last executing test programs:

56.495521695s ago: executing program 3 (id=118):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x2200012, &(0x7f00000009c0)={[{@shortname_mixed}, {@fat=@gid}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@utf8no}, {@fat=@errors_remount}, {@fat=@nocase}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@uni_xlateno}, {@shortname_lower}, {@rodir}, {@utf8no}, {@fat=@nfs_nostale_ro}, {@utf8no}, {@rodir}]}, 0x3, 0x350, &(0x7f0000000580)="$eJzs3U9oW3UcAPBv9tKkHcz2IAwF4elN0LJWPOipZXQwzEUl+OcgBtepNHXQYLA7NKsX8Sh41JM3D3rwsLMIinjz4NUJMhUPutvA4ZMkL81Lk3adkM3i53MI331/329+v7c8mtfX5tdXV2LjwkxcvHHjeszOlqK8cnYlbpZiIZIYuBLjKhNyAMDxcDPL4s+s74gtpSkvCQCYst77/+unCpl3vz6sPvPuDwDHXv79/9xhNbMHDVyaypIAgCkbu///yMhwZfRH/eXCbwUAAMfV8y+9/MxqLeK5NJ2N2HyvXW/X4+nh+OrFeDOasR5nYj5uRfQvFLoPpd7jufO1tTNpmnbil4Wodzva9YjNTrvev1JYTXr91ViK+VjI+/OrjSzLknNf1NaW0p6IuNLpzR+bpXZ9Jk7m8/94MtZjOdK4f6w/4nxtbTnNn6C+OejvROwO71t0178Y8/H9a3EpmnEhur2Dy5ra2s5Smp7NaiP97Xq1V9d34B0QAAAAAAAAAAAAAAAAAAAAAAD4VxbTPQt7+99kw/17FhcnjPf2x+n35/sD7fb3B8qqWWTZH+88Xn8/iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+M9obVei0Wyub7W2L28Ug85Wa/tERHQzb3372VdzMV5zm6Ccz1EYSvPU5Y1GlgyKs2SkJg+S7uSDzKdX91ZcrKnuHcXEZVQPHmo2Tz3880fDzEPJ4Jn/HtYkMfkAk33LKAab9/WXdCf/UXvB8m1qrmVZdlD7zivjXVGKKN/5C3d4kHWDb66/8cATrdNP9jJfZn2PPjb/wrUPP/lto9Hszhy9V7Cy1bqVbTTyf08+2Q4OksL5U4p+UCqeCeXD2ndHM43kh99ffPCD7442e1bMvD2hJukfzuf7hyr9oLvMfUNzk+aamXDyTyE4/fFK4+rOT78etavwRcJGHQAAAAAAAAAAAAAAAAAAcFcUPiueyz/sO3NY11PPTn9lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcscJfirE+ND1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/c/8EAAD//9HQbnk=")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

53.16949652s ago: executing program 3 (id=124):
setresuid(0x0, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xb}, 0x1c)
syz_emit_ethernet(0xb4, &(0x7f0000000b00)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60003a04007e3a00fe8000000000000000000000400000bbff020000000000000000000000000001"], 0x0)

52.938397221s ago: executing program 3 (id=129):
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000280)={'syztnl1\x00', 0x0, 0x40, 0x9, 0x1000, 0x3, {{0x7, 0x4, 0x0, 0x1, 0x1c, 0x67, 0x0, 0x2, 0x29, 0x0, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp_prespec={0x44, 0x4, 0xcd}, @rr={0x7, 0x3, 0x23}]}}}}})
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="540100001900110000000000f80000001d01000015000400000000000000000018feb80ad21964230700000008000500080000001e01060000"], 0x154}}, 0x0)

52.91844301s ago: executing program 3 (id=130):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
creat(&(0x7f0000000100)='./file0/file0\x00', 0x408)
writev(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000240)={0x0, 0x0})
r0 = socket(0xa, 0x1, 0x0)
ioctl(r0, 0x890b, &(0x7f0000000240))
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000500000000000000000000001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0200000004000000040000000c"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=<r3=>r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085000000010000"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
clock_adjtime(0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c6e6f646973636172642c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c6e6f666c7573685f6d657267652c64697361626c655f726f6c6c5f666f72776172642c696e6c696e655f646174612c6673796e635f6d6f64653d706f7369782c686561702c6e6f696e6c696e655f646174612c6e6f657874656e745f63616368652c6d6f64653d61646170746976652c6a71666d743d7666736f6c642c757365725f78617474722c00779cd4f02894cf964d909c186aac251e773b07a2a2349d810b3ec41107242d9e37b999afd91d5fe52bdddd57868a70f0b28523203ce742ef793e984a3e5c4fb9fa37eec6c48714f05711f8f7206ba61dcb3d975e8b544ca8aae49633e3cf0d015e32276cf811c1900db5f8e56ba59a7ec100"/320], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\b\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000004c0)={{r5}, &(0x7f0000000440), &(0x7f0000000480)='%pK    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r6}, 0x10)
r7 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
close(r7)
r8 = inotify_init1(0x0)
fcntl$setstatus(r7, 0x4, 0x2c00)
r9 = inotify_add_watch(r8, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')
read$FUSE(r7, &(0x7f0000007b40)={0x2020}, 0x2020)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r10 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYRESHEX=r4, @ANYRES8=r3, @ANYRES8=r10, @ANYRESDEC=r9, @ANYRES8=0x0, @ANYBLOB="0c33c1d3c7858971122df233c49b9c9ed0831840b8644240290fbec82e55e93d91654218ec15aa2df07b90f40e8646476cad1fe1df62127e24c1033d25ee1fab359d490f0e", @ANYRESOCT=r1, @ANYRES16=0x0, @ANYRES16], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

50.746763391s ago: executing program 3 (id=138):
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
mknod$loop(0x0, 0x0, 0x0)
keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1})
r1 = request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x3, r1, 0x0, 0x0)
request_key(&(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, 0x0, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000001c80)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddc1517600"})
r3 = syz_open_pts(r2, 0x2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000200)=0x2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040))
r4 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
getpeername(r0, &(0x7f0000000600)=@ethernet={0x0, @broadcast}, &(0x7f0000000340)=0x80)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
fcntl$setstatus(r4, 0x4, 0x6000)
fsync(r4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000d2f3c3661b2facfede", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r6}, 0x18)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000180)='./bus\x00', 0x8, &(0x7f0000000240)={[{@nodiscard}, {@nocheckpoint_merge}, {@discard}, {@six_active_logs}, {@six_active_logs}, {@fault_injection={'fault_injection', 0x3d, 0x4000000000004ee}}, {@acl}, {@noacl}, {@compress_cache}, {@checkpoint_enable}, {@noextent_cache}, {@compress_cache}, {@fault_type={'fault_type', 0x3d, 0x4}}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") (fail_nth: 68)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r6, r4, 0x19, 0x0, @val=@uprobe_multi={&(0x7f0000000180)='./file0\x00', &(0x7f0000000200)=[0x7, 0x2], &(0x7f0000000240)=[0x1, 0x1, 0x4, 0x0], 0x7, 0x2, 0x0, r7}}, 0x40)

50.358153362s ago: executing program 3 (id=142):
r0 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040b827ed0100000000000109022400010000000009040000010300000009210000200122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000500)={0x2c, &(0x7f0000000340)={0x40, 0x3, 0x76, {0x76, 0x3, "6d7599b9ef275128c3b5953667a1961fd5838913ad9c62e97dc9beba25203801e475915029e828ddd0bd882a06a491d1943a9658ad171bbaaaedd754ac70ef8d31bf50ba93d6895ccf4cffa3109e7821924b34ec67fd2eb478e75e0ff8d529bbc00a338db61f78bcab1ec4911b78d4569bde9e8e"}}, &(0x7f0000000180)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x411}}, &(0x7f00000001c0)={0x0, 0xf, 0x19, {0x5, 0xf, 0x19, 0x1, [@ss_container_id={0x14, 0x10, 0x4, 0x81, "1189e5998044763066c4915dc89d5ada"}]}}, &(0x7f0000000400)={0x20, 0x29, 0xf, {0xf, 0x29, 0x8, 0x2, 0xd, 0x5, "d788d679", "8e442bd0"}}, &(0x7f00000004c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x40, 0x18, 0x9, 0xe5, 0x9, 0x9b46, 0x7}}}, &(0x7f0000000b80)={0x84, &(0x7f00000006c0)={0x20, 0x14, 0xf0, "4ec5e0d008b9bc82e6197bbdcf4d7f1e262632b1557c21ca588a2e37f0931e7454f49133bb77f84368fdb42f35407a7ca7e2f8ba6c00929659ce613611b642894d1fd8826d925a7014b81ae946707b5908bb615e3005cd66870a957eaa884c4dd76b9e2f966f6be5c7cc5415f4793e46af94ce057e397c74e037b863c94817d20f106c7c688e9e3658d72dabdfb3d4211db1a68ffe1526863bff8584957ce7e3edbf8cc987866c461d0649bf1e54ae43b2ba208897850dcfab1ff876dce99bd0ffafe662e0598c279e83e2bc63b9ac28bf6577fe874f61732d810f138c83e434877c459658667737f89438ea71d6eaa1"}, &(0x7f0000000540)={0x0, 0xa, 0x1, 0x69}, &(0x7f00000005c0)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000600)={0x20, 0x0, 0x4, {0x1, 0x2}}, &(0x7f00000007c0)={0x20, 0x0, 0x4, {0x100, 0x80}}, &(0x7f0000000800)={0x40, 0x7, 0x2, 0x28c}, &(0x7f0000000840)={0x40, 0x9, 0x1, 0x77}, &(0x7f0000000880)={0x40, 0xb, 0x2, "e108"}, &(0x7f00000008c0)={0x40, 0xf, 0x2}, &(0x7f0000000900)={0x40, 0x13, 0x6}, &(0x7f0000000940)={0x40, 0x17, 0x6, @broadcast}, &(0x7f0000000980)={0x40, 0x19, 0x2, "b514"}, &(0x7f00000009c0)={0x40, 0x1a, 0x2, 0x4}, &(0x7f0000000a00)={0x40, 0x1c, 0x1, 0xe}, &(0x7f0000000b00)={0x40, 0x1e, 0x1, 0x8}, &(0x7f0000000b40)={0x40, 0x21, 0x1, 0x8}})

50.338081042s ago: executing program 32 (id=142):
r0 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040b827ed0100000000000109022400010000000009040000010300000009210000200122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000500)={0x2c, &(0x7f0000000340)={0x40, 0x3, 0x76, {0x76, 0x3, "6d7599b9ef275128c3b5953667a1961fd5838913ad9c62e97dc9beba25203801e475915029e828ddd0bd882a06a491d1943a9658ad171bbaaaedd754ac70ef8d31bf50ba93d6895ccf4cffa3109e7821924b34ec67fd2eb478e75e0ff8d529bbc00a338db61f78bcab1ec4911b78d4569bde9e8e"}}, &(0x7f0000000180)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x411}}, &(0x7f00000001c0)={0x0, 0xf, 0x19, {0x5, 0xf, 0x19, 0x1, [@ss_container_id={0x14, 0x10, 0x4, 0x81, "1189e5998044763066c4915dc89d5ada"}]}}, &(0x7f0000000400)={0x20, 0x29, 0xf, {0xf, 0x29, 0x8, 0x2, 0xd, 0x5, "d788d679", "8e442bd0"}}, &(0x7f00000004c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x40, 0x18, 0x9, 0xe5, 0x9, 0x9b46, 0x7}}}, &(0x7f0000000b80)={0x84, &(0x7f00000006c0)={0x20, 0x14, 0xf0, "4ec5e0d008b9bc82e6197bbdcf4d7f1e262632b1557c21ca588a2e37f0931e7454f49133bb77f84368fdb42f35407a7ca7e2f8ba6c00929659ce613611b642894d1fd8826d925a7014b81ae946707b5908bb615e3005cd66870a957eaa884c4dd76b9e2f966f6be5c7cc5415f4793e46af94ce057e397c74e037b863c94817d20f106c7c688e9e3658d72dabdfb3d4211db1a68ffe1526863bff8584957ce7e3edbf8cc987866c461d0649bf1e54ae43b2ba208897850dcfab1ff876dce99bd0ffafe662e0598c279e83e2bc63b9ac28bf6577fe874f61732d810f138c83e434877c459658667737f89438ea71d6eaa1"}, &(0x7f0000000540)={0x0, 0xa, 0x1, 0x69}, &(0x7f00000005c0)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000600)={0x20, 0x0, 0x4, {0x1, 0x2}}, &(0x7f00000007c0)={0x20, 0x0, 0x4, {0x100, 0x80}}, &(0x7f0000000800)={0x40, 0x7, 0x2, 0x28c}, &(0x7f0000000840)={0x40, 0x9, 0x1, 0x77}, &(0x7f0000000880)={0x40, 0xb, 0x2, "e108"}, &(0x7f00000008c0)={0x40, 0xf, 0x2}, &(0x7f0000000900)={0x40, 0x13, 0x6}, &(0x7f0000000940)={0x40, 0x17, 0x6, @broadcast}, &(0x7f0000000980)={0x40, 0x19, 0x2, "b514"}, &(0x7f00000009c0)={0x40, 0x1a, 0x2, 0x4}, &(0x7f0000000a00)={0x40, 0x1c, 0x1, 0xe}, &(0x7f0000000b00)={0x40, 0x1e, 0x1, 0x8}, &(0x7f0000000b40)={0x40, 0x21, 0x1, 0x8}})

20.102011679s ago: executing program 5 (id=330):
r0 = socket$netlink(0x10, 0x3, 0x4)
unshare(0x2020400)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89801)
inotify_add_watch(r1, 0x0, 0x4000010)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000})
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000180)="580000001400192340834b80040d8c560a11820fffff5bab4e210000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000c0c100000000000224e0000", 0x58}], 0x1)

20.101334739s ago: executing program 5 (id=331):
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000080)='.pending_reads\x00', 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=@ipv6_deladdr={0x48, 0x15, 0x1, 0x70bd2d, 0x25dfdbfb, {0xa, 0x20, 0x48, 0xfd}, [@IFA_LOCAL={0x14, 0x2, @local}, @IFA_FLAGS={0x8, 0x8, 0xe8}, @IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x20040850}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000040)})
ioctl$KVM_CREATE_VCPU(r1, 0x40106726, 0x20000000)
socket(0x19, 0x800, 0x7019)

