last executing test programs:

1m47.27707409s ago: executing program 32 (id=386):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180)={[{@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
socket$inet_udp(0x2, 0x2, 0x0)
truncate(&(0x7f0000000080)='./file1\x00', 0xf000)
fallocate(r0, 0x8, 0x4000, 0x4000)

59.987705746s ago: executing program 4 (id=1450):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0xfffffffffffffdf5, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x1ff, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffd, 0xfffffffe}, 0x50)

59.933597221s ago: executing program 4 (id=1452):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008001000b704000000000400850000003300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r3, r1, 0x25, 0x4, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x9}}, 0x40)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @mcast2, {[], @echo_reply={0x81, 0x0, 0x0, 0x2, 0x4}}}}}}, 0x0)

59.663407008s ago: executing program 4 (id=1454):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x1018852, &(0x7f0000000300)={[{@nodiscard}, {}, {@acl}, {@fsync_mode_strict}, {@inline_xattr}, {@disable_roll_forward}, {@checkpoint_diasble}, {@discard_unit_section}, {@noinline_xattr}, {@discard_unit_block}, {@fsync_mode_strict}, {@age_extent_cache}, {@extent_cache}, {@fault_injection={'fault_injection', 0x3d, 0xffffffffffffffff}}], [{@subj_type={'subj_type', 0x3d, 'disable_roll_forward'}}, {@flag='posixacl'}]}, 0x1, 0x551c, &(0x7f00000079c0)="$eJzs3M1rI/UbAPAn7Xbff/sr4sHbDixCC5uw6b6gt1V38QW7lFUPnjRN0pDdJFOaNK296MGjePDsPyEKnjz6N3jw7E08KJ4UVjIz0W1VEJom3e3nA5Nn5pvvPPN8Qyk8MyEBnFiLya8/l+JSnIuI+Yi4GJHtl4otczsPz0XE5YiYe2wrFeN/DpyOiPMRcenRh+PTS8Vbn10dXrn50xu/fPPdmVMXvvj6+5ksGDgWno+I7ma+v9PNY9rK44NivDZsZ7F7Y1jE/I3uw+I4zeNOcz3LsFMbz6tl8Xorn59ubvdHcaNTq49iq72RjW/28gv2h61xnuyEB7Wt7LjRXM9iu59msbWX17W7l/+/3OsP8jyNIt8HWfoYDMYxH2/uNvP1bD7MYr03KMbzvGmjuTuKwyIWl4t62mlkdawf5pM+3t5s97Z3k2Fzq99Oe8nNSvWFSvVWubqVNpqD5o1yrdu4dSNZanVG08qDZq17u5WmrU6zUk+7y8lSq14vV6vJ0p3mervWS6rVyvXKtfLN5WLvavLqvXeSTiNZGsWX273tQbvTTzbSrSQ/YzlZqVx/cTm5Uk3eWl1L1u7fvbu69vZ7d96999Lq668Uk/5WVrK0cm1lpVy9Vl6pLp+g9X9cFD3B9cOhlGZdAMCT5+j6/1HyPKf+Hzjo6Pr/rfsRR9//h/5/Ip6o/vek9/9HsH44FP0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCJ9cPCl69lO4v58YVi/H/F0DPFcSki5iLi0T+Yj9P7cs4XeRb+Zf7CgRq+LUWWYXSNM8V2PiJuF9vv/z/qTwEAAACeXl99dPnTvFvPXxZnXRDTlN+0mbv4/oTylSJiYfHHCWWbG708O6Fk2d/3qdidULbsBtbZCSXLb7mdmlS2/2R+Xzj7WCjlYW6q5QAAAFOxvxOYbhcCAADANH0y6wKYjVKMH2WOnwVn37z/64HguX1HAAAAwLH3+W8HR0qzKQQAAACYoqz/9/t/AAAA8HTLf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiDnfvJVRqI4wD+a6HyR43EuPcq7uAYHsGlS8MBvAQHcIFX8AKcAXcewVBDpyIYFi+v0zbv5fNJyjBN+fZXAouZSQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+vSz2m++f3n/tWvOqe5gEXWepwEAAADuOVb7TfNmlfov2/Ov21Nv234REWVE3Bu+T+LFTeakzan+Xf/t+vrqvxp+RDQJ53vM2mMZER/a4/ebvr8FAAAAeL4O2906jdbTy2rsghhSmrQpX33MlFdERLX6lSmtPOe9yxTW/L6n8TlTWjOBNc8UlqbcprnSHqT5u19m7eZXTZGa8u7HLkVme3YAAGBAk5tm2FEIAAAAQ/o0dgGMo4i/S5mXpcBZatrlvcVNDwAAAHiCirELAAAAAHrXjP8H2v+vtv8fAAAAjCPt/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfjtV+c9ju1l1zTnU3j7vrsmvZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8If9eTmBEAiDMNi7vm8y+QcrDRqDB6tA+PgbDwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKf87i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H2awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNifkxQKgSCIgvkHJ3Ahff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6XC/fO36NI8m/08bU8Ugyd9VYumqsPWhsPRjJ/vSHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA42bmf1ziqOADgb2Z2trYqrlH2EBEFD3qx221t7U08KMGDf4IQ0m2N3fqjzcGWIubiTXLuRfQoIijx1v8h5wRyibcc9hDBszKzM9nJD3D9NbNJPh948747DPO+bxZCvvNeAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORGb0/iJDt0xnFcnNvce7iU9VuH+szjte35rGVxVGfSJ8OL1Q9Rt7lEAAAAODuSsr4PIeyk6wtZH3fy+j8tr8lq/m+fHsdlPX+47i/7svbP2i8/7z6/P1BnPE5205vLw8Glo6m0/r9ZzrZn/vKKVv7k83cvSf6FxO+tPjdK8+cZfb2x8U47D8/VkS0A8E9cLPsiKH8fyvp+k4kBcGa0KoV3Wf8nnWZzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjDaDU8WcZRCGG+NYkzW3sPl47rH69tz5ft2qNHa+HLyT2zW6QhhJvLw8GlWmcz2+7df3B7cTgc3K0/eCmE0NTobxXTv/3BFBeH0MjzEfxHQVx82bOSz8kIGvyhBADAqZQWLavrd9L1hexcNBfCH98drP9frcRhyvp/98Nrm9WxqvV/v7YZzr7eyp1Pe/fuP3h9+c7ircGtwcdvXO6/2b9y/erV6738XUnPGxMAAAD+nXbRqvV/PHd0/f9CJQ5T1v+ffdP/ojpWov4/1mTRr+lMAAAAzrZnX/79t+iY81G7HT5fXFm52x8f9z9fHh8bSPVvO1e0av2fzDWdFQAAAFCH0Wp0YP3/RiUOU67/P/X9Cz9W75mEEM4X6/8Xlz4Z3qhvOjOtjj8nbnqOAAAANOt80arr/2m+/z/e3/IQhxBee2UcF/8GcKr6P3n3qx+qY1X3/1+pb4ozKe6On0fed0NodZvOCAAAgNPsiaJlxf6v6frCRz9deL9t/z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4MAAD//xAOP7U=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)

59.508134743s ago: executing program 33 (id=1456):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000580)={'wg1\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100e8ffffff00000000100000002000018008000100", @ANYRES32=r3, @ANYBLOB="14000200776731"], 0x34}}, 0x0)

58.940316239s ago: executing program 4 (id=1469):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000440)={'vcan0\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
close(r1)

58.415748971s ago: executing program 4 (id=1475):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_ext_remove_space_done\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x18000, &(0x7f0000000000), 0x80, 0x62d, &(0x7f0000000c40)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNv3szue98dvZ03MzuaAEprKhulEfsi4lwSMdmybCIaC6eK9R5+fft8NiRRr///qySSIq+5/qNiujsbJY3XfHwy4neV9eUu3bx1cbZWb7gTcXj50tXDSzdvHVq8NHth/sL85Zkj/zx6bPpfMx9uTZy7i+mp0//70+svv/iPhU9qh5I4HmdHX5qLtji2ylTj040sxNb8kYg4liU6fC6wnSrF3+NoRPwhJqOSzzVMxuJrA60c0Ff1SmP/VB+rA6WTxKBrAAxGsx/QPLbvx3HwMHtwIhvf6BD/SHH0vjM/Ntr1MGk5MspyI/ZsQfkrEfHj7f1vZ0N0OQ8xsgXldC3/bkT8sdP2T/L49+SRZvGnkba8LktPF+c2svr9ZxN1SFrSvf393dlEaT/3S+Jv3Q5Z/MeLaZZ/ssv7P+0Uz1TbfNnaHwCDsXqi2JFnHZFY2/9lPcNm/yfa+z/19/NrQ+37ro3ovv9Lt+Ddny7v/4102v839/c783142tYPS2Ll2zOd33K0PePzV0+92a38qZb+XzZk5Tf7gj3YdNfwwd2I/W3xv5J/9Mnj7Z906P9mq5zrsYz/fvrlqW7LNhn/ptXvRRzoePyz1ivNUm3XJ5NoXp88OnN4YbE2P90Ydyzjg49eeLdb+YOOP9v+u7rE/6Ttn+Vd7bGM987cu9RI7Vi3bOKp8adfjCVn89RYPl5rXmPJ6WKVxuTG7PLytSNPrktznXw604j/4F87t/8u8ecHH+PNr8weXH3u4sNuyza5/R/Ve1yxmyz+uQ1u/zd6LOO756//uduy9fGvnZMY32hQAAAAAAAAUFJpfg02SauP02laLS68/T52pbUrS8t/W7hy/fJcxMH895CjafNK92RjPsnmZ4rfwzbnj7TN/z0i9kbEW5XxfL56/kptbtDBAwAAAAAAAAAAAAAAAAAAwJDYXdz//6h4Htg3lTStVgddK2Db9PMBc8Bw0/6hvPL2vz3PWwOGjP0/lFfH9u9LAUpBU4fy0v6hvLR/KC/tH8pL+4fy6t7+1y252++6AAAAAABbZu9fVu+PRMTKv8fzITNWLBsdaM2AftPGobwqg64AMDCPL/C7/R9Kp6f+//fFPwfsf3WAAUg6Zeadg/qTG/9qx1cCAAAAAAAAAAAAAH1wYN/q/cT9/1BKbvuD8trY/f+Vjb8UGBqd/vW/x4FAOTjGh5Lr4STAzm4L3P8PAAAAAAAAAAAAANtmIh+StFr8DHgi0rRajfhNROyJ0WRhsTY/HRG/jYjPKqM7svmZQVcaAAAAAAAAAAAAAAAAAAAAnjFLN29dnK3V5q+1Jn5Yl/NsJ5pPPB2W+rQmIul7EWm05YxHxDDE3p/ESEtOErGSbfmteOdk838/MQyfT5EY8BcTAAAAAAAAAAAAAAAAAACUUMu9x53tf2ebawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA22/t+f/9Sww6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg1+mnAAAA//+EYjvS")

58.358255557s ago: executing program 34 (id=1475):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_ext_remove_space_done\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x18000, &(0x7f0000000000), 0x80, 0x62d, &(0x7f0000000c40)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNv3szue98dvZ03MzuaAEprKhulEfsi4lwSMdmybCIaC6eK9R5+fft8NiRRr///qySSIq+5/qNiujsbJY3XfHwy4neV9eUu3bx1cbZWb7gTcXj50tXDSzdvHVq8NHth/sL85Zkj/zx6bPpfMx9uTZy7i+mp0//70+svv/iPhU9qh5I4HmdHX5qLtji2ylTj040sxNb8kYg4liU6fC6wnSrF3+NoRPwhJqOSzzVMxuJrA60c0Ff1SmP/VB+rA6WTxKBrAAxGsx/QPLbvx3HwMHtwIhvf6BD/SHH0vjM/Ntr1MGk5MspyI/ZsQfkrEfHj7f1vZ0N0OQ8xsgXldC3/bkT8sdP2T/L49+SRZvGnkba8LktPF+c2svr9ZxN1SFrSvf393dlEaT/3S+Jv3Q5Z/MeLaZZ/ssv7P+0Uz1TbfNnaHwCDsXqi2JFnHZFY2/9lPcNm/yfa+z/19/NrQ+37ro3ovv9Lt+Ddny7v/4102v839/c783142tYPS2Ll2zOd33K0PePzV0+92a38qZb+XzZk5Tf7gj3YdNfwwd2I/W3xv5J/9Mnj7Z906P9mq5zrsYz/fvrlqW7LNhn/ptXvRRzoePyz1ivNUm3XJ5NoXp88OnN4YbE2P90Ydyzjg49eeLdb+YOOP9v+u7rE/6Ttn+Vd7bGM987cu9RI7Vi3bOKp8adfjCVn89RYPl5rXmPJ6WKVxuTG7PLytSNPrktznXw604j/4F87t/8u8ecHH+PNr8weXH3u4sNuyza5/R/Ve1yxmyz+uQ1u/zd6LOO756//uduy9fGvnZMY32hQAAAAAAAAUFJpfg02SauP02laLS68/T52pbUrS8t/W7hy/fJcxMH895CjafNK92RjPsnmZ4rfwzbnj7TN/z0i9kbEW5XxfL56/kptbtDBAwAAAAAAAAAAAAAAAAAAwJDYXdz//6h4Htg3lTStVgddK2Db9PMBc8Bw0/6hvPL2vz3PWwOGjP0/lFfH9u9LAUpBU4fy0v6hvLR/KC/tH8pL+4fy6t7+1y252++6AAAAAABbZu9fVu+PRMTKv8fzITNWLBsdaM2AftPGobwqg64AMDCPL/C7/R9Kp6f+//fFPwfsf3WAAUg6Zeadg/qTG/9qx1cCAAAAAAAAAAAAAH1wYN/q/cT9/1BKbvuD8trY/f+Vjb8UGBqd/vW/x4FAOTjGh5Lr4STAzm4L3P8PAAAAAAAAAAAAANtmIh+StFr8DHgi0rRajfhNROyJ0WRhsTY/HRG/jYjPKqM7svmZQVcaAAAAAAAAAAAAAAAAAAAAnjFLN29dnK3V5q+1Jn5Yl/NsJ5pPPB2W+rQmIul7EWm05YxHxDDE3p/ESEtOErGSbfmteOdk838/MQyfT5EY8BcTAAAAAAAAAAAAAAAAAACUUMu9x53tf2ebawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA22/t+f/9Sww6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg1+mnAAAA//+EYjvS")

57.199689451s ago: executing program 0 (id=1515):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000021c0)=0x1, 0x4)
setsockopt(r0, 0x1, 0x10000000000009, &(0x7f0000000100)="0100ddff", 0x507b420f2d51f971)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x200}, 0x1c)
setsockopt(r0, 0x1, 0x9, &(0x7f0000000040), 0x29)

57.121817079s ago: executing program 0 (id=1517):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000300)={0x7, 0x5, 0x5})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000040)="266536260f1ab70f885f87b9fa0000000f01ed660f78c4020a66b839010f00d8b88d05000000000000c0fe0fae41d901008fc978c1d8b87f8b7f26ba000000000f30660fc771692e0fba600c980fd8a5050000000f3566b857000f00d0", 0xbe}], 0x1, 0x10, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

56.859686744s ago: executing program 0 (id=1518):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0xd2f0})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0)

56.687094052s ago: executing program 0 (id=1522):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000001c0)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x3}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)

56.467785643s ago: executing program 0 (id=1523):
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
fgetxattr(r2, &(0x7f0000000000)=ANY=[], 0x0, 0x0)

56.373567802s ago: executing program 35 (id=1523):
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
fgetxattr(r2, &(0x7f0000000000)=ANY=[], 0x0, 0x0)

50.022507119s ago: executing program 7 (id=1672):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000540)=ANY=[@ANYRES32=0x0, @ANYBLOB="8e29b5c6d59d9a8fa9f1222c", @ANYRES32, @ANYBLOB="d90f55b2fe87bccaae179697e871353358a10c2f9b664f24e6a9112c9e2e2e3003fa09469b1b", @ANYRES8], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x218, 0x218, 0x0, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {@empty, {[0x0, 0x0, 0xff]}}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'pimreg1\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

49.566976354s ago: executing program 7 (id=1685):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x39, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
setresuid(0xee00, 0xee00, 0x0)

49.562652335s ago: executing program 7 (id=1686):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})
fcntl$lock(r0, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})

48.603620709s ago: executing program 7 (id=1727):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r1, &(0x7f0000000040)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r0, r3, 0xfffffffffffffc01, 0x0)
tee(r0, r3, 0x60000000000, 0x0)
read$FUSE(r2, &(0x7f00000014c0)={0x2020}, 0x2020)

48.547855834s ago: executing program 7 (id=1728):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000004c0)='./file0\x00')
statx(0xffffffffffffff9c, &(0x7f0000000580)='./bus\x00', 0x800, 0x2, &(0x7f00000005c0))

48.507829459s ago: executing program 36 (id=1728):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000004c0)='./file0\x00')
statx(0xffffffffffffff9c, &(0x7f0000000580)='./bus\x00', 0x800, 0x2, &(0x7f00000005c0))

48.375337881s ago: executing program 37 (id=1729):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000100000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="5c000000240001052abd7000fedbdf250900000006000300000000000600040000000000060003000000000006000400000000000600040000000000060003000000000006000300000000000600030017c8"], 0x5c}, 0x1, 0x0, 0x0, 0x8004}, 0x800)

48.269335232s ago: executing program 38 (id=1734):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000340)={0x2, 0x46})

48.215173087s ago: executing program 39 (id=1733):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r0, r3, 0x53, 0x0)
write$binfmt_script(r3, &(0x7f0000000640)={'#! ', './file0'}, 0xb)
tee(r2, r1, 0x9, 0x8)

48.090841359s ago: executing program 40 (id=1735):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000180)={0x0, 0xf5, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x3a00, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000894)

48.0847887s ago: executing program 4 (id=1736):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000006110870000000000630a002e5f0000009500000c00000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x23d, 0x10, &(0x7f0000000000), 0xfffffe51, 0x0, 0xffffffffffffffff, 0xffffffffffffff4d}, 0x48)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0xb, "08405af3"}, @local=@item_4, @local=@item_4={0x3, 0x2, 0x0, "6fe695cd"}]}}, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)

48.024178516s ago: executing program 41 (id=1736):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000006110870000000000630a002e5f0000009500000c00000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x23d, 0x10, &(0x7f0000000000), 0xfffffe51, 0x0, 0xffffffffffffffff, 0xffffffffffffff4d}, 0x48)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0xb, "08405af3"}, @local=@item_4, @local=@item_4={0x3, 0x2, 0x0, "6fe695cd"}]}}, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)

47.967672252s ago: executing program 0 (id=1737):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000006000000b703000000000083850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='mm_page_alloc\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

47.894314879s ago: executing program 42 (id=1737):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000006000000b703000000000083850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='mm_page_alloc\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

47.851765244s ago: executing program 7 (id=1738):
syz_mount_image$fuse(0x0, &(0x7f0000002200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setresuid(0x0, 0xee00, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
fchmodat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x17f)

47.850746944s ago: executing program 43 (id=1738):
syz_mount_image$fuse(0x0, &(0x7f0000002200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setresuid(0x0, 0xee00, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
fchmodat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x17f)

