executing program 1 (id=3428):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x69)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0xa, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000900)={@private2={0xfc, 0x2, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @local}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x8, 0x8, 0x400, 0x4, 0x40000221})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
execve(0x0, 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, 0xffffffffffffffff, &(0x7f0000000180)='./file0\x00')
syz_emit_ethernet(0x7e, &(0x7f0000000480)={@local, @random="7e4173edfcb3", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @rand_addr, {[@timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast2, 0x300}, {@empty}, {@loopback}]}, @cipso={0x86, 0x21, 0x0, [{0x0, 0x12, "0001632a3a835e9504005d8b00000000"}, {0x0, 0x9, "4ef661e96b4014"}]}]}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

4.637955629s ago: executing program 3 (id=3429):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000280)={[{@nodiscard}, {@resgid={'resgid', 0x3d, 0xee00}}, {@init_itable}, {@noload}, {@minixdf}, {@usrjquota}]}, 0xfe, 0x43e, &(0x7f00000004c0)="$eJzs3MtvG0UYAPBv7SR9k1DKo6WFQEFEPJImfdADFxBIHEBCgkMRp5CkVajboCZItIogcAhHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZu6iZ3GiVOX7O8nbTvjHWvm292xZ2e8CaCwBtN/koi9EfFHRPTXs7cXGKz/d3NpfuKfpfmJJKrVt/9OauVuLM1P5EXz9+2pZ6rVLL+jSb2L70WMVypTl7L8yNyFD0dmL195YfrC+Lmpc1MXx06fPnH8SN+psZMdiTON68ahT2YOH3z93atvTpy5+v4v36Xt3Zvtb4yjUwbrR7eppztdWZfta0gnPV1sCG0pR0R6unpr/b8/yrFreV9/vPZ5VxsHbKlqtVpt9v2cWagC21gS3W4B0B35F316/5tvd2nocU+4/nL9BiiN+2a21ff0RCkr07vi/raTBiPizMK/X6dbbNE8BABAox/S8c/zzcZ/pXioodx92RrKQETcHxH7I+KBiDgQEQ9G1Mo+HBGPtFn/yhWS1eOf0rUNBbZO6fjvpWxt6/bxXz76i4FylttXi783OTtdmTqWHZOh6N2R5kfXqOPHV3//stW+xvFfuqX152PBrB3XelZM0E2Oz41vJuZG1z+LONTTLP4k8mWcJCIORsShDdYx/ey3h1vtu3P8a+jAOlP1m4hn6ud/IVbEn0tark+Ovnhq7OTIzqhMHRvJr4rVfv1t8a1W9W8q/g5Iz//uptf/cvwDyc6I2ctXztfWa2fbr2Pxzy9a3tNs9PrvS96ppfuy1z4en5u7NBrRl7yx+vWxW+/N83n5NP6ho837//64dSQejYj0Ij4SEY9FxONZ25+IiCcj4uga8f/8ylMftB//GrPyHZTGP3mn8x+N57/9RPn8T9+3H38uPf8naqmh7JX1fP6tt4GbOXYAAADwf1Gq/QY+KQ0vp0ul4eH6b/gPxO5SZWZ27rmzMx9dnKz/Vn4gekv5TFd/w3zoaDY3nOfHVuSPZ/PGX5V31fLDEzOVyW4HDwW3p0X/T/1V7nbrgC3neS0oLv0fikv/h+LS/6G49H8ormb9/9MutAO4+3z/Q3Hp/1Bc+j8Ul/4PhdTy2fjSph75l9j2iSjdE83Y/omedf8xiw0mdjTd1e1PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74LwAA//9wiOSH")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000140)={0x5f5e07f, 0x20202, 0x9})

4.370425621s ago: executing program 1 (id=3430):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000000a0b040000000000000000020000002c00048028000180090001006c6173740000000018000280080001407fffffff0c0002400000554f000000000900010073797a30000000"], 0x80}}, 0x0)

3.672433598s ago: executing program 1 (id=3431):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000040)={[{@bh}, {@nolazytime}]}, 0x1, 0x4ef, &(0x7f0000000580)="$eJzs3c9vG1kdAPDvTOImzWY3WViJHwK2LAsFVXUSdzda7Wm5gNBqJcSKE4dsSNwoih1HsVOaUIn0xD+ARCVO8CdwQOKA1BN3bnDjUg5IBSpQU4mD0djjNKRxElrHpvbnIz35vXmT+b5Xa+a53zZ+AYysKxGxHxGXIuKTiJjJjyd5iQ/aJTvv8aM7KweP7qwk0Wx+/Pek1Z8diyM/k3klv+ZkRHzv2xE/TJ6NW9/d21iuVMrbeXuuUd2aq+/uXV+vLq+V18qbpdLiwuL8ezfeLfVsrm9Wf/3wW+sffv93v/3igz/sf+PH2bCm876j8+il9tQLh3Ey4xHx4UUEG4CxfD6XBj0QnksaEZ+KiLda9/9MjLXezfM54bYGAF4CzeZMNGeOtgGAYZe2cmBJWsxzAdORpsViO4f3RkyllVq9ce1mbWdztZ0rm41CenO9Up7Pc4WzUUiy9kKr/rRdOta+ERGvR8TPJi632sWV8+cZAIDeeuXY+v+vifb6DwAMucmzTljqzzgAgP45c/0HAIaO9R8ARo/1HwBGj/UfAEaP9R8ARk++/o8NehwAQF9896OPstI8yL//evXW7s5G7db11XJ9o1jdWSmu1La3imu12lqlXFypVc+6XmUithbeiZ3bc41yvTFX391bqtZ2NhtLre/1XioX+jIrAOA0r795/09JROy/f7lV4sheDtZqGG7poAcADIycP4wu38INo8vf8YGz9vLs+l+E7z1HsOZPnuOHgF67+jn5fxhV8v8wuuT/YXTJ/8PoajaTbnv+p4enAABDRY4f6Ou//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCQmG6VJC3me4FPR5oWixGvRsRsFJKb65XyfES8FhF/nChMZO2FQQ8aAHhB6V+TfP+vqzNvTx/vvZQ8mWi9RsSPfvHxz28vNxrbC9nxfxweb9zLj5cGMX4A4Cyddbqzjnc8fnRnpVP6OZ6H32xvLprFPchLu2c8xluvk1GIiKl/Jnm7Lfu8MtaD+Pt3I+KzJ80/aeVGZvOdT4/Hz2K/2tf46X/FT1t90TqW/Vl8+n+IebjX65N8E+gezANeRvez588HJ91/aVxpvU6euPnxZH7vvajO8+/gmedfevj8G+vy/Lty3hjv/P47XfvuRnx+/KT4yWH8pEv8t88Z/89f+NJb3fqav4y4GifHPxprrlHdmqvv7l1fry6vldfKm6XS4sLi/Hs33i1djojy/FwnU/2sv71/7bXT5j/VJf7kGfP/6qmzbk50ar/69yc/+PIp8b/+lZPf/zdOiZ+tiV87Nf5Ty1O/6bp9dxZ/tT3/u+d8/3/ayRdcO2f8B3/ZWz3nqQBAH9R39zaWK5Xydk8rhejxBY9Ukgsas8qQV7LP4y96nc/kKbP/g+lcdGXQTybgoj296Qc9EgAAAAAAAAAAAAAAoJsL/3WidNAzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJj9JwAA//9qf9Bs")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b000000000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/25], 0x48)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
llistxattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000300)=""/145, 0x91)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000006c0)='.\x00', 0xaa)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r6, &(0x7f0000000380)=""/4105, 0x1009)
dup(r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)

3.630842855s ago: executing program 6 (id=3432):
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000100)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
shmctl$SHM_STAT(0x0, 0xd, 0x0)

3.434351783s ago: executing program 3 (id=3433):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0xa, 0x0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f7f"], 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.551582307s ago: executing program 6 (id=3434):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000007c0)='kmem_cache_free\x00', r0}, 0x18)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2000000000000113, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000600)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/249, 0xf9}], 0x1}, 0x0)
close(r1)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)}], 0x1, 0x0, 0x0, 0x3}, 0x0)

2.211798358s ago: executing program 3 (id=3435):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_gettime(0x0, &(0x7f0000000280))

1.600503916s ago: executing program 1 (id=3436):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)

1.51010407s ago: executing program 3 (id=3437):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
syz_clone(0x4d100000, 0x0, 0x0, 0x0, 0x0, 0x0)

939.13049ms ago: executing program 6 (id=3438):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x50, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1b, 0x1f}}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x50}}, 0x0)

250.998471ms ago: executing program 4 (id=3439):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$erofs(&(0x7f0000000380), &(0x7f0000000140)='./file0\x00', 0x4000, &(0x7f0000000d40)=ANY=[], 0x1, 0x224, &(0x7f0000001600)="$eJzsmL9rFEEUx78zd7d3BgnYCNpYGDCi2dvbqKRJEcFKAkIUtTx0c5yZ3ElyQhIQDDY2lhaCrY2lhYWVRf4CWy1UECxMaSEKIzM7czt3u3u3p6JF3gey+c7Mmx/73u73YEEQxIHl08dvHx5fXLh6FsBhzKBq+r+UkhjuxL9/eu/Mk8VLz16+e77Xmb7/eng9BkDK4vt7AN4sldADK8c9g7NnkmWtxjVwnDb6Ohj8WP6UmrgRgeGmibnj6O4hI0Tk3+rW0G81VtsiCtVlz91fHWp/l+E2gJo+nZTMGd/c3llrChFtDIuKtCunhiYVo/Knz7fEsQibPSlVvW48erir2iY3CMD7+WuAo2H0PBhWjF5AFb7vqxwEq22h627v/3g5Wb9U5P7/rvh+TErbw9j4WS+0ODI32V4VAAM96uksNN2+I8X2+iEHezrT/yKHo8REj2ktr+7e7x7DvlHjgisZmR+zRTV91NTzw9y6H923HrjWFMu2pp//Z3WEiKQhJ8YaWXZxzWhq6O2UEMt/cDBP23dO4RJ/Us5+yvGnMsp9/6j31u/WN7d35trrzVbUijphOH8hOBcE58O6NqL4OsL/atqfppz1KzmxHvOw1ez1NhpbuOy2w/jqOO7Kq+5XPYdr/+OYPambLZjfLFnN3oOZP67/KzVbyo58kHtPBEEQBEEQBEEQBEEQBEEQ2ZwAg/lYzMwH0SzCK/oL5a8AAAD//9/+WL4=")
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000000c0)={[{@uni_xlateno}, {@utf8}, {@fat=@codepage={'codepage', 0x3d, '861'}}, {@shortname_win95}, {@shortname_mixed}, {@shortname_win95}, {}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@utf8}, {@shortname_mixed}, {@utf8}, {@shortname_mixed}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '863'}}, {@iocharset={'iocharset', 0x3d, 'maccyrillic'}}, {@utf8no}]}, 0x1, 0x2a8, &(0x7f0000000580)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIL1zMSslCXah4b0GaILRQ8A/GrgRXblz6BILQnS/hxjfwAQR3dlE4MslMk9Q07UDT+ufz2fT0nPOd8zuTaUsXOfnw5fHB0zz2T778LTqdLBr96MdZFr1oROXrWNL/LgCAf7OzlOKPNFMnl0VEZ3NlAQAbVPvv/+nGSwIANuydd997a3cw2Hs7zzvxePzN8bD4z774Ohvf3Y9PYhTP4mF04zwiXZi1H6eUJs280IvXx5PjYZEcf/BLef3d3yOm+Z3oRm/atZx/MtjbyWcW8pOijufL9ftF/lF048UV6z8Z7D1akY9hK954baH+B9GNXz+OT2MUT6dFzPNf7eT5m+n7P794vyivyGeT42F7Om8ubd3xSwMAAAAAAAAAAAAAAAAAAAAAwH/Yg/LsnHZMz+8pusrzd7bOi2+2I6/0ls/nmeWz6kKXzgeapPihOl/nYZ7nqZw4zzfjpWY072fXAAAAAAAAAAAAAAAAAAAA8M9y9NnnBx+NRs8Ob6VRnQZQva2//nVOp6n+Qs+rsT7Vnq/VKJtrloitak4WsbaeYhO3dFuuazx3Vc0//lT3gp3r52wXa3VucRfVy73QE1VPtvoeti8md6qH5OeqJ6WUWnHD1VtXDaVaj19r5VC39t1ovTBtTNbMieyqwr59Zf5zWQ5ll3fRWrrPS43tsrEQv/Rs1Hqe//67InNaBwAAAAAAAAAAAAAAAAAAbNT8Tb8rBk/WRhupvbGyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBOzT//v0ZjUoZvMLkVh0f3vEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+B/4KAAD//+KpXP8=")
socket$nl_audit(0x10, 0x3, 0x9)
fcntl$getown(r4, 0x9)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000001280)=""/4089, 0xff9)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000340)={0x4, @broadcast, 0x4e22, 0x0, 'wlc\x00', 0x1d, 0x7f3, 0x45}, 0x2c)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
process_vm_readv(r0, &(0x7f00000008c0)=[{&(0x7f00000003c0)=""/229, 0xe5}, {&(0x7f0000002280)=""/4096, 0x1000}, {&(0x7f00000004c0)=""/48, 0x30}, {&(0x7f0000000500)=""/43, 0x2b}, {&(0x7f0000000540)=""/32, 0x20}, {&(0x7f0000000840)=""/38, 0x26}, {&(0x7f0000000880)=""/42, 0x2a}], 0x7, &(0x7f00000009c0)=[{&(0x7f0000000940)=""/116, 0x74}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000640)='kmem_cache_free\x00'}, 0x18)
socket$netlink(0x10, 0x3, 0x4)
syz_clone3(&(0x7f00000076c0)={0x40008080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

189.823384ms ago: executing program 1 (id=3440):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x150, 0x150, 0x0, 0x90a, 0x388, 0x238, 0x238, 0x388, 0x238, 0xf, 0x0, {[{{@uncond, 0x500, 0x238, 0x298, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip6gretap0\x00', {0x0, 0x0, 0x0, 0x0, 0x0, 0x12c00, 0x7, 0x0, 0xac}}}, @common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@dev, @mcast2, @remote, @mcast2, @private2, @dev, @loopback, @mcast2, @private0, @dev, @rand_addr=' \x01\x00', @empty, @ipv4, @empty, @private2, @dev]}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@remote}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', <r2=>0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x6}})
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000700)=ANY=[@ANYBLOB="3801"], 0x138)
r7 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
write$FUSE_CREATE_OPEN(r6, &(0x7f00000004c0)={0xa0}, 0xa0)
write$FUSE_INIT(r6, &(0x7f00000003c0)={0x50}, 0x50)
write$FUSE_OPEN(r6, &(0x7f0000000040)={0x20}, 0x20)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
setxattr$incfs_id(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240), &(0x7f0000000340), 0x20, 0x0)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240), 0x4)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000000000083000040"])
socket$can_raw(0x1d, 0x3, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x10000, 0x19, &(0x7f0000000200)=""/25, 0x0, 0x8, '\x00', r2, 0x25, r8, 0x8, &(0x7f0000000280)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000002c0)={0x3, 0x3, 0x800}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000300)=[{0x1, 0x3, 0x2, 0x7}, {0x3, 0x4, 0x7}, {0x0, 0x1, 0xe, 0xa}, {0x0, 0x1, 0x9, 0xa}], 0x10, 0x2, @void, @value}, 0x94)

0s ago: executing program 6 (id=3441):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000000a0b040000000000000000020000002c00048028000180090001006c6173740000000018000280080001407fffffff0c0002400000554f000000000900010073797a30000000"], 0x80}}, 0x0)