19.92113319s ago: executing program 5 (id=333):
prctl$PR_GET_TAGGED_ADDR_CTRL(0x19)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000500000001000000000000070000000000612eb4"], 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_GET_TAGGED_ADDR_CTRL(0x19) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000500000001000000000000070000000000612eb4"], 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)

19.510889252s ago: executing program 5 (id=334):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000640)='./file0\x00', 0x104000, &(0x7f0000000240)=ANY=[], 0xfd, 0x11ff, &(0x7f0000003300)="$eJzs3E+LHEUYB+A348bdbNw/aowmBy3w4qnJ7sGTIItsQHZAiVkhEYSO26vDtjPD9LAwIkZPXv0cnr0JfoO9+Bm87cVjDmJLurMmEyeRHLIDyfMcpl+q6kd1wTDQQ1Ufv/fT1wf7Vbafj6Nz5kx0hhHpTooUnTjx5k57vXFzZ6vb3b6W0tWt6xvvppRW3/rts28XI+L8p7+s/roYR+ufH/+5+cfRxaNLx39f/6pXpV6V+oNxytOtwWCc3yqLtNerDrKUPi6LvCpSr18Vo6n+/XIwHE5S3t9bWR6OiqpKeX+SDopJGg/SeDRJ+Zd5r5+yLEsry8Ejnf3/Ibs/36nrOqKuz8aLUdd1fS6W43y8FCuxGt9HxMvxSrwaF+K1uBivxxtxqRl1GrcPAAAAAAAAAAAAAAAAAAAAz4/Hnf9fi3Xn/wEAAAAAAAAAAAAAAAAAAOAUfHLj5s5Wt7t9LaWliPLHw93D3fba9m/tRy/KKOJKrMVf0Zz+b7X11Q+721dSYz1+KG/fy98+3H2hzd/9uJvfaF4ncC+/0PSd5DfafJrOL8byg/NvxlpcmD3/5sz8Urzz9gP5LNbi9y9iEGXsNXPfz3+3kdIHH3Ufyl9uxgEAAMCzIEv/mvn8nmWP6m/zT/D/wEPP1wtxeWG+ayeimnxzkHfKYtQU5Umx9J8WxWOKxemWzlOaqxNzX6niWS3OxXTLvH+ZOA33vwbzvhMAAAAAAAAAAACexFPeV7gQM3aWvT+fpQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAAAD///7lyMc=")
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
mkdir(0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(r0, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text64={0x40, 0x0}], 0x1, 0x8, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x54b, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNF1Gk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvebNmaNGmXrZn5fOC259x70nNP7v2enpOTkACG1mT2oxDxakR8m0Qcajk2GvnByY1y6w+uzWVbEvX6Z38lkeT7muWT/Pd4nnklIn77OuJEYXO91dW1xVK5nC7n+ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dvbX3z3D8/fHrno9PfHFv//pd7h28lcSYO5sda2/EUrrdmJmMyf07G4swTBaf7UNkgSXb7BNiRkTzOxyLrAw7FSB71wP/fVxFRB4ZUIv5hSDXHAc25fZ/mwS+M+x9uTIA2tz/ZeG0k9jXmRgfWk8dmRtl8d6IP9Wd1/Prn7VvZFv17HQKgq+s3IuLU6Gjn/m/nTvVQ5sk69H/w/NzJxj9vtRv/FB6Of6LN+Ge8TezuRPf4L9zrQzUdZeO/D9qOfx8uWk2M5LmXGmO+seTCxXKa9W0vR8TxGNub5bdazzm9frfe6Vjr+C/bsvqbY8H8PO6N7n38MfOlWulp2tzq/o2I17qMf5M21z97Ps71WMfR9PbrnY51b/+zVf854o221//Rilay9frkVON+mGreFZv9ffPo753q3+32Z9f/wNbtn0ha12ur26/jp33/pp2OTSb5ouk27/89yeeN9J5839VSrbY8HbEn+WTz/plHj23mm+Wz9h8/tnX/1+7+3x8RX/TY/ptHbnYsOgjXf35b13/7ibsff/ljp/p76//ebqSO53t66f96PcGnee4AAAAAAABg0BQi4mAkheLDdKFQLG68v+NIHCiUK9XaiQuVlUvz0fis7ESMFZor3eMt74eYzt8P28zPPJGfjYjDEfHdyP5GvjhXKc/vduMBAAAAAAAAAAAAAAAAAABgQIx3+Px/5o+R3T474Jnzld8wvLrGfz++6QkYSP7/w/AS/zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXXu7Nlsq68/uDaX5eevrK4sVq6cnE+ri8WllbniXGX5cnGhUlkop8W5ylK3v1euVC5Pz8TK1alaWq1NVVfXzi9VVi7Vzl9cKi2k59Ox59IqAAAAAAAAAAAAAAAAAAAAeLFUV9cWS+VyuiwhsaPE6GCchkSfE7vdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/8FAAD//wZvNao=")
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x2000000, 0x0)
chdir(&(0x7f000009df00)='./file0\x00')
r2 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
write$FUSE_INIT(r2, &(0x7f0000000140)={0x50}, 0xffd3)
write$binfmt_format(r2, &(0x7f0000000040)='1\x00', 0x2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)
truncate(&(0x7f0000000080)='./file1\x00', 0xf000)

19.041996734s ago: executing program 5 (id=338):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB='errors=remount-ro,errors=continue,check=relaxed,dots,dots,nodots,nodots,nodots,dots,dots,nodots\x00\x00odots,dots,discard,dots,dots,dots,errors=continue,nodots,sys_immutable,quiet,dots,\x00'], 0xfd, 0x1bf, &(0x7f0000000840)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") (fail_nth: 49)

18.920753264s ago: executing program 5 (id=343):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setreuid(0xee01, 0x0)
getresuid(&(0x7f00000000c0)=<r0=>0x0, &(0x7f00000002c0), &(0x7f0000000180))
setreuid(0x0, r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4080000400000006110540000000000a6000000020000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x0, 0x10, &(0x7f0000000080), 0xffffffffffffffb2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

18.872872945s ago: executing program 33 (id=343):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setreuid(0xee01, 0x0)
getresuid(&(0x7f00000000c0)=<r0=>0x0, &(0x7f00000002c0), &(0x7f0000000180))
setreuid(0x0, r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4080000400000006110540000000000a6000000020000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x0, 0x10, &(0x7f0000000080), 0xffffffffffffffb2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

7.109346538s ago: executing program 6 (id=397):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000240)={[{@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5db, &(0x7f0000000940)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+ydOa9Hd6b7n773rx9bzaAyhpM/6lF7I2I6SSiP5lfzOuMLHNw4Xn3/v7kdPpIol5/488kkiwtf36S/ezLDu6JiJ9/SmJPx8pyZ+aunB+fmpq8nO0Pz16YHp6Zu3Lw3IXxs5NnJy+OvjR67OiRo8dGDrV1XlcL0k5ef//D/s/G3v7um3+Ske9/G0vieLyaPXHpeWyUwRhs/E6SlVl9xza6sJJ0ZO+TpS9x0llihViX/PXrioinoj864v6L1x+fvlZq5YBNVU8i6kA1HQ9/AKCi8n5Afm2//Dq4VkqvBNgKd08sDACsjP/OhbHB6GmMDey8l8TSYZ0kItobmWu2KyJu3xq7fubW2PXYpHE4oNj8tYh4uij+k0b8D0RPDDTiv9YU/2m/4FT2M01/vc3ylw8Vi3/YOgvx37Nq/EeL+H9nSfy/22b5g/c33+ttiv/edk8JAAAAAAAAKuvmiYh4sejz/9ri/J8omP/TFxHHN6D8wWX7Kz//r93ZgGKAAndPRLxSOP+3ls/+HejIth5rzAfoSs6cm5o8FBGPR8SB6NqR7o+sUsbBz/d83SpvMJv/lz/S8m9ncwGzetzp3NF8zMT47PjDnjcQcfdaxDOF83+TxfY/KWj/078H0w9Yxp7nb5xqlbd2/AObpf5txP7C9v/+XSuS1e/PMdzoDwznvYKVnv34ix9ald9u/LvFBDy8tP3fuXr8DyRL79czs/4yDs911lvltdv/707ebNxypjtL+2h8dvbySER3crIjTW1KH11/neFRlMdDHi9p/B94bvXxv6L+f29EzC/7v5O/mtcU5578t+/3VvXR/4fypPE/sa72f/0bozcGfmxV/oO1/0cabf2BLMX4Hyz4Kg/T7ub0gnDsLMra6voCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKOgFhG7IqkNLW7XakNDEX0R8UTsrE1dmpl94cylDy5OpHmN7/+v5d/027+wn+Tf/z+wZH902f7hiNgdEV929Db2h05fmpoo++QBAAAAAAAAAAAAAAAAAABgm+hrsf4/9UdH2bUDNl1n2RUASlMQ/7+UUQ9g62n/obrEP1SX+IfqEv9QXeIfqkv8Q3WJf6gu8Q8AAAAAAI+U3ftu/ppExPzLvY1HqjvL6yq1ZsBmq5VdAaA0bvED1WXqD1SXa3wgWSO/p+VBax25munTD3EwAAAAAAAAAAAAAFTO/r3W/0NVWf8P1WX9P1RXvv5/X8n1ALaea3wg1ljJX7j+f82jAAAAAAAAAAAAAICNNDN35fz41NTkZRtvbY9qtLcR0c5R9Xr9avou2C5n8T/fyKfCb5f6LNvI1/o96DsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYHv4LAAD//yMSIjU=")
request_key(0x0, 0x0, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x1)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
accept$inet6(r0, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r3 = socket(0x1, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r5}, 0x10)
syz_open_procfs(0x0, &(0x7f0000001080)='smaps_rollup\x00')
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r4}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}]}, 0x2c}}, 0x0)

6.221853391s ago: executing program 6 (id=407):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x44f, 0xb65d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, &(0x7f00000000c0)={0x40, 0x51c738f7ad736bbd, 0xa8, {0xa8, 0x24, "d9bd6c7dea5fa72bf670a0c00ba8cc78f915840914f29c6d6a711938c4f8b5eed17ad0fd00ec90ce3f05785a3b8a2f8b9d05ccf2129fc76bb61e238db2bf385cec7a8fb0cbfe984bc76ff05021ab7cf479b2cec6d08c35526fb038c46d07dcebd159aa1c745b2a3f33d119ab8144ac9d8d9835d1e7aafef60f05cca124c0523a5f2ffca7b4bb9753e5603bc79498b1bf7f4473c0c10ce5b676ac6fe94c68be5107641c4f6cb3"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

4.213288041s ago: executing program 0 (id=417):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000240)={[{@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5db, &(0x7f0000000940)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+ydOa9Hd6b7n773rx9bzaAyhpM/6lF7I2I6SSiP5lfzOuMLHNw4Xn3/v7kdPpIol5/488kkiwtf36S/ezLDu6JiJ9/SmJPx8pyZ+aunB+fmpq8nO0Pz16YHp6Zu3Lw3IXxs5NnJy+OvjR67OiRo8dGDrV1XlcL0k5ef//D/s/G3v7um3+Ske9/G0vieLyaPXHpeWyUwRhs/E6SlVl9xza6sJJ0ZO+TpS9x0llihViX/PXrioinoj864v6L1x+fvlZq5YBNVU8i6kA1HQ9/AKCi8n5Afm2//Dq4VkqvBNgKd08sDACsjP/OhbHB6GmMDey8l8TSYZ0kItobmWu2KyJu3xq7fubW2PXYpHE4oNj8tYh4uij+k0b8D0RPDDTiv9YU/2m/4FT2M01/vc3ylw8Vi3/YOgvx37Nq/EeL+H9nSfy/22b5g/c33+ttiv/edk8JAAAAAAAAKuvmiYh4sejz/9ri/J8omP/TFxHHN6D8wWX7Kz//r93ZgGKAAndPRLxSOP+3ls/+HejIth5rzAfoSs6cm5o8FBGPR8SB6NqR7o+sUsbBz/d83SpvMJv/lz/S8m9ncwGzetzp3NF8zMT47PjDnjcQcfdaxDOF83+TxfY/KWj/078H0w9Yxp7nb5xqlbd2/AObpf5txP7C9v/+XSuS1e/PMdzoDwznvYKVnv34ix9ald9u/LvFBDy8tP3fuXr8DyRL79czs/4yDs911lvltdv/707ebNxypjtL+2h8dvbySER3crIjTW1KH11/neFRlMdDHi9p/B94bvXxv6L+f29EzC/7v5O/mtcU5578t+/3VvXR/4fypPE/sa72f/0bozcGfmxV/oO1/0cabf2BLMX4Hyz4Kg/T7ub0gnDsLMra6voCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKOgFhG7IqkNLW7XakNDEX0R8UTsrE1dmpl94cylDy5OpHmN7/+v5d/027+wn+Tf/z+wZH902f7hiNgdEV929Db2h05fmpoo++QBAAAAAAAAAAAAAAAAAABgm+hrsf4/9UdH2bUDNl1n2RUASlMQ/7+UUQ9g62n/obrEP1SX+IfqEv9QXeIfqkv8Q3WJf6gu8Q8AAAAAAI+U3ftu/ppExPzLvY1HqjvL6yq1ZsBmq5VdAaA0bvED1WXqD1SXa3wgWSO/p+VBax25munTD3EwAAAAAAAAAAAAAFTO/r3W/0NVWf8P1WX9P1RXvv5/X8n1ALaea3wg1ljJX7j+f82jAAAAAAAAAAAAAICNNDN35fz41NTkZRtvbY9qtLcR0c5R9Xr9avou2C5n8T/fyKfCb5f6LNvI1/o96DsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYHv4LAAD//yMSIjU=")
request_key(0x0, 0x0, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x1)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
accept$inet6(r0, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r3 = socket(0x1, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r5}, 0x10)
syz_open_procfs(0x0, &(0x7f0000001080)='smaps_rollup\x00')
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r4}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}]}, 0x2c}}, 0x0)

3.702960793s ago: executing program 2 (id=419):
mmap(&(0x7f0000ff4000/0xa000)=nil, 0xa000, 0x7, 0x10, 0xffffffffffffffff, 0xf7250000)
r0 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES32=r0, @ANYBLOB="1ac1555309db38"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="18004c0c95c4c8fff0c1f1b8", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007e4fffff7ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet(0x2, 0x800, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1d, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)