38.524825538s ago: executing program 8 (id=1971):
syz_mount_image$f2fs(&(0x7f000000e000), &(0x7f0000000080)='./file2\x00', 0x10, &(0x7f000000df00)={[{@nodiscard}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@fault_type={'fault_type', 0x3d, 0x7fff}}, {@grpjquota}, {@noflush_merge}, {@nocheckpoint_merge}, {@acl}, {@gc_merge}, {@compress_cache}, {@alloc_mode_def}, {@noinline_xattr}, {@background_gc_off}, {@checkpoint_diasble}]}, 0x4, 0x550c, &(0x7f00000089c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+Nnhh/2nRau/byt6gjC1hj3uMKCBNUEAOpIU0QA3klhIiiPA4BCIOkTy2lej7JGcylvnxBsFhZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALt1X68Xt1e/rtjm7fTt5RgMAAABcsq3Wi/qfWep/be5/b279bPpFRJQRcWnuPopPZ5mjJqd6ef7m9PnqVQ13EXXC4T0mzfUlIv401+OPrj8FAAAA+Lg2y9U8zdbTn9nQBdGntGhTfvubKa+IiGr2kCmtPOT9yhRWf7/H8T9TWr2ANc0UlpbcxrnS3qT+uR9X7aYnTZGa8uLLjkVmGzsAANCj0VnT7ywEAACAPv0bugCGUcTzVuZxK3CSmmZ77/NZDwAAAHiHiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zc7OxlbFNcoeIqLgQS92u62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/0nEAu8ZbDHiJ4jszszO7kB7j+6Mwm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+O4kjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+mR4ufwh6ozDvTqSAQAA4GyIi/o+hLCTbCymfaOd1f9JcU1a83//7Cgu6vnDdX/RF7V/2n77dffF8UDt0TjpTW+sDPoXj6bSfHKznG3P/e0VzezJZ+9e4uwLaXyw9sIwyZ5n9O3jx++1snCuimwBgH/jQtHnQfH7UNr36kwMgDOjWSq8i/o/btebEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAVhmvh6SKOQggLzUmc2tp7sHxc/2h9e6FoVx8+XA9fT+6Z3iIJIdxYGfQvVjqb2Xb33v1bS4NB/071wSshhLpGfyef/q2Pprg4hFqej+D/Cfbn8i97RvI5IUGNP5QAADiVkryldf1OsrGYnovmQ9j/4WD9/3opDlPW/7sfX90sj1Wu/3uVzXD2dVdvf969e+/+myu3l272b/Y/fetS7+3e5WtXrlzrZu9Kut6YAAAA8N+08lau/xvzR9f/z5fiMGX9/8V3va/KY8Xq/2NNFv3qzgQAAOBse/7VP/+IjjkftVrhy6XV1Tu90XH8+dLoWEOq/9hc3sr1fzxfd1YAAABAFYZr0YH1/+ulOEy5/v/Mjy/9XL5nHEI4l6//X1j+bHC9uunMtCr+nLjuOQIAAFCvc3krr/8n2f7/xnjLQyOE8MZrozj/N4BT1f/x+9/8VB6rvP//cnVTnEmNzuh5ZH0nhGan7owAAAA4zZ7KW1rs/55sLH7yy/kPW/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFTtrwAAAP//RAE/8A==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0)

37.980668112s ago: executing program 8 (id=1994):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x9d)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

37.69582668s ago: executing program 8 (id=1999):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffff12850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='virtio_transport_alloc_pkt\x00', r0}, 0x10)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)

37.680582942s ago: executing program 8 (id=2002):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1a8584c, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

37.585560711s ago: executing program 8 (id=2005):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x1, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0xb00)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r1, 0x28, 0x8, 0x0, &(0x7f0000000000))

37.439687045s ago: executing program 8 (id=2007):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setlease(r0, 0x400, 0x2)

37.366058323s ago: executing program 44 (id=2007):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setlease(r0, 0x400, 0x2)

34.160268437s ago: executing program 9 (id=2067):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x0, 0x1ce)
utimensat(r2, 0x0, 0x0, 0x0)

34.133144s ago: executing program 9 (id=2069):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000056000000008eb5a86c0000000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='rss_stat\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)

34.087028554s ago: executing program 9 (id=2073):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r1 = socket$inet6(0xa, 0x80002, 0x0)
read(r0, &(0x7f00000002c0)=""/147, 0x93)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="540000001200998f00000000000000001d00000000004e2300000000ffffffffff0700000000000000000000000000000000000009000000", @ANYRES32=0x0, @ANYBLOB="0120200003000000eeff0080000000000800030011"], 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x20004010)

34.010484572s ago: executing program 9 (id=2077):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c71756965742c6e6f646f74732c666c7573682c756d61736b3d30303030303030303030303030303030303030303030302c646f74732c646f74732c756d61736b3d30303030303030303030303030303030303037373737372c6e66732c646f74732c747a3d5554432c646f74732c646f74732c6e6f636173652c7379735f696d6d757461626c652c646f74732c00f8a7354494367fe599abb0e9fee8f6cdbd4415cc7bc52b6352f54afc78e51de6b37ae8efbdfe1689a174697f9528b4217d017a472c4c8e00a5cdd06438f130234c66db3e61a4ea6b90f67ddc19c74c6ac93054e1668cf0ff55fdebea678f16269706271797abeebc6b043e549356dfa4c7e8b4e091a7a6cfc601e4e66e509afea6dcc9d274ab27afd6f183050075b86a3ffc8dfcd249c141fd90a5331224d62867d9b87a8e7d0cf56567584e7adde32f223d2a9bd69b39c51152b3a827f49a0f7e23d51ac4128630c7668a0b38090b5c86636aee6face102356400fbbd"], 0xfd, 0x1bf, &(0x7f0000000480)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
r0 = open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
pwritev2(r0, &(0x7f0000000000)=[{&(0x7f0000000340)='\b', 0x1}], 0x1, 0x7, 0x800, 0x0)

33.762325046s ago: executing program 9 (id=2091):
r0 = socket(0x10, 0x3, 0x0)
io_setup(0x2, &(0x7f0000000000)=<r1=>0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0x1)
syz_clone3(&(0x7f0000000300)={0x23800000, &(0x7f0000000040)=<r2=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_submit(r1, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r2, 0x0}])
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}}, 0x24}}, 0x44080)

33.587774573s ago: executing program 9 (id=2093):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
r1 = epoll_create(0x401)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x2000b96)
epoll_wait(r1, &(0x7f0000000e80)=[{}], 0x1, 0x0)
syz_clone3(0x0, 0x0)

33.551582157s ago: executing program 45 (id=2093):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
r1 = epoll_create(0x401)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x2000b96)
epoll_wait(r1, &(0x7f0000000e80)=[{}], 0x1, 0x0)
syz_clone3(0x0, 0x0)

6.208030221s ago: executing program 2 (id=2792):
r0 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020000000000000800000524050000082407000000009e0c240700000000a3e82f07070d2407010604000000000000e90924030000000001"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, 0x0, &(0x7f0000000140)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x500a}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000005c0)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x81, 0x1, "9a"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, &(0x7f0000000400)={0x40, 0x16, 0x1, "e6"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000180)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)

3.648788361s ago: executing program 2 (id=2837):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000440)='kfree\x00', r0}, 0x18)
syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)
readv(r1, &(0x7f0000000640)=[{&(0x7f0000000400)=""/244, 0xf4}], 0x1)

3.413489025s ago: executing program 2 (id=2844):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @call={0x85, 0x0, 0x0, 0x50}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

3.15138689s ago: executing program 5 (id=2851):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

3.097009806s ago: executing program 5 (id=2853):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x8000000010, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000b40)='neigh_create\x00', r1}, 0x18)
write(r2, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

3.046368261s ago: executing program 2 (id=2854):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
setuid(0xee01)

3.030619322s ago: executing program 5 (id=2855):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

3.013489594s ago: executing program 2 (id=2857):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
readv(r1, &(0x7f0000000500)=[{&(0x7f0000001800)=""/154, 0x9a}], 0x1)

2.990147336s ago: executing program 5 (id=2858):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000001000)='tlb_flush\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

2.495769615s ago: executing program 6 (id=2865):
socket$igmp(0x2, 0x3, 0x2)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002802d00", @ANYRES16=r0, @ANYRES32=r2], 0x44}}, 0x0)

2.495546914s ago: executing program 6 (id=2866):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sched_process_fork\x00', r1}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

2.495170234s ago: executing program 6 (id=2875):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000380)='./file0\x00', 0x10, &(0x7f0000000200), 0x0, 0x5ae, &(0x7f00000016c0)="$eJzs3d9vFNUeAPDv2d22QOG23NzkXi4PNiERErWlBaMxJkLENx/8QeITibUthLBApTURxAgJ/gf6B5j4ZmKMj8QYor746puJf4AhEgN98W3N7M6WBXZLu2w7yHw+ybDnzNnhnNnNt2fm7JmZAEprIvunErEnIhZTxFhHWS3ywonW++7cvjy3cvvyXIpG4+0/U6R8Xfv9KX8dzTfeFhG//JDi39UH6126eOnMbL2+cCHPTy2fXZxaunjpudNnZ08tnFo4NzP9wvTzhw/NHD44kP3cFRE/TR6rXTv56t5v5r7c/cl3X11PcSR25uWd+zEoEzGx+pl0yj7XFwddWUGq+f50fsWpVmCD2JD29zcUEf+NsajG3S9vLD59s9DGAZuqkSIaQEkl8Q8l1T4OyM5/20uxRyTAVrl1tDUAcCe1xvZWVuO/1hobjG3NsYEdKyk6h3VSRAxiZC6rY/HpNJYtsUnjcEB3V65GxP+69f+pGZvjzVH8LP4r98R/JSLeyF+z9W/1Wf/EfXnxD1vnUeL/3Y74f6/P+rvH/0if/xsAAAAAAACU242jEfFst9//Kqvzf6LL/J/RiDgygPof/vt/5eYAqgG6uHU04uWIaM/9W+mI/9x4Nc/tas4HGEonT9cXDkbEvyLiQAyNZPnpNeqY2PvzUM+yjvl/2ZLVv3jPz/+Vm7X7pgPMzy7P9r/HQNutqxH/r3WL/7Ta/6cu/X/W9y+us47GsVd+7FXWNf7zucDA5mp8EbG/a/9/984Vae37c0w1jwem2kcFD/roxPVve9Uv/qE4Wf+/Y+34H0+d9+tZ2ngdH//x2yPEf/fj/+F0vHnLmeF83Yezy8sXpiOG0+sd64da62c23mZ4ErXjoR0vWfwf2Nf9/H+t4//tEXFlnXUe//61a73K9P9QnCz+5zfU/288se+dz//qVf/6+v/DzT79QL7G+B+sbb0BWnQ7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCfqBIROyNVJlfTlcrkZMRoRPwndlTq55eWnzl5/oNz81lZ8/n/lfaTfsda+dR+/v94R37mvvyhiNgdEZ9Vtzfzk3Pn6/NF7zwAAAAAAAAAAAAAAAAAAAA8JkZ7XP+f+b1adOuATVe7mzxSZDuArVcrugFAYcQ/lJf4h/IS/1Be4h/KS/xDeYl/KC/xD+VVbXx9oug2AAAAAAAAA7P7qRu/poi48tL25pIZzsuGCm0ZsNlc7w/l5RY/UF6m/kF5tc7xR4puBlCg9JDybX1vCQAAAAAAAAAAAAAMyv49rv+HsqoU3QCgML2v/3dnAHjSuf4fyss5PvDw6//fn+tvSwAAAAAAAAAAAABgUJYuXjozW68vXOg3MfJom0tsaWIkHotmlDURaQARt0WJov8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbX8HAAD//97T+NI=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0xfb998b673fdec582)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

2.099089284s ago: executing program 2 (id=2867):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000080904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300020000000904010000020d00000904010102020d0000090582020002000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000680)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0xfff5, 0xc8, 0x0, 0xba1, 0x33f, 0x6, 0x1, 0x2, 0x400, 0x0, 0x4000, 0x3}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

2.098943033s ago: executing program 6 (id=2868):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='reno', 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)

2.082681865s ago: executing program 6 (id=2869):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f00000008c0)=';', 0x1)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r0, &(0x7f00000009c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x12003, 0x0)

2.068074967s ago: executing program 6 (id=2870):
socket$inet6(0xa, 0x1, 0x5)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r0 = syz_usb_connect(0x5, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x92, 0xec, 0xc6, 0x20, 0x5ac, 0x77c2, 0xeb3a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x20, 0x0, [{{0x9, 0x4, 0xc4, 0x1, 0x2, 0xff, 0xfd, 0x1, 0x80, [], [{{0x9, 0x5, 0x2, 0x2, 0x210, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0003060000000603"]}, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f0000000a40)={0x1c, &(0x7f0000000880)={0x20, 0x18, 0x6, "d8d655976537"}, 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)

2.011681282s ago: executing program 5 (id=2871):
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000340)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000140), 0x1e)
syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.990492884s ago: executing program 5 (id=2872):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='devlink_hwerr\x00', r1}, 0x11)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
write$cgroup_int(r3, &(0x7f00000001c0)=0x8200000000000000, 0xfffffdef)

976.138384ms ago: executing program 1 (id=2887):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x3ff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000380)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x55a8, &(0x7f00000014c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64asumCJWPBPEEisWPIbWMASdogFiB1SkWcm0KQNtI3jqO3zSDNn5vj1mXdGlqUzYzmAZ9ZC+sdvSZyIIxExFxHHk8i3k3KJuBNxsRj7QkScjIjKPUtS5v9OHIyIoxFxYlK8qJmUL31xenzq/K9v//7t94cOHPvymx/29cSBffViRPRXi+3b/SJmnSLeKPONcTeP/XPjMq5uqdHPivzt9kpe4XZjc1wjj2c7xfhs9dZwEq/3Gs1J7HSv5/nVQXHA4bizWWfyhvRGYy3fb7VX8tgdZnnsbBTHXd8ovts2hqOiTqus90lePkajzVjk2+vt4nxWb+axORiV+aJu1mqvT+K4jOXhopn1Wvk8Vh7zIj8B3ukObq2n4/basJsN0vO1+ku1+oVqfS1rtUftc9VGv3XhXLrY6U2GVUftRv9iJ8s6vXatmfWX0sVOs1mt19PFS+2VbmOQ1uu1s7Uz1fNL5dbp9I2rH6S9Vro4ia91B7dG3d4wvZ6tpcU7ltLl2tmXl9JT9fS9K9fSa+9evnzl2vsfXfrw6qtX3nq9HHTftNLF5TPLy9X6mepyfekZOv9Py0k/wvknD07/9OPuLhsUdviAAbCz+/r/2N7/h/4fmLrd9P/9m+X+3vT/8TD9f0yz/5+0VPr//+5/K4/U/56YSv87H/r/PTx/2JXH6/8PTn0eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADM3M/zX72ZbywU+8fK/P/K1HPlfhIRlYi4+wBzcXBLzbmyzvwO4+e3zeG7JPIKk2McKpejEXGxXP78/15fBQAAAHh6fX3n5OdFt16sFvZ7QsxScdOmcvzjKdVLImJ+4ZcpVatMVs9PqVj++T4Q61Oqlt/AOjylYsUttwPTqvZQ5raEw/eEpAiVmU4HAACYia2dwGy7EAAAAGbps3999ZWZzYMZS2LzUebms+D8l/f/PBA8Mlnd3fbjfgAAAOBJkuz3BAAAAIA9l/f//v8PAAAAnm7F//8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NzPjdpAFAfgZ4OB/FNQlHtayQ3KSAk55hgoIE1QAmkhDVADkXJICStYYc8ieRek1TLGWvR9ku2d8ernGeDyxtIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXfpbree/f375dWnObn+ZPLMBAAAATtlW63n9x7Rpv0v9H1LXp9QuIqKMiFO1+yBGrcxByqnO/H/1aAx/IuqEQ/84HW8j4ms67j52/SkAAADA7dosV7OmWm9OaQngX7+j4kqaRZvy/bdMeUVEVNP/mdLKw+lzprD69z2MH5nS6gWsSaawZsltePreKNdD2gaty8NMFvWXWLfKbp4LAAD0qV0JnKlCAAAAuAHf+x4A1/C0tC+Op+N7xnFzSS8E37RaAAAAwCtU9D0AAAAAoHN1/d/N/n+TF+3/V9j/DwAAALJr9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS9tqPd8sV7Nz9xfPzNntL5NvRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9+zPOwqEQBiEwd71ncnc/7DSoKGxSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABvfveX/xNT40wy99pYeh5J1k6NrVNj79w4+sP4+jUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+Pt3wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsW//vm1UcQDA3/lspylUhIAiEUAFdYCFpm5p6YoQKGLgT0CKUqcEXAptBlpFlCxsKHMXBAsSQkigsOV/6NxIXcrWIUOQmBiC7lf6nJgmpO05TT8f6fl9/Xx5P86Wla/fHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQWX83vNIo4zR7GCviqu32xuJsVq9tqzOry3cms5LFyUjVeuz1+mZ/oL0aPzk+MbyJAAAAcFgc2/WItMrvQwh3WyvTWd0Yy/P/VnVMlvP/UHaVlG3b8/61jcUj5UuTVf7/x+/3XtwaaCzNx8k6nZvvdU/tnEpz38t8wj236xHN/Mznv72k+RvS+HDphfVWfj6T727der+dhyN1zBYA2I+TVV0G1f9DWd0Z5sQAeGo0o8S7yv/TseHOCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAO60vhmSpOQgiTzftxZm1jcXZQ/c3yncnVspy7eXM57jProhVCmJvvdU/VuJaDqzqb1z+b6fW6V65eqzs4HkIY8NKNvf15Wk7/P49phxD6Wk68NKCfj/cw1rZ+dgTlxzPUew5Hs/XtenDS15LsOOHvbRaG8QGoK2iU78/jGGK09ve9P6g+e4++5//zXTLyaL6SAAA41FplyTLRu62V6awtGQ9h88f+/P+NKA59ef/mjaKleL4a5f/3Pjl3Ox4rzv87Na3vSTC1cOmLqavXrr81f2nmYvdi9/O3T3fe6Zw5f/bs+an8t5KpudDwiwkAAAAPoV2WOP8fHbD/fzSKwwP2/4st4SL///L7ztfxWKn8f6D7m37DngkAAMDTqL0VPf/a338lA45I2u3w1czCwpVO8bj1/HTxWOt092mkLHH+n44Pe1YAAABAHdaXkr79/wtRHB6w/x9f///szy//GveZFtcWXA4hdE/OXu5dqG85B1r/Tb8/pY/jRuV8oPawVwoAAMCwjJYl3v9vjWf5f2PrkodGCOHNEyH8U97DH/aY/6cffPtLPFZ8/f+ZWld58DQmivOR1xMhNCeGPSMAAAAOsyNlyZL9P1sr05/+dvSjtuv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr2bwAAAP//aR4tAA==")
unshare(0x4000500)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)

816.384589ms ago: executing program 3 (id=2890):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0xc004000)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r1)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), r1)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, r2, 0x1, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)

815.928009ms ago: executing program 1 (id=2891):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e1e, @local}, 0x10)
sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)
recvmmsg(r0, &(0x7f00000031c0)=[{{0x0, 0x1802, &(0x7f0000000a40)=[{&(0x7f00000008c0)=""/135, 0x87}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000980)=""/146, 0x92}, {&(0x7f0000000080)=""/43, 0x2b}, {&(0x7f0000000a80)=""/242, 0xf2}, {&(0x7f0000000b80)=""/143, 0x8f}], 0x4}, 0x2}], 0x400000000000300, 0x22, 0x0)