kernel console output (not intermixed with test programs):

 after parsing attributes in process `syz.2.2615'.
[  781.884385][T12576] netlink: 87 bytes leftover after parsing attributes in process `syz.4.2619'.
[  782.435138][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  782.443832][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  782.458797][T12588] vlan2: entered promiscuous mode
[  782.467716][T12588] bond0: entered promiscuous mode
[  782.472987][T12588] bond_slave_0: entered promiscuous mode
[  782.480115][T12588] bond_slave_1: entered promiscuous mode
[  782.588661][T12588] bond0: left promiscuous mode
[  782.593911][T12588] bond_slave_0: left promiscuous mode
[  782.600916][T12588] bond_slave_1: left promiscuous mode
[  782.840763][T12590] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2625'.
[  783.038870][T12595] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2627'.
[  783.569253][T12604] rdma_op ffff88804d936980 conn xmit_rdma 0000000000000000
[  785.357932][T12626] vlan2: entered promiscuous mode
[  785.366074][T12626] bond0: entered promiscuous mode
[  785.373890][T12626] bond_slave_0: entered promiscuous mode
[  785.381965][T12626] bond_slave_1: entered promiscuous mode
[  785.617680][T12626] bond0: left promiscuous mode
[  785.622927][T12626] bond_slave_0: left promiscuous mode
[  785.630110][T12626] bond_slave_1: left promiscuous mode
[  785.875957][T12624] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2639'.
[  786.023378][   T29] kauditd_printk_skb: 32 callbacks suppressed
[  786.023457][   T29] audit: type=1326 audit(1738363846.477:2524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  786.053201][   T29] audit: type=1326 audit(1738363846.477:2525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  786.076362][   T29] audit: type=1326 audit(1738363846.477:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  786.101498][   T29] audit: type=1326 audit(1738363846.477:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  786.125214][   T29] audit: type=1326 audit(1738363846.477:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  786.719340][T12634] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2641'.
[  786.901060][   T29] audit: type=1326 audit(1738363846.607:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  786.926171][   T29] audit: type=1326 audit(1738363846.627:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  786.950022][   T29] audit: type=1326 audit(1738363846.637:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  786.973266][   T29] audit: type=1326 audit(1738363846.637:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  786.996242][   T29] audit: type=1326 audit(1738363846.637:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  787.486331][T12646] rdma_op ffff888021567d80 conn xmit_rdma 0000000000000000
[  788.072267][T12658] vlan2: entered promiscuous mode
[  788.080675][T12658] bond0: entered promiscuous mode
[  788.085992][T12658] bond_slave_0: entered promiscuous mode
[  788.093207][T12658] bond_slave_1: entered promiscuous mode
[  788.109221][T12658] bond0: left promiscuous mode
[  788.114633][T12658] bond_slave_0: left promiscuous mode
[  788.121874][T12658] bond_slave_1: left promiscuous mode
[  788.210258][T12660] IPv6: Can't replace route, no match found
[  788.331783][T12662] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2653'.
[  789.113040][T12670] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2656'.
[  789.804909][T12688] vlan2: entered promiscuous mode
[  789.813088][T12688] bond0: entered promiscuous mode
[  789.818555][T12688] bond_slave_0: entered promiscuous mode
[  789.825533][T12688] bond_slave_1: entered promiscuous mode
[  789.874765][T12690] rdma_op ffff88804d936980 conn xmit_rdma 0000000000000000
[  789.901726][T12688] bond0: left promiscuous mode
[  789.907250][T12688] bond_slave_0: left promiscuous mode
[  789.914113][T12688] bond_slave_1: left promiscuous mode
[  790.069124][T12693] netlink: 'syz.4.2667': attribute type 32 has an invalid length.
[  790.077623][T12693] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2667'.
[  790.186300][T12695] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2668'.
[  791.188805][T12711] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2675'.
[  791.555926][T12722] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2679'.
[  791.589167][T12723] loop3: detected capacity change from 0 to 512
[  791.619945][T12723] EXT4-fs: Ignoring removed mblk_io_submit option
[  791.647792][T12723] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  791.716560][T12723] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[  791.765228][T12728] loop4: detected capacity change from 0 to 164
[  791.771385][T12723] System zones: 1-12
[  791.798686][T12725] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2681'.
[  791.801672][T12728] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  791.858401][T12723] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.2680: corrupted in-inode xattr: e_value size too large
[  791.907607][T12723] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.2680: couldn't read orphan inode 15 (err -117)
[  791.962738][T12723] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  792.053943][   T29] kauditd_printk_skb: 44 callbacks suppressed
[  792.054036][   T29] audit: type=1326 audit(1738363852.507:2578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.2.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  792.083767][   T29] audit: type=1326 audit(1738363852.507:2579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.2.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  792.107373][   T29] audit: type=1326 audit(1738363852.547:2580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.2.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  792.132318][   T29] audit: type=1326 audit(1738363852.547:2581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.2.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  792.155862][   T29] audit: type=1326 audit(1738363852.577:2582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.2.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  792.234620][   T29] audit: type=1326 audit(1738363852.687:2583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.2.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  792.260050][   T29] audit: type=1326 audit(1738363852.687:2584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.2.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  792.401182][   T29] audit: type=1326 audit(1738363852.747:2585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.2.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  792.425526][   T29] audit: type=1326 audit(1738363852.757:2586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.2.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  792.451464][   T29] audit: type=1326 audit(1738363852.757:2587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.2.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  792.587475][T12736] rdma_op ffff88813f30ed80 conn xmit_rdma 0000000000000000
[  792.675668][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  793.469311][T12754] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2693'.
[  793.674442][T12753] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2691'.
[  793.851173][T12756] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2694'.
[  793.924432][T12758] loop2: detected capacity change from 0 to 164
[  794.002354][T12758] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  794.024228][T12760] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2696'.
[  795.471062][T12781] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2706'.
[  795.750920][T12783] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2707'.
[  796.099192][T12791] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2709'.
[  796.367743][T12795] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2711'.
[  797.245226][T12809] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2717'.
[  797.417455][T12811] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2718'.
[  797.991179][ T5845] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  798.034213][T12819] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2721'.
[  798.180168][ T5845] usb 3-1: Using ep0 maxpacket: 32
[  798.214625][ T5845] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  798.225325][ T5845] usb 3-1: config 0 has no interfaces?
[  798.231526][ T5845] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  798.240969][ T5845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.264603][ T5845] usb 3-1: config 0 descriptor??
[  798.353453][T12825] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2724'.
[  798.565265][T12828] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2725'.
[  798.849937][ T5845] usb 3-1: USB disconnect, device number 13
[  799.264698][T12841] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2731'.
[  799.693929][   T29] kauditd_printk_skb: 52 callbacks suppressed
[  799.694009][   T29] audit: type=1326 audit(1738363860.147:2640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12844 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  799.783195][   T29] audit: type=1326 audit(1738363860.197:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12844 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  799.807070][   T29] audit: type=1326 audit(1738363860.207:2642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12844 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  799.831976][   T29] audit: type=1326 audit(1738363860.217:2643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12844 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  799.855963][   T29] audit: type=1326 audit(1738363860.217:2644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12844 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  799.879064][   T29] audit: type=1326 audit(1738363860.217:2645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12844 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  799.902027][   T29] audit: type=1326 audit(1738363860.217:2646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12844 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  799.926850][   T29] audit: type=1326 audit(1738363860.217:2647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12844 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  799.950632][   T29] audit: type=1326 audit(1738363860.217:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12844 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  799.973671][   T29] audit: type=1326 audit(1738363860.217:2649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12844 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa718cda9 code=0x7ffc0000
[  800.788173][T12853] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2735'.
[  800.956171][T12860] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2738'.
[  801.284202][T12865] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2739'.
[  801.954770][T12874] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2743'.
[  803.419765][T12890] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2750'.
[  803.726092][T12898] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2753'.
[  803.879177][T12899] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2752'.
[  804.595763][T12913] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2759'.
[  805.130111][T12922] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2763'.
[  805.148518][T12922] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2763'.