3.702668733s ago: executing program 1 (id=420):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x0, 0x41, &(0x7f0000000980), 0x0, 0x0, 0xfffffffe, 0xffffffff, 0x5, 0x71a8, 0x0})

3.421826834s ago: executing program 1 (id=422):
mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2008000, &(0x7f0000000e00)={[{@none}, {}]})
r0 = socket(0xa, 0x2, 0x0)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req={0xe, 0x3, 0x80000001}, 0x10)
getsockopt$bt_BT_SECURITY(r0, 0x11, 0x65, 0x0, 0x20000000)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000240), 0x1, 0x526, &(0x7f0000001b40)="$eJzs3d9rZFcdAPDvvTOTZndTM1WRWrEttrJbdGeSxrZBpK0g6ktBre9pTCYhZJIJmUndhKIp/gGCiAo++eSL4B8gSP8EEQr6LiqK6FafRPfKnbkxm2QmmTY/Zjf5fOBmzrm/vufc3Xvm3rmHewK4sp6OiFcjohQRz0XEZDE/Laa5PLPbW++9u28t5FMSWfb635NIinl7+8rz5Yi40dskxiPiG1+J+FZyNG57e2d1vtlsbBb5emdto97e3rm9sja/3FhurM/MTL84+9LsC7NTWeFU9axGxMtf+vOPvv/zL7/8689++w9zf731nbxYX/hY8omieAunCjBAb9+V7rHYkx+jzfMINgKloj6V0qhLAgDAMPJr/A9HxKe61/+TUepezQEAAACXSfbKRPwnicgAAACASyuNiIlI0lrRF2Ai0rRW6/Xh/WhcT5utduczS62t9cV8WUQ1KunSSrMxVfQVrkYlyfPTRR/bvfzzh/IzEfFYRPxw8lo3X1toNRdH/eMHAAAAXBE3njp4//+vybSbBgAAAC6Z6sAMAAAAcFm45QcAAIDL7d/FiwD259w73UhbAAAAwIPma6+9lk/Z3jjei29ub6223ry92Giv1ta2FmoLrc2N2nKrtdx9Z9/aSftrtlobn4v1rTv1TqPdqbe3d+bWWlvrnbmVA0NgAwAAABfosafe+X0SEbufv9adongPIMABfxp1AYCzVDrzFYGHRTn/88aoSwGMQuXENcoXUg5gdJITlg/svPObsy8LAABwPm5+/Ojz/7Fi2cm/DQAPM319AODq8XQPrq5KlNzmwxX3od7HI4OWv//n/4evLDKvFQUAgBGb6Pb8TdJa8SxwItK0Vot4tDssYCVZWmk2por7g99NVh7J89PdLZMT+wwDAAAAAAAAAAAAAAAAAAAAAAAAAD1ZlkQGAAAAXGoR6V+6IwBExM3JZycO/jpwaNSvn77+4zvznc7mdMRY8o/JfNZYRHR+Usx/PjMkAAAAADwAevfpxef0qEsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGXz3t23FvamAwvGzzfu374YEdV+8ctF6PGoRMT1fyZRvm+7JCJKZxB/9+2IeLxf/CTuZVlWLUrRL/61c45f7R6a/vHTiLhxBvHhKnsnb39e7Xf+pfF097P/+VcuptMa3P6l/2//SsX5fr+8/Xl0yBhPvPvL+sD4b0c8Ue7f/uzFT3r1Tw7Hf2bI+G98c2dn0LLsZxE3+37/JAdi1TtrG/X29s7tlbX55cZyY31mZvrF2ZdmX5idqi+tNBvF374xfvDJX907rv7XB8SvHqz/kfb/2SHr/99379z9SC9Z6Rf/1jP9v38fHxA/Lb77Pl2k8+U399K7vfT9nvzFb588rv6LA+q//++f9a3/rSHr/9zXv/fHIVcFAC5Ae3tndb7ZbGwekxgfYp0LTrxycbEmLr6CD+ABP+9E9t3e/8fT7eeUmx9JZCesMxbHbF6OMyjG2Ps4T882McpWCQAAOA/7F/15LktGXR4AAAAAAAAAAAAAAAAAAAC4ij7gG8LGI2LolQ/H3N1Prnz1gusLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDI/wIAAP//dGLgdw==")
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = getpid()
r2 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x5, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x3, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000ffffffff000000000a0000009500000000000000b515c7b7b2c86f57b180e391c28a64652f87bd114f22fc9a7c557707a3fd64a31ee403338c50cf8835c4ad4318f5de1c087e74535bcb4cc9e64a66a193ebb386fbadcc0ccc2b879b310e44c6a4bcc3b3752238fdc35a8a094091664baaa972f412d5ad90800c672ae84caeb1c447b494e6b4fc5f15d240ce0370e3b1ed96ead0999fe7bc7e9fa115154a71343b60d742d639d1b3456160b3cc81eb06f0ada2dbff70e3ea7db0e00f86f7407bfd8e9f487a28af72157f51f5a4995f7aa8cb03837696130ca40bbe0315a76f71fd7e65980da083ac03ca908cde2b40dd334ff553ba34faa214c72e66548496395f185afe97a69aedfba164666d67fb7addd90275dfe4c5c56691fb6b17500c09932a4c34a862eb350c74326d2c953fc6ebf48182adbaae003d7deae750034eea6d09b604406645417b8d87d4323b3edfa49172d85da4260e9d25bf8795165d935fd80cbd90e770c68ae27637a1157790b536638aeb51a80612fb7be0b91b7bce527d07798addba6eb3caab1478d8a6002e7fa791bed77460c061510474dd34c58d11f908cca1473884121292404c29361786ff2b97939ecd6bd59d366f3516f8f827ac1eb20dfa6322773882"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={r5, 0xe800, 0x0}, 0x10)
add_key$user(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffff9)
add_key$user(&(0x7f0000000100), &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0), 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
open(&(0x7f0000000180)='./file0/file0/file0\x00', 0x0, 0x120)
sendmsg$IPSET_CMD_GET_BYINDEX(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000000f06010800000000000000000a000000050001200700000005000100070000000500010007000000050001000700000006000b00ffff004fbf000b0002000000"], 0x44}, 0x1, 0x0, 0x0, 0x20008090}, 0x80)
connect$inet6(r2, &(0x7f0000000280)={0xa, 0x4e23, 0x10001, @mcast2, 0xffffff7f}, 0xfffffefc)
connect$unix(0xffffffffffffffff, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e)

3.288950175s ago: executing program 0 (id=423):
syz_emit_ethernet(0x9a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe800000000000000000000000000bbbff02000000000000000000000000000100004e22006490"], 0x0)

3.154139345s ago: executing program 0 (id=424):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
openat$rfkill(0xffffffffffffff9c, 0x0, 0xc2200, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
bpf$MAP_DELETE_ELEM(0x15, 0x0, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000900)=ANY=[@ANYRES32=r4], 0x50}}, 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r6, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110582000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

3.153857365s ago: executing program 6 (id=425):
mmap(&(0x7f0000ff4000/0xa000)=nil, 0xa000, 0x7, 0x10, 0xffffffffffffffff, 0xf7250000)
r0 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES32=r0, @ANYBLOB="1ac1555309db38"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="18004c0c95c4c8fff0c1f1b8", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007e4fffff7ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet(0x2, 0x800, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1d, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)

3.044421196s ago: executing program 2 (id=426):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x319c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="a7000000000000005a7da32917"], 0x0, 0x0, 0x0, 0x0}, 0x0)
getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r2, &(0x7f0000000d00)=[{&(0x7f0000000100)="89e7ee2c7cdad9b4b47380c988cafbe882cac5050093517d176c709a6db96cb03276db1bb7c9f6ca6878744421b3197464cdb25e2576bd8345f788", 0x3b}], 0x1)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001440)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x20, 0x1, 0x26, "1cc04b83a416880037118e8e48b36ee8e0ce6e21dafc7bed84e96bf4bbc989b6f1a2659674a6"}, 0x0})

2.644195468s ago: executing program 4 (id=427):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0100000003000000df7f000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = timerfd_create(0x9, 0x0)
timerfd_settime(r2, 0x0, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = socket$inet6(0xa, 0x3, 0x84)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000280)={{{@in=@broadcast, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0xfffe, 0x4e23, 0x0, 0x2}, {0x0, 0x1000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x6c}, 0xa, @in6=@private2, 0x0, 0x4}}, 0xe8)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x4e24, 0x20000000, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x22}}}, 0x1c)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)

2.325700129s ago: executing program 4 (id=428):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_kthread_stop\x00', r1}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000000201f85236ccc4ce75fa61b6d6978d0", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)

2.06409767s ago: executing program 6 (id=429):
setpriority(0x2, 0x0, 0x3)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x2000006, &(0x7f00000003c0)={[{@shortname_mixed}, {@utf8no}, {@fat=@flush}, {@uni_xlate}, {@fat=@codepage={'codepage', 0x3d, '932'}}, {@iocharset={'iocharset', 0x3d, 'macceltic'}}, {@fat=@nocase}, {@shortname_mixed}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@rodir}, {@uni_xlate}, {@shortname_mixed}, {@shortname_lower}, {@shortname_mixed}]}, 0x25, 0x34f, &(0x7f00000004c0)="$eJzs3T9sG2UUAPDnXhKnESUekCqYDBsSqpogBpgSVUWqyABFFv8WLJryJzaVYmEpDHG8gComEAsSTGwdYOyMGBBiY2ClSKiAWOhWqRGHbJ/tc+xQZ3Boxe83RE/v+9597y6n3CVKvrzeiq1L83H51q2bsbhYiLm1c2txuxClOBFJ9OzFRB8tTM4DAPe422kaf6U9d5/9yVI/8uwHgPtX9/n/5qlhoniE4qsPzKIlAGDGpvz+//mJ2SszawsAmKGx5/9jI8MHfsw/N/idAADg/vXiK68+t74RcbFcXoyof9isNCvxzHB8/XK8HbXYjLOxHPsRvReF3ttC5+OzFzbOny13/FaKSqeiWYmot5qV3pvCetKtL8ZKLEcpq08H9UmnfqVbX46IvVZ3/agXmpX5WMrW/3kpNmM1luOhsfqICxvnV8vZASr1fn0roh2L/ZPo9H8mluPHN+JK1OJSdGqH/e+ulMvn0o2R+ua1YnceAAAAAAAAAAAAAAAAAAAAAADMwpnyQGmw/01abzU/uHhwQmlkf5xKbzjbH6jd2x8oLfZ357maHNwfaHR/nmZlLk78p2cOAAAAAAAAAAAAAAAAAAAA947GzkJUa7XN7cbO+1v5oJXLvPv9V9+ejP7QXFb6TjKsiiw5cpz+xNyRkxgskQ7K02RkThYkEf3Je9Vr1wcd5+cUB2cxVt4JimNDhaynaq126tFfP59U9Xcn2Otmkhi7LKNBIVs/N1R/sJNYjIj9w6oOD1bvMudGmqaHle9+Nl4VhYi5OHIbUwTf3Xzr4Scbp5/qZr7JNn14/Inll258+uUfW9VatHtXplZb2G7sp1McudPr+FCSu38K2XUuTLgTJgftYaa93dipJj/9+fIjH/9wYHIy+f5J85n3Dl/r64OZhV5QiCj1L8K/tTo/4eafHLx2Z3D3Hv0Td/qLter13V9+n7Yq90XCRh0AAAAAAAAAAAAAAAAAAHAscn8rfgRPvzC7jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+A3//38uaI9lpgnutGJ8qLi53Th08ZPHeqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyP/RMAAP//rShzCQ==")
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x25c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d64050000000000650404000100000004040000fb007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e4845500a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491dc6aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de453f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291beea56ed7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124e16b64a5d1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba515d4cc28d702287fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4d"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xfe, 0x60000004, &(0x7f0000000100)="b9ff03076044238cb89e14f008000de0ffff00184000633c77fbac141412e000002062079f4b4d2f87e5feca6aab845013f2325f1a3903050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x25, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e5e1f2f575d0d6e996b57fd408d420abb7337934e59815d75b4eb3e7206afce", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f90931dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x2c)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)

2.001994301s ago: executing program 0 (id=430):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00180400fc020000000000000000000000000100fe8000000000000000000000000000aa"], 0x0)

1.972010591s ago: executing program 4 (id=431):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000440), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000082c00fe8000000000200000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)

1.840231111s ago: executing program 0 (id=432):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_format(r2, &(0x7f0000000800)='-1\x00', 0x3) (fail_nth: 47)

1.783086372s ago: executing program 4 (id=433):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000240)={[{@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5db, &(0x7f0000000940)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+ydOa9Hd6b7n773rx9bzaAyhpM/6lF7I2I6SSiP5lfzOuMLHNw4Xn3/v7kdPpIol5/488kkiwtf36S/ezLDu6JiJ9/SmJPx8pyZ+aunB+fmpq8nO0Pz16YHp6Zu3Lw3IXxs5NnJy+OvjR67OiRo8dGDrV1XlcL0k5ef//D/s/G3v7um3+Ske9/G0vieLyaPXHpeWyUwRhs/E6SlVl9xza6sJJ0ZO+TpS9x0llihViX/PXrioinoj864v6L1x+fvlZq5YBNVU8i6kA1HQ9/AKCi8n5Afm2//Dq4VkqvBNgKd08sDACsjP/OhbHB6GmMDey8l8TSYZ0kItobmWu2KyJu3xq7fubW2PXYpHE4oNj8tYh4uij+k0b8D0RPDDTiv9YU/2m/4FT2M01/vc3ylw8Vi3/YOgvx37Nq/EeL+H9nSfy/22b5g/c33+ttiv/edk8JAAAAAAAAKuvmiYh4sejz/9ri/J8omP/TFxHHN6D8wWX7Kz//r93ZgGKAAndPRLxSOP+3ls/+HejIth5rzAfoSs6cm5o8FBGPR8SB6NqR7o+sUsbBz/d83SpvMJv/lz/S8m9ncwGzetzp3NF8zMT47PjDnjcQcfdaxDOF83+TxfY/KWj/078H0w9Yxp7nb5xqlbd2/AObpf5txP7C9v/+XSuS1e/PMdzoDwznvYKVnv34ix9ald9u/LvFBDy8tP3fuXr8DyRL79czs/4yDs911lvltdv/707ebNxypjtL+2h8dvbySER3crIjTW1KH11/neFRlMdDHi9p/B94bvXxv6L+f29EzC/7v5O/mtcU5578t+/3VvXR/4fypPE/sa72f/0bozcGfmxV/oO1/0cabf2BLMX4Hyz4Kg/T7ub0gnDsLMra6voCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKOgFhG7IqkNLW7XakNDEX0R8UTsrE1dmpl94cylDy5OpHmN7/+v5d/027+wn+Tf/z+wZH902f7hiNgdEV929Db2h05fmpoo++QBAAAAAAAAAAAAAAAAAABgm+hrsf4/9UdH2bUDNl1n2RUASlMQ/7+UUQ9g62n/obrEP1SX+IfqEv9QXeIfqkv8Q3WJf6gu8Q8AAAAAAI+U3ftu/ppExPzLvY1HqjvL6yq1ZsBmq5VdAaA0bvED1WXqD1SXa3wgWSO/p+VBax25munTD3EwAAAAAAAAAAAAAFTO/r3W/0NVWf8P1WX9P1RXvv5/X8n1ALaea3wg1ljJX7j+f82jAAAAAAAAAAAAAICNNDN35fz41NTkZRtvbY9qtLcR0c5R9Xr9avou2C5n8T/fyKfCb5f6LNvI1/o96DsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYHv4LAAD//yMSIjU=")
request_key(0x0, 0x0, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x1)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
accept$inet6(r0, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r3 = socket(0x1, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r5}, 0x10)
syz_open_procfs(0x0, &(0x7f0000001080)='smaps_rollup\x00')
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r4}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}]}, 0x2c}}, 0x0)