784.448322ms ago: executing program 3 (id=2892):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000040)={0x80, 0x40000103, 0x0, 0x0})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000008000003010040"])

783.963922ms ago: executing program 1 (id=2893):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfffffd9d)
r1 = socket(0x1e, 0x4, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10)
sendfile(r1, r0, 0x0, 0x8010002b)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x4, 0x3}, 0x10)

736.893997ms ago: executing program 3 (id=2894):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000180)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x20780, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x80000000)

659.671464ms ago: executing program 3 (id=2895):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x3040047, &(0x7f00000001c0)={[{@dioread_nolock}, {@test_dummy_encryption_v1}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@discard}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x11, 0x561, &(0x7f0000000a40)="$eJzs3c9rHOUbAPBnNpv+/n6bQilaRAI9GKndNIk/WvBQj6LFgt7rkkxDyaZbshtpYsH2YC9epAgiFsS73j0W/wD9Kwo2UKQEPXiJzGa22TS7yTbdNqn7+cCE992Z3XeenXnevO/OLBtA3xrO/hQiXo6Ir5OIwxGR5OuKka8cXt1u+eH1yWxJYmXl4z+TxnZZvflazecdzCsvRcSvX0acLDRfa01tYXGmXKmkc3l9tD57dbS2sHjq8mx5Op1Or4xPTJx5a2L87Dtv9yzW1y/8/d1Hd98/89WJ5W9/XjpyO4lzcShf1xrHU7jRWhmO4fw9GYxzj2041oPGdpNkp3eAbRnI83wwsj7gcAxsyFTgv+qLiFgB+lQi/6FPNccBzbl9j+bBL4wH761OgDbGX1z9bCT2NeZGB5aTdTOjbL471IP2szZ+uX/ndrZE7z6HANjSjZsRcbpY3Nj/JXn/t32nu9jm8Tb0f/D83M3GP2+0G/8UHo1/os3452Cb3N2OrfO/sNSDZjrKxn/vth3/FpqbDA3ktf81xnyDyaXLlTTr2/4fESMxuDerb3Y958zyvZVO61rHf9mStd8cC+b7sVTcu/45U+V6+WlibvXgZsTxtuPf5NHxT9oc/+z9uNBlG8fSO692Wrd1/M/Wyo8Rr7U9/mtXtJLNr0+ONs6H0eZZsdFft4793qn9nY4/O/4HNo9/KGm9Xlt78jZ+2PdP2mnduvij+/N/T/JJo7wnf+xauV6fG4vYk3y48fHxtec2683ts/hHTmze/7U7//dHxKddxn/r6E+vdBX//Tu/DUQ89+M/9UTH/8kL9z74/PtO7Xdx/i8V977ZKIzkD3TT/3W7g0/x1gEAAAAAAMCuU4iIQ5EUSo/KhUKptHp/x9E4UKhUa/WTl6rzV6ai8V3ZoRgsNK90H265H2Isvx82rx8fWV9PJyLiSER8M7C/US9NVitTOx08AAAAAAAAAAAAAAAAAAAA7BIHO3z/P/PHwE7vHfDM+clv6F9b5n8vfukJ2JX8/4f+Jf+hf8l/6F/yH/qX/If+Jf+hf8l/6F/yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrqwvnz2bKy/PD6ZFaf+mxhfuZsnJpKazOl2fnJ0mR17mppulqdrqSlyersVq9XqVavjo3H/LXRelqrj9YWFi/OVuev1C9eni1PpxfTwecSFQAAAAAAAAAAAAAAAAAAALxYaguLM+VKJZ1TUNhWobg7dkOhx4Wd7pkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM2/AQAA///bkjSR")
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)

500.526891ms ago: executing program 1 (id=2896):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e1d, 0xa9, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c)
connect$netlink(r0, &(0x7f00000000c0)=@unspec, 0xc)
syz_emit_ethernet(0x7e, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, '\x00', 0x48, 0x11, 0xff, @local, @local, {[], {0x4e1d, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "dc521c259b538a2bf2a113dc2eeec0a072edf20b6d59027f", "d646c098cfc27eb8549d66e7b21908546e551af9e59631718ba08900"}}}}}}}, 0x0)

415.845209ms ago: executing program 3 (id=2897):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000060000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200010, &(0x7f0000000680)=ANY=[@ANYBLOB="64656275672c757466383d312c757466383d302c757466383d312c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c002bc08d8cca74e8ecafb48437094fe1a4a2383bd9d85bff651d1101fd722e01b9b5d22f08b5fc0ac7cbf33fb553a90ae4d01d71ddeeb089f517aeaaa271899287d5b8949b22b23c2807b7d81714b89e9682f6c3faa6107733a77a4cf985560ed64ec24e255dee3654aa2ba55be4bf3ae257adba34bed8e32e4122bb46aa57a75dab0288098e42f886f09bdf63537db28a454b02a4204a7e7dac3c30a6d4b5c814916b02"], 0x3, 0x25a, &(0x7f0000000240)="$eJzs2s9rI2UYB/Bn6sqmXbqp+ItdEF/0oF6Gbc8edpEKYkFRK6yC7KydauyYlE4oRMT2pFf/BM/i0Zsge/TSi3+BB2+99LgHcSRNWtOysIs/mqX7+RySh3nnm7zzvmF4ErL/6refb6zX+XrRj5ksi5nrsRt3s1iImTiyG6+8dPOX5969+cGbN1ZWWuOjSymly8///OGXP7xwp3/p/R8v/3Qx9hY+2j9Y+n3vmb0r+3++92mnTp06dXv9VKTbvV6/uF2Vaa1Tb+QpvV2VRV2mTrcut06Mr1e9zc1BKrpr83ObW2Vdp6I7SBvlIPV7qb81SMUnRaeb8jxP83PBv7H6/d2miYPm8VvRNM3sd3HpTsz/Fu3InkjZk9ezp29lz+5mVw6apn06OjudGfPf+sf7z7kwvqkvv5NSK6L6Znt1e3X0PBxtxY316EQVZVyL2fgjhh+TsVH9+hsry9fSoYX4utoZ53e2Vx87fP3j/GK0Y+He+cVRPh3lL0bE8HFuMr8U7Xjq3vmlU/nR+7fi5Rcn8nm049ePoxdVrMUwGzvjJVj+ajGl195aOZW/engeAMB5k6djw/5t2LSd6N/y/MT4RH80yk/0h+379Ien+qsLcfXCdK+diHrwxUZRVeXW8AveYXF85FEtZieX5UGKo59C/r+JzZzYs4dloRTnuYj4bCp3JM7S35t+31NbZzIhAAAAAAAAAAAAHshZ/J1w2tcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA83P4KAAD//8scwHs=")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r2, r2, 0x0, 0x800000009)

367.668904ms ago: executing program 1 (id=2898):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2b}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

352.652915ms ago: executing program 3 (id=2899):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000580)='W', 0xfffffffffffffd3d, 0x10008095, 0x0, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000380)={@local, @broadcast}, 0xc)

0s ago: executing program 1 (id=2900):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
read$hiddev(r1, &(0x7f0000000140)=""/118, 0x76)

kernel console output (not intermixed with test programs):