[  805.169402][   T29] kauditd_printk_skb: 26 callbacks suppressed
[  805.169487][   T29] audit: type=1326 audit(1738363865.617:2676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12923 comm="syz.3.2764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2df98cda9 code=0x7ffc0000
[  805.200245][   T29] audit: type=1326 audit(1738363865.627:2677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12923 comm="syz.3.2764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2df98cda9 code=0x7ffc0000
[  805.223593][   T29] audit: type=1326 audit(1738363865.627:2678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12923 comm="syz.3.2764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2df98cda9 code=0x7ffc0000
[  805.280764][T12926] capability: warning: `syz.3.2764' uses 32-bit capabilities (legacy support in use)
[  805.407668][   T29] audit: type=1326 audit(1738363865.837:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12923 comm="syz.3.2764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2df98cda9 code=0x7ffc0000
[  805.431191][   T29] audit: type=1326 audit(1738363865.837:2680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12923 comm="syz.3.2764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2df98cda9 code=0x7ffc0000
[  805.540206][T12928] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2765'.
[  805.778849][T12931] loop2: detected capacity change from 0 to 164
[  805.834349][T12931] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  805.968180][T12936] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2767'.
[  806.455263][T12946] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2773'.
[  806.619882][T12948] 9pnet_fd: Insufficient options for proto=fd
[  807.039856][T12954] loop3: detected capacity change from 0 to 2048
[  807.150688][T12954] Alternate GPT is invalid, using primary GPT.
[  807.158943][T12954]  loop3: p2 p3 p7
[  807.435724][T12963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2780'.
[  808.630512][T12979] __nla_validate_parse: 1 callbacks suppressed
[  808.630602][T12979] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2786'.
[  809.556076][T12992] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2792'.
[  810.194721][T13011] loop2: detected capacity change from 0 to 512
[  810.236995][T13011] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  810.322102][T13011] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  810.335456][T13011] ext4 filesystem being mounted at /557/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  810.367606][T13013] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2798'.
[  810.699742][T13022] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2801'.
[  810.858018][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  811.478271][T13035] loop3: detected capacity change from 0 to 128
[  811.616232][T13029] loop4: detected capacity change from 0 to 8192
[  811.629791][T13035] FAT-fs (loop3): Directory bread(block 162) failed
[  811.637645][T13035] FAT-fs (loop3): Directory bread(block 163) failed
[  811.644681][T13035] FAT-fs (loop3): Directory bread(block 164) failed
[  811.651835][T13035] FAT-fs (loop3): Directory bread(block 165) failed
[  811.659025][T13035] FAT-fs (loop3): Directory bread(block 166) failed
[  811.661061][T13029] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  811.665821][T13035] FAT-fs (loop3): Directory bread(block 167) failed
[  811.665966][T13035] FAT-fs (loop3): Directory bread(block 168) failed
[  811.693265][T13035] FAT-fs (loop3): Directory bread(block 169) failed
[  811.714817][T13039] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2807'.
[  811.778050][T13035] FAT-fs (loop3): Directory bread(block 162) failed
[  811.785001][T13035] FAT-fs (loop3): Directory bread(block 163) failed
[  811.849522][T13035] syz.3.2806: attempt to access beyond end of device
[  811.849522][T13035] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[  811.864071][T13035] syz.3.2806: attempt to access beyond end of device
[  811.864071][T13035] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[  812.844123][T13051] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2812'.
[  813.394568][T13059] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2815'.
[  813.783534][T13061] IPVS: stopping master sync thread 9895 ...
[  814.066866][T13065] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2820'.
[  814.321323][T13069] loop2: detected capacity change from 0 to 164
[  814.396190][T13069] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  815.111163][T13083] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2825'.
[  815.311718][T13088] loop3: detected capacity change from 0 to 512
[  815.359967][T13088] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  815.511503][T13088] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  815.529049][T13088] ext4 filesystem being mounted at /559/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  815.671999][T13092] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  816.537822][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  818.283855][T13113] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2834'.
[  818.508690][ T5845] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  818.687182][ T5845] usb 4-1: Using ep0 maxpacket: 16
[  818.716290][ T5845] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  818.727195][ T5845] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  818.796183][ T5845] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  818.806051][ T5845] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  818.814533][ T5845] usb 4-1: Product: syz
[  818.819143][ T5845] usb 4-1: Manufacturer: syz
[  818.824004][ T5845] usb 4-1: SerialNumber: syz
[  818.952044][T13127] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2840'.
[  819.099459][ T5845] usb 4-1: 0:2 : does not exist
[  819.154229][ T5845] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  819.260785][T13131] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  819.269601][ T5845] usb 4-1: USB disconnect, device number 20
[  820.137781][T13148] ip6gre2: entered allmulticast mode
[  820.646080][T13152] loop3: detected capacity change from 0 to 164
[  820.735284][T13152] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  821.175210][T13155] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2850'.
[  821.410429][T13162] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2854'.
[  822.042911][    T8] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  822.247044][    T8] usb 1-1: Using ep0 maxpacket: 32
[  822.298113][    T8] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  822.309871][    T8] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  822.320361][    T8] usb 1-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  822.333783][    T8] usb 1-1: config 0 interface 0 has no altsetting 0
[  822.348253][    T8] usb 1-1: New USB device found, idVendor=056a, idProduct=4004, bcdDevice= 0.00
[  822.360053][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  823.384743][    T8] usb 1-1: config 0 descriptor??
[  824.408788][    T8] wacom 0003:056A:4004.0011: unbalanced delimiter at end of report description
[  824.423386][    T8] wacom 0003:056A:4004.0011: parse failed
[  824.430295][    T8] wacom 0003:056A:4004.0011: probe with driver wacom failed with error -22
[  825.226842][    T8] usb 1-1: USB disconnect, device number 10
[  825.313381][T13180] loop4: detected capacity change from 0 to 512
[  825.339555][T13180] ext4: Unknown parameter 'permit_directio'
[  825.737801][T13187] loop2: detected capacity change from 0 to 164
[  825.779339][T13187] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  826.452098][T13192] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2866'.
[  826.978457][T13197] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2867'.
[  827.848689][T13208] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2871'.
[  828.070008][   T29] audit: type=1326 audit(1738363888.527:2681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13209 comm="syz.2.2872" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f998ad8cda9 code=0x0
[  829.381768][T13223] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2877'.
[  831.415293][T13244] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  831.427285][T13244] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  831.437171][T13244] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  831.454296][T13244] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  831.466551][T13244] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  831.476668][T13244] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  832.559871][T13251] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2885'.
[  832.742863][T13255] netlink: 'syz.4.2885': attribute type 4 has an invalid length.
[  832.751068][T13255] netlink: 'syz.4.2885': attribute type 2 has an invalid length.
[  833.619761][T13244] Bluetooth: hci5: command tx timeout
[  833.726927][T13258] loop2: detected capacity change from 0 to 2048
[  833.847929][T13258] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  834.096945][T13258] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  834.167400][T13242] chnl_net:caif_netlink_parms(): no params data found
[  834.248388][T13258] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  834.263679][T13258] EXT4-fs (loop2): This should not happen!! Data will be lost
[  834.263679][T13258] 
[  834.273787][T13258] EXT4-fs (loop2): Total free blocks count 0
[  834.280133][T13258] EXT4-fs (loop2): Free/Dirty block details
[  834.286249][T13258] EXT4-fs (loop2): free_blocks=2415919104
[  834.292378][T13258] EXT4-fs (loop2): dirty_blocks=16
[  834.297900][T13258] EXT4-fs (loop2): Block reservation details
[  834.304102][T13258] EXT4-fs (loop2): i_reserved_data_blocks=1
[  834.663082][T13265] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  835.044011][ T3617] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.187291][T13270] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2891'.
[  835.263543][ T3617] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.451314][ T3617] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.667677][T13244] Bluetooth: hci5: command tx timeout
[  835.691845][ T3617] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  836.307501][ T3617] bridge_slave_1: left allmulticast mode
[  836.313468][ T3617] bridge_slave_1: left promiscuous mode
[  836.320339][ T3617] bridge0: port 2(bridge_slave_1) entered disabled state
[  836.350643][ T3617] bridge_slave_0: left allmulticast mode
[  836.357809][ T3617] bridge_slave_0: left promiscuous mode
[  836.364592][ T3617] bridge0: port 1(bridge_slave_0) entered disabled state
[  837.765814][T13244] Bluetooth: hci5: command tx timeout
[  837.927754][ T3617] ip6gretap0 (unregistering): left promiscuous mode
[  838.735950][   T29] audit: type=1107 audit(1738363899.187:2682): pid=13289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  838.746193][ T3617] bond0 (unregistering): left promiscuous mode
[  838.860995][ T3617] bond_slave_0: left promiscuous mode
[  838.867855][ T3617] bond_slave_1: left promiscuous mode
[  839.197921][ T3617] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  839.250096][ T3617] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  839.274934][ T3617] bond0 (unregistering): Released all slaves
[  839.298067][ T3617] bond1 (unregistering): Released all slaves
[  839.517136][T13296] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2899'.
[  839.556388][T13296] netlink: 'syz.3.2899': attribute type 4 has an invalid length.
[  839.564909][T13296] netlink: 'syz.3.2899': attribute type 2 has an invalid length.
[  839.683920][T13242] bridge0: port 1(bridge_slave_0) entered blocking state
[  839.691964][T13242] bridge0: port 1(bridge_slave_0) entered disabled state
[  839.700094][T13242] bridge_slave_0: entered allmulticast mode
[  839.710180][T13242] bridge_slave_0: entered promiscuous mode
[  839.826868][T13244] Bluetooth: hci5: command tx timeout
[  839.869518][T13298] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2900'.
[  839.897604][T13242] bridge0: port 2(bridge_slave_1) entered blocking state
[  839.905383][T13242] bridge0: port 2(bridge_slave_1) entered disabled state
[  839.913590][T13242] bridge_slave_1: entered allmulticast mode
[  839.923182][T13242] bridge_slave_1: entered promiscuous mode
[  840.321107][ T3617] hsr_slave_0: left promiscuous mode
[  840.353681][ T3617] hsr_slave_1: left promiscuous mode
[  840.371457][ T3617] batman_adv: batadv0: Removing interface: batadv_slave_0
[  840.402157][ T3617] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  840.410310][ T3617] batman_adv: batadv0: Removing interface: batadv_slave_1
[  840.447321][ T3617] veth1_vlan: left promiscuous mode
[  840.452990][ T3617] veth0_vlan: left promiscuous mode
[  840.781535][ T3617] pim6reg (unregistering): left allmulticast mode
[  841.314173][ T3617] team0 (unregistering): Port device team_slave_1 removed
[  841.351021][ T3617] team0 (unregistering): Port device team_slave_0 removed
[  841.557174][T13313] netlink: 'syz.2.2905': attribute type 4 has an invalid length.
[  841.620353][T13315] netlink: 'syz.2.2905': attribute type 4 has an invalid length.
[  841.674529][T13242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  841.838160][T13242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  842.272892][T13242] team0: Port device team_slave_0 added
[  842.346636][T13242] team0: Port device team_slave_1 added
[  842.597562][   T29] audit: type=1326 audit(1738363903.037:2683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13322 comm="syz.2.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  842.625612][   T29] audit: type=1326 audit(1738363903.047:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13322 comm="syz.2.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  842.650578][   T29] audit: type=1326 audit(1738363903.047:2685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13322 comm="syz.2.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f998ad8cda9 code=0x7ffc0000
[  842.694521][T13325] netlink: 'syz.0.2910': attribute type 4 has an invalid length.
[  842.702887][T13325] netlink: 'syz.0.2910': attribute type 2 has an invalid length.
[  842.723862][T13242] batman_adv: batadv0: Adding interface: batadv_slave_0
[  842.731383][T13242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  842.757966][T13242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  842.861361][T13242] batman_adv: batadv0: Adding interface: batadv_slave_1
[  842.868735][T13242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  842.895698][T13242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  842.942953][ T3617] IPVS: stop unused estimator thread 0...
[  843.542155][T13242] hsr_slave_0: entered promiscuous mode
[  843.554616][T13242] hsr_slave_1: entered promiscuous mode
[  843.653902][T13337] futex_wake_op: syz.0.2913 tries to shift op by 36; fix this program
[  843.867410][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  843.874233][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  844.111253][T13337] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  846.962772][T13242] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  847.024260][T13242] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  847.230714][T13242] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  847.385433][T13242] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  849.333124][T13367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2921'.