1.504824373s ago: executing program 0 (id=434):
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000000)='./file0\x00')
write$P9_RLERRORu(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007", @ANYRES16], 0x52)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x5b40, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="000900000000302f564b29732a2a61eb209c1e02f7aa97c5fc7f58a311f07538806306eaa1fb3fd56e7fd4c1147c41aa4c8c319422f6cb0a3ab036ff00991bb8d6530ec527d8e365e20e7f19561bfe5747a27a6d4823b5f9cbe4ba8761"], 0x0}, 0x0)
syz_open_dev$hiddev(&(0x7f0000000d40), 0x0, 0x183200)
close_range(r3, 0xffffffffffffffff, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
lseek(r5, 0x0, 0x1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
r6 = socket(0x1e, 0x4, 0x0)
pipe2$9p(&(0x7f0000000140), 0x0)
r7 = epoll_create(0xfd)
r8 = syz_open_dev$usbfs(&(0x7f0000000340), 0x74, 0x101341)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_misc(r9, &(0x7f0000000580), 0xed)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r9, 0x0)
ioctl$USBDEVFS_IOCTL(r8, 0x80045510, &(0x7f0000000040)=@usbdevfs_driver={0xc264, 0x7ff, 0x0})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000100)={0xc0000000})

1.467479233s ago: executing program 1 (id=435):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_GET_LINKS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x200, 0x70bd25, 0x25dfdbfd, {{}, {}, {0x8}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x4044014)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000ac0)={0x5, &(0x7f0000000000)=[{0x50, 0x0, 0x3, 0x10000}, {0x20}, {0x16, 0x0, 0x0, 0x9}, {0x5, 0x5, 0xeb, 0x4}, {0x4, 0x4, 0x6, 0x6}]}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
unshare(0x68040200)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000480), r3)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x8, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000008000000840a00000000000066000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x93, &(0x7f0000000100)=""/147, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x61e5cc96, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x22)
sendmsg$TIPC_CMD_GET_NODES(r3, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r5, 0x400, 0x70bd27, 0x25dfdbfb, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x8084)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
unshare(0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
unshare(0x10200)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f00000002c0))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r7, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xc6, &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0x7a, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r8, @ANYBLOB="0a003400020202020202000004004c0008004b0000000000"], 0x34}}, 0x0)
getsockopt$IP6T_SO_GET_INFO(r6, 0x29, 0x40, &(0x7f0000000200)={'security\x00'}, &(0x7f0000000000)=0x54)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r3, &(0x7f0000003700)={0x0, 0x7000004, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r9, @ANYBLOB="0a000600080211000001000006006600c78800001c0033"], 0x4c}}, 0x0)
sendmsg$NL80211_CMD_SET_KEY(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x88, r4, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x3}}}}, [@NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY={0x1c, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_TYPE={0x8, 0x7, 0x1}, @NL80211_KEY_DEFAULT={0x4}]}, @NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_SEQ={0x12, 0x4, "0e0db0d67990715c36b468b679ba"}, @NL80211_KEY_IDX={0x5, 0x2, 0x5}]}, @NL80211_ATTR_KEY_SEQ={0x14, 0xa, "ad015408e357818f38fe83f10c85815b"}, @NL80211_ATTR_KEY_SEQ={0x7, 0xa, "8b4e92"}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000080}, 0x20000040)
sendmmsg(r1, &(0x7f0000003180)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000c00)='&', 0x1}], 0x1}}], 0x1, 0x0)

1.385800143s ago: executing program 1 (id=436):
mmap(&(0x7f0000ff4000/0xa000)=nil, 0xa000, 0x7, 0x10, 0xffffffffffffffff, 0xf7250000)
r0 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES32=r0, @ANYBLOB="1ac1555309db3871"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="18004c0c95c4c8fff0c1f1b8", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007e4fffff7ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet(0x2, 0x800, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1d, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)

1.356615194s ago: executing program 6 (id=437):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff81054e220000000058000b480400945f64009400050038925a01000000000000008000f0fffeffe809000000fff5dd0000000800010006080800418e00000004fcff", 0x58}], 0x1)
write$cgroup_type(r4, &(0x7f0000000180), 0x40010)
socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000240)='./file0/file0\x00', 0x100000, &(0x7f0000000200)=ANY=[@ANYBLOB='@'], 0xfd, 0x17f, &(0x7f0000000000)="$eJzsmEFLAkEUx/8za1oR0alDl4KE7NC6u1Z4CfLaKciKDkWmm1hrhu4hvYUd+xJ9gz5Cn6DPUJ0i8FjXjZkddZTKIIOg9zu8/b/xzXPmCX9hQRDEv+Xp8fWBNaebBoAJxBFT689Gt4Zr9Zn7o/23/Hrl+mojnX25PejvJ/YHwfe/PwLgLmPAV3kQ9O6Oq2cWvKO3wbGo9C4YTKUPwbGjtAuGPaVPNF0R9aZ5XPJcM1/xCkJYItgiOCKk+s/XumQoaOdj2ue1euM053ludahisqfzoPm1Mhxr2vn036s9G0ubnw0OW+kUGLaUTiPWnk04Eu3+M5Fuf+On9x/Fr0yNBAkSf0V0/Sm4YVjQ/Cmi+UfSL58na/XGUqmcK7pF98xxUqvWsmWtOElpRGH8wv/GpD+Na/1HPqmNsigucr5ftcPYyZ0wfuS4Uel/HIn5MGdqTUf+H0yxOfFIGConCIIgCIIgCIIgCIIgCIIYOrNg8i3oAJxNWf0eAAD//8FadAY=")

1.171132675s ago: executing program 6 (id=438):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
move_mount(0xffffffffffffffff, &(0x7f00000000c0)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TUNGETVNETLE(r1, 0x800454dd, &(0x7f0000000100))
preadv(r2, &(0x7f00000019c0)=[{0x0}, {0x0}], 0x2, 0x0, 0x0)
r3 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
getpid()
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010019"], 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
preadv(r1, &(0x7f00000002c0)=[{&(0x7f0000000300)=""/133, 0x85}], 0x1, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000080)='pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f00000000c0)='async\x00', &(0x7f0000000040)='async\x00', 0x0)
syz_usb_connect(0x0, 0x4b, &(0x7f00000004c0)=ANY=[@ANYBLOB="120100003f9aab106d04f0080d50010203010902390001000016470904000003"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000060000000500000000100000", @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x9, &(0x7f0000000000)=[{0xc, 0xe6, 0x9, 0x200}, {0x7, 0x2, 0x4, 0x3}, {0x8000, 0x0, 0x6, 0x2}, {0x1ff, 0x2, 0x6, 0x7}, {0x0, 0x5, 0x1, 0x5}, {0x6, 0x8, 0x0, 0x40}, {0x8, 0x5, 0x1}, {0x7, 0x3, 0x6, 0x3}, {0x1, 0xdc, 0x2}]})
dup(r0)

685.778696ms ago: executing program 4 (id=439):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x25, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1817c3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@deltclass={0x24, 0x29, 0x2, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x9, 0x8}, {0x2, 0x9}, {0x5, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x25, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP") (async)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1817c3, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@deltclass={0x24, 0x29, 0x2, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x9, 0x8}, {0x2, 0x9}, {0x5, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0) (async)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0) (async)

547.543417ms ago: executing program 1 (id=440):
syz_mount_image$fuse(0x0, 0x0, 0x100060, 0x0, 0x3e, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000729, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r3=>0x0})
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100290a000000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001c001a800800028004000500080000003e"], 0x44}}, 0x0)

463.939047ms ago: executing program 1 (id=441):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000000000407d1eb42d000000090001090224000100000000090400000103000000092100000001220b0009058103"], 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000e500000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000ac01e85c0fc0c215a3f05e22ea00", @ANYRES64=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0xfa0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
write$selinux_access(0xffffffffffffffff, 0x0, 0x41)
syz_usb_control_io(r0, 0x0, 0x0)
r3 = io_uring_setup(0x709d, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x234})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000020000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0b4c0b0000888618a9550c530007000000f00001000900000001005600", @ANYRES32=r1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r8, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='xen_mmu_flush_tlb_multi\x00', r9}, 0x18)
prctl$PR_SET_MM(0x23, 0xb, &(0x7f00007d7000/0x4000)=nil)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x23, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000280)='sched_switch\x00', r10}, 0x18)

412.704448ms ago: executing program 2 (id=442):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15) (async, rerun: 32)
r2 = dup(r1) (rerun: 32)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (async, rerun: 64)
chdir(&(0x7f0000000100)='./file0\x00') (async, rerun: 64)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$packet(0x11, 0x3, 0x300) (async)
syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) (async)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, 0x0, 0x800)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup(r4) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10) (async)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r8, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) (async)
sendmmsg$inet(r8, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="15b26f226e2966667482d50703b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5dffd691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6be", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="c9", 0x1}], 0x300}}], 0x3, 0x240080e4) (async, rerun: 64)
getsockname$packet(r5, &(0x7f00000000c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000180)=0x14) (rerun: 64)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002340)=ANY=[@ANYBLOB="7c0100001000010800"/20, @ANYRES32=r9, @ANYBLOB="0b100100000000005c011a8018000a8014000700a1875116d93c60531470075e826de28000000000000000000000000000aa300002802c00018008000000000000020800000000000000080000000000000008000000000000000800000000000000180002801400018008000d0000000000080000000000000040000a8014000700ff02000000000000000000000000000114000700ff02000000000000000000000000000114000700fe8000000000000000000000000000002800028024000180080000000000000008000000000000000800000000000000080000000000000004001c0088000a80140007002001000000000000000000000000000005000800ff000000050008000000000014000700fc01000000000000000000000000000014000700ff020000000000000000000000000001140007002001000000000000000000000000000014000700fe8000000000000000000000000000000500080000000000050008000000000004001c008f2ee16bd30a1cc518142a8cd36c81ab658e68d44b1f53873a2ddf285548f2dd5f40e7309e24f36871a03c7619831936fd764ef25fb63b356f7afd8e8d8b6b6232dd0bd33f05d42213706e154be6e84d09e6f31509996c9fd512b3b9b60af524a35429e9cc415cae9e2d83356b3484bf6da80adae6170ecceecab9b38fe75c1ed478b92f60aac3132b3865c32c2f510213d98729fa61f8c3bf46e1dba0cd627da362d4e1628fd126bec80050dcf92d73431eae81019e54393b24027cde3dd00588ce24a2bcb4ba25783a17b08183c817801e300b36877c8cb1639e4a9c44267dd6ffdb157c11cf0d2235a8b7addfd6360b46badf3e5e2e08717d4eb4e59a70adce893e61a11e0ad47975f7458261172354fca7102a2dbe5cb0500f1356914c5eecf1739bf8e41e1180ed064ca1389641d33f3b5254782a9291e239195039ceb439bf4b9b9596d70377c49006d10674f6da2d78d42520e9d462243560834cb19895b206008a381c5e350997f5b5f230fb692fe1c6670fd3714671e84ef02d92231fd0ff2a7f2b3cb193638516"], 0x17c}}, 0x0)
read$FUSE(r0, &(0x7f0000000300)={0x2020}, 0x2020) (async)
mknod(&(0x7f00000031c0)='./bus\x00', 0x1000, 0xcd)

380.967208ms ago: executing program 2 (id=443):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa79ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000a00000000000104004e200008b0"], 0x0)

321.849288ms ago: executing program 2 (id=444):
socket$netlink(0x10, 0x3, 0x8000000004)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b00000007000000010001000000008001000000", @ANYRES32, @ANYBLOB="985700"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000017000000000004000000000000000018000000622a5e5f8d38a72c0ea668b26c2261f0c4fb2c34a0750e59e960de0767b1594bf4ebcf11896489f928"], 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r2, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000001dc0)={0xb}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES16=r2, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x30e3, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, &(0x7f0000000780)=[@cr0={0x0, 0x40000002}], 0x1)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x6c, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

53.15108ms ago: executing program 4 (id=445):
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x18)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfff00002}, {0x16}]}, 0x10)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendmmsg$inet(r7, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r7, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcLli4hWCwigqx0CIpRGJIY0RcsbAWLLQQLCwkEq39+AcUv0BsxD6lGEEUYiUpxXpBsUmVZdfZxmplUdnleZrhPefMHF5+E/hPi8Lv7XY7EUJoJ9//9m+nhbFS98TI5FQIiTAbQij8+stfnUQ88fdXz+NzOT6XktnG/vXo82nHTc9dPX0Yxf1aFMJaCGHh4Sj1b+/G/99Z/jK1vrFU3FzJz98XVx8H5/oKXVuFxZ2hg1xlujM3E/9Ytehz9qcbw8e37fLT7vf+b/VGK3sVz2USH7Ofr/U2/72f1Wa1Nd57sjyQ+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBn+cvU+sZScXMlP39fXH0cnOsrdG0VFneGDnKV6c7cTPQ6V4s+Z3+6MXx82y4/7X7v/1ZvtLJX8Vwm8TH7+Vpv89/7WW1WW+O9J8sDmR/Ni8p2nPuL/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6gwVuqeGJmcCiERZkMIo1HH0Z/1dvK1n4jnzuNnOa6XktnG/vXo82nHTc9dPX04EddrUQhrIYSFh6PUp1+Gd/sjAAD///tch0s=")