ange from 0 to 512
[   99.323262][   T28] audit: type=1400 audit(2000000036.609:2650): avc:  denied  { mounton } for  pid=4177 comm="syz.7.1589" path="/12/file2/bus" dev="loop7" ino=1048656 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[   99.363030][ T3925] FAT-fs (loop7): error, invalid access to FAT (entry 0x0000e1b1)
[   99.374489][ T4182] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   99.380761][ T3925] FAT-fs (loop7): Filesystem has been set read-only
[   99.383950][ T4182] ext4 filesystem being mounted at /375/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.500050][ T4194] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4194 comm=syz.8.1595
[   99.516983][  T286] EXT4-fs (loop1): unmounting filesystem.
[   99.552758][   T28] audit: type=1400 audit(2000000036.812:2651): avc:  denied  { getopt } for  pid=4200 comm="syz.8.1599" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   99.578572][ T4203] 9p: Unknown uid 00000000004294967295
[   99.620801][ T4211] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   99.630805][ T4212] loop6: detected capacity change from 0 to 16
[   99.637627][ T4211] FAT-fs (loop3): unable to read boot sector
[   99.646717][ T4212] erofs: (device loop6): erofs_init_device: empty device tag @ pos 0
[   99.685836][ T4217] loop1: detected capacity change from 0 to 256
[   99.698789][ T4217] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   99.736107][ T4221] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1608'.
[   99.751458][ T4217] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   99.758409][ T4221] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1608'.
[   99.786294][ T4221] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1608'.
[   99.796148][ T4221] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1608'.
[   99.812336][ T4221] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1608'.
[   99.959902][ T4240] loop1: detected capacity change from 0 to 256
[  100.002521][ T4246] serio: Serial port ptm0
[  100.012761][ T4240] FAT-fs (loop1): Directory bread(block 64) failed
[  100.025567][ T4240] FAT-fs (loop1): Directory bread(block 65) failed
[  100.036579][ T4240] FAT-fs (loop1): Directory bread(block 66) failed
[  100.044357][ T4240] FAT-fs (loop1): Directory bread(block 67) failed
[  100.050957][ T4240] FAT-fs (loop1): Directory bread(block 68) failed
[  100.058916][ T4240] FAT-fs (loop1): Directory bread(block 69) failed
[  100.065558][ T4240] FAT-fs (loop1): Directory bread(block 70) failed
[  100.072603][ T4240] FAT-fs (loop1): Directory bread(block 71) failed
[  100.079572][ T4240] FAT-fs (loop1): Directory bread(block 72) failed
[  100.091835][ T4240] FAT-fs (loop1): Directory bread(block 73) failed
[  100.114248][ T4258] input: syz1 as /devices/virtual/input/input29
[  100.476527][    T6] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  100.628080][  T348] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  100.649732][   T39] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  100.672675][    T6] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.685632][    T6] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  100.695140][    T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.703244][    T6] usb 2-1: Product: syz
[  100.707478][    T6] usb 2-1: Manufacturer: syz
[  100.712213][    T6] usb 2-1: SerialNumber: syz
[  100.833902][  T348] usb 8-1: Using ep0 maxpacket: 32
[  100.840616][  T348] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.851686][  T348] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.856803][   T39] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  100.861562][  T348] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  100.871785][   T39] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  100.880834][  T348] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.892513][   T39] usb 9-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  100.902135][  T348] usb 8-1: config 0 descriptor??
[  100.907833][   T39] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.921053][   T39] usb 9-1: Product: syz
[  100.925283][   T39] usb 9-1: Manufacturer: syz
[  100.926587][  T348] hub 8-1:0.0: USB hub found
[  100.929912][   T39] usb 9-1: SerialNumber: syz
[  100.939718][   T39] usb 9-1: config 0 descriptor??
[  100.945494][ T4295] raw-gadget.2 gadget.8: fail, usb_ep_enable returned -22
[  100.952896][ T4295] raw-gadget.2 gadget.8: fail, usb_ep_enable returned -22
[  101.137565][ T4305] loop6: detected capacity change from 0 to 40427
[  101.144385][  T348] hub 8-1:0.0: 1 port detected
[  101.145762][ T4305] F2FS-fs (loop6): fault_injection options not supported
[  101.157723][ T4305] F2FS-fs (loop6): invalid crc value
[  101.165246][ T4305] F2FS-fs (loop6): Found nat_bits in checkpoint
[  101.180346][ T4295] raw-gadget.2 gadget.8: fail, usb_ep_enable returned -22
[  101.188222][ T4295] raw-gadget.2 gadget.8: fail, usb_ep_enable returned -22
[  101.211218][ T4305] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  101.236656][ T3860] syz-executor: attempt to access beyond end of device
[  101.236656][ T3860] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  101.537714][ T4316] netlink: 'syz.6.1649': attribute type 12 has an invalid length.
[  101.811253][    T6] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  101.817856][    T6] cdc_ncm 2-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  101.825647][  T348] hub 8-1:0.0: activate --> -90
[  101.831151][    T6] cdc_ncm 2-1:1.0: setting rx_max = 2048
[  101.852308][  T334] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  102.028508][    T6] cdc_ncm 2-1:1.0: setting tx_max = 36
[  102.036331][    T6] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  102.049387][    T6] usb 2-1: USB disconnect, device number 15
[  102.055651][    T6] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[  102.059662][  T334] usb 7-1: unable to get BOS descriptor or descriptor too short
[  102.072796][   T39] dm9601 9-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL
[  102.082296][  T334] usb 7-1: not running at top speed; connect to a high speed hub
[  102.091536][   T39] usb 9-1: USB disconnect, device number 3
[  102.098733][  T334] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  102.109259][  T334] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  102.120813][  T334] usb 7-1: string descriptor 0 read error: -22
[  102.127165][  T334] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  102.136269][  T334] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.146622][  T334] usb 7-1: 0:2 : does not exist
[  102.264906][  T349] usb 8-1: USB disconnect, device number 3
[  102.566593][ T4335] loop2: detected capacity change from 0 to 8192
[  102.611241][ T4335]  loop2: p1 < > p3[EZD]
[  102.616174][ T4335] loop2: p3 start 3238002688 is beyond EOD, truncated
[  102.836059][ T4342] loop1: detected capacity change from 0 to 40427
[  102.844599][ T4342] F2FS-fs (loop1): invalid crc value
[  102.853018][ T4342] F2FS-fs (loop1): Found nat_bits in checkpoint
[  102.902415][ T4342] F2FS-fs (loop1): Start checkpoint disabled!
[  102.918028][ T4342] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  102.982719][ T4367] loop7: detected capacity change from 0 to 256
[  103.000080][ T4369] loop2: detected capacity change from 0 to 128
[  103.001658][ T4367] FAT-fs (loop7): bogus number of FAT sectors
[  103.012742][ T4367] FAT-fs (loop7): Can't find a valid FAT filesystem
[  103.036980][  T344] kworker/u4:4: attempt to access beyond end of device
[  103.036980][  T344] loop1: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  103.267470][ T4387] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1683'.
[  103.312921][ T4391] loop2: detected capacity change from 0 to 128
[  103.340581][ T4391] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  103.358285][ T4391] ext4 filesystem being mounted at /341/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  103.543724][  T283] EXT4-fs (loop2): unmounting filesystem.
[  103.556673][  T334] usb 7-1: 5:0: cannot get min/max values for control 3 (id 5)
[  103.571912][  T334] usb 7-1: 5:0: failed to get current value for ch 1 (-22)
[  103.589301][  T334] usb 7-1: USB disconnect, device number 3
[  103.616114][ T4404] SELinux: security_context_str_to_sid () failed with errno=-22
[  103.701451][ T4413] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.712815][ T4413] FAT-fs (loop5): unable to read boot sector
[  103.815276][ T4423] loop8: detected capacity change from 0 to 512
[  104.138299][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  104.138314][   T28] audit: type=1400 audit(2000000041.049:2658): avc:  denied  { name_bind } for  pid=4457 comm="syz.2.1711" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  104.328210][ T4494] binder: 4483:4494 ioctl c0306201 200000000480 returned -14
[  104.534321][ T4501] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1730'.
[  105.316004][   T28] audit: type=1400 audit(2000000042.138:2659): avc:  denied  { read write } for  pid=4531 comm="syz.2.1747" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.351726][   T28] audit: type=1400 audit(2000000042.138:2660): avc:  denied  { open } for  pid=4531 comm="syz.2.1747" path="/dev/raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.377790][   T28] audit: type=1400 audit(2000000042.138:2661): avc:  denied  { ioctl } for  pid=4531 comm="syz.2.1747" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.418917][ T4523] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.426221][ T4523] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.434147][ T4523] device bridge_slave_0 entered promiscuous mode
[  105.475358][ T4523] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.482541][ T4523] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.490326][ T4523] device bridge_slave_1 entered promiscuous mode
[  105.527992][  T344] device bridge_slave_1 left promiscuous mode
[  105.534321][  T344] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.542464][  T344] device bridge_slave_0 left promiscuous mode
[  105.549235][  T344] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.562022][  T344] device bridge_slave_1 left promiscuous mode
[  105.568540][  T344] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.576392][  T344] device bridge_slave_0 left promiscuous mode
[  105.582875][  T344] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.592281][  T344] device veth1_macvtap left promiscuous mode
[  105.598624][  T344] device veth0_vlan left promiscuous mode
[  105.604519][  T349] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  105.612962][  T344] device veth1_macvtap left promiscuous mode
[  105.620007][  T344] device veth0_vlan left promiscuous mode
[  105.828486][  T349] usb 3-1: Using ep0 maxpacket: 32
[  105.834954][  T349] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.852579][  T349] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.863849][  T349] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  105.873035][  T349] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.881990][  T349] usb 3-1: config 0 descriptor??
[  105.957965][ T4528] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.976240][ T4528] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.991858][ T4528] device bridge_slave_0 entered promiscuous mode
[  106.021119][ T4528] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.029349][ T4528] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.037232][ T4528] device bridge_slave_1 entered promiscuous mode
[  106.292808][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  106.300796][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  106.321573][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  106.326401][  T349] savu 0003:1E7D:2D5A.001D: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  106.338150][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  106.359860][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.367155][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.381153][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  106.396061][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  106.404728][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.411994][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.436671][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  106.444753][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  106.463624][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  106.492140][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  106.530281][ T4523] device veth0_vlan entered promiscuous mode
[  106.536515][   T28] audit: type=1400 audit(2000000043.264:2662): avc:  denied  { watch_reads } for  pid=4582 comm="syz.1.1762" path="/405/file0" dev="tmpfs" ino=2139 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  106.557544][ T4523] device veth1_macvtap entered promiscuous mode
[  106.575509][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  106.586357][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  106.595678][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  106.603848][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  106.611713][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  106.620411][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  106.628364][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  106.631290][  T349] usb 3-1: USB disconnect, device number 19
[  106.648687][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  106.657665][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  106.666152][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.673392][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.681523][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  106.690045][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  106.699498][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.706764][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.714205][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  106.723069][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  106.746917][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  106.754973][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  106.764096][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  106.773227][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  106.781413][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  106.805841][ T4597] loop9: detected capacity change from 0 to 1024
[  106.812567][ T4597] EXT4-fs: Ignoring removed bh option
[  106.819149][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  106.828928][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  106.842028][ T4528] device veth0_vlan entered promiscuous mode
[  106.848787][ T4597] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  106.860462][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  106.869026][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  106.877372][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  106.885001][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  106.886813][ T4597] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  106.898767][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  106.910343][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  106.918678][ T4597] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3836: comm syz.9.1739: Allocating blocks 385-513 which overlap fs metadata
[  106.935307][ T4528] device veth1_macvtap entered promiscuous mode
[  106.937199][ T4597] EXT4-fs (loop9): pa ffff8881178f3bd0: logic 16, phys. 129, len 24
[  106.950063][ T4597] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 8
[  106.962117][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  106.974316][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  106.985098][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  106.993965][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  106.994023][  T852] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  107.002768][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  107.010074][ T4523] EXT4-fs (loop9): unmounting filesystem.
[  107.021608][ T4607] loop8: detected capacity change from 0 to 1024
[  107.028467][  T852] hid-generic 0000:0000:0000.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  107.030676][ T4607] EXT4-fs: Ignoring removed nomblk_io_submit option
[  107.048134][ T4607] ext4: Unknown parameter 'obj_role'
[  107.166187][ T4619] loop1: detected capacity change from 0 to 8192
[  107.174260][ T4619] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  107.186650][   T28] audit: type=1400 audit(2000000043.864:2663): avc:  denied  { mount } for  pid=4618 comm="syz.1.1773" name="/" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  107.232549][   T28] audit: type=1400 audit(2000000043.910:2664): avc:  denied  { unmount } for  pid=286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  107.442228][ T4650] netlink: 128 bytes leftover after parsing attributes in process `syz.8.1787'.
[  107.468030][ T4650] netlink: 128 bytes leftover after parsing attributes in process `syz.8.1787'.
[  107.616393][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  107.782611][ T4648] loop1: detected capacity change from 0 to 40427
[  107.799711][ T4648] F2FS-fs (loop1): heap/no_heap options were deprecated
[  107.808923][ T4648] F2FS-fs (loop1): fault_injection options not supported
[  107.816308][ T4648] F2FS-fs (loop1): fault_type options not supported
[  107.832147][ T4648] F2FS-fs (loop1): invalid crc value
[  107.863529][ T4648] F2FS-fs (loop1): Found nat_bits in checkpoint
[  107.961635][ T4648] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  108.026267][ T4648] syz.1.1786: attempt to access beyond end of device
[  108.026267][ T4648] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  108.063563][   T28] audit: type=1400 audit(2000000044.676:2665): avc:  denied  { create } for  pid=4645 comm="syz.1.1786" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  108.104554][   T28] audit: type=1400 audit(2000000044.695:2666): avc:  denied  { read } for  pid=4645 comm="syz.1.1786" name="file0" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  108.128243][  T286] syz-executor: attempt to access beyond end of device
[  108.128243][  T286] loop1: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  108.470871][ T4663] loop2: detected capacity change from 0 to 40427
[  108.489326][ T4663] F2FS-fs (loop2): fault_injection options not supported
[  108.504585][ T4663] F2FS-fs (loop2): fault_type options not supported
[  108.516802][ T4663] F2FS-fs (loop2): invalid crc value
[  108.536012][ T4663] F2FS-fs (loop2): Found nat_bits in checkpoint
[  108.616899][ T4663] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  108.676981][ T4675] loop6: detected capacity change from 0 to 32768
[  108.738788][ T4669] loop9: detected capacity change from 0 to 131072
[  108.745955][ T4669] F2FS-fs (loop9): Wrong CP boundary, start(512) end(1536) blocks(0)
[  108.754292][ T4669] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  108.761322][ T4675]  loop6: p1 p3 < >
[  108.768256][ T4669] F2FS-fs (loop9): invalid crc value
[  108.774292][  T283] syz-executor: attempt to access beyond end of device
[  108.774292][  T283] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  108.797552][ T4683] netlink: 'syz.1.1799': attribute type 6 has an invalid length.
[  108.806105][ T4669] F2FS-fs (loop9): Found nat_bits in checkpoint
[  108.846771][ T4669] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  108.853945][ T4669] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e4
[  108.962404][ T4694] incfs: Options parsing error. -22
[  108.969478][ T4694] incfs: mount failed -22
[  108.978562][ T4698] xt_bpf: check failed: parse error
[  109.018476][   T28] audit: type=1326 audit(2000000045.553:2667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4699 comm="syz.2.1805" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f883f98eec9 code=0x0
[  109.361341][ T4750] I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  109.370735][ T4750] FAT-fs (loop19): unable to read boot sector
[  109.609554][  T349] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  109.632554][ T4782] loop1: detected capacity change from 0 to 256
[  109.639476][ T4782] FAT-fs (loop1): bogus number of FAT sectors
[  109.645715][ T4782] FAT-fs (loop1): Can't find a valid FAT filesystem
[  109.670359][   T28] audit: type=1400 audit(2000000046.153:2668): avc:  denied  { ioctl } for  pid=4785 comm="syz.9.1843" path="socket:[37312]" dev="sockfs" ino=37312 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  109.793842][  T672] Bluetooth: hci0: command 0x1003 tx timeout
[  109.799937][ T1360] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  109.805847][  T349] usb 7-1: config 0 has an invalid interface number: 41 but max is 0
[  109.824197][  T349] usb 7-1: config 0 has no interface number 0
[  109.833115][  T349] usb 7-1: config 0 interface 41 has no altsetting 0
[  109.842214][ T4792] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4792 comm=syz.8.1846
[  109.857000][  T349] usb 7-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  109.872930][  T349] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.881078][  T349] usb 7-1: Product: syz
[  109.885387][  T349] usb 7-1: Manufacturer: syz
[  109.890016][  T349] usb 7-1: SerialNumber: syz
[  109.902576][  T349] usb 7-1: config 0 descriptor??
[  109.928260][ T4802] loop1: detected capacity change from 0 to 512
[  109.935581][ T4802] EXT4-fs: Ignoring removed bh option
[  109.946065][ T4802] EXT4-fs (loop1): 1 truncate cleaned up
[  109.951874][ T4802] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  109.963034][   T28] audit: type=1400 audit(2000000046.430:2669): avc:  denied  { create } for  pid=4801 comm="syz.1.1850" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  110.006401][  T286] EXT4-fs (loop1): unmounting filesystem.
[  110.024871][ T4811] loop1: detected capacity change from 0 to 1024
[  110.031703][ T4811] EXT4-fs: Ignoring removed orlov option
[  110.047680][ T4811] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  110.072019][ T4814] bridge0: port 3(macsec1) entered blocking state
[  110.081343][ T4814] bridge0: port 3(macsec1) entered disabled state
[  110.089512][ T4818] binder: 4817:4818 ioctl 40046205 0 returned -22
[  110.346312][ T4823] loop2: detected capacity change from 0 to 40427
[  110.353658][ T4823] F2FS-fs (loop2): heap/no_heap options were deprecated
[  110.360819][ T4823] F2FS-fs (loop2): fault_injection options not supported
[  110.368143][ T4823] F2FS-fs (loop2): fault_type options not supported
[  110.375626][ T4823] F2FS-fs (loop2): invalid crc value
[  110.388517][ T4823] F2FS-fs (loop2): Found nat_bits in checkpoint
[  110.448938][ T4823] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  110.488675][ T4823] syz.2.1859: attempt to access beyond end of device
[  110.488675][ T4823] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  110.515722][  T283] syz-executor: attempt to access beyond end of device
[  110.515722][  T283] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  110.777963][  T349] CoreChips 7-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  110.883268][ T4843] bridge0: port 3(vlan2) entered blocking state
[  110.890043][ T4843] bridge0: port 3(vlan2) entered disabled state
[  110.900390][ T4843] device vlan2 entered promiscuous mode
[  110.929346][ T4847] loop2: detected capacity change from 0 to 512
[  110.943370][ T4847] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  110.977701][ T4851] loop8: detected capacity change from 0 to 512
[  110.985036][ T4847] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002]
[  110.998544][ T4847] EXT4-fs (loop2): orphan cleanup on readonly fs
[  111.007882][  T349] CoreChips 7-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  111.021912][ T4847] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.1869: bad orphan inode 267
[  111.028883][  T349] CoreChips 7-1:0.41 (unnamed net_device) (uninitialized): Failed to power down PHY : -71
[  111.043223][ T4847] EXT4-fs (loop2): Remounting filesystem read-only
[  111.049973][ T4847] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  111.058913][  T349] CoreChips: probe of 7-1:0.41 failed with error -71
[  111.066824][  T349] usb 7-1: USB disconnect, device number 4
[  111.075315][ T4847] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.1869: dx entry: limit 0 != root limit 125
[  111.075532][ T4851] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  111.097954][ T4851] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.113274][ T4847] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1869: Corrupt directory, running e2fsck is recommended
[  111.127110][ T4847] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.1869: dx entry: limit 0 != root limit 125
[  111.154450][ T4851] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #2: comm syz.8.1870: corrupted inode contents