[  849.457063][T13369] bridge1: entered promiscuous mode
[  851.395431][T13242] 8021q: adding VLAN 0 to HW filter on device bond0
[  852.191791][T13242] 8021q: adding VLAN 0 to HW filter on device team0
[  852.327730][T10728] bridge0: port 1(bridge_slave_0) entered blocking state
[  852.335505][T10728] bridge0: port 1(bridge_slave_0) entered forwarding state
[  852.590406][T10728] bridge0: port 2(bridge_slave_1) entered blocking state
[  852.598277][T10728] bridge0: port 2(bridge_slave_1) entered forwarding state
[  854.144774][   T29] audit: type=1326 audit(1738363914.587:2686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13378 comm="syz.4.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41be78cda9 code=0x7ffc0000
[  854.168303][   T29] audit: type=1326 audit(1738363914.597:2687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13378 comm="syz.4.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41be78cda9 code=0x7ffc0000
[  854.585309][   T29] audit: type=1326 audit(1738363914.667:2688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13378 comm="syz.4.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41be78cda9 code=0x7ffc0000
[  854.610632][   T29] audit: type=1326 audit(1738363914.737:2689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13378 comm="syz.4.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41be78cda9 code=0x7ffc0000
[  854.634315][   T29] audit: type=1326 audit(1738363914.737:2690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13378 comm="syz.4.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41be78cda9 code=0x7ffc0000
[  854.657408][   T29] audit: type=1326 audit(1738363914.777:2691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13378 comm="syz.4.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41be78cda9 code=0x7ffc0000
[  854.680602][   T29] audit: type=1326 audit(1738363914.777:2692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13378 comm="syz.4.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41be78cda9 code=0x7ffc0000
[  854.705291][   T29] audit: type=1326 audit(1738363914.797:2693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13378 comm="syz.4.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f41be78cda9 code=0x7ffc0000
[  854.728997][   T29] audit: type=1326 audit(1738363914.797:2694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13378 comm="syz.4.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41be78cda9 code=0x7ffc0000
[  854.752053][   T29] audit: type=1326 audit(1738363914.897:2695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13378 comm="syz.4.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f41be78cda9 code=0x7ffc0000
[  855.988450][T13242] 8021q: adding VLAN 0 to HW filter on device batadv0
[  856.550134][T13242] veth0_vlan: entered promiscuous mode
[  856.693222][T13242] veth1_vlan: entered promiscuous mode
[  857.157097][T13242] veth0_macvtap: entered promiscuous mode
[  857.303134][T13242] veth1_macvtap: entered promiscuous mode
[  857.597048][T13242] batman_adv: batadv0: Interface activated: batadv_slave_0
[  857.720094][T13242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  857.731134][T13242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  857.741364][T13242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  857.752997][T13242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  857.763283][T13242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  857.776288][T13242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  857.787270][T13242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  857.798091][T13242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  857.813498][T13242] batman_adv: batadv0: Interface activated: batadv_slave_1
[  858.401352][T13242] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  858.410741][T13242] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  858.419972][T13242] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  858.429230][T13242] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  862.982804][ T5786] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  862.998510][ T5786] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  863.008627][ T5786] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  863.023383][ T5786] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  863.038381][ T5786] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  863.048118][ T5786] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  864.057341][T13435] chnl_net:caif_netlink_parms(): no params data found
[  865.108026][ T5786] Bluetooth: hci1: command tx timeout
[  865.974552][T13435] bridge0: port 1(bridge_slave_0) entered blocking state
[  865.982828][T13435] bridge0: port 1(bridge_slave_0) entered disabled state
[  865.991004][T13435] bridge_slave_0: entered allmulticast mode
[  866.000580][T13435] bridge_slave_0: entered promiscuous mode
[  866.093642][T10773] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.168708][T13435] bridge0: port 2(bridge_slave_1) entered blocking state
[  866.176833][T13435] bridge0: port 2(bridge_slave_1) entered disabled state
[  866.184752][T13435] bridge_slave_1: entered allmulticast mode
[  866.194316][T13435] bridge_slave_1: entered promiscuous mode
[  866.252008][T10773] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.492709][T10773] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.711862][T13435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  866.731524][T10773] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.806000][T13435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  867.189750][ T5786] Bluetooth: hci1: command tx timeout
[  867.202548][T13435] team0: Port device team_slave_0 added
[  867.461561][T13435] team0: Port device team_slave_1 added
[  867.482691][T10773] bridge_slave_1: left allmulticast mode
[  867.488835][T10773] bridge_slave_1: left promiscuous mode
[  867.503271][T10773] bridge0: port 2(bridge_slave_1) entered disabled state
[  867.559685][T10773] bridge_slave_0: left allmulticast mode
[  867.565617][T10773] bridge_slave_0: left promiscuous mode
[  867.572824][T10773] bridge0: port 1(bridge_slave_0) entered disabled state
[  868.169036][T10773] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  868.207093][T10773] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  868.255068][T10773] bond0 (unregistering): Released all slaves
[  868.608946][T10728] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  868.617207][T10728] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  868.649650][T13435] batman_adv: batadv0: Adding interface: batadv_slave_0
[  868.657193][T13435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  868.684120][T13435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  868.708097][T10773] tipc: Left network mode
[  868.888440][ T3517] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  868.896704][ T3517] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  868.921050][T13435] batman_adv: batadv0: Adding interface: batadv_slave_1
[  868.931954][T13435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  868.959796][T13435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  869.266962][ T5786] Bluetooth: hci1: command tx timeout
[  869.321470][T10773] hsr_slave_0: left promiscuous mode
[  869.342303][T10773] hsr_slave_1: left promiscuous mode
[  869.354581][T10773] batman_adv: batadv0: Removing interface: batadv_slave_0
[  869.390881][T10773] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  869.398827][T10773] batman_adv: batadv0: Removing interface: batadv_slave_1
[  869.457590][T10773] veth1_vlan: left promiscuous mode
[  869.463272][T10773] veth0_vlan: left promiscuous mode
[  869.484550][T13492] loop2: detected capacity change from 0 to 1024
[  869.572731][T13492] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  869.584257][T13492] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  869.594502][T13492] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  869.731736][T13492] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #3: comm syz.2.2958: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  869.795586][T13492] EXT4-fs (loop2): no journal found
[  869.801837][T13492] EXT4-fs (loop2): can't get journal size
[  869.858148][T13492] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #3: comm syz.2.2958: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  869.935613][T13492] EXT4-fs (loop2): failed to initialize system zone (-117)
[  869.966253][T13492] EXT4-fs (loop2): mount failed
[  869.972936][T10773] pim6reg (unregistering): left allmulticast mode
[  870.424307][T10773] team0 (unregistering): Port device team_slave_1 removed
[  870.494039][T10773] team0 (unregistering): Port device team_slave_0 removed
[  871.049536][T13499] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2880'.
[  871.207758][T13435] hsr_slave_0: entered promiscuous mode
[  871.218365][T13435] hsr_slave_1: entered promiscuous mode
[  871.227511][T13435] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  871.240149][T13435] Cannot create hsr debugfs directory
[  871.360996][T13244] Bluetooth: hci1: command tx timeout
[  873.403146][T13435] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  873.524150][T13435] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  873.618634][T13435] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  873.703544][T13435] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  874.424946][T13529] loop2: detected capacity change from 0 to 1024
[  874.443960][T13528] evm: overlay not supported
[  874.639756][T13529] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  874.854794][   T29] kauditd_printk_skb: 33 callbacks suppressed
[  874.854871][   T29] audit: type=1804 audit(1738363935.307:2729): pid=13529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2970" name="/newroot/608/bus/file1" dev="loop2" ino=15 res=1 errno=0
[  874.920248][T13529] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  874.979040][T13529] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 42 with error 28
[  874.992010][T13529] EXT4-fs (loop2): This should not happen!! Data will be lost
[  874.992010][T13529] 
[  875.002034][T13529] EXT4-fs (loop2): Total free blocks count 0
[  875.008546][T13529] EXT4-fs (loop2): Free/Dirty block details
[  875.014711][T13529] EXT4-fs (loop2): free_blocks=68451041280
[  875.020918][T13529] EXT4-fs (loop2): dirty_blocks=48
[  875.026281][T13529] EXT4-fs (loop2): Block reservation details
[  875.030044][T13435] 8021q: adding VLAN 0 to HW filter on device bond0
[  875.032590][T13529] EXT4-fs (loop2): i_reserved_data_blocks=3
[  875.200619][T13435] 8021q: adding VLAN 0 to HW filter on device team0
[  875.262730][T10773] bridge0: port 1(bridge_slave_0) entered blocking state
[  875.270638][T10773] bridge0: port 1(bridge_slave_0) entered forwarding state
[  875.360131][ T5784] EXT4-fs error (device loop2): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /608/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  875.419807][T10773] bridge0: port 2(bridge_slave_1) entered blocking state
[  875.427706][T10773] bridge0: port 2(bridge_slave_1) entered forwarding state
[  875.450582][ T5784] EXT4-fs error (device loop2): ext4_empty_dir:3103: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  875.472104][T13537] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2972'.
[  875.567040][ T5784] EXT4-fs warning (device loop2): ext4_empty_dir:3105: inode #11: comm syz-executor: directory missing '.'
[  875.617619][ T5784] EXT4-fs error (device loop2): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /608/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  875.736364][ T5784] EXT4-fs error (device loop2): ext4_empty_dir:3103: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  875.810440][ T5784] EXT4-fs warning (device loop2): ext4_empty_dir:3105: inode #11: comm syz-executor: directory missing '.'
[  875.854053][ T5784] EXT4-fs error (device loop2): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /608/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  875.977915][ T5784] EXT4-fs error (device loop2): ext4_empty_dir:3103: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  876.107096][ T5784] EXT4-fs warning (device loop2): ext4_empty_dir:3105: inode #11: comm syz-executor: directory missing '.'
[  876.148344][ T5784] EXT4-fs error (device loop2): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /608/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  876.239586][ T5784] EXT4-fs error (device loop2): ext4_empty_dir:3103: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  876.340896][ T5784] EXT4-fs warning (device loop2): ext4_empty_dir:3105: inode #11: comm syz-executor: directory missing '.'
[  876.383643][ T5784] EXT4-fs error (device loop2): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /608/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  876.522832][ T5784] EXT4-fs warning (device loop2): ext4_empty_dir:3105: inode #11: comm syz-executor: directory missing '.'
[  876.586695][ T5784] EXT4-fs warning (device loop2): ext4_empty_dir:3105: inode #11: comm syz-executor: directory missing '.'
[  876.671130][ T5784] EXT4-fs warning (device loop2): ext4_empty_dir:3105: inode #11: comm syz-executor: directory missing '.'
[  876.759984][ T5784] EXT4-fs warning (device loop2): ext4_empty_dir:3105: inode #11: comm syz-executor: directory missing '.'
[  876.786360][ T5784] EXT4-fs warning (device loop2): ext4_empty_dir:3105: inode #11: comm syz-executor: directory missing '.'
[  876.842259][ T5784] EXT4-fs warning (device loop2): ext4_empty_dir:3105: inode #11: comm syz-executor: directory missing '.'
[  877.253438][T13551] loop4: detected capacity change from 0 to 512
[  877.295228][T13435] 8021q: adding VLAN 0 to HW filter on device batadv0
[  877.808835][T13551] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  878.391368][T13549] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2976'.
[  879.371478][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  880.279669][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  881.737126][T13435] veth0_vlan: entered promiscuous mode
[  881.780315][T13435] veth1_vlan: entered promiscuous mode
[  881.985972][T13435] veth0_macvtap: entered promiscuous mode
[  882.011240][T13435] veth1_macvtap: entered promiscuous mode
[  882.099138][T13435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  882.110170][T13435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  882.125908][T13435] batman_adv: batadv0: Interface activated: batadv_slave_0
[  882.197311][T13435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  882.208511][T13435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  882.218688][T13435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  882.229875][T13435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  882.246754][T13435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  882.259504][T13435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  882.269878][T13435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  882.280759][T13435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  882.296154][T13435] batman_adv: batadv0: Interface activated: batadv_slave_1
[  882.325368][T13435] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  882.334830][T13435] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  882.351770][T13435] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  882.363010][T13435] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  883.234252][T13583] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2984'.