0s ago: executing program 2 (id=446):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_setup(0x1, &(0x7f0000000000)=<r0=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r0, 0x1, &(0x7f0000000480)=[0x0])
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000300), 0x10800, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
setregid(0xee00, 0xee00)
keyctl$session_to_parent(0x12)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f00000004c0)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000400000000000000000000000950000000000000085100000fcffffff9500000000000000b2c45cc652ae0a692e367af078f28541ad2e098cdeeb33f83382a4ee5b34965be055631ac7c3274d796de512f283571b50470f715be04d1661871c4b"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)

kernel console output (not intermixed with test programs):

1136]  should_fail_alloc_page+0x5a/0x80
[   89.451395][ T1136]  prepare_alloc_pages+0x15c/0x700
[   89.456336][ T1136]  ? __alloc_pages_bulk+0xe40/0xe40
[   89.461372][ T1136]  __alloc_pages+0x18c/0x8f0
[   89.465797][ T1136]  ? prep_new_page+0x110/0x110
[   89.470498][ T1136]  shmem_alloc_and_acct_page+0x4bd/0xa80
[   89.475952][ T1136]  ? shmem_swapin_page+0x1680/0x1680
[   89.481078][ T1136]  ? xas_start+0x32c/0x3f0
[   89.485325][ T1136]  ? xas_load+0x2b7/0x2d0
[   89.489500][ T1136]  ? pagecache_get_page+0xdc2/0xeb0
[   89.494530][ T1136]  ? page_cache_prev_miss+0x410/0x410
[   89.499739][ T1136]  shmem_getpage_gfp+0x1388/0x23c0
[   89.504686][ T1136]  ? shmem_getpage+0xa0/0xa0
[   89.509105][ T1136]  ? fault_in_safe_writeable+0x240/0x240
[   89.514574][ T1136]  shmem_write_begin+0xca/0x1b0
[   89.519259][ T1136]  generic_perform_write+0x2de/0x750
[   89.524382][ T1136]  ? grab_cache_page_write_begin+0xa0/0xa0
[   89.530020][ T1136]  ? file_remove_privs+0x610/0x610
[   89.534971][ T1136]  ? rwsem_write_trylock+0x153/0x340
[   89.540088][ T1136]  ? rwsem_mark_wake+0x770/0x770
[   89.544874][ T1136]  __generic_file_write_iter+0x25b/0x4b0
[   89.550356][ T1136]  generic_file_write_iter+0xaf/0x1c0
[   89.555550][ T1136]  vfs_write+0xd5d/0x1110
[   89.559711][ T1136]  ? file_end_write+0x1c0/0x1c0
[   89.564393][ T1136]  ? mutex_lock+0xb6/0x1e0
[   89.568654][ T1136]  ? wait_for_completion_killable_timeout+0x10/0x10
[   89.575071][ T1136]  ? __fdget_pos+0x2e7/0x3a0
[   89.579495][ T1136]  ? ksys_write+0x77/0x2c0
[   89.583747][ T1136]  ksys_write+0x199/0x2c0
[   89.587931][ T1136]  ? __ia32_sys_read+0x90/0x90
[   89.592512][ T1136]  ? debug_smp_processor_id+0x17/0x20
[   89.597718][ T1136]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   89.603624][ T1136]  __x64_sys_write+0x7b/0x90
[   89.608048][ T1136]  x64_sys_call+0x2f/0x9a0
[   89.612307][ T1136]  do_syscall_64+0x3b/0xb0
[   89.616564][ T1136]  ? clear_bhb_loop+0x35/0x90
[   89.621066][ T1136]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   89.626795][ T1136] RIP: 0033:0x7fa2f5b85849
[   89.631049][ T1136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.650489][ T1136] RSP: 002b:00007fa2f41fc058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   89.658735][ T1136] RAX: ffffffffffffffda RBX: 00007fa2f5d4afa0 RCX: 00007fa2f5b85849
[   89.666547][ T1136] RDX: 0000000000040010 RSI: 0000000020000180 RDI: 000000000000000b
[   89.674355][ T1136] RBP: 00007fa2f41fc0a0 R08: 0000000000000000 R09: 0000000000000000
[   89.682178][ T1136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   89.689982][ T1136] R13: 0000000000000000 R14: 00007fa2f5d4afa0 R15: 00007ffc4903c778
[   89.697795][ T1136]  </TASK>
[   89.717416][ T1138] FAULT_INJECTION: forcing a failure.
[   89.717416][ T1138] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   89.731038][ T1138] CPU: 1 PID: 1138 Comm: syz.2.216 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[   89.740667][ T1138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.750563][ T1138] Call Trace:
[   89.753692][ T1138]  <TASK>
[   89.756463][ T1138]  dump_stack_lvl+0x151/0x1c0
[   89.760988][ T1138]  ? io_uring_drop_tctx_refs+0x190/0x190
[   89.766446][ T1138]  ? __stack_depot_save+0x34/0x470
[   89.771393][ T1138]  dump_stack+0x15/0x20
[   89.775386][ T1138]  should_fail+0x3c6/0x510
[   89.779636][ T1138]  should_fail_alloc_page+0x5a/0x80
[   89.784670][ T1138]  prepare_alloc_pages+0x15c/0x700
[   89.789618][ T1138]  ? __alloc_pages_bulk+0xe40/0xe40
[   89.794653][ T1138]  __alloc_pages+0x18c/0x8f0
[   89.799078][ T1138]  ? prep_new_page+0x110/0x110
[   89.803680][ T1138]  shmem_alloc_and_acct_page+0x4bd/0xa80
[   89.809147][ T1138]  ? shmem_swapin_page+0x1680/0x1680
[   89.814266][ T1138]  ? __irq_work_queue_local+0x111/0x180
[   89.819657][ T1138]  ? xas_start+0x32c/0x3f0
[   89.823905][ T1138]  ? xas_load+0x2b7/0x2d0
[   89.828069][ T1138]  ? pagecache_get_page+0xdc2/0xeb0
[   89.833102][ T1138]  ? page_cache_prev_miss+0x410/0x410
[   89.838324][ T1138]  shmem_getpage_gfp+0x1388/0x23c0
[   89.843261][ T1138]  ? shmem_getpage+0xa0/0xa0
[   89.847680][ T1138]  ? fault_in_safe_writeable+0x240/0x240
[   89.853149][ T1138]  shmem_write_begin+0xca/0x1b0
[   89.857835][ T1138]  generic_perform_write+0x2de/0x750
[   89.862962][ T1138]  ? grab_cache_page_write_begin+0xa0/0xa0
[   89.868597][ T1138]  ? file_remove_privs+0x610/0x610
[   89.873545][ T1138]  ? rwsem_write_trylock+0x153/0x340
[   89.878668][ T1138]  ? rwsem_mark_wake+0x770/0x770
[   89.883441][ T1138]  __generic_file_write_iter+0x25b/0x4b0
[   89.888909][ T1138]  generic_file_write_iter+0xaf/0x1c0
[   89.894116][ T1138]  vfs_write+0xd5d/0x1110
[   89.898282][ T1138]  ? file_end_write+0x1c0/0x1c0
[   89.902969][ T1138]  ? mutex_lock+0xb6/0x1e0
[   89.907219][ T1138]  ? wait_for_completion_killable_timeout+0x10/0x10
[   89.913646][ T1138]  ? __fdget_pos+0x2e7/0x3a0
[   89.918071][ T1138]  ? ksys_write+0x77/0x2c0
[   89.922325][ T1138]  ksys_write+0x199/0x2c0
[   89.926495][ T1138]  ? __ia32_sys_read+0x90/0x90
[   89.931094][ T1138]  ? debug_smp_processor_id+0x17/0x20
[   89.936296][ T1138]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   89.942207][ T1138]  __x64_sys_write+0x7b/0x90
[   89.946627][ T1138]  x64_sys_call+0x2f/0x9a0
[   89.950880][ T1138]  do_syscall_64+0x3b/0xb0
[   89.955132][ T1138]  ? clear_bhb_loop+0x35/0x90
[   89.959643][ T1138]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   89.965371][ T1138] RIP: 0033:0x7fa2f5b85849
[   89.969629][ T1138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.989068][ T1138] RSP: 002b:00007fa2f41fc058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   89.997314][ T1138] RAX: ffffffffffffffda RBX: 00007fa2f5d4afa0 RCX: 00007fa2f5b85849
[   90.005210][ T1138] RDX: 0000000000040010 RSI: 0000000020000180 RDI: 0000000000000007
[   90.013022][ T1138] RBP: 00007fa2f41fc0a0 R08: 0000000000000000 R09: 0000000000000000
[   90.020833][ T1138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   90.028646][ T1138] R13: 0000000000000000 R14: 00007fa2f5d4afa0 R15: 00007ffc4903c778
[   90.036468][ T1138]  </TASK>
[   90.093920][ T1145] FAULT_INJECTION: forcing a failure.
[   90.093920][ T1145] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   90.107238][ T1145] CPU: 1 PID: 1145 Comm: syz.5.219 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[   90.116863][ T1145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   90.126756][ T1145] Call Trace:
[   90.129881][ T1145]  <TASK>
[   90.132658][ T1145]  dump_stack_lvl+0x151/0x1c0
[   90.137172][ T1145]  ? io_uring_drop_tctx_refs+0x190/0x190
[   90.142656][ T1145]  ? __stack_depot_save+0x34/0x470
[   90.147586][ T1145]  dump_stack+0x15/0x20
[   90.151576][ T1145]  should_fail+0x3c6/0x510
[   90.155830][ T1145]  should_fail_alloc_page+0x5a/0x80
[   90.160863][ T1145]  prepare_alloc_pages+0x15c/0x700
[   90.165813][ T1145]  ? __alloc_pages_bulk+0xe40/0xe40
[   90.170849][ T1145]  __alloc_pages+0x18c/0x8f0
[   90.175273][ T1145]  ? prep_new_page+0x110/0x110
[   90.179873][ T1145]  ? __kasan_check_read+0x11/0x20
[   90.184743][ T1145]  ? __vm_enough_memory+0x119/0x2f0
[   90.189767][ T1145]  shmem_alloc_and_acct_page+0x4bd/0xa80
[   90.195243][ T1145]  ? shmem_swapin_page+0x1680/0x1680
[   90.200361][ T1145]  ? xas_start+0x32c/0x3f0
[   90.204611][ T1145]  ? xas_load+0x2b7/0x2d0
[   90.208780][ T1145]  ? pagecache_get_page+0xdc2/0xeb0
[   90.213809][ T1145]  ? page_cache_prev_miss+0x410/0x410
[   90.219015][ T1145]  ? _raw_spin_lock_irqsave+0x210/0x210
[   90.224404][ T1145]  ? lru_cache_add+0x279/0x540
[   90.228999][ T1145]  shmem_getpage_gfp+0x1388/0x23c0
[   90.233949][ T1145]  ? shmem_getpage+0xa0/0xa0
[   90.238370][ T1145]  ? fault_in_safe_writeable+0x240/0x240
[   90.243839][ T1145]  shmem_write_begin+0xca/0x1b0
[   90.248525][ T1145]  generic_perform_write+0x2de/0x750
[   90.253649][ T1145]  ? grab_cache_page_write_begin+0xa0/0xa0
[   90.259292][ T1145]  ? file_remove_privs+0x610/0x610
[   90.264325][ T1145]  ? rwsem_write_trylock+0x153/0x340
[   90.269446][ T1145]  ? rwsem_mark_wake+0x770/0x770
[   90.274216][ T1145]  __generic_file_write_iter+0x25b/0x4b0
[   90.279686][ T1145]  generic_file_write_iter+0xaf/0x1c0
[   90.284893][ T1145]  vfs_write+0xd5d/0x1110
[   90.289065][ T1145]  ? file_end_write+0x1c0/0x1c0
[   90.293746][ T1145]  ? __fdget_pos+0x209/0x3a0
[   90.298170][ T1145]  ? ksys_write+0x77/0x2c0
[   90.302424][ T1145]  ksys_write+0x199/0x2c0
[   90.306589][ T1145]  ? exc_page_fault+0x47a/0x7f0
[   90.311275][ T1145]  ? __ia32_sys_read+0x90/0x90
[   90.315878][ T1145]  __x64_sys_write+0x7b/0x90
[   90.320301][ T1145]  x64_sys_call+0x2f/0x9a0
[   90.321944][  T464] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   90.324559][ T1145]  do_syscall_64+0x3b/0xb0
[   90.324581][ T1145]  ? clear_bhb_loop+0x35/0x90
[   90.340612][ T1145]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   90.346340][ T1145] RIP: 0033:0x7f64e0f182ff
[   90.350591][ T1145] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 8e 02 00 48
[   90.370209][ T1145] RSP: 002b:00007f64df58fe10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   90.378542][ T1145] RAX: ffffffffffffffda RBX: 0000000000080000 RCX: 00007f64e0f182ff
[   90.386361][ T1145] RDX: 0000000000080000 RSI: 00007f64d7170000 RDI: 0000000000000008
[   90.394163][ T1145] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000000005f7
[   90.401975][ T1145] R10: 00000000200004c2 R11: 0000000000000293 R12: 0000000000000008
[   90.409784][ T1145] R13: 00007f64df58ff10 R14: 00007f64df58fed0 R15: 00007f64d7170000
[   90.417604][ T1145]  </TASK>
[   90.421009][  T397] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   90.432012][ T1145] loop5: detected capacity change from 0 to 1024
[   90.535229][ T1145] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   90.572181][  T464] usb 3-1: Using ep0 maxpacket: 32
[   90.691999][  T464] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[   90.700049][  T464] usb 3-1: config 0 has no interface number 0
[   90.705993][  T464] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.716646][  T464] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   90.726205][  T464] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[   90.735041][  T464] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.743707][  T464] usb 3-1: config 0 descriptor??
[   90.832095][  T397] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.851926][  T397] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   90.861488][  T397] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[   90.881908][  T397] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.899345][  T397] usb 5-1: config 0 descriptor??
[   91.061914][  T388] Bluetooth: hci0: command 0x1001 tx timeout
[   91.067940][ T1092] Bluetooth: hci0: sending frame failed (-49)
[   91.382746][  T397] hid-thrustmaster 0003:044F:B65D.000D: bogus close delimiter
[   91.390169][  T397] hid-thrustmaster 0003:044F:B65D.000D: item 0 0 2 10 parsing failed
[   91.398252][  T397] hid-thrustmaster 0003:044F:B65D.000D: parse failed with error -22
[   91.406105][  T397] hid-thrustmaster: probe of 0003:044F:B65D.000D failed with error -22
[   91.443098][  T464] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:28BD:0094.000C/input/input6
[   91.455805][  T464] uclogic 0003:28BD:0094.000C: input,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.2-1/input1
[   91.585226][   T26] usb 5-1: USB disconnect, device number 8
[   91.688541][ T1158] loop5: detected capacity change from 0 to 512
[   91.695702][  T397] usb 3-1: USB disconnect, device number 8
[   91.794247][ T1158] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.222: bg 0: block 248: padding at end of block bitmap is not set
[   91.808579][ T1158] EXT4-fs error (device loop5): ext4_acquire_dquot:6188: comm syz.5.222: Failed to acquire dquot type 1
[   91.820208][ T1158] EXT4-fs (loop5): 1 truncate cleaned up
[   91.825864][ T1158] EXT4-fs (loop5): mounted filesystem without journal. Opts: discard,inlinecrypt,,errors=continue. Quota mode: writeback.
[   91.838678][ T1158] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.004363][ T1165] syz.5.222 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   92.298567][ T1171] loop4: detected capacity change from 0 to 2048
[   92.371921][ T1171]  loop4: p2 p3 p7
[   93.309054][  T397] Bluetooth: hci0: command 0x1009 tx timeout
[   93.495937][  T434] udevd[434]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   93.506972][  T440] udevd[440]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[   93.518046][ T1000] udevd[1000]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   93.811921][  T397] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   93.883109][ T1167] loop0: detected capacity change from 0 to 131072