[  111.164209][ T4847] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1869: Corrupt directory, running e2fsck is recommended
[  111.190681][ T4851] EXT4-fs error (device loop8): ext4_dirty_inode:6121: inode #2: comm syz.8.1870: mark_inode_dirty error
[  111.197506][ T4847] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.1869: dx entry: limit 0 != root limit 125
[  111.217246][ T4847] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1869: Corrupt directory, running e2fsck is recommended
[  111.224228][ T4851] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #2: comm syz.8.1870: corrupted inode contents
[  111.231976][ T4847] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.1869: dx entry: limit 0 != root limit 125
[  111.254433][ T4847] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1869: Corrupt directory, running e2fsck is recommended
[  111.255502][  T286] EXT4-fs (loop1): unmounting filesystem.
[  111.268123][ T4847] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.1869: dx entry: limit 0 != root limit 125
[  111.278553][ T4851] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #2: comm syz.8.1870: mark_inode_dirty error
[  111.289481][ T4847] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1869: Corrupt directory, running e2fsck is recommended
[  111.332631][  T283] EXT4-fs (loop2): unmounting filesystem.
[  111.360152][ T4022] EXT4-fs (loop8): unmounting filesystem.
[  111.373828][ T4869] syz.1.1875[4869] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.373935][ T4869] syz.1.1875[4869] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.456476][ T4880] loop8: detected capacity change from 0 to 512
[  111.483200][ T4880] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  111.494738][ T4880] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  111.532802][ T4880] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2195: inode #15: comm syz.8.1878: corrupted in-inode xattr
[  111.556287][ T4880] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.1878: couldn't read orphan inode 15 (err -117)
[  111.588400][ T4880] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  111.604065][   T28] audit: type=1400 audit(2000000047.944:2670): avc:  denied  { write } for  pid=4892 comm="syz.1.1884" name="file0" dev="tmpfs" ino=2361 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  111.626988][   T28] audit: type=1400 audit(2000000047.944:2671): avc:  denied  { open } for  pid=4892 comm="syz.1.1884" path="/447/file0" dev="tmpfs" ino=2361 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  111.650593][   T28] audit: type=1400 audit(2000000047.944:2672): avc:  denied  { ioctl } for  pid=4892 comm="syz.1.1884" path="/447/file0" dev="tmpfs" ino=2361 ioctlcmd=0x1274 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  111.691426][ T4895] netlink: 'syz.6.1886': attribute type 12 has an invalid length.
[  111.749314][ T4022] EXT4-fs (loop8): unmounting filesystem.
[  111.798930][   T28] audit: type=1400 audit(2000000048.128:2673): avc:  denied  { setopt } for  pid=4906 comm="syz.8.1891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  111.911746][ T4921] netlink: 'syz.8.1898': attribute type 12 has an invalid length.
[  111.992989][ T4933] loop6: detected capacity change from 0 to 512
[  112.036690][ T4933] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  112.054612][ T4933] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  112.117259][ T4528] EXT4-fs (loop6): unmounting filesystem.
[  112.189535][ T4951] netlink: 'syz.6.1911': attribute type 12 has an invalid length.
[  112.344287][ T4967] loop9: detected capacity change from 0 to 1024
[  112.384949][ T4967] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  112.395695][ T4967] EXT4-fs error (device loop9): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.9.1918: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1
[  112.416823][ T4967] EXT4-fs error (device loop9) in ext4_delete_entry:2800: Corrupt filesystem
[  112.425994][ T4967] EXT4-fs warning (device loop9): ext4_rename_delete:3778: inode #2: comm syz.9.1918: Deleting old file: nlink 4, error=-117
[  112.447310][ T4523] EXT4-fs (loop9): unmounting filesystem.
[  112.501297][   T28] audit: type=1326 audit(2000000048.765:2674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4977 comm="syz.9.1922" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f330578eec9 code=0x0
[  112.536881][ T4965] loop6: detected capacity change from 0 to 40427
[  112.544399][ T4965] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  112.552870][ T4965] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  112.563679][ T4965] F2FS-fs (loop6): invalid crc value
[  112.585086][ T4965] F2FS-fs (loop6): Found nat_bits in checkpoint
[  112.599885][  T349] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  112.641319][ T4965] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  112.649212][   T28] audit: type=1400 audit(2000000048.894:2675): avc:  denied  { nlmsg_write } for  pid=5000 comm="syz.2.1932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  112.651952][ T4965] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  112.671597][   T28] audit: type=1400 audit(2000000048.894:2676): avc:  denied  { audit_write } for  pid=5000 comm="syz.2.1932" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  112.735544][   T28] audit: type=1107 audit(2000000048.894:2677): pid=5000 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  112.755754][ T4528] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  112.755778][ T4528] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  112.763713][ T4528] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  112.771820][ T4528] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  112.780131][ T4528] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  112.788190][ T4528] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  112.796781][ T4528] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  112.806918][  T349] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.843571][  T349] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.845808][ T5014] syz.2.1939[5014] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.854276][ T5014] syz.2.1939[5014] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.854381][  T349] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  112.890570][  T349] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  112.899852][  T349] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.916332][  T349] usb 2-1: config 0 descriptor??
[  113.124224][ T5030] loop2: detected capacity change from 0 to 1024
[  113.143675][ T5030] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  113.161138][  T283] EXT4-fs (loop2): unmounting filesystem.
[  113.357793][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.365305][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.372978][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.380470][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.387985][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.395565][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.403113][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.410550][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.418363][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.425873][ T5037] netlink: 'syz.9.1946': attribute type 12 has an invalid length.
[  113.433931][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.441887][  T349] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  113.449848][  T349] plantronics 0003:047F:FFFF.001F: No inputs registered, leaving
[  113.462282][ T5039] loop9: detected capacity change from 0 to 1024
[  113.468804][  T349] plantronics 0003:047F:FFFF.001F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  113.481708][ T5039] EXT4-fs: Ignoring removed orlov option
[  113.490977][ T5039] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  113.585892][ T4963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.594584][ T4963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.673304][   T39] usb 2-1: USB disconnect, device number 16
[  113.818098][ T5045] loop8: detected capacity change from 0 to 40427
[  113.825674][ T5045] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  113.833603][ T5045] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  113.843179][ T5045] F2FS-fs (loop8): invalid crc value
[  113.850281][ T5045] F2FS-fs (loop8): Found nat_bits in checkpoint
[  113.892530][ T5045] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  113.899777][ T5045] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  114.100537][ T5055] Non-string source
[  114.289992][  T349] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  114.353767][ T5076] netlink: 96 bytes leftover after parsing attributes in process `syz.8.1962'.
[  114.507769][  T349] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  114.526467][  T349] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  114.552376][  T349] usb 7-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  114.582329][  T349] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.597868][  T349] usb 7-1: Product: syz
[  114.602514][  T349] usb 7-1: Manufacturer: syz
[  114.603590][ T4523] EXT4-fs (loop9): unmounting filesystem.
[  114.607188][  T349] usb 7-1: SerialNumber: syz
[  114.618598][  T349] usb 7-1: config 0 descriptor??
[  114.628640][ T5053] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  114.636010][ T5053] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  114.758496][ T5118] loop2: detected capacity change from 0 to 512
[  114.764210][ T5122] syz.9.1981[5122] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.764923][ T5122] syz.9.1981[5122] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.789799][ T5094] loop8: detected capacity change from 0 to 40427
[  114.821698][ T5094] F2FS-fs (loop8): fault_injection options not supported
[  114.829017][ T5094] F2FS-fs (loop8): fault_type options not supported
[  114.837488][ T5118] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  114.846533][ T5094] F2FS-fs (loop8): Image doesn't support compression
[  114.854694][ T5094] F2FS-fs (loop8): invalid crc value
[  114.861360][ T5094] F2FS-fs (loop8): Found nat_bits in checkpoint
[  114.868396][ T5118] ext4 filesystem being mounted at /398/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.875559][ T5053] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  114.886339][ T5053] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  114.905789][  T283] EXT4-fs (loop2): unmounting filesystem.
[  114.935027][ T5094] F2FS-fs (loop8): Start checkpoint disabled!
[  114.942434][ T5094] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  114.984612][ T5094] syz.8.1971: attempt to access beyond end of device
[  114.984612][ T5094] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  115.034932][   T10] kworker/u4:1: attempt to access beyond end of device
[  115.034932][   T10] loop8: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  115.054984][ T5149] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1996'.
[  115.323626][ T5167] loop1: detected capacity change from 0 to 512
[  115.324404][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  115.324423][   T28] audit: type=1400 audit(2000000051.377:2699): avc:  denied  { mount } for  pid=5165 comm="syz.8.2002" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  115.331651][ T5167] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  115.373357][   T28] audit: type=1400 audit(2000000051.414:2700): avc:  denied  { mounton } for  pid=5165 comm="syz.8.2002" path="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  115.395954][ T5167] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002]
[  115.404932][ T5167] EXT4-fs (loop1): orphan cleanup on readonly fs
[  115.412206][ T5167] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.2003: bad orphan inode 267
[  115.423099][ T5167] EXT4-fs (loop1): Remounting filesystem read-only
[  115.430004][ T5167] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  115.430882][   T28] audit: type=1400 audit(2000000051.442:2701): avc:  denied  { unmount } for  pid=4022 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  115.467335][ T5167] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.2003: dx entry: limit 0 != root limit 125
[  115.479369][ T5167] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.2003: Corrupt directory, running e2fsck is recommended
[  115.493960][ T5167] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.2003: dx entry: limit 0 != root limit 125
[  115.506001][ T5167] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.2003: Corrupt directory, running e2fsck is recommended
[  115.521000][ T5167] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.2003: dx entry: limit 0 != root limit 125
[  115.533237][ T5167] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.2003: Corrupt directory, running e2fsck is recommended
[  115.547999][ T5167] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.2003: dx entry: limit 0 != root limit 125
[  115.560216][ T5167] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.2003: Corrupt directory, running e2fsck is recommended
[  115.573436][ T5167] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.2003: dx entry: limit 0 != root limit 125
[  115.585728][ T5167] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.2003: Corrupt directory, running e2fsck is recommended
[  115.610291][  T286] EXT4-fs (loop1): unmounting filesystem.
[  115.698733][ T5180] netlink: 'syz.1.2011': attribute type 8 has an invalid length.
[  115.806145][ T5181] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.814089][ T5181] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.817021][  T349] dm9601 7-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL
[  115.821955][ T5181] device bridge_slave_0 entered promiscuous mode
[  115.838165][ T5181] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.845306][ T5181] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.850203][  T349] usb 7-1: USB disconnect, device number 5
[  115.853077][ T5181] device bridge_slave_1 entered promiscuous mode
[  115.939488][ T5198] sch_fq: defrate 4294967295 ignored.
[  116.011510][  T344] device bridge_slave_1 left promiscuous mode
[  116.025500][  T344] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.039308][  T344] device bridge_slave_0 left promiscuous mode
[  116.049775][  T344] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.062291][  T344] device veth1_macvtap left promiscuous mode
[  116.068495][  T344] device veth0_vlan left promiscuous mode
[  116.189268][ T5181] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.196466][ T5181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.203812][ T5181] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.210972][ T5181] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.225067][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.236140][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.258168][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  116.269319][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  116.286451][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  116.295049][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  116.303595][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.310679][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.325046][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  116.334633][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  116.343836][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.350933][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.379996][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  116.388883][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  116.409536][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  116.418011][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  116.429009][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  116.438019][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  116.452302][ T5181] device veth0_vlan entered promiscuous mode
[  116.459888][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  116.468561][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  116.489325][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  116.500890][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  116.514474][ T5181] device veth1_macvtap entered promiscuous mode
[  116.530826][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  116.539650][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  116.551499][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  116.582764][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  116.593490][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  116.614353][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  116.623177][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  116.705134][   T28] audit: type=1400 audit(2000000052.642:2702): avc:  denied  { watch watch_reads } for  pid=5263 comm="syz.6.2041" path="/37/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  116.875741][ T5281] loop3: detected capacity change from 0 to 512
[  116.947870][ T5281] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  116.958428][ T5281] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002]
[  116.967125][ T5281] EXT4-fs (loop3): orphan cleanup on readonly fs
[  116.975465][ T5281] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.2048: bad orphan inode 267
[  116.986071][ T5281] EXT4-fs (loop3): Remounting filesystem read-only
[  116.993103][ T5281] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  117.005917][ T5281] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.2048: dx entry: limit 0 != root limit 125
[  117.018048][ T5281] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2048: Corrupt directory, running e2fsck is recommended
[  117.032224][ T5281] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.2048: dx entry: limit 0 != root limit 125
[  117.044918][ T5281] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2048: Corrupt directory, running e2fsck is recommended
[  117.059719][ T5281] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.2048: dx entry: limit 0 != root limit 125
[  117.071646][ T5281] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2048: Corrupt directory, running e2fsck is recommended
[  117.087349][ T5281] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.2048: dx entry: limit 0 != root limit 125
[  117.099239][ T5281] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2048: Corrupt directory, running e2fsck is recommended
[  117.112469][ T5281] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.2048: dx entry: limit 0 != root limit 125
[  117.124691][ T5281] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2048: Corrupt directory, running e2fsck is recommended
[  117.148617][ T5181] EXT4-fs (loop3): unmounting filesystem.
[  117.239883][ T5295] netlink: 68 bytes leftover after parsing attributes in process `syz.9.2054'.
[  117.291667][ T5286] loop6: detected capacity change from 0 to 40427
[  117.301290][ T5286] F2FS-fs (loop6): fault_injection options not supported
[  117.308984][ T5286] F2FS-fs (loop6): fault_type options not supported
[  117.316938][ T5286] F2FS-fs (loop6): invalid crc value
[  117.323654][ T5286] F2FS-fs (loop6): Found nat_bits in checkpoint
[  117.333605][ T5306] kvm: apic: phys broadcast and lowest prio
[  117.358945][ T5286] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  117.438862][ T5318] netem: incorrect ge model size
[  117.445880][ T5318] netem: change failed
[  118.800657][ T4528] syz-executor: attempt to access beyond end of device
[  118.800657][ T4528] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  118.838712][ T5328] incfs: Options parsing error. -22
[  118.845562][ T5328] incfs: mount failed -22
[  118.925810][ T5340] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2074'.
[  118.948062][ T5342] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2075'.
[  118.995263][ T5349] loop9: detected capacity change from 0 to 256
[  119.046503][ T5349] loop9: detected capacity change from 256 to 0
[  119.053639][    C0] I/O error, dev loop9, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  119.063120][ T5349] FAT-fs (loop9): FAT read failed (blocknr 1)
[  119.079368][    C0] I/O error, dev loop9, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  119.088783][ T5349] FAT-fs (loop9): unable to read inode block for updating (i_pos 197)
[  119.120270][ T5367] raw_sendmsg: syz.6.2085 forgot to set AF_INET. Fix it!
[  119.226201][    C0] I/O error, dev loop9, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  119.235782][ T4523] FAT-fs (loop9): Directory bread(block 3) failed
[  119.265864][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  119.280173][ T4979] FAT-fs (loop9): unable to read boot sector to mark fs as dirty
[  119.326260][   T28] audit: type=1400 audit(2000000055.069:2703): avc:  denied  { getopt } for  pid=5373 comm="syz.2.2088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  119.479542][  T349] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  119.693746][ T5386] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.702124][  T349] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  119.723681][  T349] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  119.736286][ T5386] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.756657][ T5386] device bridge_slave_0 entered promiscuous mode
[  119.773620][  T349] usb 4-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  119.796426][ T5386] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.803912][ T5386] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.814592][  T349] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.828616][  T349] usb 4-1: Product: syz
[  119.836860][ T5386] device bridge_slave_1 entered promiscuous mode
[  119.844659][  T349] usb 4-1: Manufacturer: syz
[  119.854024][  T349] usb 4-1: SerialNumber: syz
[  119.870351][  T349] usb 4-1: config 0 descriptor??
[  119.885005][ T5378] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  119.895053][ T5378] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  119.952662][ T5390] loop6: detected capacity change from 0 to 40427
[  119.963114][ T5390] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  119.982891][ T5390] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  120.001791][ T5390] F2FS-fs (loop6): invalid crc value
[  120.022597][ T5390] F2FS-fs (loop6): Found nat_bits in checkpoint
[  120.033810][ T5386] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.041090][ T5386] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.048425][ T5386] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.055512][ T5386] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.131528][ T5378] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  120.133630][ T5390] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  120.138866][ T5378] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  120.163407][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  120.173552][  T344] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.185446][ T5390] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  120.196943][  T344] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.220088][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  120.234470][  T344] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.241673][  T344] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.271264][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  120.279861][  T344] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.286969][  T344] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.306859][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  120.324491][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  120.334266][ T5390] syz.6.2097: attempt to access beyond end of device
[  120.334266][ T5390] loop6: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  120.360272][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  120.375368][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  120.394396][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  120.412447][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  120.431729][ T5386] device veth0_vlan entered promiscuous mode
[  120.455892][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  120.468411][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  120.489498][ T5386] device veth1_macvtap entered promiscuous mode
[  120.512240][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  120.523435][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  120.541728][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  120.577772][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  120.595902][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  120.628079][  T291] usb 3-1: new full-speed USB device number 20 using dummy_hcd