[  883.433532][T13582] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2985'.
[  883.941959][ T5786] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  883.951714][ T5786] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  883.965143][ T5786] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  883.997483][ T5786] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  884.009863][ T5786] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  884.020624][ T5786] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  884.445394][T13597] loop3: detected capacity change from 0 to 512
[  884.540131][T13597] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  884.661313][T13595] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2988'.
[  885.143769][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  885.487223][T13589] chnl_net:caif_netlink_parms(): no params data found
[  886.067644][ T5786] Bluetooth: hci0: command tx timeout
[  887.000276][T13629] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2995'.
[  887.516764][T13589] bridge0: port 1(bridge_slave_0) entered blocking state
[  887.524532][T13589] bridge0: port 1(bridge_slave_0) entered disabled state
[  887.532874][T13589] bridge_slave_0: entered allmulticast mode
[  887.542646][T13589] bridge_slave_0: entered promiscuous mode
[  887.559735][T13589] bridge0: port 2(bridge_slave_1) entered blocking state
[  887.573495][T13589] bridge0: port 2(bridge_slave_1) entered disabled state
[  887.581697][T13589] bridge_slave_1: entered allmulticast mode
[  887.591526][T13589] bridge_slave_1: entered promiscuous mode
[  887.665000][T13632] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2996'.
[  887.827600][T13589] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  887.929124][T13589] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  888.146759][ T5786] Bluetooth: hci0: command tx timeout
[  888.729349][T13650] loop3: detected capacity change from 0 to 512
[  888.840683][T13650] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  888.904430][T13589] team0: Port device team_slave_0 added
[  888.949846][T13589] team0: Port device team_slave_1 added
[  889.040398][T13650] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3000'.
[  889.726716][T13589] batman_adv: batadv0: Adding interface: batadv_slave_0
[  889.734041][T13589] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  889.760756][T13589] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  889.975528][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  890.069127][T13589] batman_adv: batadv0: Adding interface: batadv_slave_1
[  890.076680][T13589] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  890.103142][T13589] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  890.304761][ T5786] Bluetooth: hci0: command tx timeout
[  890.576652][T13589] hsr_slave_0: entered promiscuous mode
[  890.587331][T13589] hsr_slave_1: entered promiscuous mode
[  890.596242][T13589] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  890.604135][T13589] Cannot create hsr debugfs directory
[  891.270252][T10773] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  891.278480][T10773] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  891.453516][T13665] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  891.586995][ T3517] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  891.595214][ T3517] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  892.065697][T13668] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3005'.
[  892.391371][ T5786] Bluetooth: hci0: command tx timeout
[  893.074412][T13589] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  893.136253][T13589] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  893.347975][T13589] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  893.639420][T13589] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  894.711479][T13680] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3008'.
[  895.857858][T13589] 8021q: adding VLAN 0 to HW filter on device bond0
[  896.354329][T13589] 8021q: adding VLAN 0 to HW filter on device team0
[  896.519059][T13697] loop4: detected capacity change from 0 to 512
[  896.561202][T10739] bridge0: port 1(bridge_slave_0) entered blocking state
[  896.569073][T10739] bridge0: port 1(bridge_slave_0) entered forwarding state
[  896.717867][T10739] bridge0: port 2(bridge_slave_1) entered blocking state
[  896.725703][T10739] bridge0: port 2(bridge_slave_1) entered forwarding state
[  897.660432][T13697] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  897.886900][T13695] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3011'.
[  898.313712][T13709] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3015'.
[  898.511142][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  900.099660][T13722] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3020'.
[  900.534945][T13589] 8021q: adding VLAN 0 to HW filter on device batadv0
[  902.781850][T13754] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3027'.
[  902.785028][T13755] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3028'.
[  903.768685][T13766] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3031'.
[  903.954570][T13589] veth0_vlan: entered promiscuous mode
[  904.040677][T13589] veth1_vlan: entered promiscuous mode
[  904.494865][T13589] veth0_macvtap: entered promiscuous mode
[  904.624829][T13589] veth1_macvtap: entered promiscuous mode
[  904.810247][T13589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  904.821316][T13589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  904.831546][T13589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  904.842317][T13589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  904.858244][T13589] batman_adv: batadv0: Interface activated: batadv_slave_0
[  905.020046][T13589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  905.031286][T13589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  905.041595][T13589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  905.052393][T13589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  905.062652][T13589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  905.073448][T13589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  905.088052][T13589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  905.100338][T13589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  905.110641][T13589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  905.121504][T13589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  905.136948][T13589] batman_adv: batadv0: Interface activated: batadv_slave_1
[  905.254974][   T29] audit: type=1326 audit(1738363965.647:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13786 comm="syz.5.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30ab8cda9 code=0x7ffc0000
[  905.283970][   T29] audit: type=1326 audit(1738363965.647:2731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13786 comm="syz.5.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa30ab8cda9 code=0x7ffc0000
[  905.311701][   T29] audit: type=1326 audit(1738363965.647:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13786 comm="syz.5.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa30ab8cde3 code=0x7ffc0000
[  905.361737][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  905.369348][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  905.551045][T13589] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  905.560318][T13589] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  905.569837][T13589] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  905.579007][T13589] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  906.150766][T13793] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3041'.
[  906.279142][   T29] audit: type=1326 audit(1738363966.727:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13786 comm="syz.5.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa30ab8b85f code=0x7ffc0000
[  906.793262][T13803] loop3: detected capacity change from 0 to 512
[  906.947697][T13803] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  907.074836][T13801] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3043'.
[  907.512090][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  907.695201][T13812] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3045'.
[  907.717150][T13812] veth0_macvtap: left promiscuous mode
[  910.634956][T13844] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3053'.
[  911.301153][T10761] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  911.309710][T10761] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  911.555927][T10761] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  911.564609][T10761] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  911.766709][T13856] loop3: detected capacity change from 0 to 512
[  911.890618][T13856] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  912.079659][T13852] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3056'.
[  912.110820][T13858] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3058'.
[  912.168412][T13858] veth0_macvtap: left promiscuous mode
[  913.138630][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  914.046624][T13881] loop4: detected capacity change from 0 to 512
[  914.174766][T13881] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.3063: corrupted in-inode xattr: invalid ea_ino
[  914.246993][T13881] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3063: couldn't read orphan inode 15 (err -117)
[  914.265105][T13881] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  915.667484][T13887] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3064'.
[  916.380734][T13244] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  916.413357][T13244] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  916.436159][T13244] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  916.469680][T13244] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  916.482955][T13244] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  916.514702][T13244] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  918.646164][ T5786] Bluetooth: hci4: command tx timeout
[  919.460254][T13911] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3071'.
[  919.818392][T13894] chnl_net:caif_netlink_parms(): no params data found
[  920.495925][T10788] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  920.709633][ T5786] Bluetooth: hci4: command tx timeout
[  920.728379][T10788] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  920.995137][T10788] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  921.184607][T10788] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  922.267945][T10788] bridge_slave_1: left allmulticast mode
[  922.274008][T10788] bridge_slave_1: left promiscuous mode
[  922.290151][T10788] bridge0: port 2(bridge_slave_1) entered disabled state
[  922.358401][T10788] bridge_slave_0: left allmulticast mode
[  922.364463][T10788] bridge_slave_0: left promiscuous mode
[  922.371441][T10788] bridge0: port 1(bridge_slave_0) entered disabled state
[  922.847316][ T5786] Bluetooth: hci4: command tx timeout
[  923.078922][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  923.458257][T10788] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  923.514572][T10788] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  923.532149][T10788] bond0 (unregistering): Released all slaves
[  923.710394][T13931] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3077'.
[  923.813275][T10788] tipc: Disabling bearer <udp:syz2>
[  923.825475][T10788] tipc: Left network mode
[  924.282158][T13894] bridge0: port 1(bridge_slave_0) entered blocking state
[  924.290157][T13894] bridge0: port 1(bridge_slave_0) entered disabled state
[  924.298279][T13894] bridge_slave_0: entered allmulticast mode
[  924.308206][T13894] bridge_slave_0: entered promiscuous mode
[  924.345364][T13894] bridge0: port 2(bridge_slave_1) entered blocking state
[  924.353415][T13894] bridge0: port 2(bridge_slave_1) entered disabled state
[  924.361667][T13894] bridge_slave_1: entered allmulticast mode
[  924.371534][T13894] bridge_slave_1: entered promiscuous mode
[  924.629952][T10788] batman_adv: batadv0: Removing interface: batadv_slave_0
[  924.668352][T10788] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  924.676171][T10788] batman_adv: batadv0: Removing interface: batadv_slave_1
[  924.709887][T10788] veth1_vlan: left promiscuous mode
[  924.715733][T10788] veth0_vlan: left promiscuous mode
[  924.874003][ T5786] Bluetooth: hci4: command tx timeout
[  925.074266][T13945] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3082'.
[  925.574862][T10788] team0 (unregistering): Port device team_slave_1 removed
[  925.600388][T10788] team0 (unregistering): Port device team_slave_0 removed
[  926.141265][T13894] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  926.340175][T13894] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  926.704628][T13894] team0: Port device team_slave_0 added
[  926.776048][T13894] team0: Port device team_slave_1 added
[  927.141107][T13894] batman_adv: batadv0: Adding interface: batadv_slave_0
[  927.148730][T13894] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  927.175262][T13894] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  927.405490][T13894] batman_adv: batadv0: Adding interface: batadv_slave_1
[  927.414364][T13894] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  927.441291][T13894] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  928.272139][T13894] hsr_slave_0: entered promiscuous mode
[  928.283263][T13894] hsr_slave_1: entered promiscuous mode
[  928.292863][T13894] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  928.300832][T13894] Cannot create hsr debugfs directory
[  928.667080][T13968] netlink: 'syz.5.3089': attribute type 4 has an invalid length.
[  928.675348][T13968] netlink: 'syz.5.3089': attribute type 2 has an invalid length.
[  928.789438][T13969] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3090'.
[  929.318536][T13975] vlan2: entered allmulticast mode
[  929.323942][T13975] vlan1: entered allmulticast mode
[  929.329548][T13975] veth0_vlan: entered allmulticast mode
[  929.343280][T13975] bridge0: port 3(vlan2) entered blocking state
[  929.357556][T13975] bridge0: port 3(vlan2) entered disabled state
[  929.368677][T13975] vlan2: entered promiscuous mode
[  929.374002][T13975] vlan1: entered promiscuous mode
[  929.384380][T13975] bridge0: port 3(vlan2) entered blocking state
[  929.391555][T13975] bridge0: port 3(vlan2) entered forwarding state
[  929.741917][T13979] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3095'.
[  930.236811][T13894] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  930.319178][T13894] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  930.418212][T13894] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  930.488399][T13894] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  931.332435][T14004] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3103'.
[  931.564191][T13894] 8021q: adding VLAN 0 to HW filter on device bond0
[  931.755451][T13894] 8021q: adding VLAN 0 to HW filter on device team0
[  931.831934][ T3517] bridge0: port 1(bridge_slave_0) entered blocking state
[  931.839947][ T3517] bridge0: port 1(bridge_slave_0) entered forwarding state
[  931.929587][ T3517] bridge0: port 2(bridge_slave_1) entered blocking state
[  931.937490][ T3517] bridge0: port 2(bridge_slave_1) entered forwarding state
[  932.823572][T14017] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3108'.
[  932.881442][T14017] veth0_macvtap: left promiscuous mode
[  936.664527][T14036] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3114'.
[  937.463990][T13894] 8021q: adding VLAN 0 to HW filter on device batadv0
[  938.124272][T13894] veth0_vlan: entered promiscuous mode
[  938.260594][T13894] veth1_vlan: entered promiscuous mode
[  939.921565][T13894] veth0_macvtap: entered promiscuous mode
[  940.014736][T13894] veth1_macvtap: entered promiscuous mode
[  940.349651][T13894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  940.360701][T13894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  940.371622][T13894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  940.382420][T13894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  940.393426][T13894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  940.410689][T13894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  940.428312][T13894] batman_adv: batadv0: Interface activated: batadv_slave_0
[  941.290395][T13894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  941.301595][T13894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  941.311830][T13894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  941.323283][T13894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  941.339148][T13894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  941.351730][T13894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  941.361958][T13894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  941.372783][T13894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  941.382950][T13894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  941.393767][T13894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  941.409883][T13894] batman_adv: batadv0: Interface activated: batadv_slave_1
[  941.566868][T13894] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  941.575969][T13894] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  941.588115][T13894] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  941.597540][T13894] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  941.688604][T14072] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3126'.