[   93.922746][ T1167] F2FS-fs (loop0): invalid crc value
[   93.965867][ T1189] FAULT_INJECTION: forcing a failure.
[   93.965867][ T1189] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.978784][ T1189] CPU: 1 PID: 1189 Comm: syz.2.229 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[   93.988358][ T1189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   93.998254][ T1189] Call Trace:
[   94.001383][ T1189]  <TASK>
[   94.004156][ T1189]  dump_stack_lvl+0x151/0x1c0
[   94.008677][ T1189]  ? io_uring_drop_tctx_refs+0x190/0x190
[   94.014142][ T1189]  ? __kasan_check_read+0x11/0x20
[   94.018999][ T1189]  dump_stack+0x15/0x20
[   94.022994][ T1189]  should_fail+0x3c6/0x510
[   94.027250][ T1189]  should_fail_usercopy+0x1a/0x20
[   94.032099][ T1189]  copy_page_from_iter_atomic+0x423/0x10e0
[   94.037750][ T1189]  ? pipe_zero+0x4e0/0x4e0
[   94.042002][ T1189]  generic_perform_write+0x360/0x750
[   94.047134][ T1189]  ? grab_cache_page_write_begin+0xa0/0xa0
[   94.052757][ T1189]  ? file_remove_privs+0x610/0x610
[   94.057706][ T1189]  ? rwsem_write_trylock+0x153/0x340
[   94.062825][ T1189]  ? rwsem_mark_wake+0x770/0x770
[   94.067599][ T1189]  __generic_file_write_iter+0x25b/0x4b0
[   94.073071][ T1189]  generic_file_write_iter+0xaf/0x1c0
[   94.078182][ T1167] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[   94.078275][ T1189]  vfs_write+0xd5d/0x1110
[   94.093032][ T1189]  ? putname+0xfa/0x150
[   94.097033][ T1189]  ? file_end_write+0x1c0/0x1c0
[   94.101709][ T1189]  ? mutex_lock+0xb6/0x1e0
[   94.105965][ T1189]  ? wait_for_completion_killable_timeout+0x10/0x10
[   94.112388][ T1189]  ? __fdget_pos+0x2e7/0x3a0
[   94.112946][ T1167] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b
[   94.116809][ T1189]  ? ksys_write+0x77/0x2c0
[   94.128363][ T1189]  ksys_write+0x199/0x2c0
[   94.132526][ T1189]  ? __ia32_sys_read+0x90/0x90
[   94.133776][ T1167] incfs: ino conflict with backing FS 4
[   94.137121][ T1189]  ? debug_smp_processor_id+0x17/0x20
[   94.137148][ T1189]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   94.153613][ T1189]  __x64_sys_write+0x7b/0x90
[   94.158044][ T1189]  x64_sys_call+0x2f/0x9a0
[   94.159876][   T30] kauditd_printk_skb: 24 callbacks suppressed
[   94.159890][   T30] audit: type=1400 audit(1733072541.717:619): avc:  denied  { ioctl } for  pid=1166 comm="syz.0.223" path="/39/mnt/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x671e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   94.162290][ T1189]  do_syscall_64+0x3b/0xb0
[   94.162313][ T1189]  ? clear_bhb_loop+0x35/0x90
[   94.172132][ T1167] incfs: ino conflict with backing FS 7
[   94.194061][ T1189]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   94.194097][ T1189] RIP: 0033:0x7fa2f5b85849
[   94.194113][ T1189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.194130][ T1189] RSP: 002b:00007fa2f41fc058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   94.194150][ T1189] RAX: ffffffffffffffda RBX: 00007fa2f5d4afa0 RCX: 00007fa2f5b85849
[   94.194164][ T1189] RDX: 0000000000043451 RSI: 0000000020000200 RDI: 0000000000000008
[   94.198467][   T30] audit: type=1400 audit(1733072541.717:620): avc:  denied  { setattr } for  pid=1166 comm="syz.0.223" name="00000000000000000000000000000041" dev="loop0" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   94.202822][ T1189] RBP: 00007fa2f41fc0a0 R08: 0000000000000000 R09: 0000000000000000
[   94.202837][ T1189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   94.202853][ T1189] R13: 0000000000000000 R14: 00007fa2f5d4afa0 R15: 00007ffc4903c778
[   94.209272][   T30] audit: type=1400 audit(1733072541.717:621): avc:  denied  { link } for  pid=1166 comm="syz.0.223" name="00000000000000000000000000000041" dev="loop0" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   94.213940][ T1189]  </TASK>
[   94.214772][ T1167] incfs: ino conflict with backing FS 5
[   94.344860][ T1167] incfs: ino conflict with backing FS 6
[   94.362000][ T1195] loop2: detected capacity change from 0 to 1024
[   94.378489][   T30] audit: type=1400 audit(1733072541.957:622): avc:  denied  { set_context_mgr } for  pid=1196 comm="syz.5.230" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   94.419099][ T1195] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[   94.431305][ T1195] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[   94.445251][ T1195] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,jqfmt=vfsold,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[   94.481989][  T397] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.511905][  T397] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.521514][  T397] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[   94.552006][  T397] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.559838][   T30] audit: type=1400 audit(1733072542.137:623): avc:  denied  { map } for  pid=1196 comm="syz.5.230" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   94.590483][  T397] usb 5-1: config 0 descriptor??
[   94.604198][   T30] audit: type=1326 audit(1733072542.187:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1194 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f5b85849 code=0x7ffc0000
[   94.627485][   T30] audit: type=1326 audit(1733072542.187:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1194 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7fa2f5b85849 code=0x7ffc0000
[   94.833369][ T1208] loop0: detected capacity change from 0 to 1024
[   94.874552][ T1206] loop5: detected capacity change from 0 to 16
[   94.912293][ T1208] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[   94.922847][ T1208] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[   94.923429][ T1206] erofs: (device loop5): mounted with root inode @ nid 36.
[   94.937113][ T1208] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,jqfmt=vfsold,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[   94.947494][   T30] audit: type=1400 audit(1733072542.527:626): avc:  denied  { map } for  pid=1204 comm="syz.5.233" path="/14/file0" dev="loop5" ino=36 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   94.996142][   T30] audit: type=1326 audit(1733072542.567:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1207 comm="syz.0.232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[   95.019388][   T30] audit: type=1400 audit(1733072542.577:628): avc:  denied  { execute } for  pid=1204 comm="syz.5.233" path="/14/file0" dev="loop5" ino=36 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   95.072880][  T397] hid-thrustmaster 0003:044F:B65D.000E: bogus close delimiter
[   95.080235][  T397] hid-thrustmaster 0003:044F:B65D.000E: item 0 0 2 10 parsing failed
[   95.088365][  T397] hid-thrustmaster 0003:044F:B65D.000E: parse failed with error -22
[   95.096246][  T397] hid-thrustmaster: probe of 0003:044F:B65D.000E failed with error -22
[   95.276012][  T388] usb 5-1: USB disconnect, device number 9
[   95.293798][ T1218] syz.2.236[1218] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.293851][ T1218] syz.2.236[1218] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.325657][ T1220] loop2: detected capacity change from 0 to 512
[   95.433284][ T1220] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   95.441476][ T1220] EXT4-fs (loop2): orphan cleanup on readonly fs
[   95.448220][ T1220] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #16: comm syz.2.237: iget: immutable or append flags not allowed on symlinks
[   95.462391][ T1220] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.237: couldn't read orphan inode 16 (err -117)
[   95.474331][ T1220] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   95.639149][ T1227] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0
[   95.763815][ T1231] syz.0.242[1231] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.763889][ T1231] syz.0.242[1231] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.817560][ T1237] netlink: 28 bytes leftover after parsing attributes in process `syz.2.241'.
[   95.837477][ T1237] netlink: 28 bytes leftover after parsing attributes in process `syz.2.241'.
[   96.059386][ T1240] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   96.083637][ T1242] loop0: detected capacity change from 0 to 128
[   96.111979][  T388] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   96.137863][ T1242] kvm: vcpu 0: requested 4 ns lapic timer period limited to 200000 ns
[   96.299684][ T1250] loop0: detected capacity change from 0 to 40427
[   96.392373][ T1250] F2FS-fs (loop0): Invalid SB checksum offset: 0
[   96.398790][ T1250] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[   96.409441][ T1250] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   96.434187][ T1250] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[   96.441135][ T1250] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   96.481995][  T388] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   96.535198][  T388] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   96.546962][  T388] usb 6-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[   96.557826][  T388] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.702318][ T1264] loop2: detected capacity change from 0 to 256
[   96.829751][  T388] usb 6-1: config 0 descriptor??
[   96.888897][ T1264] FAT-fs (loop2): Directory bread(block 64) failed
[   96.891954][  T397] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   96.895487][ T1264] FAT-fs (loop2): Directory bread(block 65) failed
[   96.909062][ T1264] FAT-fs (loop2): Directory bread(block 66) failed
[   96.915401][ T1264] FAT-fs (loop2): Directory bread(block 67) failed
[   96.921681][ T1264] FAT-fs (loop2): Directory bread(block 68) failed
[   96.928173][ T1264] FAT-fs (loop2): Directory bread(block 69) failed
[   96.934577][ T1264] FAT-fs (loop2): Directory bread(block 70) failed
[   96.940833][ T1264] FAT-fs (loop2): Directory bread(block 71) failed
[   96.947286][ T1264] FAT-fs (loop2): Directory bread(block 72) failed
[   96.953779][ T1264] FAT-fs (loop2): Directory bread(block 73) failed
[   97.312079][  T397] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.313966][  T388] hid-thrustmaster 0003:044F:B65D.000F: bogus close delimiter
[   97.328695][  T397] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.330273][  T388] hid-thrustmaster 0003:044F:B65D.000F: item 0 0 2 10 parsing failed
[   97.348370][  T388] hid-thrustmaster 0003:044F:B65D.000F: parse failed with error -22
[   97.356248][  T397] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[   97.356481][  T388] hid-thrustmaster: probe of 0003:044F:B65D.000F failed with error -22
[   97.370327][  T397] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.387338][  T397] usb 1-1: config 0 descriptor??
[   97.437661][ T1277] netlink: 20 bytes leftover after parsing attributes in process `syz.2.253'.
[   97.518895][   T26] usb 6-1: USB disconnect, device number 3
[   97.579777][ T1288] FAULT_INJECTION: forcing a failure.
[   97.579777][ T1288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.592781][ T1288] CPU: 0 PID: 1288 Comm: syz.1.256 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[   97.602391][ T1288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   97.612286][ T1288] Call Trace:
[   97.615420][ T1288]  <TASK>
[   97.618196][ T1288]  dump_stack_lvl+0x151/0x1c0
[   97.622708][ T1288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   97.628175][ T1288]  ? __kasan_check_read+0x11/0x20
[   97.633047][ T1288]  dump_stack+0x15/0x20
[   97.637026][ T1288]  should_fail+0x3c6/0x510
[   97.641279][ T1288]  should_fail_usercopy+0x1a/0x20
[   97.646135][ T1288]  copy_page_from_iter_atomic+0x423/0x10e0
[   97.651788][ T1288]  ? pipe_zero+0x4e0/0x4e0
[   97.656031][ T1288]  generic_perform_write+0x360/0x750
[   97.661169][ T1288]  ? grab_cache_page_write_begin+0xa0/0xa0
[   97.666793][ T1288]  ? file_remove_privs+0x610/0x610
[   97.671742][ T1288]  ? rwsem_write_trylock+0x153/0x340
[   97.676860][ T1288]  ? rwsem_mark_wake+0x770/0x770
[   97.681635][ T1288]  __generic_file_write_iter+0x25b/0x4b0
[   97.687104][ T1288]  generic_file_write_iter+0xaf/0x1c0
[   97.692317][ T1288]  vfs_write+0xd5d/0x1110
[   97.696483][ T1288]  ? __traceiter_kmem_cache_free+0x32/0x50
[   97.702130][ T1288]  ? file_end_write+0x1c0/0x1c0
[   97.706805][ T1288]  ? mutex_lock+0xb6/0x1e0
[   97.711063][ T1288]  ? wait_for_completion_killable_timeout+0x10/0x10
[   97.717482][ T1288]  ? __fdget_pos+0x2e7/0x3a0
[   97.721910][ T1288]  ? ksys_write+0x77/0x2c0
[   97.726158][ T1288]  ksys_write+0x199/0x2c0
[   97.730325][ T1288]  ? __ia32_sys_read+0x90/0x90
[   97.734928][ T1288]  ? debug_smp_processor_id+0x17/0x20
[   97.740130][ T1288]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   97.746060][ T1288]  __x64_sys_write+0x7b/0x90
[   97.750463][ T1288]  x64_sys_call+0x2f/0x9a0
[   97.754715][ T1288]  do_syscall_64+0x3b/0xb0
[   97.758966][ T1288]  ? clear_bhb_loop+0x35/0x90
[   97.763500][ T1288]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   97.769210][ T1288] RIP: 0033:0x7f9436aef849
[   97.773461][ T1288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.792904][ T1288] RSP: 002b:00007f9435166058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   97.801163][ T1288] RAX: ffffffffffffffda RBX: 00007f9436cb4fa0 RCX: 00007f9436aef849
[   97.809048][ T1288] RDX: 0000000000040010 RSI: 0000000020000180 RDI: 0000000000000006