[  120.808786][ T5446] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2115'.
[  120.825376][   T10] device bridge_slave_1 left promiscuous mode
[  120.825447][  T291] usb 3-1: config 0 has an invalid interface number: 41 but max is 0
[  120.832657][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.850853][  T291] usb 3-1: config 0 has no interface number 0
[  120.857491][   T10] device bridge_slave_0 left promiscuous mode
[  120.859125][  T291] usb 3-1: config 0 interface 41 has no altsetting 0
[  120.868886][ T5452] loop5: detected capacity change from 0 to 512
[  120.882348][  T291] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  120.888785][ T5452] journal_path: Lookup failure for './file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  120.899127][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.924352][ T5454] syz.1.2120[5454] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.924433][ T5454] syz.1.2120[5454] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.929607][  T291] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.955919][ T5452] EXT4-fs: error: could not find journal device path
[  120.959144][  T291] usb 3-1: Product: syz
[  120.971878][  T291] usb 3-1: Manufacturer: syz
[  120.977490][  T291] usb 3-1: SerialNumber: syz
[  120.991604][   T10] device veth1_macvtap left promiscuous mode
[  120.998091][  T291] usb 3-1: config 0 descriptor??
[  121.003660][   T10] device veth0_vlan left promiscuous mode
[  121.020954][  T349] dm9601 4-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL
[  121.051531][  T349] usb 4-1: USB disconnect, device number 5
[  121.215251][ T5485] loop6: detected capacity change from 0 to 1024
[  121.229358][ T5485] EXT4-fs: Ignoring removed orlov option
[  121.244910][ T5485] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  121.424969][ T5489] loop5: detected capacity change from 0 to 40427
[  121.432217][ T5489] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  121.440304][ T5489] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  121.451401][ T5489] F2FS-fs (loop5): invalid crc value
[  121.458744][ T5489] F2FS-fs (loop5): Found nat_bits in checkpoint
[  121.507964][ T5489] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  121.515052][ T5489] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  121.609860][ T5500] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  121.640298][   T28] audit: type=1400 audit(2000000057.201:2704): avc:  denied  { relabelto } for  pid=5499 comm="syz.3.2137" name="" dev="pipefs" ino=41054 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:dhcp_state_t:s0"
[  121.788721][ T5504] device bridge1 entered promiscuous mode
[  121.897089][  T291] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  122.003976][   T19] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  122.112279][  T852] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  122.127170][  T291] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  122.138146][  T291] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): Failed to power down PHY : -71
[  122.148454][  T291] CoreChips: probe of 3-1:0.41 failed with error -71
[  122.157357][  T291] usb 3-1: USB disconnect, device number 20
[  122.200160][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.213630][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.225209][   T19] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  122.243670][ T4528] EXT4-fs (loop6): unmounting filesystem.
[  122.263620][   T19] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  122.272992][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.289381][   T19] usb 4-1: config 0 descriptor??
[  122.318229][  T852] usb 6-1: Using ep0 maxpacket: 32
[  122.326347][  T852] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  122.335004][  T852] usb 6-1: config 0 has no interface number 0
[  122.348233][  T852] usb 6-1: config 0 interface 184 has no altsetting 0
[  122.373043][  T852] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  122.385569][  T852] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.394993][  T852] usb 6-1: Product: syz
[  122.399767][  T852] usb 6-1: Manufacturer: syz
[  122.404843][  T852] usb 6-1: SerialNumber: syz
[  122.412676][  T852] usb 6-1: config 0 descriptor??
[  122.424299][  T852] smsc75xx v1.0.0
[  122.454947][ T5533] loop1: detected capacity change from 0 to 256
[  122.463052][ T5533] FAT-fs (loop1): Directory bread(block 1285) failed
[  122.473320][ T5533] FAT-fs (loop1): Directory bread(block 1285) failed
[  122.480503][ T5533] FAT-fs (loop1): FAT read failed (blocknr 1281)
[  122.488193][ T5533] FAT-fs (loop1): Directory bread(block 1285) failed
[  122.497243][ T5533] FAT-fs (loop1): FAT read failed (blocknr 1281)
[  122.505477][ T5533] FAT-fs (loop1): Directory bread(block 1285) failed
[  122.512290][ T5533] FAT-fs (loop1): FAT read failed (blocknr 1281)
[  122.521365][ T5533] FAT-fs (loop1): Directory bread(block 1285) failed
[  122.528365][ T5533] FAT-fs (loop1): FAT read failed (blocknr 1281)
[  122.536295][ T5533] FAT-fs (loop1): Directory bread(block 1285) failed
[  122.622711][ T5542] loop1: detected capacity change from 0 to 16
[  122.629612][ T5542] erofs: (device loop1): mounted with root inode @ nid 36.
[  122.738907][   T19] plantronics 0003:047F:FFFF.0020: No inputs registered, leaving
[  122.758129][   T19] plantronics 0003:047F:FFFF.0020: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  122.865747][ T5571] IPv6: sit1: Disabled Multicast RS
[  122.921343][ T5585] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  122.931329][ T5585] FAT-fs (loop13): unable to read boot sector
[  123.013847][ T5599] loop2: detected capacity change from 0 to 512
[  123.020820][ T5599] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  123.032768][ T5599] EXT4-fs (loop2): 1 truncate cleaned up
[  123.038657][ T5599] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  123.054059][ T5602] netlink: 'syz.6.2187': attribute type 1 has an invalid length.
[  123.056056][  T334] usb 4-1: USB disconnect, device number 6
[  123.062048][ T5602] netlink: 'syz.6.2187': attribute type 6 has an invalid length.
[  123.075775][ T5602] netlink: 52 bytes leftover after parsing attributes in process `syz.6.2187'.
[  123.106263][ T5604] netlink: 'syz.6.2188': attribute type 1 has an invalid length.
[  123.114368][ T5604] netlink: 'syz.6.2188': attribute type 2 has an invalid length.
[  123.125687][  T283] EXT4-fs (loop2): unmounting filesystem.
[  123.141268][ T5606] loop2: detected capacity change from 0 to 512
[  123.148395][ T5606] EXT4-fs: Ignoring removed oldalloc option
[  123.164757][ T5606] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  123.174243][ T5606] ext4 filesystem being mounted at /423/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.184910][   T39] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[  123.217092][  T283] EXT4-fs (loop2): unmounting filesystem.
[  123.392120][   T39] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[  123.400513][   T39] usb 2-1: config 0 has no interface number 0
[  123.406899][   T39] usb 2-1: config 0 interface 41 has no altsetting 0
[  123.415330][   T39] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  123.424675][   T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.433072][   T39] usb 2-1: Product: syz
[  123.437419][   T39] usb 2-1: Manufacturer: syz
[  123.442040][   T39] usb 2-1: SerialNumber: syz
[  123.447558][   T39] usb 2-1: config 0 descriptor??
[  123.519823][  T852] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[  123.529804][  T823] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  123.737505][  T823] usb 3-1: Using ep0 maxpacket: 32
[  123.743130][  T852] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  123.754587][  T852] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  123.765095][  T852] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  123.775785][  T852] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  123.783858][ T5629] loop3: detected capacity change from 0 to 256
[  123.785924][  T852] smsc75xx: probe of 6-1:0.184 failed with error -71
[  123.798711][  T823] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  123.798762][ T5629] FAT-fs (loop3): Directory bread(block 1285) failed
[  123.810077][  T852] usb 6-1: USB disconnect, device number 10
[  123.821551][  T823] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[  123.826633][ T5629] FAT-fs (loop3): Directory bread(block 1285) failed
[  123.835778][  T823] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  123.847406][  T823] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.855557][  T823] usb 3-1: Product: syz
[  123.858013][ T5629] FAT-fs (loop3): FAT read failed (blocknr 1281)
[  123.859890][  T823] usb 3-1: Manufacturer: syz
[  123.871236][  T823] usb 3-1: SerialNumber: syz
[  123.873522][ T5629] FAT-fs (loop3): Directory bread(block 1285) failed
[  123.883302][ T5629] FAT-fs (loop3): FAT read failed (blocknr 1281)
[  123.891228][ T5629] FAT-fs (loop3): Directory bread(block 1285) failed
[  123.898105][ T5629] FAT-fs (loop3): FAT read failed (blocknr 1281)
[  123.905337][ T5629] FAT-fs (loop3): Directory bread(block 1285) failed
[  123.912306][ T5629] FAT-fs (loop3): FAT read failed (blocknr 1281)
[  123.919549][ T5629] FAT-fs (loop3): Directory bread(block 1285) failed
[  124.097926][  T823] cdc_ncm 3-1:1.0: bind() failure
[  124.104009][  T823] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  124.110885][  T823] cdc_ncm 3-1:1.1: bind() failure
[  124.117413][  T823] usb 3-1: USB disconnect, device number 21
[  124.225016][  T291] usb 7-1: new full-speed USB device number 6 using dummy_hcd
[  124.333166][   T39] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  124.421256][  T291] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  124.434452][  T291] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  124.444031][  T291] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  124.452117][  T291] usb 7-1: SerialNumber: syz
[  124.458279][  T291] cdc_acm 7-1:1.0: skipping garbage
[  124.463840][  T291] cdc_acm: probe of 7-1:1.0 failed with error -12
[  124.474199][  T852] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  124.510312][   T28] audit: type=1400 audit(2000000059.860:2705): avc:  denied  { read } for  pid=5652 comm="syz.5.2209" path="socket:[41312]" dev="sockfs" ino=41312 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  124.565001][   T39] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  124.575867][   T39] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): Failed to power down PHY : -71
[  124.586049][   T39] CoreChips: probe of 2-1:0.41 failed with error -71
[  124.593695][   T39] usb 2-1: USB disconnect, device number 17
[  124.670533][  T852] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.683491][  T852] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  124.687583][   T19] usb 7-1: USB disconnect, device number 6
[  124.692962][  T852] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.707504][  T852] usb 4-1: Product: syz
[  124.724062][  T852] usb 4-1: Manufacturer: syz
[  124.728717][  T852] usb 4-1: SerialNumber: syz
[  125.283375][   T28] audit: type=1326 audit(2000000060.570:2706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.6.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9318eec9 code=0x7ffc0000
[  125.329716][   T28] audit: type=1326 audit(2000000060.570:2707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.6.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9318eec9 code=0x7ffc0000
[  125.392010][   T28] audit: type=1326 audit(2000000060.607:2708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.6.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f2e9318eec9 code=0x7ffc0000
[  125.458412][   T28] audit: type=1326 audit(2000000060.607:2709): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.6.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9318eec9 code=0x7ffc0000
[  125.508559][   T28] audit: type=1326 audit(2000000060.607:2710): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.6.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9318eec9 code=0x7ffc0000
[  125.555125][   T28] audit: type=1326 audit(2000000060.607:2711): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.6.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f2e9318eec9 code=0x7ffc0000
[  125.579821][   T28] audit: type=1326 audit(2000000060.607:2712): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.6.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9318eec9 code=0x7ffc0000
[  125.604391][   T28] audit: type=1326 audit(2000000060.607:2713): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.6.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9318eec9 code=0x7ffc0000
[  125.851048][  T852] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  125.863791][  T852] cdc_ncm 4-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  125.874722][  T852] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  126.075483][  T852] cdc_ncm 4-1:1.0: setting tx_max = 36
[  126.091498][  T852] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  126.109687][  T852] usb 4-1: USB disconnect, device number 7
[  126.129760][  T852] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  126.205550][ T5746] Source file dentry negative
[  126.416554][ T5753] loop2: detected capacity change from 0 to 32768
[  126.457207][ T5753]  loop2: p1 p3 < >
[  126.543638][  T291] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  126.596132][ T5786] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2264'.
[  126.740355][  T291] usb 6-1: config 13 has an invalid interface number: 215 but max is 0
[  126.749131][  T291] usb 6-1: config 13 has no interface number 0
[  126.755479][  T291] usb 6-1: config 13 interface 215 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  126.769499][  T291] usb 6-1: config 13 interface 215 has no altsetting 0
[  126.778207][  T291] usb 6-1: New USB device found, idVendor=0b57, idProduct=08c2, bcdDevice= 2.16
[  126.794764][  T291] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.803870][  T291] usb 6-1: Product: syz
[  126.810380][  T291] usb 6-1: Manufacturer: syz
[  126.815847][  T291] usb 6-1: SerialNumber: syz
[  127.140826][  T291] usbhid 6-1:13.215: couldn't find an input interrupt endpoint
[  127.149446][  T291] usb 6-1: USB disconnect, device number 11
[  127.185408][ T5836] loop6: detected capacity change from 0 to 256
[  127.194967][ T5836] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18d7c, utbl_chksum : 0xe619d30d)
[  127.209973][ T5836] exFAT-fs (loop6): hint_cluster is invalid (17)
[  127.468755][   T28] audit: type=1400 audit(2000000062.582:2714): avc:  denied  { setopt } for  pid=5856 comm="syz.6.2297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  127.735259][  T291] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  127.775649][ T5880] loop6: detected capacity change from 0 to 8192
[  127.783768][ T5880] FAT-fs (loop6): Unrecognized mount option "18446744073709551615" or missing value
[  127.902576][ T5891] device pim6reg1 entered promiscuous mode
[  127.942281][  T291] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  127.962861][  T291] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  127.990255][  T291] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  128.003561][  T291] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.012183][  T291] usb 3-1: Product: syz
[  128.016507][  T291] usb 3-1: Manufacturer: syz
[  128.021371][  T291] usb 3-1: SerialNumber: syz
[  128.028850][  T291] usb 3-1: config 0 descriptor??
[  128.034154][ T5853] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  128.044453][ T5853] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  128.071170][  T349] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  128.266170][  T349] usb 6-1: Using ep0 maxpacket: 16
[  128.273803][ T5853] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  128.281221][ T5853] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  128.290034][  T349] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.301139][  T349] usb 6-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[  128.310404][  T349] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.320558][  T349] usb 6-1: config 0 descriptor??
[  128.762165][  T349] greenasia 0003:0E8F:0012.0021: unknown main item tag 0x0
[  128.775397][  T349] greenasia 0003:0E8F:0012.0021: unknown main item tag 0x0
[  128.793767][  T349] greenasia 0003:0E8F:0012.0021: unknown main item tag 0x0
[  128.804678][  T349] greenasia 0003:0E8F:0012.0021: unknown main item tag 0x0
[  128.825772][  T349] greenasia 0003:0E8F:0012.0021: unknown main item tag 0x0
[  128.841121][  T349] greenasia 0003:0E8F:0012.0021: hidraw0: USB HID v0.05 Device [HID 0e8f:0012] on usb-dummy_hcd.5-1/input0
[  128.872882][  T349] greenasia 0003:0E8F:0012.0021: no inputs found
[  128.987277][  T349] usb 6-1: USB disconnect, device number 12
[  129.159162][  T291] dm9601 3-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL
[  129.177200][  T291] usb 3-1: USB disconnect, device number 22
[  129.310229][ T5924] input: syz1 as /devices/virtual/input/input30
[  129.323907][ T5927] syz.6.2325[5927] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.323992][ T5927] syz.6.2325[5927] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.354020][ T5932] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5932 comm=syz.1.2327
[  129.559296][ T5952] loop6: detected capacity change from 0 to 512
[  129.566515][ T5952] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  129.584791][ T5952] EXT4-fs (loop6): 1 truncate cleaned up
[  129.590638][ T5952] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  129.609268][ T4528] EXT4-fs (loop6): unmounting filesystem.
[  129.712303][  T349] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  129.775437][ T5971] syz.2.2345[5971] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.775513][ T5971] syz.2.2345[5971] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.825441][ T5976] loop2: detected capacity change from 0 to 4096
[  129.845454][ T5976] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  129.869112][  T283] EXT4-fs (loop2): unmounting filesystem.
[  129.897964][ T5981] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2349'.
[  129.913172][  T349] usb 2-1: Using ep0 maxpacket: 32
[  129.920445][  T349] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.931606][  T349] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.941693][  T349] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  129.951001][  T349] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.959920][  T349] usb 2-1: config 0 descriptor??
[  130.244186][   T28] audit: type=1326 audit(2000000065.148:2715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5986 comm="syz.6.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9318eec9 code=0x7fc00000
[  130.403440][  T349] hid-led 0003:27B8:01ED.0022: item fetching failed at offset 0/2
[  130.422315][  T349] hid-led: probe of 0003:27B8:01ED.0022 failed with error -22
[  130.432974][    T6] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  130.569712][ T6002] loop5: detected capacity change from 0 to 1024
[  130.609897][ T6002] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  130.625742][  T349] usb 2-1: USB disconnect, device number 18
[  130.633062][    T6] usb 4-1: config 13 has an invalid interface number: 215 but max is 0
[  130.643997][ T6002] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3836: comm syz.5.2357: Allocating blocks 497-513 which overlap fs metadata
[  130.659221][    T6] usb 4-1: config 13 has no interface number 0
[  130.666014][    T6] usb 4-1: config 13 interface 215 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  130.680200][    T6] usb 4-1: config 13 interface 215 has no altsetting 0
[  130.687917][ T6002] EXT4-fs (loop5): pa ffff8881178f35e8: logic 16, phys. 129, len 24
[  130.696186][ T6002] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1
[  130.717885][ T5386] EXT4-fs (loop5): unmounting filesystem.
[  130.726989][    T6] usb 4-1: New USB device found, idVendor=0b57, idProduct=08c2, bcdDevice= 2.16
[  130.747182][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.755372][    T6] usb 4-1: Product: syz
[  130.759631][    T6] usb 4-1: Manufacturer: syz
[  130.768882][    T6] usb 4-1: SerialNumber: syz
[  130.795718][ T6008] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2359'.
[  130.826688][   T28] audit: type=1326 audit(2000000065.684:2716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6009 comm="syz.5.2360" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7b33b8eec9 code=0x0
[  130.924577][   T28] audit: type=1326 audit(2000000065.776:2717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5986 comm="syz.6.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2e9318eec9 code=0x7fc00000
[  131.087651][ T6026] xt_bpf: check failed: parse error
[  131.153893][    T6] usbhid 4-1:13.215: couldn't find an input interrupt endpoint
[  131.162651][    T6] usb 4-1: USB disconnect, device number 8
[  131.206497][ T6033] xt_bpf: check failed: parse error
[  131.276645][ T6042] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2373'.
[  131.285939][ T6042] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2373'.
[  131.297390][ T6044] input: syz1 as /devices/virtual/input/input31
[  131.415245][ T6071] loop2: detected capacity change from 0 to 128
[  131.475871][ T6081] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2394'.
[  131.486862][ T6081] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2394'.
[  131.515996][ T6089] loop2: detected capacity change from 0 to 512
[  131.624014][ T6097] xt_bpf: check failed: parse error
[  131.737316][ T6112] loop5: detected capacity change from 0 to 256
[  131.747001][ T6112] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf4000b1f, utbl_chksum : 0xe619d30d)
[  131.808950][    T6] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  131.824396][ T6119] futex_wake_op: syz.1.2409 tries to shift op by -1; fix this program
[  132.014923][    T6] usb 7-1: Using ep0 maxpacket: 16
[  132.021667][    T6] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  132.032828][    T6] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  132.041927][    T6] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.050658][    T6] usb 7-1: config 0 descriptor??
[  132.491830][    T6] hid (null): invalid report_size 5632
[  132.497384][    T6] hid (null): unknown global tag 0xc
[  132.503652][    T6] hid-generic 0003:04D8:00DD.0023: invalid report_size 5632
[  132.510961][    T6] hid-generic 0003:04D8:00DD.0023: item 0 2 1 7 parsing failed
[  132.518886][    T6] hid-generic: probe of 0003:04D8:00DD.0023 failed with error -22
[  132.714172][  T349] usb 7-1: USB disconnect, device number 7
[  132.935958][  T291] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  132.943692][    T6] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  133.142772][  T291] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  133.152107][    T6] usb 3-1: config 13 has an invalid interface number: 215 but max is 0
[  133.161142][    T6] usb 3-1: config 13 has no interface number 0
[  133.167522][  T291] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.175870][    T6] usb 3-1: config 13 interface 215 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  133.189458][    T6] usb 3-1: config 13 interface 215 has no altsetting 0
[  133.196661][  T291] usb 4-1: config 0 descriptor??
[  133.203938][    T6] usb 3-1: New USB device found, idVendor=0b57, idProduct=08c2, bcdDevice= 2.16
[  133.213365][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.221742][    T6] usb 3-1: Product: syz
[  133.225948][    T6] usb 3-1: Manufacturer: syz
[  133.230699][    T6] usb 3-1: SerialNumber: syz
[  133.423902][ T6203] netem: change failed
[  133.434066][  T334] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  133.494283][ T6209] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2450'.
[  133.553193][ T6211] loop6: detected capacity change from 0 to 1024
[  133.583944][ T6211] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  133.596259][ T6211] EXT4-fs (loop6): orphan cleanup on readonly fs
[  133.597352][    T6] usbhid 3-1:13.215: couldn't find an input interrupt endpoint
[  133.603023][ T6211] EXT4-fs error (device loop6): ext4_free_blocks:6205: comm syz.6.2451: Freeing blocks not in datazone - block = 0, count = 4096
[  133.621450][    T6] usb 3-1: USB disconnect, device number 23
[  133.630889][ T6211] EXT4-fs (loop6): 1 orphan inode deleted
[  133.636842][ T6211] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  133.650759][  T334] usb 2-1: Using ep0 maxpacket: 16
[  133.657646][ T4528] EXT4-fs (loop6): unmounting filesystem.
[  133.662065][  T334] usb 2-1: config 0 interface 0 has no altsetting 0
[  133.670206][  T334] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  133.679485][  T334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.688716][  T334] usb 2-1: config 0 descriptor??