[  947.429813][T14112] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3138'.
[  952.548686][T14143] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3148'.
[  952.608835][ T3617] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  952.617246][ T3617] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  952.935156][T10725] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  952.943645][T10725] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  956.050367][T14170] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3159'.
[  956.312488][T13244] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  956.326236][T13244] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  956.336512][T13244] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  956.353204][T13244] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  956.368801][T13244] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  956.398444][T13244] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  958.074441][T14195] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3167'.
[  958.381163][T14174] chnl_net:caif_netlink_parms(): no params data found
[  958.478525][T13244] Bluetooth: hci2: command tx timeout
[  958.546686][T13244] Bluetooth: hci5: command 0x0406 tx timeout
[  958.770050][T14202] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3171'.
[  958.893248][T10725] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  959.055755][T10725] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  959.259970][T10725] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  959.412215][T10725] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  959.970349][T10725] bridge_slave_1: left allmulticast mode
[  959.976284][T10725] bridge_slave_1: left promiscuous mode
[  959.983129][T10725] bridge0: port 2(bridge_slave_1) entered disabled state
[  960.048330][T10725] bridge_slave_0: left allmulticast mode
[  960.054274][T10725] bridge_slave_0: left promiscuous mode
[  960.062071][T10725] bridge0: port 1(bridge_slave_0) entered disabled state
[  960.620825][ T5786] Bluetooth: hci2: command tx timeout
[  960.860925][T14227] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3180'.
[  960.942486][T10725] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  961.048229][T10725] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  961.119639][T14230] loop6: detected capacity change from 0 to 512
[  961.128784][T10725] bond0 (unregistering): (slave team0): Releasing backup interface
[  961.153259][T10725] bond0 (unregistering): Released all slaves
[  961.203624][T14230] EXT4-fs (loop6): blocks per group (64) and clusters per group (20800) inconsistent
[  962.080508][T14174] bridge0: port 1(bridge_slave_0) entered blocking state
[  962.088534][T14174] bridge0: port 1(bridge_slave_0) entered disabled state
[  962.096545][T14174] bridge_slave_0: entered allmulticast mode
[  962.106150][T14174] bridge_slave_0: entered promiscuous mode
[  962.106954][T14245] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3183'.
[  962.277287][T14174] bridge0: port 2(bridge_slave_1) entered blocking state
[  962.285205][T14174] bridge0: port 2(bridge_slave_1) entered disabled state
[  962.293587][T14174] bridge_slave_1: entered allmulticast mode
[  962.303264][T14174] bridge_slave_1: entered promiscuous mode
[  962.434322][ T3517] Bluetooth: hci3: Frame reassembly failed (-84)
[  962.698387][T10725] batman_adv: batadv0: Removing interface: batadv_slave_0
[  962.718069][T13244] Bluetooth: hci2: command tx timeout
[  962.775423][T10725] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  962.783963][T10725] batman_adv: batadv0: Removing interface: batadv_slave_1
[  962.987178][T10725] veth1_vlan: left promiscuous mode
[  962.993044][T10725] veth0_vlan: left promiscuous mode
[  964.072180][T14252] loop5: detected capacity change from 0 to 128
[  964.208274][T14252] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  964.296615][T14252] ext4 filesystem being mounted at /48/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  964.600195][T13244] Bluetooth: hci3: command 0x1003 tx timeout
[  964.668281][ T5786] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  964.704330][T14252] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:406: inode #2: comm syz.5.3187: No space for directory leaf checksum. Please run e2fsck -D.
[  964.720568][T14252] EXT4-fs error (device loop5): __ext4_find_entry:1652: inode #2: comm syz.5.3187: checksumming directory block 0
[  964.803381][ T5786] Bluetooth: hci2: command tx timeout
[  965.443044][T13435] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  966.217690][T10725] team0 (unregistering): Port device team_slave_1 removed
[  966.259554][T10725] team0 (unregistering): Port device team_slave_0 removed
[  966.760468][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  966.767717][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  967.039198][T14174] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  967.177936][T14174] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  968.115904][T14174] team0: Port device team_slave_0 added
[  968.163565][T14174] team0: Port device team_slave_1 added
[  968.300192][   T29] audit: type=1326 audit(1738364028.727:2734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.3.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[  968.323443][   T29] audit: type=1326 audit(1738364028.757:2735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.3.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[  968.346650][   T29] audit: type=1326 audit(1738364028.757:2736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.3.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[  968.451668][T14174] batman_adv: batadv0: Adding interface: batadv_slave_0
[  968.460610][T14174] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  968.493978][T14174] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  968.610147][   T29] audit: type=1326 audit(1738364028.847:2737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.3.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[  968.634250][   T29] audit: type=1326 audit(1738364028.847:2738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.3.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[  968.651981][T14174] batman_adv: batadv0: Adding interface: batadv_slave_1
[  968.657818][   T29] audit: type=1326 audit(1738364028.847:2739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.3.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[  968.664181][T14174] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  968.691553][   T29] audit: type=1326 audit(1738364028.847:2740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.3.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[  968.691810][   T29] audit: type=1326 audit(1738364028.857:2741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.3.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[  968.692064][   T29] audit: type=1326 audit(1738364028.857:2742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.3.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[  968.692294][   T29] audit: type=1326 audit(1738364028.867:2743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.3.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[  968.719947][T14174] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  968.946275][T14269] loop5: detected capacity change from 0 to 512
[  969.004305][T14269] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  969.087095][T14269] netlink: 14 bytes leftover after parsing attributes in process `syz.5.3193'.
[  969.318191][T14174] hsr_slave_0: entered promiscuous mode
[  969.328973][T14174] hsr_slave_1: entered promiscuous mode
[  969.338776][T14174] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  969.347364][T14174] Cannot create hsr debugfs directory
[  969.541887][T14278] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3196'.
[  969.703579][T13435] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  970.633750][T14287] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3200'.
[  970.682955][T14287] veth0_macvtap: left promiscuous mode
[  971.249804][T14174] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  971.368073][T14174] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  971.470480][T14174] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  971.554593][T14174] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  972.462276][T14308] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3208'.
[  972.486691][T14309] loop3: detected capacity change from 0 to 512
[  972.609095][T14309] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  972.888096][T14309] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3207'.
[  973.199294][T14174] 8021q: adding VLAN 0 to HW filter on device bond0
[  973.406234][T14174] 8021q: adding VLAN 0 to HW filter on device team0
[  973.463908][T10725] bridge0: port 1(bridge_slave_0) entered blocking state
[  973.471754][T10725] bridge0: port 1(bridge_slave_0) entered forwarding state
[  973.548216][T10725] bridge0: port 2(bridge_slave_1) entered blocking state
[  973.556102][T10725] bridge0: port 2(bridge_slave_1) entered forwarding state
[  973.801338][T13894] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  974.050509][T14319] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3212'.
[  974.471544][   T29] kauditd_printk_skb: 26 callbacks suppressed
[  974.471623][   T29] audit: type=1326 audit(1738364034.927:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14328 comm="syz.6.3215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  974.507529][   T29] audit: type=1326 audit(1738364034.927:2771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14328 comm="syz.6.3215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  974.532150][   T29] audit: type=1326 audit(1738364034.927:2772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14328 comm="syz.6.3215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  974.555442][   T29] audit: type=1326 audit(1738364034.937:2773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14328 comm="syz.6.3215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  974.578489][   T29] audit: type=1326 audit(1738364034.937:2774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14328 comm="syz.6.3215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  974.601640][   T29] audit: type=1326 audit(1738364034.967:2775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14328 comm="syz.6.3215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  974.771812][   T29] audit: type=1326 audit(1738364035.137:2776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14328 comm="syz.6.3215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  974.795979][   T29] audit: type=1326 audit(1738364035.137:2777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14328 comm="syz.6.3215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  974.823408][   T29] audit: type=1326 audit(1738364035.147:2778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14328 comm="syz.6.3215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  974.847940][   T29] audit: type=1326 audit(1738364035.147:2779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14328 comm="syz.6.3215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  975.678401][T14344] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3219'.
[  975.952139][T14174] 8021q: adding VLAN 0 to HW filter on device batadv0
[  976.031173][T14353] loop5: detected capacity change from 0 to 512
[  976.132372][T14353] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  976.512572][T14353] netlink: 14 bytes leftover after parsing attributes in process `syz.5.3222'.
[  976.774228][T14363] loop6: detected capacity change from 0 to 512
[  976.825868][T14363] EXT4-fs: Ignoring removed mblk_io_submit option
[  976.878464][T14363] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  976.947867][T14363] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[  977.023392][T14363] System zones: 1-12
[  977.034076][T14363] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2240: inode #15: comm syz.6.3226: corrupted in-inode xattr: e_value size too large
[  977.058990][T13435] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  977.146922][T14363] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.3226: couldn't read orphan inode 15 (err -117)
[  977.208442][T14363] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  977.590217][T14377] input: syz0 as /devices/virtual/input/input5
[  977.650670][T13589] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  978.145482][T14174] veth0_vlan: entered promiscuous mode
[  978.279137][T14174] veth1_vlan: entered promiscuous mode
[  978.436942][T14385] loop5: detected capacity change from 0 to 164
[  978.519490][T14385] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  978.590457][T14174] veth0_macvtap: entered promiscuous mode
[  978.705980][T14174] veth1_macvtap: entered promiscuous mode
[  978.870004][T14174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  978.881081][T14174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  978.891525][T14174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  978.902309][T14174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  978.918190][T14174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  978.930906][T14174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  978.941077][T14174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  978.952728][T14174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  978.968626][T14174] batman_adv: batadv0: Interface activated: batadv_slave_0
[  979.014322][T14174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  979.025364][T14174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  979.035869][T14174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  979.046914][T14174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  979.057094][T14174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  979.067899][T14174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  979.078238][T14174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  979.089073][T14174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  979.099288][T14174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  979.110889][T14174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  979.133772][T14174] batman_adv: batadv0: Interface activated: batadv_slave_1
[  979.164369][T14174] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  979.173652][T14174] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  979.182801][T14174] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  979.192951][T14174] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  979.283417][T14391] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3234'.
[  980.931457][T14415] loop6: detected capacity change from 0 to 1024
[  980.991013][T14415] EXT4-fs: Ignoring removed orlov option
[  980.997530][T14415] EXT4-fs: Ignoring removed nomblk_io_submit option
[  981.038641][T14413] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3239'.
[  981.141178][T14415] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c118, mo2=0002]
[  981.204396][T14415] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  981.624182][T14428] loop3: detected capacity change from 0 to 164
[  981.668068][T13589] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  981.722536][T14428] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  982.189649][T14437] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3247'.
[  983.476749][ T9856] usb 4-1: new low-speed USB device number 21 using dummy_hcd
[  983.715896][ T9856] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  983.732028][ T9856] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32, setting to 8
[  983.745088][ T9856] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  983.758600][ T9856] usb 4-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[  983.768228][ T9856] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  983.936610][ T9856] usb 4-1: config 0 descriptor??
[  983.944918][T14457] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  984.173102][T14464] loop5: detected capacity change from 0 to 1024
[  984.215844][T14464] EXT4-fs: Ignoring removed orlov option
[  984.223389][T14464] EXT4-fs: Ignoring removed nomblk_io_submit option
[  984.348128][T14464] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c118, mo2=0002]
[  984.401796][T14464] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  984.528353][ T9856] cypress 0003:04B4:DE61.0012: hidraw0: USB HID v0.02 Device [HID 04b4:de61] on usb-dummy_hcd.3-1/input0
[  984.583253][T14465] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3254'.
[  984.645144][T13435] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  984.660713][ T9856] usb 4-1: USB disconnect, device number 21
[  984.997843][T14478] loop5: detected capacity change from 0 to 164
[  985.068148][T14478] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  985.412430][ T3517] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  985.420056][T14482] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3260'.