[   97.816857][ T1288] RBP: 00007f94351660a0 R08: 0000000000000000 R09: 0000000000000000
[   97.824667][ T1288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   97.832482][ T1288] R13: 0000000000000000 R14: 00007f9436cb4fa0 R15: 00007ffc636c1818
[   97.840305][ T1288]  </TASK>
[   97.902670][ T1292] loop4: detected capacity change from 0 to 512
[   97.988066][ T1290] loop1: detected capacity change from 0 to 40427
[   98.003773][ T1292] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback.
[   98.017384][ T1292] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.038157][ T1292] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback.
[   98.047142][ T1290] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   98.056140][ T1290] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   98.065681][ T1290] F2FS-fs (loop1): invalid crc value
[   98.085226][ T1290] F2FS-fs (loop1): Found nat_bits in checkpoint
[   98.175081][ T1290] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   98.195936][ T1311] loop2: detected capacity change from 0 to 2048
[   98.197122][ T1290] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   98.236414][ T1290] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.243503][ T1290] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.257943][ T1290] device bridge_slave_1 left promiscuous mode
[   98.264419][ T1290] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.273617][ T1311] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   98.289491][ T1290] device bridge_slave_0 left promiscuous mode
[   98.299872][ T1290] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.307167][ T1311] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.213160][   T30] kauditd_printk_skb: 51 callbacks suppressed
[   99.258491][   T30] audit: type=1400 audit(1733072546.797:680): avc:  denied  { create } for  pid=1310 comm="syz.2.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[   99.462836][   T30] audit: type=1326 audit(1733072546.997:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1289 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9436aef849 code=0x7ffc0000
[   99.487828][   T30] audit: type=1326 audit(1733072546.997:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1289 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9436aef849 code=0x7ffc0000
[   99.584048][  T397] usbhid 1-1:0.0: can't add hid device: -71
[   99.589881][  T397] usbhid: probe of 1-1:0.0 failed with error -71
[   99.596999][  T397] usb 1-1: USB disconnect, device number 7
[   99.613180][  T320] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   99.700043][  T320] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   99.875575][ T1341] netlink: 12 bytes leftover after parsing attributes in process `syz.2.271'.
[  100.357353][ T1348] fuse: Bad value for 'user_id'
[  100.542584][ T1349] loop5: detected capacity change from 0 to 1024
[  100.592844][ T1349] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  100.611660][ T1357] FAULT_INJECTION: forcing a failure.
[  100.611660][ T1357] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.624789][ T1357] CPU: 0 PID: 1357 Comm: syz.0.273 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  100.634417][ T1357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  100.644310][ T1357] Call Trace:
[  100.647443][ T1357]  <TASK>
[  100.650212][ T1357]  dump_stack_lvl+0x151/0x1c0
[  100.654771][ T1357]  ? io_uring_drop_tctx_refs+0x190/0x190
[  100.660195][ T1357]  ? __kasan_check_read+0x11/0x20
[  100.665057][ T1357]  dump_stack+0x15/0x20
[  100.669047][ T1357]  should_fail+0x3c6/0x510
[  100.673302][ T1357]  should_fail_usercopy+0x1a/0x20
[  100.678176][ T1357]  copy_page_from_iter_atomic+0x423/0x10e0
[  100.683822][ T1357]  ? pipe_zero+0x4e0/0x4e0
[  100.688056][ T1357]  generic_perform_write+0x360/0x750
[  100.693176][ T1357]  ? grab_cache_page_write_begin+0xa0/0xa0
[  100.698818][ T1357]  ? file_remove_privs+0x610/0x610
[  100.703761][ T1357]  ? rwsem_write_trylock+0x153/0x340
[  100.708941][ T1357]  ? rwsem_mark_wake+0x770/0x770
[  100.713666][ T1357]  __generic_file_write_iter+0x25b/0x4b0
[  100.719138][ T1357]  generic_file_write_iter+0xaf/0x1c0
[  100.724336][ T1357]  vfs_write+0xd5d/0x1110
[  100.728505][ T1357]  ? putname+0xfa/0x150
[  100.732011][ T1349] EXT4-fs (loop5): mounted filesystem without journal. Opts: nombcache,delalloc,norecovery,commit=0x0000000000000005,norecovery,,errors=continue. Quota mode: writeback.
[  100.732494][ T1357]  ? file_end_write+0x1c0/0x1c0
[  100.749273][   T39] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  100.753756][ T1357]  ? mutex_lock+0xb6/0x1e0
[  100.753782][ T1357]  ? wait_for_completion_killable_timeout+0x10/0x10
[  100.771728][ T1357]  ? __fdget_pos+0x2e7/0x3a0
[  100.776151][ T1357]  ? ksys_write+0x77/0x2c0
[  100.780406][ T1357]  ksys_write+0x199/0x2c0
[  100.784570][ T1357]  ? __ia32_sys_read+0x90/0x90
[  100.789168][ T1357]  ? debug_smp_processor_id+0x17/0x20
[  100.794371][ T1357]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  100.800275][ T1357]  __x64_sys_write+0x7b/0x90
[  100.804700][ T1357]  x64_sys_call+0x2f/0x9a0
[  100.808953][ T1357]  do_syscall_64+0x3b/0xb0
[  100.813207][ T1357]  ? clear_bhb_loop+0x35/0x90
[  100.817722][ T1357]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  100.823448][ T1357] RIP: 0033:0x7f2109293849
[  100.827706][ T1357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.847144][ T1357] RSP: 002b:00007f210790a058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  100.855389][ T1357] RAX: ffffffffffffffda RBX: 00007f2109458fa0 RCX: 00007f2109293849
[  100.863372][ T1357] RDX: 0000000000043451 RSI: 0000000020000200 RDI: 0000000000000008
[  100.871184][ T1357] RBP: 00007f210790a0a0 R08: 0000000000000000 R09: 0000000000000000
[  100.878998][ T1357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  100.886808][ T1357] R13: 0000000000000000 R14: 00007f2109458fa0 R15: 00007ffee0c3e758
[  100.894625][ T1357]  </TASK>
[  100.904773][   T30] audit: type=1400 audit(1733072548.357:683): avc:  denied  { setopt } for  pid=1346 comm="syz.5.272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  100.975051][ T1367] loop4: detected capacity change from 0 to 1024
[  100.978765][   T30] audit: type=1400 audit(1733072548.527:684): avc:  denied  { getopt } for  pid=1370 comm="syz.0.278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  100.996846][ T1375] loop2: detected capacity change from 0 to 512
[  101.010762][ T1373] FAULT_INJECTION: forcing a failure.
[  101.010762][ T1373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.023960][ T1373] CPU: 1 PID: 1373 Comm: syz.0.279 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  101.033761][ T1373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  101.043655][ T1373] Call Trace:
[  101.046776][ T1373]  <TASK>
[  101.049556][ T1373]  dump_stack_lvl+0x151/0x1c0
[  101.054070][ T1373]  ? io_uring_drop_tctx_refs+0x190/0x190
[  101.059535][ T1373]  ? debug_smp_processor_id+0x17/0x20
[  101.064743][ T1373]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  101.070383][ T1373]  dump_stack+0x15/0x20
[  101.074379][ T1373]  should_fail+0x3c6/0x510
[  101.078632][ T1373]  should_fail_usercopy+0x1a/0x20
[  101.083492][ T1373]  copy_fpstate_to_sigframe+0x708/0x9a0
[  101.088875][ T1373]  ? fpregs_set+0x6f0/0x6f0
[  101.093210][ T1373]  ? __kasan_check_write+0x14/0x20
[  101.098160][ T1373]  ? recalc_sigpending+0x1a5/0x230
[  101.103105][ T1373]  ? dequeue_signal+0x205/0x520
[  101.107794][ T1373]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  101.112740][ T1373]  ? unhandled_signal+0x150/0x150
[  101.117603][ T1373]  ? fpu__alloc_mathframe+0x89/0x150
[  101.122721][ T1373]  get_sigframe+0x378/0x4b0
[  101.127063][ T1373]  ? memcpy+0x56/0x70
[  101.130880][ T1373]  ? restore_sigcontext+0x710/0x710
[  101.135916][ T1373]  arch_do_signal_or_restart+0x2ad/0x1680
[  101.141469][ T1373]  ? __kasan_check_write+0x14/0x20
[  101.146416][ T1373]  ? _copy_from_user+0x96/0xd0
[  101.151017][ T1373]  ? restore_altstack+0x274/0x400
[  101.155876][ T1373]  ? get_sigframe_size+0x10/0x10
[  101.160649][ T1373]  ? __se_sys_futex+0x37b/0x3e0
[  101.165340][ T1373]  exit_to_user_mode_loop+0xa0/0xe0
[  101.170370][ T1373]  exit_to_user_mode_prepare+0x5a/0xa0
[  101.175671][ T1373]  syscall_exit_to_user_mode+0x26/0x160
[  101.181048][ T1373]  do_syscall_64+0x47/0xb0
[  101.185300][ T1373]  ? clear_bhb_loop+0x35/0x90
[  101.189813][ T1373]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  101.195541][ T1373] RIP: 0033:0x7f2109293847
[  101.199794][ T1373] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  101.219239][ T1373] RSP: 002b:00007f210790a058 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  101.227483][ T1373] RAX: 00000000000000ca RBX: 00007f2109458fa0 RCX: 00007f2109293849
[  101.235292][ T1373] RDX: 0000000000000000 RSI: 000080000000000b RDI: 000000002000cffc
[  101.243102][ T1373] RBP: 00007f210790a0a0 R08: 0000000020048000 R09: 0000000000000000
[  101.250913][ T1373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  101.258723][ T1373] R13: 0000000000000000 R14: 00007f2109458fa0 R15: 00007ffee0c3e758
[  101.266542][ T1373]  </TASK>
[  101.270641][   T30] audit: type=1400 audit(1733072548.857:685): avc:  denied  { unlink } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  101.287076][ T1367] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  101.313845][ T1367] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,barrier,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,noquota,nogrpid,noauto_da_alloc,mblk_io_submit,,errors=continue. Quota mode: none.
[  101.343887][   T30] audit: type=1400 audit(1733072548.927:686): avc:  denied  { execute } for  pid=1366 comm="syz.4.276" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  101.375713][   T30] audit: type=1400 audit(1733072548.947:687): avc:  denied  { execute_no_trans } for  pid=1366 comm="syz.4.276" path="/70/file1/file0/file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  101.432336][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.461901][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.472877][ T1387] loop5: detected capacity change from 0 to 1024
[  101.483048][   T39] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  101.502340][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.526058][   T39] usb 2-1: config 0 descriptor??
[  101.534411][ T1390] loop2: detected capacity change from 0 to 256
[  101.578345][   T30] audit: type=1326 audit(1733072549.157:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1392 comm="syz.4.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  101.604014][ T1393] loop4: detected capacity change from 0 to 256
[  101.611597][   T30] audit: type=1326 audit(1733072549.157:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1392 comm="syz.4.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  101.664393][ T1394] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 198)
[  101.672670][ T1394] FAT-fs (loop4): Filesystem has been set read-only
[  101.679653][ T1393] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 198)
[  102.013114][   T39] hid-thrustmaster 0003:044F:B65D.0010: bogus close delimiter
[  102.026194][   T39] hid-thrustmaster 0003:044F:B65D.0010: item 0 0 2 10 parsing failed
[  102.036279][ T1407] loop5: detected capacity change from 0 to 1024
[  102.037029][   T39] hid-thrustmaster 0003:044F:B65D.0010: parse failed with error -22
[  102.115173][   T39] hid-thrustmaster: probe of 0003:044F:B65D.0010 failed with error -22
[  102.218740][   T39] usb 2-1: USB disconnect, device number 5
[  102.298169][ T1414] FAULT_INJECTION: forcing a failure.
[  102.298169][ T1414] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.311120][ T1414] CPU: 0 PID: 1414 Comm: syz.0.292 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  102.320748][ T1414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  102.330662][ T1414] Call Trace:
[  102.333764][ T1414]  <TASK>
[  102.336538][ T1414]  dump_stack_lvl+0x151/0x1c0
[  102.341053][ T1414]  ? io_uring_drop_tctx_refs+0x190/0x190
[  102.346519][ T1414]  ? __kasan_check_read+0x11/0x20
[  102.351384][ T1414]  dump_stack+0x15/0x20
[  102.355374][ T1414]  should_fail+0x3c6/0x510
[  102.359632][ T1414]  should_fail_usercopy+0x1a/0x20
[  102.364487][ T1414]  copy_page_from_iter_atomic+0x423/0x10e0
[  102.370131][ T1414]  ? pipe_zero+0x4e0/0x4e0
[  102.374386][ T1414]  generic_perform_write+0x360/0x750
[  102.379502][ T1414]  ? __mark_inode_dirty+0x54e/0xa50
[  102.384545][ T1414]  ? grab_cache_page_write_begin+0xa0/0xa0
[  102.390181][ T1414]  ? file_remove_privs+0x610/0x610
[  102.395123][ T1414]  ? rwsem_write_trylock+0x153/0x340
[  102.400944][ T1414]  ? rwsem_mark_wake+0x770/0x770
[  102.405711][ T1414]  __generic_file_write_iter+0x25b/0x4b0
[  102.411181][ T1414]  generic_file_write_iter+0xaf/0x1c0
[  102.416396][ T1414]  vfs_write+0xd5d/0x1110
[  102.420556][ T1414]  ? putname+0xfa/0x150
[  102.424550][ T1414]  ? file_end_write+0x1c0/0x1c0
[  102.429234][ T1414]  ? mutex_lock+0xb6/0x1e0
[  102.433486][ T1414]  ? wait_for_completion_killable_timeout+0x10/0x10
[  102.439909][ T1414]  ? __fdget_pos+0x2e7/0x3a0
[  102.444334][ T1414]  ? ksys_write+0x77/0x2c0
[  102.448590][ T1414]  ksys_write+0x199/0x2c0
[  102.452756][ T1414]  ? __ia32_sys_read+0x90/0x90
[  102.457352][ T1414]  ? debug_smp_processor_id+0x17/0x20
[  102.462564][ T1414]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  102.468462][ T1414]  __x64_sys_write+0x7b/0x90