[  133.705857][ T6215] netlink: 224 bytes leftover after parsing attributes in process `syz.6.2452'.
[  133.715012][ T6215] netlink: 224 bytes leftover after parsing attributes in process `syz.6.2452'.
[  133.724173][ T6215] netlink: 38 bytes leftover after parsing attributes in process `syz.6.2452'.
[  134.036184][ T6206] loop5: detected capacity change from 0 to 131072
[  134.044272][ T6206] F2FS-fs (loop5): invalid crc value
[  134.052089][ T6206] F2FS-fs (loop5): Found nat_bits in checkpoint
[  134.092533][ T6206] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  134.138175][  T334] hid (null): nested delimiters
[  134.143747][  T334] hid (null): bogus close delimiter
[  134.362052][  T334] usb 2-1: USB disconnect, device number 19
[  134.379233][ T6235] netlink: 168 bytes leftover after parsing attributes in process `syz.6.2461'.
[  134.409334][ T6235] tipc: Started in network mode
[  134.414330][ T6235] tipc: Node identity 0000000000005f120000000000000001, cluster identity 4711
[  134.445284][ T6235] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  134.473785][ T6227] loop2: detected capacity change from 0 to 40427
[  134.486336][ T6227] F2FS-fs (loop2): fault_injection options not supported
[  134.493762][ T6227] F2FS-fs (loop2): fault_type options not supported
[  134.502097][ T6227] F2FS-fs (loop2): invalid crc value
[  134.508146][  T291] usb 4-1: Cannot set autoneg
[  134.512962][  T291] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -71
[  134.524527][  T291] usb 4-1: USB disconnect, device number 9
[  134.527644][ T6227] F2FS-fs (loop2): Found nat_bits in checkpoint
[  134.575558][ T6227] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  134.603921][ T6250] input: syz0 as /devices/virtual/input/input32
[  134.633652][ T6227] syz.2.2457: attempt to access beyond end of device
[  134.633652][ T6227] loop2: rw=2049, sector=45096, nr_sectors = 520 limit=40427
[  134.660806][ T6258] device veth0 entered promiscuous mode
[  134.667031][ T6256] device veth0 left promiscuous mode
[  134.673585][  T283] syz-executor: attempt to access beyond end of device
[  134.673585][  T283] loop2: rw=2049, sector=45616, nr_sectors = 8 limit=40427
[  134.709571][ T6262] loop5: detected capacity change from 0 to 1024
[  134.721407][ T6262] EXT4-fs: Ignoring removed nobh option
[  134.727455][ T6262] EXT4-fs: Ignoring removed bh option
[  134.733402][ T6262] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  134.763747][ T6262] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  134.789088][ T5386] EXT4-fs (loop5): unmounting filesystem.
[  134.814388][ T6274] loop5: detected capacity change from 0 to 1024
[  134.855720][ T6274] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  134.864498][ T6274] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.909483][ T6287] netlink: 104 bytes leftover after parsing attributes in process `syz.6.2481'.
[  134.971119][ T6274] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: comm syz.5.2477: lblock 0 mapped to illegal pblock 0 (length 1)
[  134.985545][ T6297] syz.1.2486[6297] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.985631][ T6297] syz.1.2486[6297] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.990872][ T6274] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: comm syz.5.2477: lblock 0 mapped to illegal pblock 0 (length 1)
[  135.022395][ T6274] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  135.034980][ T6274] EXT4-fs (loop5): This should not happen!! Data will be lost
[  135.034980][ T6274] 
[  135.063805][ T6301] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2488'.
[  135.093072][ T6301] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2488'.
[  135.104367][ T5386] EXT4-fs (loop5): unmounting filesystem.
[  135.258666][ T6337] ------------[ cut here ]------------
[  135.264219][ T6337] WARNING: CPU: 0 PID: 6337 at mm/page_alloc.c:5841 __alloc_pages+0x272/0x450
[  135.273240][ T6337] Modules linked in:
[  135.277430][ T6337] CPU: 0 PID: 6337 Comm: syz.3.2505 Not tainted syzkaller #0
[  135.284855][ T6337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  135.294969][ T6337] RIP: 0010:__alloc_pages+0x272/0x450
[  135.300373][ T6337] Code: 0c 25 28 00 00 00 48 3b 8c 24 c0 00 00 00 0f 85 a3 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 f2 79 bf 05 01 <0f> 0b eb a5 a9 00 00 08 00 48 8b 54 24 08 75 17 44 89 f6 81 e6 7f
[  135.320193][ T6337] RSP: 0018:ffffc900011af5a0 EFLAGS: 00010246
[  135.326396][ T6337] RAX: ffffc900011af600 RBX: 0000000000000016 RCX: 0000000000000000
[  135.334779][ T6337] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffffc900011af628
[  135.342968][ T6337] RBP: ffffc900011af6b8 R08: dffffc0000000000 R09: ffffc900011af610
[  135.351074][ T6337] R10: fffff52000235ec5 R11: 1ffff92000235ec2 R12: dffffc0000000000
[  135.359364][ T6337] R13: 0000000000000000 R14: 0000000000040dc0 R15: 1ffff92000235eb8
[  135.367394][ T6337] FS:  00007febe51e56c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  135.376444][ T6337] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  135.383296][ T6337] CR2: 000020000000f000 CR3: 0000000120464000 CR4: 00000000003506b0
[  135.391409][ T6337] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  135.399455][ T6337] DR3: 0000000000007fff DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  135.407580][ T6337] Call Trace:
[  135.410973][ T6337]  <TASK>
[  135.413916][ T6337]  ? __cfi___alloc_pages+0x10/0x10
[  135.419077][ T6337]  __kmalloc_large_node+0xa1/0x1c0
[  135.424210][ T6337]  ? hashtab_init+0xcd/0x160
[  135.428847][ T6337]  __kmalloc+0xe0/0x1e0
[  135.433077][ T6337]  hashtab_init+0xcd/0x160
[  135.437554][ T6337]  symtab_init+0x40/0x60
[  135.441905][ T6337]  class_read+0x1f5/0xab0
[  135.446271][ T6337]  ? hashtab_init+0xcd/0x160
[  135.451611][ T6337]  ? __cfi_class_read+0x10/0x10
[  135.456597][ T6337]  ? __kmalloc+0xb1/0x1e0
[  135.461158][ T6337]  ? __cfi_class_read+0x10/0x10
[  135.466141][ T6337]  policydb_read+0xb0f/0x25e0
[  135.471042][ T6337]  ? __cfi_policydb_read+0x10/0x10
[  135.476263][ T6337]  ? __kasan_kmalloc+0x95/0xb0
[  135.481204][ T6337]  ? security_load_policy+0x118/0xea0
[  135.486642][ T6337]  ? kmalloc_trace+0x40/0xb0
[  135.491264][ T6337]  security_load_policy+0x153/0xea0
[  135.496510][ T6337]  ? irqentry_exit+0x37/0x40
[  135.501131][ T6337]  ? exc_page_fault+0x5e/0xb0
[  135.505984][ T6337]  ? asm_exc_page_fault+0x27/0x30
[  135.511024][ T6337]  ? __cfi_security_load_policy+0x10/0x10
[  135.516782][ T6337]  ? copy_user_enhanced_fast_string+0xa/0x40
[  135.522879][ T6337]  sel_write_load+0x36f/0x5e0
[  135.527653][ T6337]  ? __cfi_sel_write_load+0x10/0x10
[  135.532973][ T6337]  ? security_file_permission+0x94/0xb0
[  135.538820][ T6337]  ? __cfi_sel_write_load+0x10/0x10
[  135.544040][ T6337]  vfs_write+0x40c/0xca0
[  135.548408][ T6337]  ? __cfi_vfs_write+0x10/0x10
[  135.553239][ T6337]  ? __kasan_check_write+0x14/0x20
[  135.558599][ T6337]  ? mutex_lock+0x8d/0x1a0
[  135.563037][ T6337]  ? __cfi_mutex_lock+0x10/0x10
[  135.567926][ T6337]  ? __fdget_pos+0x2cd/0x380
[  135.572566][ T6337]  ? ksys_write+0x71/0x240
[  135.576995][ T6337]  ksys_write+0x140/0x240
[  135.581514][ T6337]  ? __cfi_ksys_write+0x10/0x10
[  135.586394][ T6337]  ? fpregs_restore_userregs+0x128/0x260
[  135.592227][ T6337]  __x64_sys_write+0x7b/0x90
[  135.596839][ T6337]  x64_sys_call+0x27b/0x9a0
[  135.601389][ T6337]  do_syscall_64+0x4c/0xa0
[  135.605908][ T6337]  ? clear_bhb_loop+0x30/0x80
[  135.610698][ T6337]  ? clear_bhb_loop+0x30/0x80
[  135.615620][ T6337]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  135.621894][ T6337] RIP: 0033:0x7febe438eec9
[  135.626526][ T6337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.647049][ T6337] RSP: 002b:00007febe51e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  135.655641][ T6337] RAX: ffffffffffffffda RBX: 00007febe45e5fa0 RCX: 00007febe438eec9
[  135.663784][ T6337] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000003
[  135.671885][ T6337] RBP: 00007febe4411f91 R08: 0000000000000000 R09: 0000000000000000
[  135.680013][ T6337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  135.688242][ T6337] R13: 00007febe45e6038 R14: 00007febe45e5fa0 R15: 00007ffda85b8d98
[  135.696747][ T6337]  </TASK>
[  135.699896][ T6337] ---[ end trace 0000000000000000 ]---
[  135.709474][ T6337] SELinux: failed to load policy
[  135.740735][ T6346] incfs: iterate_incfs_dir / -22
[  135.767819][ T6346] incfs: iterate_incfs_dir / -22
[  135.839496][ T6359] loop6: detected capacity change from 0 to 128
[  135.857262][ T6359] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  135.867192][ T6359] ext4 filesystem being mounted at /196/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  135.899183][ T6369] netlink: 'syz.2.2519': attribute type 1 has an invalid length.
[  135.916217][ T4528] EXT4-fs (loop6): unmounting filesystem.
[  135.932917][ T6373] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2521'.
[  135.960687][ T6382] serio: Serial port ptm0
[  136.218443][  T852] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  136.413276][ T6425] loop6: detected capacity change from 0 to 1024
[  136.424349][  T852] usb 3-1: Using ep0 maxpacket: 32
[  136.432138][ T6425] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  136.437211][  T852] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  136.441233][ T6425] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.467488][  T852] usb 3-1: config 0 has no interface number 0
[  136.471098][ T6414] loop3: detected capacity change from 0 to 40427
[  136.474204][  T852] usb 3-1: config 0 interface 184 has no altsetting 0
[  136.482023][ T6414] F2FS-fs (loop3): invalid crc value
[  136.494244][ T6414] F2FS-fs (loop3): Found nat_bits in checkpoint
[  136.501842][  T852] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  136.524124][  T852] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.549501][  T852] usb 3-1: Product: syz
[  136.553912][  T852] usb 3-1: Manufacturer: syz
[  136.560853][  T852] usb 3-1: SerialNumber: syz
[  136.572221][  T852] usb 3-1: config 0 descriptor??
[  136.578654][ T6414] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  136.593411][ T6425] EXT4-fs error (device loop6): ext4_map_blocks:745: inode #15: comm syz.6.2544: lblock 0 mapped to illegal pblock 0 (length 1)
[  136.593715][  T852] smsc75xx v1.0.0
[  136.608363][ T6425] EXT4-fs error (device loop6): ext4_map_blocks:745: inode #15: comm syz.6.2544: lblock 0 mapped to illegal pblock 0 (length 1)
[  136.624159][ T6425] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  136.638277][ T6425] EXT4-fs (loop6): This should not happen!! Data will be lost
[  136.638277][ T6425] 
[  136.692179][ T4528] EXT4-fs (loop6): unmounting filesystem.
[  136.948959][ T6465] loop3: detected capacity change from 0 to 1024
[  136.979485][ T6465] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  136.988127][ T6465] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.989411][ T6455] loop6: detected capacity change from 0 to 40427
[  137.002596][ T6465] EXT4-fs error (device loop3): ext4_free_blocks:6205: comm syz.3.2561: Freeing blocks not in datazone - block = 0, count = 16
[  137.006472][ T6455] F2FS-fs (loop6): fault_injection options not supported
[  137.023152][ T6465] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  137.027433][ T6455] F2FS-fs (loop6): invalid crc value
[  137.040839][ T6465] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  137.058702][ T6465] EXT4-fs (loop3): This should not happen!! Data will be lost
[  137.058702][ T6465] 
[  137.068550][ T6465] EXT4-fs (loop3): Total free blocks count 0
[  137.075310][ T6465] EXT4-fs (loop3): Free/Dirty block details
[  137.081389][ T6465] EXT4-fs (loop3): free_blocks=4293918720
[  137.082324][ T6455] F2FS-fs (loop6): Found nat_bits in checkpoint
[  137.088712][ T6465] EXT4-fs (loop3): dirty_blocks=16
[  137.100100][ T6465] EXT4-fs (loop3): Block reservation details
[  137.106695][ T6465] EXT4-fs (loop3): i_reserved_data_blocks=1
[  137.148279][ T5181] EXT4-fs (loop3): unmounting filesystem.
[  137.156602][ T6455] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  137.198291][  T344] tipc: Subscription rejected, illegal request
[  137.287329][ T6474] f2fs_ckpt-7:6: attempt to access beyond end of device
[  137.287329][ T6474] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  137.470141][   T28] audit: type=1400 audit(2000000071.812:2718): avc:  denied  { relabelto } for  pid=6501 comm="+}[@" name="NETLINK" dev="sockfs" ino=44336 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_route_socket permissive=1
[  137.702774][   T19] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  137.713841][  T852] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[  137.897792][   T19] usb 4-1: Using ep0 maxpacket: 16
[  137.899083][   T19] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  137.914123][   T19] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  137.924698][   T19] usb 4-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 0.00
[  137.934352][   T19] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.934379][   T19] usb 4-1: Product: syz
[  137.934395][   T19] usb 4-1: Manufacturer: syz
[  137.934411][   T19] usb 4-1: SerialNumber: syz
[  137.934487][  T852] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  137.934514][  T852] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  137.934533][  T852] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  137.934552][  T852] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  137.934616][  T852] smsc75xx: probe of 3-1:0.184 failed with error -71
[  137.935966][  T852] usb 3-1: USB disconnect, device number 24
[  137.945938][   T19] usb 4-1: config 0 descriptor??
[  138.894547][   T39] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  139.105753][   T19] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  139.122142][   T39] usb 6-1: Using ep0 maxpacket: 16
[  139.142998][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.154800][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.165033][   T39] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  139.174236][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.183476][   T39] usb 6-1: config 0 descriptor??
[  139.273730][  T291] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  139.332692][   T19] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  139.342914][   T19] asix 4-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  139.353637][   T19] asix: probe of 4-1:0.0 failed with error -71
[  139.361309][   T19] usb 4-1: USB disconnect, device number 10
[  139.369674][ T6606] device wireguard0 entered promiscuous mode
[  139.468884][  T291] usb 7-1: Using ep0 maxpacket: 8
[  139.475407][  T291] usb 7-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  139.484711][  T291] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.493931][  T291] usb 7-1: config 0 descriptor??
[  139.625413][   T39] appleir 0003:05AC:8241.0025: unknown main item tag 0x0
[  139.632900][   T39] appleir 0003:05AC:8241.0025: unknown main item tag 0x0
[  139.641192][   T39] appleir 0003:05AC:8241.0025: item fetching failed at offset 2/5
[  139.649503][   T39] appleir 0003:05AC:8241.0025: parse failed
[  139.656080][   T39] appleir: probe of 0003:05AC:8241.0025 failed with error -22
[  139.819984][ T6627] loop2: detected capacity change from 0 to 40427
[  139.827674][ T6627] F2FS-fs (loop2): fault_injection options not supported
[  139.835684][ T6627] F2FS-fs (loop2): invalid crc value
[  139.843926][ T6627] F2FS-fs (loop2): Found nat_bits in checkpoint
[  139.850197][   T19] usb 6-1: USB disconnect, device number 13
[  139.884868][ T6627] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  139.934261][  T291] usb 7-1: Found UVC 0.00 device <unnamed> (2833:0201)
[  139.942824][  T291] usb 7-1: No valid video chain found.
[  139.981656][ T6632] f2fs_ckpt-7:2: attempt to access beyond end of device
[  139.981656][ T6632] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  140.064610][   T39] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  140.100509][ T6649] loop3: detected capacity change from 0 to 128
[  140.107272][   T28] audit: type=1400 audit(2000000074.249:2719): avc:  denied  { remount } for  pid=6648 comm="syz.3.2640" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  140.154306][  T852] usb 7-1: USB disconnect, device number 8
[  140.271610][   T39] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  140.282834][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.294309][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.304639][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  140.325608][   T39] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  140.335421][   T39] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  140.345552][   T39] usb 2-1: Manufacturer: syz
[  140.359487][   T39] usb 2-1: config 0 descriptor??
[  140.380918][   T28] audit: type=1400 audit(2000000074.508:2720): avc:  denied  { module_request } for  pid=6676 comm="syz.2.2652" kmod="net-pf-3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  140.439609][ T6686] netlink: 7 bytes leftover after parsing attributes in process `syz.2.2656'.
[  140.547662][ T6709] netlink: 176 bytes leftover after parsing attributes in process `syz.5.2662'.
[  140.582454][ T6714] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  140.591401][ T6714] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.600014][ T6714] device bridge_slave_1 left promiscuous mode
[  140.607094][ T6714] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.621509][ T6714] IPv6: ADDRCONF(NETDEV_CHANGE): ipip0: link becomes ready
[  140.629019][ T6714] device vlan2 left promiscuous mode
[  140.641672][ T6714] device bridge_slave_0 left promiscuous mode
[  140.648879][ T6714] bridge0: port 3(vlan2) entered disabled state
[  140.679479][ T6719] device wireguard0 entered promiscuous mode
[  140.806014][   T39] appleir 0003:05AC:8243.0026: unknown main item tag 0x0
[  140.813950][   T39] appleir 0003:05AC:8243.0026: No inputs registered, leaving
[  140.822806][   T39] appleir 0003:05AC:8243.0026: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  140.878106][   T19] kernel write not supported for file bpf-map (pid: 19 comm: kworker/0:1)
[  140.937596][ T6748] device wireguard0 entered promiscuous mode
[  140.943908][  T291] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  141.169772][  T291] usb 4-1: Using ep0 maxpacket: 16
[  141.176558][  T291] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.187761][  T291] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  141.197028][  T291] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.205880][  T291] usb 4-1: config 0 descriptor??
[  141.436468][ T6767] netlink: 'syz.6.2687': attribute type 12 has an invalid length.
[  141.578059][ T6780] loop5: detected capacity change from 0 to 1024
[  141.586532][ T6780] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  141.649739][  T291] hid (null): invalid report_size 5632
[  141.655270][  T291] hid (null): unknown global tag 0xc
[  141.661723][  T291] hid-generic 0003:04D8:00DD.0027: invalid report_size 5632
[  141.669314][  T291] hid-generic 0003:04D8:00DD.0027: item 0 2 1 7 parsing failed
[  141.677111][  T291] hid-generic: probe of 0003:04D8:00DD.0027 failed with error -22
[  141.765605][  T852] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  141.877473][  T291] usb 4-1: USB disconnect, device number 11
[  141.972722][  T852] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.990567][  T852] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  142.005988][  T852] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.020108][  T852] usb 7-1: Product: syz
[  142.027949][  T852] usb 7-1: Manufacturer: syz
[  142.036024][  T852] usb 7-1: SerialNumber: syz
[  142.730245][ T6817] loop3: detected capacity change from 0 to 40427
[  142.738680][ T6817] F2FS-fs (loop3): invalid crc value
[  142.763194][ T6817] F2FS-fs (loop3): Found nat_bits in checkpoint
[  142.837145][ T6817] F2FS-fs (loop3): Start checkpoint disabled!
[  142.854800][ T6817] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  142.924920][ T6817] F2FS-fs (loop3): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  142.979495][  T344] kworker/u4:4: attempt to access beyond end of device
[  142.979495][  T344] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  143.018329][   T28] audit: type=1400 audit(2000000076.935:2721): avc:  denied  { relabelfrom } for  pid=6831 comm="syz.2.2717" name="NETLINK" dev="sockfs" ino=45713 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  143.044503][ T6832] SELinux:  Context system_u:object_r:bsdpty_device_t:s0 is not valid (left unmapped).
[  143.082110][   T28] audit: type=1400 audit(2000000076.990:2722): avc:  denied  { relabelto } for  pid=6831 comm="syz.2.2717" name="NETLINK" dev="sockfs" ino=45713 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_generic_socket permissive=1 trawcon="system_u:object_r:bsdpty_device_t:s0"
[  143.131674][  T852] cdc_ncm 7-1:1.0: MAC-Address: 42:42:42:42:42:42
[  143.149985][  T852] cdc_ncm 7-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  143.160821][  T852] cdc_ncm 7-1:1.0: setting rx_max = 2048
[  143.346796][ T6851] binder: 6850:6851 ioctl c0306201 2000000001c0 returned -14
[  143.348934][  T852] cdc_ncm 7-1:1.0: setting tx_max = 36
[  143.378354][  T852] cdc_ncm 7-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.6-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  143.401964][  T334] usb 2-1: USB disconnect, device number 20
[  143.410305][ T6853] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  143.423300][  T852] usb 7-1: USB disconnect, device number 9
[  143.433032][ T6853] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  143.441827][  T852] cdc_ncm 7-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.6-1, CDC NCM (NO ZLP)
[  143.471899][ T6853] device bridge_slave_0 left promiscuous mode
[  143.478359][ T6853] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.487236][ T6853] device bridge_slave_1 left promiscuous mode
[  143.493828][ T6853] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.518919][ T6849] loop3: detected capacity change from 0 to 40427
[  143.540406][ T6849] F2FS-fs (loop3): fault_injection options not supported
[  143.553515][ T6849] F2FS-fs (loop3): invalid crc value
[  143.588511][ T6849] F2FS-fs (loop3): Found nat_bits in checkpoint
[  143.664494][ T6849] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  143.768951][ T6864] f2fs_ckpt-7:3: attempt to access beyond end of device
[  143.768951][ T6864] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  143.831007][   T28] audit: type=1326 audit(2000000077.683:2723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6885 comm="syz.1.2737" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff01358eec9 code=0x0
[  143.925275][   T28] audit: type=1400 audit(2000000077.775:2724): avc:  denied  { map } for  pid=6889 comm="syz.3.2738" path="socket:[46424]" dev="sockfs" ino=46424 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  144.003656][ T6905] loop3: detected capacity change from 0 to 512
[  144.011136][ T6905] EXT4-fs (loop3): invalid journal inode
[  144.474179][ T6929] device wireguard0 entered promiscuous mode
[  144.674088][ T6938] loop5: detected capacity change from 0 to 512
[  144.713467][ T6938] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  144.729081][ T6938] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.769239][ T5386] EXT4-fs (loop5): unmounting filesystem.
[  144.968652][   T28] audit: type=1400 audit(2000000078.735:2725): avc:  denied  { relabelfrom } for  pid=6961 comm="syz.6.2770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  144.969193][   T28] audit: type=1400 audit(2000000078.735:2726): avc:  denied  { relabelto } for  pid=6961 comm="syz.6.2770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  145.188465][ T6970] loop6: detected capacity change from 0 to 1024
[  145.214298][ T6970] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  145.288798][ T6960] loop5: detected capacity change from 0 to 40427
[  145.289715][ T6960] F2FS-fs (loop5): fault_injection options not supported
[  145.290618][ T6960] F2FS-fs (loop5): invalid crc value
[  145.311117][ T6960] F2FS-fs (loop5): Found nat_bits in checkpoint
[  145.353842][ T6960] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  145.437673][ T6981] f2fs_ckpt-7:5: attempt to access beyond end of device
[  145.437673][ T6981] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  145.503448][  T852] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  145.644276][  T823] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  145.699602][  T852] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  145.710298][  T852] usb 7-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  145.719605][  T852] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.728322][  T852] usb 7-1: config 0 descriptor??