[  985.420926][ T3517] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  985.693286][ T3517] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  985.702182][ T3517] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  985.876662][T14488] loop5: detected capacity change from 0 to 512
[  986.021366][T14488] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  986.124528][T14488] netlink: 14 bytes leftover after parsing attributes in process `syz.5.3261'.
[  986.537300][T13435] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  987.337815][T14508] loop3: detected capacity change from 0 to 1024
[  987.388272][T14508] EXT4-fs: Ignoring removed orlov option
[  987.395676][T14508] EXT4-fs: Ignoring removed nomblk_io_submit option
[  987.513591][T14509] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3268'.
[  987.574511][T14508] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c118, mo2=0002]
[  987.639144][T14508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  988.054417][T13894] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  988.573737][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  988.573822][   T29] audit: type=1326 audit(1738364048.567:2782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14516 comm="syz.6.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  988.603426][   T29] audit: type=1326 audit(1738364048.567:2783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14516 comm="syz.6.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  988.626744][   T29] audit: type=1326 audit(1738364048.567:2784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14516 comm="syz.6.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  988.655928][   T29] audit: type=1326 audit(1738364048.577:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14516 comm="syz.6.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  988.680835][   T29] audit: type=1326 audit(1738364048.577:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14516 comm="syz.6.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  988.704041][   T29] audit: type=1326 audit(1738364048.577:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14516 comm="syz.6.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  988.727280][   T29] audit: type=1326 audit(1738364048.577:2788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14516 comm="syz.6.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  988.756143][   T29] audit: type=1326 audit(1738364048.577:2789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14516 comm="syz.6.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  988.781228][   T29] audit: type=1326 audit(1738364048.577:2790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14516 comm="syz.6.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  988.804409][   T29] audit: type=1326 audit(1738364048.587:2791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14516 comm="syz.6.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[  989.298441][T13244] Bluetooth: hci1: command 0x0406 tx timeout
[  989.540210][T14523] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3273'.
[  989.709274][T14525] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3275'.
[  993.343100][T14545] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3281'.
[  994.488222][T14556] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3286'.
[  994.643183][T14560] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3287'.
[  995.829081][T14568] loop5: detected capacity change from 0 to 512
[  996.190059][T14568] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  996.589006][T14565] netlink: 14 bytes leftover after parsing attributes in process `syz.5.3289'.
[  997.313962][T13435] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1000.052753][T14600] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3298'.
[ 1000.121041][T14597] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3296'.
[ 1000.338223][T14603] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3299'.
[ 1000.374680][T14597] veth0_macvtap: left promiscuous mode
[ 1000.841458][T14600] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3298'.
[ 1001.824205][T14617] loop5: detected capacity change from 0 to 512
[ 1002.022410][T14617] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1002.581604][T14619] netlink: 14 bytes leftover after parsing attributes in process `syz.5.3304'.
[ 1004.425390][T13435] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1005.219426][T14630] netlink: 'syz.4.3306': attribute type 4 has an invalid length.
[ 1005.234542][T14630] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3306'.
[ 1006.025839][T14645] loop3: detected capacity change from 0 to 256
[ 1006.078842][T14645] exfat: Deprecated parameter 'namecase'
[ 1006.221678][T14645] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1006.570189][T14651] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3314'.
[ 1006.610178][T14650] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3313'.
[ 1006.648709][T14651] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3314'.
[ 1007.227153][T14658] loop3: detected capacity change from 0 to 512
[ 1007.337112][   T29] kauditd_printk_skb: 32 callbacks suppressed
[ 1007.337185][   T29] audit: type=1326 audit(1738364067.787:2824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14660 comm="syz.6.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1007.367947][   T29] audit: type=1326 audit(1738364067.787:2825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14660 comm="syz.6.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1007.397083][   T29] audit: type=1326 audit(1738364067.797:2826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14660 comm="syz.6.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1007.422470][   T29] audit: type=1326 audit(1738364067.827:2827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14660 comm="syz.6.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1007.445832][   T29] audit: type=1326 audit(1738364067.827:2828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14660 comm="syz.6.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1007.504394][T14658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1007.560611][   T29] audit: type=1326 audit(1738364067.947:2829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14660 comm="syz.6.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1007.588165][   T29] audit: type=1326 audit(1738364068.007:2830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14660 comm="syz.6.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1007.612839][   T29] audit: type=1326 audit(1738364068.007:2831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14660 comm="syz.6.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1007.664762][   T29] audit: type=1326 audit(1738364068.097:2832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14660 comm="syz.6.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1007.702598][   T29] audit: type=1326 audit(1738364068.097:2833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14660 comm="syz.6.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1007.813873][T14658] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3315'.
[ 1008.107214][T13894] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1008.465092][T14672] netlink: 'syz.3.3320': attribute type 4 has an invalid length.
[ 1008.474039][T14672] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3320'.
[ 1009.193755][    C1] hrtimer: interrupt took 223596 ns
[ 1009.750138][T13244] Bluetooth: hci0: command 0x0406 tx timeout
[ 1009.949107][T14685] loop6: detected capacity change from 0 to 256
[ 1009.986818][T14685] exFAT-fs (loop6): bogus sectors bits per cluster : 193
[ 1009.994336][T14685] exFAT-fs (loop6): failed to read boot sector
[ 1010.001580][T14685] exFAT-fs (loop6): failed to recognize exfat type
[ 1010.725470][T14687] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3326'.
[ 1013.065145][T14704] loop4: detected capacity change from 0 to 512
[ 1013.324580][T14704] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1013.910010][T14709] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3330'.
[ 1014.414963][T14714] netlink: 'syz.1.3333': attribute type 4 has an invalid length.
[ 1014.423251][T14714] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3333'.
[ 1015.303255][T14717] loop5: detected capacity change from 0 to 256
[ 1015.312387][T14174] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1017.248582][T14729] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3339'.
[ 1018.651108][T14747] netlink: 'syz.1.3347': attribute type 4 has an invalid length.
[ 1018.659476][T14747] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3347'.
[ 1019.199949][   T29] kauditd_printk_skb: 27 callbacks suppressed
[ 1019.200026][   T29] audit: type=1326 audit(1738364079.657:2861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14752 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1019.325307][T14755] loop5: detected capacity change from 0 to 512
[ 1019.326545][   T29] audit: type=1326 audit(1738364079.697:2862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14752 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1019.360728][   T29] audit: type=1326 audit(1738364079.717:2863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14752 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1019.385063][   T29] audit: type=1326 audit(1738364079.717:2864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14752 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1019.408743][   T29] audit: type=1326 audit(1738364079.717:2865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14752 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1019.432816][   T29] audit: type=1326 audit(1738364079.747:2866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14752 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1019.455949][   T29] audit: type=1326 audit(1738364079.747:2867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14752 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1019.483150][   T29] audit: type=1326 audit(1738364079.757:2868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14752 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1019.507616][   T29] audit: type=1326 audit(1738364079.757:2869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14752 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1019.531278][   T29] audit: type=1326 audit(1738364079.757:2870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14752 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1019.655769][T14755] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1019.740529][T14750] loop3: detected capacity change from 0 to 512
[ 1019.812357][T14750] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1019.908261][T14750] EXT4-fs (loop3): 1 orphan inode deleted
[ 1019.914409][T14750] EXT4-fs (loop3): 1 truncate cleaned up
[ 1019.922396][T14750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1019.932487][T14755] netlink: 14 bytes leftover after parsing attributes in process `syz.5.3348'.
[ 1020.930163][T14767] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3353'.
[ 1021.092789][T13435] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1021.268993][T14759] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1021.387555][T14759] EXT4-fs (loop3): Remounting filesystem read-only
[ 1021.479155][T13894] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1021.767154][T14771] netlink: 84 bytes leftover after parsing attributes in process `syz.4.3355'.
[ 1022.450448][T14778] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3354'.
[ 1023.323361][ T5867] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 1023.590142][ T5867] usb 5-1: Using ep0 maxpacket: 8
[ 1023.698067][ T5867] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1023.709440][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1023.720941][ T5867] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1023.734703][ T5867] usb 5-1: New USB device found, idVendor=046d, idProduct=c298, bcdDevice= 0.00
[ 1023.744150][ T5867] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1023.927966][ T5867] usb 5-1: config 0 descriptor??
[ 1024.159340][T14790] netlink: 'syz.6.3361': attribute type 4 has an invalid length.
[ 1024.174461][T14790] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3361'.
[ 1024.385363][ T5867] logitech 0003:046D:C298.0013: unknown main item tag 0x0
[ 1024.393275][ T5867] logitech 0003:046D:C298.0013: unknown main item tag 0x0
[ 1024.401311][ T5867] logitech 0003:046D:C298.0013: unknown main item tag 0x0
[ 1024.434892][   T29] kauditd_printk_skb: 10 callbacks suppressed
[ 1024.434969][   T29] audit: type=1326 audit(1738364084.887:2881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14791 comm="syz.1.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1024.464900][   T29] audit: type=1326 audit(1738364084.887:2882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14791 comm="syz.1.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1024.492515][   T29] audit: type=1326 audit(1738364084.887:2883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14791 comm="syz.1.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1024.564825][ T5867] logitech 0003:046D:C298.0013: hidraw0: USB HID v0.00 Device [HID 046d:c298] on usb-dummy_hcd.4-1/input0
[ 1024.585463][ T5867] logitech 0003:046D:C298.0013: no inputs found
[ 1024.639044][ T5867] usb 5-1: USB disconnect, device number 13
[ 1024.726605][   T29] audit: type=1326 audit(1738364084.977:2884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14791 comm="syz.1.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1024.750609][   T29] audit: type=1326 audit(1738364084.977:2885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14791 comm="syz.1.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1024.774651][   T29] audit: type=1326 audit(1738364084.987:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14791 comm="syz.1.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1024.802070][   T29] audit: type=1326 audit(1738364084.987:2887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14791 comm="syz.1.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1024.826736][   T29] audit: type=1326 audit(1738364084.987:2888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14791 comm="syz.1.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1024.850167][   T29] audit: type=1326 audit(1738364084.987:2889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14791 comm="syz.1.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1024.873131][   T29] audit: type=1326 audit(1738364084.987:2890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14791 comm="syz.1.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1024.982405][T14800] loop6: detected capacity change from 0 to 512
[ 1025.174566][T14800] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1025.240763][T14803] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3367'.
[ 1025.340912][T14797] netlink: 14 bytes leftover after parsing attributes in process `syz.6.3364'.
[ 1025.762302][T14809] netlink: 84 bytes leftover after parsing attributes in process `syz.5.3368'.
[ 1026.230733][T13589] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1026.772736][T14820] netlink: 'syz.3.3374': attribute type 4 has an invalid length.
[ 1026.781032][T14820] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3374'.
[ 1028.144277][T14832] loop5: detected capacity change from 0 to 512
[ 1028.270441][T14834] loop6: detected capacity change from 0 to 256
[ 1028.281813][T14834] vfat: Unknown parameter 'uoi_xlate'
[ 1028.363345][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1028.373897][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1028.437667][T14832] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1028.702959][T14832] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1028.716650][T14832] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1035.934988][T13435] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1036.548943][T14855] loop4: detected capacity change from 0 to 512
[ 1036.747417][T14855] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1037.028044][T14861] netlink: 84 bytes leftover after parsing attributes in process `syz.5.3383'.
[ 1037.218802][T14855] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3382'.
[ 1038.050118][T14174] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1038.159885][T14868] netlink: 'syz.5.3387': attribute type 4 has an invalid length.
[ 1038.168599][T14868] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3387'.