[  145.734452][  T852] usb-storage 7-1:0.0: USB Mass Storage device detected
[  145.742315][  T852] usb-storage 7-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  145.839241][  T823] usb 2-1: Using ep0 maxpacket: 16
[  145.845910][  T823] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.857179][  T823] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.867098][  T823] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  145.876221][  T823] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.884953][  T823] usb 2-1: config 0 descriptor??
[  145.956189][   T19] usb 7-1: USB disconnect, device number 10
[  146.314551][ T7004] loop5: detected capacity change from 0 to 256
[  146.321537][ T7004] exfat: Deprecated parameter 'namecase'
[  146.330838][ T7004] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d)
[  146.338793][  T823] appleir 0003:05AC:8241.0028: unknown main item tag 0x0
[  146.354887][  T823] appleir 0003:05AC:8241.0028: unknown main item tag 0x0
[  146.362185][  T823] appleir 0003:05AC:8241.0028: item fetching failed at offset 2/5
[  146.370547][  T823] appleir 0003:05AC:8241.0028: parse failed
[  146.376629][  T823] appleir: probe of 0003:05AC:8241.0028 failed with error -22
[  146.515903][ T4528] EXT4-fs (loop6): unmounting filesystem.
[  146.565722][  T349] usb 2-1: USB disconnect, device number 21
[  146.699535][ T7011] loop2: detected capacity change from 0 to 40427
[  146.707726][ T7011] F2FS-fs (loop2): invalid crc value
[  146.714468][ T7011] F2FS-fs (loop2): Found nat_bits in checkpoint
[  146.753831][ T7011] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  146.754454][ T7019] loop5: detected capacity change from 0 to 40427
[  146.769278][ T7019] F2FS-fs (loop5): invalid crc value
[  146.775734][ T7019] F2FS-fs (loop5): Found nat_bits in checkpoint
[  146.782556][  T283] syz-executor: attempt to access beyond end of device
[  146.782556][  T283] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  146.817564][ T7019] F2FS-fs (loop5): Start checkpoint disabled!
[  146.824473][ T7019] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  146.868483][  T334] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  146.877203][ T7019] F2FS-fs (loop5): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  146.913242][   T10] kworker/u4:1: attempt to access beyond end of device
[  146.913242][   T10] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  147.097308][  T334] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 254, changing to 11
[  147.108723][  T334] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.118762][  T334] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  147.131908][  T334] usb 7-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  147.141366][  T334] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.150333][  T334] usb 7-1: config 0 descriptor??
[  147.167500][   T28] audit: type=1400 audit(2000000080.766:2727): avc:  denied  { sqpoll } for  pid=7034 comm="syz.1.2795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  147.193532][  T823] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  147.373870][  T334] usbhid 7-1:0.0: can't add hid device: -71
[  147.379967][  T334] usbhid: probe of 7-1:0.0 failed with error -71
[  147.387198][  T334] usb 7-1: USB disconnect, device number 11
[  147.399413][  T823] usb 3-1: Using ep0 maxpacket: 16
[  147.405888][  T823] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  147.414915][  T823] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  147.425052][  T823] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  147.435841][  T823] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  147.445423][  T823] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.453441][  T823] usb 3-1: Product: syz
[  147.457669][  T823] usb 3-1: Manufacturer: syz
[  147.462281][  T823] usb 3-1: SerialNumber: syz
[  147.904238][  T823] usb 3-1: 0:2 : does not exist
[  147.961716][ T7045] loop5: detected capacity change from 0 to 512
[  148.051326][ T7045] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  148.076652][ T7045] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.126283][ T7045] EXT4-fs (loop5): re-mounted. Quota mode: writeback.
[  148.156678][ T5386] EXT4-fs (loop5): unmounting filesystem.
[  148.313526][ T7070] loop5: detected capacity change from 0 to 512
[  148.384240][ T7070] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.2811: bg 0: block 248: padding at end of block bitmap is not set
[  148.407247][ T7070] Quota error (device loop5): write_blk: dquota write failed
[  148.415077][ T7070] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  148.450331][  T349] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  148.450400][ T7070] EXT4-fs error (device loop5): ext4_acquire_dquot:6803: comm syz.5.2811: Failed to acquire dquot type 1
[  148.476076][ T7070] EXT4-fs (loop5): 1 truncate cleaned up
[  148.481884][ T7070] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  148.491043][ T7070] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.513809][ T7070] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 2 index 20
[  148.524929][ T7070] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 1310722
[  148.537462][ T7070] EXT4-fs error (device loop5): ext4_acquire_dquot:6803: comm syz.5.2811: Failed to acquire dquot type 1
[  148.560673][ T5386] EXT4-fs (loop5): unmounting filesystem.
[  148.567033][   T10] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-5
[  148.568579][   T28] audit: type=1400 audit(2000000082.058:2728): avc:  denied  { write } for  pid=7076 comm="syz.6.2814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  148.576147][   T10] EXT4-fs error (device loop5): ext4_release_dquot:6839: comm kworker/u4:1: Failed to release dquot type 1
[  148.645350][  T349] usb 2-1: Using ep0 maxpacket: 16
[  148.653892][  T349] usb 2-1: unable to get BOS descriptor or descriptor too short
[  148.662993][  T349] usb 2-1: unable to read config index 0 descriptor/start: -71
[  148.671779][  T349] usb 2-1: can't read configurations, error -71
[  148.781388][  T823] usb 3-1: USB disconnect, device number 25
[  149.206176][ T7115] loop5: detected capacity change from 0 to 16
[  149.212966][ T7115] erofs: (device loop5): mounted with root inode @ nid 36.
[  149.223258][ T7115] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36
[  149.231388][ T7116] device wireguard0 entered promiscuous mode
[  149.359607][ T7132] serio: Serial port ptm0
[  149.484880][ T7145] loop3: detected capacity change from 0 to 4096
[  149.493010][ T7145] EXT4-fs (loop3): Test dummy encryption mode enabled
[  149.502970][ T7145] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  149.511233][ T7145] System zones: 0-5
[  149.516752][ T7145] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  149.533871][ T7145] fs-verity: sha512 using implementation "sha512-avx2"
[  149.551704][ T5181] EXT4-fs (loop3): unmounting filesystem.
[  149.590838][ T7150] loop3: detected capacity change from 0 to 512
[  149.633128][ T7150] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2843: bg 0: block 248: padding at end of block bitmap is not set
[  149.653910][ T7158] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2847'.
[  149.663083][ T7158] netem: change failed
[  149.673831][ T7150] Quota error (device loop3): write_blk: dquota write failed
[  149.685450][ T7150] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  149.707889][ T7150] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.2843: Failed to acquire dquot type 1
[  149.721613][   T28] audit: type=1400 audit(2000000339.127:2729): avc:  denied  { read } for  pid=7159 comm="syz.5.2848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  149.763214][ T7150] EXT4-fs (loop3): 1 truncate cleaned up
[  149.781469][ T7150] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  149.797489][ T7150] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.827837][ T7150] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 20
[  149.847952][ T7150] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 1310722
[  149.858956][ T7150] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.2843: Failed to acquire dquot type 1
[  149.891398][  T349] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  149.900869][ T5181] EXT4-fs (loop3): unmounting filesystem.
[  149.908245][ T7168] netlink: 'syz.5.2853': attribute type 12 has an invalid length.
[  149.910269][   T10] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-5
[  149.925425][   T10] EXT4-fs error (device loop3): ext4_release_dquot:6839: comm kworker/u4:1: Failed to release dquot type 1
[  150.097139][  T349] usb 2-1: Using ep0 maxpacket: 16
[  150.105443][  T349] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.138230][  T349] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  150.147687][  T349] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.167571][  T349] usb 2-1: config 0 descriptor??
[  150.502732][ T7202] loop6: detected capacity change from 0 to 1024
[  150.514823][ T7202] EXT4-fs error (device loop6): ext4_acquire_dquot:6803: comm syz.6.2875: Failed to acquire dquot type 0
[  150.527056][ T7202] EXT4-fs error (device loop6): mb_free_blocks:1810: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  150.544117][ T7202] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #13: comm syz.6.2875: corrupted inode contents
[  150.556419][ T7202] EXT4-fs error (device loop6): ext4_dirty_inode:6121: inode #13: comm syz.6.2875: mark_inode_dirty error
[  150.568320][ T7202] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #13: comm syz.6.2875: corrupted inode contents
[  150.580919][ T7202] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #13: comm syz.6.2875: mark_inode_dirty error
[  150.592659][ T7202] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #13: comm syz.6.2875: corrupted inode contents
[  150.604983][ T7202] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[  150.613956][  T349] hid (null): invalid report_size 5632
[  150.619738][  T349] hid (null): unknown global tag 0xc
[  150.625330][ T7202] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #13: comm syz.6.2875: corrupted inode contents
[  150.639241][  T349] hid-generic 0003:04D8:00DD.0029: invalid report_size 5632
[  150.646925][  T349] hid-generic 0003:04D8:00DD.0029: item 0 2 1 7 parsing failed
[  150.658342][  T349] hid-generic: probe of 0003:04D8:00DD.0029 failed with error -22
[  150.668968][ T7202] EXT4-fs error (device loop6): ext4_truncate:4314: inode #13: comm syz.6.2875: mark_inode_dirty error
[  150.682035][ T7202] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[  150.691889][ T7202] EXT4-fs (loop6): 1 truncate cleaned up
[  150.697898][ T7202] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  150.713289][ T7189] loop3: detected capacity change from 0 to 131072
[  150.721341][ T7189] F2FS-fs (loop3): invalid crc value
[  150.730200][ T7189] F2FS-fs (loop3): Found nat_bits in checkpoint
[  150.732995][ T4528] EXT4-fs (loop6): unmounting filesystem.
[  150.764374][ T7189] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  150.838340][  T823] usb 2-1: USB disconnect, device number 23
[  151.191398][  T334] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  151.213049][  T291] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  151.387526][  T334] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.408833][  T291] usb 7-1: Using ep0 maxpacket: 32
[  151.409662][  T334] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  151.415182][  T291] usb 7-1: config 0 has an invalid interface number: 196 but max is 0
[  151.429500][  T334] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.439755][  T334] usb 3-1: Product: syz
[  151.444549][  T334] usb 3-1: Manufacturer: syz
[  151.449495][  T334] usb 3-1: SerialNumber: syz
[  151.449537][  T291] usb 7-1: config 0 has no interface number 0
[  151.472830][  T291] usb 7-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  151.486004][  T291] usb 7-1: config 0 interface 196 has no altsetting 0
[  151.507199][  T291] usb 7-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  151.516896][  T291] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.534405][  T291] usb 7-1: Product: syz
[  151.549056][  T291] usb 7-1: Manufacturer: syz
[  151.558916][  T291] usb 7-1: SerialNumber: syz
[  151.565506][  T291] usb 7-1: config 0 descriptor??
[  151.570812][ T7216] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  152.094584][  T291] ipheth 7-1:0.196: Apple iPhone USB Ethernet device attached
[  152.466605][ T7270] loop3: detected capacity change from 0 to 1024
[  152.555359][  T334] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  152.562205][  T334] cdc_ncm 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  152.578984][  T334] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  152.590914][ T7276] loop3: detected capacity change from 0 to 128
[  152.772587][  T334] cdc_ncm 3-1:1.0: setting tx_max = 36
[  152.861928][  T334] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  152.928488][  T334] usb 3-1: USB disconnect, device number 26
[  152.949172][  T334] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  153.026545][   T39] ==================================================================
[  153.034749][   T39] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x130
[  153.042603][   T39] Read of size 8 at addr ffff88812ea56cf0 by task kworker/1:1/39
[  153.050784][   T39] 
[  153.053142][   T39] CPU: 1 PID: 39 Comm: kworker/1:1 Tainted: G        W          syzkaller #0
[  153.062099][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  153.072216][   T39] Workqueue: events pcpu_balance_workfn
[  153.077891][   T39] Call Trace:
[  153.081281][   T39]  <TASK>
[  153.084316][   T39]  __dump_stack+0x21/0x24
[  153.088676][   T39]  dump_stack_lvl+0xee/0x150
[  153.093324][   T39]  ? __cfi_dump_stack_lvl+0x8/0x8
[  153.098373][   T39]  ? __kasan_slab_free+0x11/0x20
[  153.103407][   T39]  ? __list_del_entry_valid+0xa6/0x130
[  153.109017][   T39]  print_address_description+0x71/0x200
[  153.114706][   T39]  print_report+0x4a/0x60
[  153.119255][   T39]  kasan_report+0x122/0x150
[  153.123874][   T39]  ? __list_del_entry_valid+0xa6/0x130
[  153.129370][   T39]  ? kfree_rcu_monitor+0x78a/0x7f0
[  153.134522][   T39]  __asan_report_load8_noabort+0x14/0x20
[  153.140189][   T39]  __list_del_entry_valid+0xa6/0x130
[  153.146338][   T39]  process_one_work+0x4b9/0xc40
[  153.151307][   T39]  worker_thread+0xa29/0x11f0
[  153.156273][   T39]  kthread+0x281/0x320
[  153.160446][   T39]  ? __cfi_worker_thread+0x10/0x10
[  153.165576][   T39]  ? __cfi_kthread+0x10/0x10
[  153.170341][   T39]  ret_from_fork+0x1f/0x30
[  153.174832][   T39]  </TASK>
[  153.177856][   T39] 
[  153.180191][   T39] Allocated by task 334:
[  153.184425][   T39]  kasan_set_track+0x4b/0x70
[  153.189096][   T39]  kasan_save_alloc_info+0x25/0x30
[  153.194422][   T39]  __kasan_kmalloc+0x95/0xb0
[  153.199505][   T39]  __kmalloc_node+0xb2/0x1e0
[  153.204694][   T39]  kvmalloc_node+0x294/0x480
[  153.209301][   T39]  alloc_netdev_mqs+0x8d/0xf90
[  153.214126][   T39]  alloc_etherdev_mqs+0x37/0x40
[  153.219096][   T39]  usbnet_probe+0x20c/0x2780
[  153.223701][   T39]  usb_probe_interface+0x610/0xaf0
[  153.228836][   T39]  really_probe+0x2cb/0x960
[  153.233357][   T39]  __driver_probe_device+0x198/0x280
[  153.238662][   T39]  driver_probe_device+0x54/0x3e0
[  153.243789][   T39]  __device_attach_driver+0x2e9/0x4a0
[  153.249175][   T39]  bus_for_each_drv+0x183/0x210
[  153.254055][   T39]  __device_attach+0x2a2/0x400
[  153.258840][   T39]  device_initial_probe+0x1a/0x20
[  153.263896][   T39]  bus_probe_device+0xc0/0x1f0
[  153.268673][   T39]  device_add+0xb4d/0xef0
[  153.273092][   T39]  usb_set_configuration+0x19c2/0x1f10
[  153.278596][   T39]  usb_generic_driver_probe+0x91/0x150
[  153.284286][   T39]  usb_probe_device+0x159/0x270
[  153.289946][   T39]  really_probe+0x2cb/0x960
[  153.294548][   T39]  __driver_probe_device+0x198/0x280
[  153.299917][   T39]  driver_probe_device+0x54/0x3e0
[  153.305100][   T39]  __device_attach_driver+0x2e9/0x4a0
[  153.310499][   T39]  bus_for_each_drv+0x183/0x210
[  153.315374][   T39]  __device_attach+0x2a2/0x400
[  153.320151][   T39]  device_initial_probe+0x1a/0x20
[  153.325171][   T39]  bus_probe_device+0xc0/0x1f0
[  153.330030][   T39]  device_add+0xb4d/0xef0
[  153.334381][   T39]  usb_new_device+0xa70/0x1520
[  153.339161][   T39]  hub_event+0x2850/0x4350
[  153.343692][   T39]  process_one_work+0x71f/0xc40
[  153.348630][   T39]  worker_thread+0xa29/0x11f0
[  153.353328][   T39]  kthread+0x281/0x320
[  153.357400][   T39]  ret_from_fork+0x1f/0x30
[  153.361912][   T39] 
[  153.364249][   T39] Freed by task 334:
[  153.368143][   T39]  kasan_set_track+0x4b/0x70
[  153.372756][   T39]  kasan_save_free_info+0x31/0x50
[  153.378077][   T39]  ____kasan_slab_free+0x132/0x180
[  153.383402][   T39]  __kasan_slab_free+0x11/0x20
[  153.388544][   T39]  slab_free_freelist_hook+0xc2/0x190
[  153.394326][   T39]  __kmem_cache_free+0xb7/0x1b0
[  153.399467][   T39]  kfree+0x6f/0xf0
[  153.403248][   T39]  kvfree+0x35/0x40
[  153.407138][   T39]  netdev_freemem+0x3f/0x60
[  153.411929][   T39]  netdev_release+0x7f/0xb0
[  153.416628][   T39]  device_release+0xa4/0x1d0
[  153.421265][   T39]  kobject_put+0x19d/0x280
[  153.425801][   T39]  put_device+0x1f/0x30
[  153.430068][   T39]  free_netdev+0x392/0x490
[  153.434595][   T39]  usbnet_disconnect+0x25a/0x3b0
[  153.439634][   T39]  usb_unbind_interface+0x223/0x8d0
[  153.445094][   T39]  device_release_driver_internal+0x508/0x820
[  153.451404][   T39]  device_release_driver+0x19/0x20
[  153.456526][   T39]  bus_remove_device+0x2ee/0x350
[  153.461486][   T39]  device_del+0x6a4/0xeb0
[  153.465918][   T39]  usb_disable_device+0x3a8/0x750
[  153.471044][   T39]  usb_disconnect+0x31e/0x860
[  153.475911][   T39]  hub_event+0x1a78/0x4350
[  153.480363][   T39]  process_one_work+0x71f/0xc40
[  153.485306][   T39]  worker_thread+0xd2e/0x11f0
[  153.490144][   T39]  kthread+0x281/0x320
[  153.494262][   T39]  ret_from_fork+0x1f/0x30
[  153.498793][   T39] 
[  153.501219][   T39] Last potentially related work creation:
[  153.507103][   T39]  kasan_save_stack+0x3a/0x60
[  153.511898][   T39]  __kasan_record_aux_stack+0xb6/0xc0
[  153.517314][   T39]  kasan_record_aux_stack_noalloc+0xb/0x10
[  153.523124][   T39]  insert_work+0x51/0x300
[  153.527551][   T39]  __queue_work+0x9b1/0xd30
[  153.532236][   T39]  queue_work_on+0xd2/0x140
[  153.537025][   T39]  usbnet_link_change+0x189/0x1b0
[  153.542149][   T39]  usbnet_probe+0x1d55/0x2780
[  153.546969][   T39]  usb_probe_interface+0x610/0xaf0
[  153.552223][   T39]  really_probe+0x2cb/0x960
[  153.556827][   T39]  __driver_probe_device+0x198/0x280
[  153.562126][   T39]  driver_probe_device+0x54/0x3e0
[  153.567172][   T39]  __device_attach_driver+0x2e9/0x4a0
[  153.572639][   T39]  bus_for_each_drv+0x183/0x210
[  153.577493][   T39]  __device_attach+0x2a2/0x400
[  153.582310][   T39]  device_initial_probe+0x1a/0x20
[  153.587329][   T39]  bus_probe_device+0xc0/0x1f0
[  153.592105][   T39]  device_add+0xb4d/0xef0
[  153.596444][   T39]  usb_set_configuration+0x19c2/0x1f10
[  153.601913][   T39]  usb_generic_driver_probe+0x91/0x150
[  153.607552][   T39]  usb_probe_device+0x159/0x270
[  153.612413][   T39]  really_probe+0x2cb/0x960
[  153.616913][   T39]  __driver_probe_device+0x198/0x280
[  153.622200][   T39]  driver_probe_device+0x54/0x3e0
[  153.627224][   T39]  __device_attach_driver+0x2e9/0x4a0
[  153.632703][   T39]  bus_for_each_drv+0x183/0x210
[  153.637570][   T39]  __device_attach+0x2a2/0x400
[  153.642461][   T39]  device_initial_probe+0x1a/0x20
[  153.648190][   T39]  bus_probe_device+0xc0/0x1f0
[  153.653572][   T39]  device_add+0xb4d/0xef0
[  153.658020][   T39]  usb_new_device+0xa70/0x1520
[  153.663158][   T39]  hub_event+0x2850/0x4350
[  153.667981][   T39]  process_one_work+0x71f/0xc40
[  153.673081][   T39]  worker_thread+0xa29/0x11f0
[  153.678142][   T39]  kthread+0x281/0x320
[  153.682389][   T39]  ret_from_fork+0x1f/0x30
[  153.687112][   T39] 
[  153.689723][   T39] The buggy address belongs to the object at ffff88812ea56000
[  153.689723][   T39]  which belongs to the cache kmalloc-4k of size 4096
[  153.704336][   T39] The buggy address is located 3312 bytes inside of
[  153.704336][   T39]  4096-byte region [ffff88812ea56000, ffff88812ea57000)
[  153.717889][   T39] 
[  153.720452][   T39] The buggy address belongs to the physical page:
[  153.726978][   T39] page:ffffea0004ba9400 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88812ea54000 pfn:0x12ea50
[  153.739317][   T39] head:ffffea0004ba9400 order:3 compound_mapcount:0 compound_pincount:0
[  153.748364][   T39] flags: 0x4000000000010200(slab|head|zone=1)
[  153.754580][   T39] raw: 4000000000010200 ffffea000470e208 ffffea0004394c08 ffff888100043380
[  153.763182][   T39] raw: ffff88812ea54000 0000000000040003 00000001ffffffff 0000000000000000
[  153.771783][   T39] page dumped because: kasan: bad access detected
[  153.778203][   T39] page_owner tracks the page as allocated
[  153.783923][   T39] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5674, tgid 5671 (syz.5.2216), ts 125352477350, free_ts 125349238520
[  153.807345][   T39]  post_alloc_hook+0x1f5/0x210
[  153.812142][   T39]  prep_new_page+0x1c/0x110
[  153.816652][   T39]  get_page_from_freelist+0x2c7b/0x2cf0
[  153.822290][   T39]  __alloc_pages+0x1c3/0x450
[  153.826882][   T39]  alloc_slab_page+0x6e/0xf0
[  153.831479][   T39]  new_slab+0x98/0x3d0
[  153.835551][   T39]  ___slab_alloc+0x6bd/0xb20
[  153.840282][   T39]  __slab_alloc+0x5e/0xa0
[  153.844719][   T39]  __kmem_cache_alloc_node+0x203/0x2c0
[  153.850192][   T39]  __kmalloc_node_track_caller+0xa0/0x1e0
[  153.855947][   T39]  __alloc_skb+0x236/0x4b0
[  153.860375][   T39]  tipc_buf_acquire+0x2b/0xe0
[  153.865075][   T39]  tipc_msg_build+0x550/0xfd0
[  153.869847][   T39]  __tipc_sendmsg+0x19dd/0x2680
[  153.874702][   T39]  tipc_sendmsg+0x55/0x70
[  153.879157][   T39]  kernel_sendmsg+0x222/0x320
[  153.884095][   T39] page last free stack trace:
[  153.888888][   T39]  free_unref_page_prepare+0x742/0x750
[  153.894449][   T39]  free_unref_page+0x8f/0x530
[  153.899207][   T39]  __free_pages+0x67/0x100
[  153.903617][   T39]  __free_slab+0xca/0x1a0
[  153.908036][   T39]  __unfreeze_partials+0x160/0x190
[  153.913232][   T39]  put_cpu_partial+0xa9/0x100
[  153.917929][   T39]  __slab_free+0x1c4/0x280
[  153.922541][   T39]  ___cache_free+0xbf/0xd0
[  153.927015][   T39]  qlist_free_all+0xc6/0x140
[  153.931621][   T39]  kasan_quarantine_reduce+0x14a/0x170
[  153.937278][   T39]  __kasan_slab_alloc+0x24/0x80
[  153.942250][   T39]  slab_post_alloc_hook+0x4f/0x2d0
[  153.947360][   T39]  kmem_cache_alloc_node+0x181/0x340
[  153.952644][   T39]  __alloc_skb+0xea/0x4b0
[  153.957079][   T39]  tipc_buf_acquire+0x2b/0xe0
[  153.961884][   T39]  tipc_msg_build+0x550/0xfd0
[  153.966684][   T39] 
[  153.969008][   T39] Memory state around the buggy address:
[  153.974629][   T39]  ffff88812ea56b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  153.982863][   T39]  ffff88812ea56c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  153.990957][   T39] >ffff88812ea56c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  153.999028][   T39]                                                              ^
[  154.006765][   T39]  ffff88812ea56d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  154.014825][   T39]  ffff88812ea56d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  154.022880][   T39] ==================================================================
[  154.031019][   T39] Disabling lock debugging due to kernel taint
[  154.186184][   T19] usb 7-1: USB disconnect, device number 12
[  154.203316][ T7285] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  154.236218][   T19] ipheth 7-1:0.196: Apple iPhone USB Ethernet now disconnected
[  154.398298][ T7285] usb 2-1: Using ep0 maxpacket: 16
[  154.404811][ T7285] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.416382][ T7285] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.427560][ T7285] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  154.437176][ T7285] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.446775][ T7285] usb 2-1: config 0 descriptor??
[  154.890263][ T7285] appleir 0003:05AC:8241.002A: unknown main item tag 0x0
[  154.898368][ T7285] appleir 0003:05AC:8241.002A: unknown main item tag 0x0
[  154.905462][ T7285] appleir 0003:05AC:8241.002A: unknown main item tag 0x0
[  154.912597][ T7285] appleir 0003:05AC:8241.002A: unknown main item tag 0x0
[  154.919899][ T7285] appleir 0003:05AC:8241.002A: unknown main item tag 0x0
[  154.927244][ T7285] appleir 0003:05AC:8241.002A: No inputs registered, leaving
[  154.936034][ T7285] appleir 0003:05AC:8241.002A: hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  155.289437][ T7282] usb 2-1: USB disconnect, device number 24