[ 1039.167064][   T29] kauditd_printk_skb: 27 callbacks suppressed
[ 1039.167144][   T29] audit: type=1326 audit(1738364099.597:2918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1039.196956][   T29] audit: type=1326 audit(1738364099.597:2919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1039.224567][   T29] audit: type=1326 audit(1738364099.617:2920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1039.248872][   T29] audit: type=1326 audit(1738364099.617:2921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1041.079479][T13244] Bluetooth: hci4: command 0x0406 tx timeout
[ 1047.144837][   T29] audit: type=1326 audit(1738364099.737:2922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1047.167973][   T29] audit: type=1326 audit(1738364099.747:2923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1047.191626][   T29] audit: type=1326 audit(1738364099.747:2924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1047.218814][   T29] audit: type=1326 audit(1738364099.747:2925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1047.243789][   T29] audit: type=1326 audit(1738364099.757:2926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1047.267093][   T29] audit: type=1326 audit(1738364099.757:2927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1047.290082][   T29] audit: type=1326 audit(1738364099.767:2928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1047.317875][   T29] audit: type=1326 audit(1738364099.767:2929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1047.342398][   T29] audit: type=1326 audit(1738364099.767:2930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1047.365453][   T29] audit: type=1326 audit(1738364099.767:2931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14874 comm="syz.4.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807b38cda9 code=0x7ffc0000
[ 1050.069000][T14898] netlink: 84 bytes leftover after parsing attributes in process `syz.6.3397'.
[ 1050.240325][T14900] loop3: detected capacity change from 0 to 512
[ 1050.361296][T14900] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1050.501532][T14907] netlink: 'syz.5.3401': attribute type 4 has an invalid length.
[ 1050.513986][T14907] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3401'.
[ 1050.638079][T14900] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3398'.
[ 1050.857063][T14913] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3403'.
[ 1051.138426][T13894] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1052.855416][T14938] netlink: 84 bytes leftover after parsing attributes in process `syz.3.3412'.
[ 1055.662361][T14950] netlink: 'syz.5.3416': attribute type 4 has an invalid length.
[ 1055.670848][T14950] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3416'.
[ 1056.357862][T14952] loop3: detected capacity change from 0 to 512
[ 1056.480588][   T29] kauditd_printk_skb: 5 callbacks suppressed
[ 1056.480663][   T29] audit: type=1326 audit(1738364116.937:2937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14953 comm="syz.1.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1056.485182][T14952] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1056.536541][   T29] audit: type=1326 audit(1738364116.987:2938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14953 comm="syz.1.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1056.559814][   T29] audit: type=1326 audit(1738364116.987:2939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14953 comm="syz.1.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1056.582814][   T29] audit: type=1326 audit(1738364117.027:2940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14953 comm="syz.1.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1056.606094][   T29] audit: type=1326 audit(1738364117.027:2941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14953 comm="syz.1.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1056.634048][   T29] audit: type=1326 audit(1738364117.057:2942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14953 comm="syz.1.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1056.658334][   T29] audit: type=1326 audit(1738364117.067:2943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14953 comm="syz.1.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1056.681431][   T29] audit: type=1326 audit(1738364117.067:2944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14953 comm="syz.1.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1056.704576][   T29] audit: type=1326 audit(1738364117.067:2945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14953 comm="syz.1.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1056.728197][   T29] audit: type=1326 audit(1738364117.067:2946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14953 comm="syz.1.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa57918cda9 code=0x7ffc0000
[ 1056.942277][T14965] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3417'.
[ 1056.997733][T14960] loop5: detected capacity change from 0 to 512
[ 1057.097630][T14960] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1057.112216][T14960] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3420: bg 0: block 248: padding at end of block bitmap is not set
[ 1057.147895][T14960] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3420: Failed to acquire dquot type 1
[ 1057.191672][T14960] EXT4-fs (loop5): 1 truncate cleaned up
[ 1057.209697][T14960] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1057.688990][T13894] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1060.703416][T14986] loop3: detected capacity change from 0 to 512
[ 1060.797066][T14986] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1060.840694][T14989] netlink: 'syz.1.3430': attribute type 4 has an invalid length.
[ 1060.848982][T14989] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3430'.
[ 1060.977003][T14986] EXT4-fs (loop3): 1 truncate cleaned up
[ 1060.984765][T14986] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1061.097074][T14986] EXT4-fs warning (device loop3): verify_group_input:137: Cannot add at group 99999871 (only 1 groups)
[ 1061.462627][T13894] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1061.696940][   T29] kauditd_printk_skb: 8 callbacks suppressed
[ 1061.697019][   T29] audit: type=1326 audit(1738364122.147:2953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14994 comm="syz.6.3432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1061.726719][   T29] audit: type=1326 audit(1738364122.167:2954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14994 comm="syz.6.3432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1061.753980][   T29] audit: type=1326 audit(1738364122.167:2955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14994 comm="syz.6.3432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1061.778406][   T29] audit: type=1326 audit(1738364122.187:2956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14994 comm="syz.6.3432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1061.801673][   T29] audit: type=1326 audit(1738364122.217:2957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14994 comm="syz.6.3432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1062.552577][   T29] audit: type=1326 audit(1738364122.307:2958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14994 comm="syz.6.3432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aa178cda9 code=0x7ffc0000
[ 1062.938889][   T29] audit: type=1326 audit(1738364123.377:2959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.3.3435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[ 1062.962405][   T29] audit: type=1326 audit(1738364123.387:2960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.3.3435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[ 1062.991788][   T29] audit: type=1326 audit(1738364123.387:2961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.3.3435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afab8cda9 code=0x7ffc0000
[ 1064.969036][T15016] =====================================================
[ 1064.976916][T15016] BUG: KMSAN: uninit-value in full_proxy_unlocked_ioctl+0xed/0x3a0
[ 1064.985063][T15016]  full_proxy_unlocked_ioctl+0xed/0x3a0
[ 1064.991024][T15016]  __se_sys_ioctl+0x246/0x440
[ 1064.995908][T15016]  __x64_sys_ioctl+0x96/0xe0
[ 1065.000919][T15016]  x64_sys_call+0x19f0/0x3c30
[ 1065.005887][T15016]  do_syscall_64+0xcd/0x1e0
[ 1065.011235][T15016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1065.017543][T15016] 
[ 1065.020128][T15016] Uninit was stored to memory at:
[ 1065.030413][T15016]  __debugfs_file_get+0xe59/0xef0
[ 1065.035693][T15016]  full_proxy_open_regular+0x67/0xa00
[ 1065.043681][T15016]  do_dentry_open+0x1bdd/0x26b0
[ 1065.049096][T15016]  vfs_open+0x53/0x5b0
[ 1065.053426][T15016]  path_openat+0x56a1/0x6250
[ 1065.058369][T15016]  do_filp_open+0x268/0x600
[ 1065.063080][T15016]  do_sys_openat2+0x1bf/0x2f0
[ 1065.068249][T15016]  __x64_sys_openat+0x2a1/0x310
[ 1065.073377][T15016]  x64_sys_call+0x36f5/0x3c30
[ 1065.078532][T15016]  do_syscall_64+0xcd/0x1e0
[ 1065.083314][T15016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1065.089755][T15016] 
[ 1065.092308][T15016] Uninit was stored to memory at:
[ 1065.097733][T15016]  __debugfs_file_get+0xdff/0xef0
[ 1065.102968][T15016]  full_proxy_open_regular+0x67/0xa00
[ 1065.108834][T15016]  do_dentry_open+0x1bdd/0x26b0
[ 1065.113929][T15016]  vfs_open+0x53/0x5b0
[ 1065.118451][T15016]  path_openat+0x56a1/0x6250
[ 1065.123258][T15016]  do_filp_open+0x268/0x600
[ 1065.132635][T15016]  do_sys_openat2+0x1bf/0x2f0
[ 1065.139180][T15016]  __x64_sys_openat+0x2a1/0x310
[ 1065.144327][T15016]  x64_sys_call+0x36f5/0x3c30
[ 1065.149361][T15016]  do_syscall_64+0xcd/0x1e0
[ 1065.154121][T15016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1065.160428][T15016] 
[ 1065.162884][T15016] Uninit was created at:
[ 1065.168088][T15016]  __kmalloc_cache_noprof+0x8e3/0xdf0
[ 1065.173771][T15016]  __debugfs_file_get+0x31d/0xef0
[ 1065.179173][T15016]  full_proxy_open_regular+0x67/0xa00
[ 1065.184776][T15016]  do_dentry_open+0x1bdd/0x26b0
[ 1065.190171][T15016]  vfs_open+0x53/0x5b0
[ 1065.194476][T15016]  path_openat+0x56a1/0x6250
[ 1065.199908][T15016]  do_filp_open+0x268/0x600
[ 1065.204697][T15016]  do_sys_openat2+0x1bf/0x2f0
[ 1065.209737][T15016]  __x64_sys_openat+0x2a1/0x310
[ 1065.214843][T15016]  x64_sys_call+0x36f5/0x3c30
[ 1065.219876][T15016]  do_syscall_64+0xcd/0x1e0
[ 1065.224644][T15016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1065.235655][T15016] 
[ 1065.239589][T15016] CPU: 1 UID: 0 PID: 15016 Comm: syz.1.3440 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[ 1065.250416][T15016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1065.260801][T15016] =====================================================
[ 1065.268036][T15016] Disabling lock debugging due to kernel taint
[ 1065.274350][T15016] Kernel panic - not syncing: kmsan.panic set ...
[ 1065.280968][T15016] CPU: 1 UID: 0 PID: 15016 Comm: syz.1.3440 Tainted: G    B              6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[ 1065.293134][T15016] Tainted: [B]=BAD_PAGE
[ 1065.297439][T15016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1065.307701][T15016] Call Trace:
[ 1065.311146][T15016]  <TASK>
[ 1065.314243][T15016]  dump_stack_lvl+0x216/0x2d0
[ 1065.319153][T15016]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1065.325242][T15016]  dump_stack+0x1e/0x24
[ 1065.329622][T15016]  panic+0x4e2/0xcf0
[ 1065.333788][T15016]  ? kmsan_get_metadata+0x111/0x1c0
[ 1065.339266][T15016]  kmsan_report+0x2c7/0x2d0
[ 1065.344016][T15016]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1065.349463][T15016]  ? __msan_warning+0x95/0x120
[ 1065.354449][T15016]  ? full_proxy_unlocked_ioctl+0xed/0x3a0
[ 1065.360422][T15016]  ? __se_sys_ioctl+0x246/0x440
[ 1065.365488][T15016]  ? __x64_sys_ioctl+0x96/0xe0
[ 1065.370522][T15016]  ? x64_sys_call+0x19f0/0x3c30
[ 1065.375580][T15016]  ? do_syscall_64+0xcd/0x1e0
[ 1065.380493][T15016]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1065.386822][T15016]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1065.392882][T15016]  ? tomoyo_path_number_perm+0x82d/0x8f0
[ 1065.398792][T15016]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1065.404229][T15016]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1065.409646][T15016]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1065.415691][T15016]  ? do_vfs_ioctl+0x1cf5/0x3e60
[ 1065.420755][T15016]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1065.426185][T15016]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1065.432247][T15016]  __msan_warning+0x95/0x120
[ 1065.437059][T15016]  full_proxy_unlocked_ioctl+0xed/0x3a0
[ 1065.442859][T15016]  ? __pfx_full_proxy_unlocked_ioctl+0x10/0x10
[ 1065.449257][T15016]  __se_sys_ioctl+0x246/0x440
[ 1065.454136][T15016]  __x64_sys_ioctl+0x96/0xe0
[ 1065.458991][T15016]  x64_sys_call+0x19f0/0x3c30
[ 1065.463882][T15016]  do_syscall_64+0xcd/0x1e0
[ 1065.468642][T15016]  ? clear_bhb_loop+0x25/0x80
[ 1065.473550][T15016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1065.479712][T15016] RIP: 0033:0x7fa57918cda9
[ 1065.484291][T15016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1065.504143][T15016] RSP: 002b:00007fa57a03f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1065.512786][T15016] RAX: ffffffffffffffda RBX: 00007fa5793a5fa0 RCX: 00007fa57918cda9
[ 1065.520938][T15016] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000005
[ 1065.529089][T15016] RBP: 00007fa57920e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1065.537243][T15016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1065.545396][T15016] R13: 0000000000000000 R14: 00007fa5793a5fa0 R15: 00007ffe7243b208
[ 1065.553581][T15016]  </TASK>
[ 1065.557033][T15016] Kernel Offset: disabled
[ 1065.561565][T15016] Rebooting in 86400 seconds..