[  102.472891][ T1414]  x64_sys_call+0x2f/0x9a0
[  102.477141][ T1414]  do_syscall_64+0x3b/0xb0
[  102.481411][ T1414]  ? clear_bhb_loop+0x35/0x90
[  102.485912][ T1414]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  102.491640][ T1414] RIP: 0033:0x7f2109293849
[  102.495892][ T1414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.515592][ T1414] RSP: 002b:00007f210790a058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  102.523840][ T1414] RAX: ffffffffffffffda RBX: 00007f2109458fa0 RCX: 00007f2109293849
[  102.531662][ T1414] RDX: 0000000000043451 RSI: 0000000020000200 RDI: 0000000000000009
[  102.539457][ T1414] RBP: 00007f210790a0a0 R08: 0000000000000000 R09: 0000000000000000
[  102.547269][ T1414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  102.555079][ T1414] R13: 0000000000000000 R14: 00007f2109458fa0 R15: 00007ffee0c3e758
[  102.562895][ T1414]  </TASK>
[  102.701498][ T1423] netlink: 8 bytes leftover after parsing attributes in process `syz.4.293'.
[  102.718776][ T1423] Invalid ELF header magic: != ELF
[  102.911203][ T1431] loop0: detected capacity change from 0 to 256
[  102.953053][ T1431] exfat: Deprecated parameter 'utf8'
[  102.958314][ T1431] exfat: Deprecated parameter 'namecase'
[  102.963962][ T1431] exfat: Deprecated parameter 'utf8'
[  102.981055][ T1431] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  103.353931][ T1442] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  103.389665][ T1442] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  103.433305][ T1442] tipc: Started in network mode
[  103.438206][ T1442] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  103.605110][ T1442] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  103.615609][ T1442] tipc: Enabled bearer <udp:syz1>, priority 10
[  104.001023][ T1464] netlink: 12 bytes leftover after parsing attributes in process `syz.1.305'.
[  104.152707][ T1428] loop4: detected capacity change from 0 to 40427
[  104.230849][   T30] kauditd_printk_skb: 103 callbacks suppressed
[  104.230865][   T30] audit: type=1326 audit(1733072551.807:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1471 comm="syz.0.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  104.260926][ T1428] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  104.271993][ T1428] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  104.296471][ T1465] loop2: detected capacity change from 0 to 40427
[  104.301317][ T1474] loop5: detected capacity change from 0 to 2048
[  104.303055][   T30] audit: type=1326 audit(1733072551.807:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1471 comm="syz.0.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  104.311529][ T1428] F2FS-fs (loop4): Found nat_bits in checkpoint
[  104.332755][   T30] audit: type=1326 audit(1733072551.807:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1471 comm="syz.0.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  104.361915][   T30] audit: type=1326 audit(1733072551.807:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1471 comm="syz.0.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  104.361951][   T30] audit: type=1326 audit(1733072551.807:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1471 comm="syz.0.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  104.361981][   T30] audit: type=1326 audit(1733072551.807:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1471 comm="syz.0.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  104.362009][   T30] audit: type=1326 audit(1733072551.807:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1471 comm="syz.0.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  104.362035][   T30] audit: type=1326 audit(1733072551.807:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1471 comm="syz.0.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  104.362061][   T30] audit: type=1326 audit(1733072551.807:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1471 comm="syz.0.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  104.362087][   T30] audit: type=1326 audit(1733072551.807:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1471 comm="syz.0.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  104.427072][ T1428] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  104.439511][ T1465] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  104.457024][ T1428] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  104.478146][ T1465] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  104.564477][ T1428] overlayfs: invalid origin (0000)
[  104.566242][ T1474] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  104.584654][  T290] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  104.584673][  T290] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  104.584683][  T290] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  104.584693][  T290] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  104.584703][  T290] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  104.584713][  T290] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  104.584723][  T290] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  104.618444][   T39] tipc: Node number set to 1
[  104.626338][ T1465] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  104.673821][ T1465] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  104.673847][ T1465] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  104.691683][ T1465] attempt to access beyond end of device
[  104.691683][ T1465] loop2: rw=2049, want=45104, limit=40427
[  104.774986][ T1489] loop0: detected capacity change from 0 to 1024
[  104.812273][ T1489] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000002,,errors=continue. Quota mode: none.
[  104.832436][ T1496] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore
[  104.872026][ T1496] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  104.881347][ T1496] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  104.942180][ T1519] FAULT_INJECTION: forcing a failure.
[  104.942180][ T1519] name failslab, interval 1, probability 0, space 0, times 0
[  104.954805][ T1519] CPU: 0 PID: 1519 Comm: syz.1.322 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  104.964432][ T1519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  104.974328][ T1519] Call Trace:
[  104.977451][ T1519]  <TASK>
[  104.980229][ T1519]  dump_stack_lvl+0x151/0x1c0
[  104.984741][ T1519]  ? io_uring_drop_tctx_refs+0x190/0x190
[  104.990213][ T1519]  dump_stack+0x15/0x20
[  104.994200][ T1519]  should_fail+0x3c6/0x510
[  104.998505][ T1519]  __should_failslab+0xa4/0xe0
[  105.003058][ T1519]  ? hashtab_duplicate+0x180/0x540
[  105.007999][ T1519]  should_failslab+0x9/0x20
[  105.012338][ T1519]  slab_pre_alloc_hook+0x37/0xd0
[  105.017112][ T1519]  ? hashtab_duplicate+0x180/0x540
[  105.022059][ T1519]  kmem_cache_alloc+0x44/0x200
[  105.026659][ T1519]  hashtab_duplicate+0x180/0x540
[  105.031431][ T1519]  ? cond_policydb_destroy_dup+0x40/0x40
[  105.036899][ T1519]  ? cond_insertf+0x340/0x340
[  105.041419][ T1519]  cond_policydb_dup+0x13a/0xdb0
[  105.046187][ T1519]  ? __kasan_kmalloc+0x9/0x10
[  105.050702][ T1519]  security_set_bools+0xf2/0x5f0
[  105.055472][ T1519]  ? skip_atoi+0xd0/0xd0
[  105.059556][ T1519]  sel_commit_bools_write+0x38a/0x4f0
[  105.064771][ T1519]  ? sel_read_policyvers+0xf0/0xf0
[  105.069709][ T1519]  ? fsnotify_perm+0x6a/0x5b0
[  105.074223][ T1519]  ? security_file_permission+0x86/0xb0
[  105.079604][ T1519]  ? sel_read_policyvers+0xf0/0xf0
[  105.084552][ T1519]  vfs_write+0x406/0x1110
[  105.088720][ T1519]  ? file_end_write+0x1c0/0x1c0
[  105.093401][ T1519]  ? __kasan_check_write+0x14/0x20
[  105.098351][ T1519]  ? mutex_lock+0xb6/0x1e0
[  105.102605][ T1519]  ? wait_for_completion_killable_timeout+0x10/0x10
[  105.109040][ T1519]  ? __fdget_pos+0x2e7/0x3a0
[  105.113458][ T1519]  ? ksys_write+0x77/0x2c0
[  105.117709][ T1519]  ksys_write+0x199/0x2c0
[  105.121875][ T1519]  ? __ia32_sys_read+0x90/0x90
[  105.126471][ T1519]  ? debug_smp_processor_id+0x17/0x20
[  105.131855][ T1519]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  105.137755][ T1519]  __x64_sys_write+0x7b/0x90
[  105.142180][ T1519]  x64_sys_call+0x2f/0x9a0
[  105.146445][ T1519]  do_syscall_64+0x3b/0xb0
[  105.150691][ T1519]  ? clear_bhb_loop+0x35/0x90
[  105.155209][ T1519]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  105.160932][ T1519] RIP: 0033:0x7f9436aef849
[  105.165183][ T1519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.184624][ T1519] RSP: 002b:00007f9435166058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  105.192867][ T1519] RAX: ffffffffffffffda RBX: 00007f9436cb4fa0 RCX: 00007f9436aef849
[  105.200681][ T1519] RDX: 0000000000000003 RSI: 0000000020000800 RDI: 0000000000000006
[  105.208491][ T1519] RBP: 00007f94351660a0 R08: 0000000000000000 R09: 0000000000000000
[  105.216303][ T1519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  105.224113][ T1519] R13: 0000000000000000 R14: 00007f9436cb4fa0 R15: 00007ffc636c1818
[  105.231934][ T1519]  </TASK>
[  105.267484][    T6] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  105.269252][ T1521] FAULT_INJECTION: forcing a failure.
[  105.269252][ T1521] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.287892][ T1521] CPU: 0 PID: 1521 Comm: syz.1.324 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  105.297526][ T1521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  105.307418][ T1521] Call Trace:
[  105.310540][ T1521]  <TASK>
[  105.313322][ T1521]  dump_stack_lvl+0x151/0x1c0
[  105.317833][ T1521]  ? io_uring_drop_tctx_refs+0x190/0x190
[  105.323299][ T1521]  ? do_vfs_ioctl+0x1a90/0x2a80
[  105.327989][ T1521]  dump_stack+0x15/0x20
[  105.331980][ T1521]  should_fail+0x3c6/0x510
[  105.336234][ T1521]  should_fail_usercopy+0x1a/0x20
[  105.341092][ T1521]  _copy_to_user+0x20/0x90
[  105.345345][ T1521]  simple_read_from_buffer+0xc7/0x150
[  105.350557][ T1521]  proc_fail_nth_read+0x1a3/0x210
[  105.355416][ T1521]  ? proc_fault_inject_write+0x390/0x390
[  105.360878][ T1521]  ? fsnotify_perm+0x269/0x5b0
[  105.365488][ T1521]  ? security_file_permission+0x86/0xb0
[  105.370860][ T1521]  ? proc_fault_inject_write+0x390/0x390
[  105.376332][ T1521]  vfs_read+0x27d/0xd40
[  105.380322][ T1521]  ? kernel_read+0x1f0/0x1f0
[  105.384751][ T1521]  ? __kasan_check_write+0x14/0x20
[  105.389698][ T1521]  ? mutex_lock+0xb6/0x1e0
[  105.393953][ T1521]  ? wait_for_completion_killable_timeout+0x10/0x10
[  105.400374][ T1521]  ? __fdget_pos+0x2e7/0x3a0
[  105.404798][ T1521]  ? ksys_read+0x77/0x2c0
[  105.409053][ T1521]  ksys_read+0x199/0x2c0
[  105.413133][ T1521]  ? vfs_write+0x1110/0x1110
[  105.417562][ T1521]  ? debug_smp_processor_id+0x17/0x20
[  105.422770][ T1521]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  105.428671][ T1521]  __x64_sys_read+0x7b/0x90
[  105.433009][ T1521]  x64_sys_call+0x28/0x9a0
[  105.437259][ T1521]  do_syscall_64+0x3b/0xb0
[  105.441510][ T1521]  ? clear_bhb_loop+0x35/0x90
[  105.446040][ T1521]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  105.451752][ T1521] RIP: 0033:0x7f9436aee25c
[  105.456007][ T1521] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  105.475447][ T1521] RSP: 002b:00007f9435166050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  105.483692][ T1521] RAX: ffffffffffffffda RBX: 00007f9436cb4fa0 RCX: 00007f9436aee25c
[  105.491510][ T1521] RDX: 000000000000000f RSI: 00007f94351660b0 RDI: 0000000000000005
[  105.499322][ T1521] RBP: 00007f94351660a0 R08: 0000000000000000 R09: 0000000000000000
[  105.507127][ T1521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.514941][ T1521] R13: 0000000000000000 R14: 00007f9436cb4fa0 R15: 00007ffc636c1818
[  105.522754][ T1521]  </TASK>
[  105.968274][ T1539] netlink: 'syz.1.329': attribute type 7 has an invalid length.
[  105.975946][ T1539] netlink: 'syz.1.329': attribute type 5 has an invalid length.
[  105.983681][ T1539] netlink: 17 bytes leftover after parsing attributes in process `syz.1.329'.
[  106.013450][ T1544] FAULT_INJECTION: forcing a failure.
[  106.013450][ T1544] name failslab, interval 1, probability 0, space 0, times 0
[  106.031975][  T397] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  106.046477][ T1544] CPU: 1 PID: 1544 Comm: syz.1.332 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  106.056117][ T1544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  106.066016][ T1544] Call Trace:
[  106.069135][ T1544]  <TASK>
[  106.071911][ T1544]  dump_stack_lvl+0x151/0x1c0
[  106.076425][ T1544]  ? io_uring_drop_tctx_refs+0x190/0x190
[  106.081895][ T1544]  dump_stack+0x15/0x20
[  106.085884][ T1544]  should_fail+0x3c6/0x510
[  106.090138][ T1544]  __should_failslab+0xa4/0xe0
[  106.094736][ T1544]  ? __kernfs_new_node+0xdb/0x700
[  106.099597][ T1544]  should_failslab+0x9/0x20
[  106.103936][ T1544]  slab_pre_alloc_hook+0x37/0xd0
[  106.108714][ T1544]  ? __kernfs_new_node+0xdb/0x700
[  106.113573][ T1544]  kmem_cache_alloc+0x44/0x200
[  106.118174][ T1544]  __kernfs_new_node+0xdb/0x700
[  106.122860][ T1544]  ? rwsem_write_trylock+0x153/0x340
[  106.127982][ T1544]  ? rwsem_mark_wake+0x770/0x770
[  106.132751][ T1544]  ? kernfs_new_node+0x230/0x230
[  106.137526][ T1544]  ? rwsem_write_trylock+0x153/0x340
[  106.142648][ T1544]  ? up_write+0x7d/0x290
[  106.146728][ T1544]  ? kernfs_activate+0x359/0x370
[  106.151596][ T1544]  kernfs_new_node+0x130/0x230
[  106.156191][ T1544]  __kernfs_create_file+0x4a/0x270
[  106.161134][ T1544]  sysfs_add_file_mode_ns+0x273/0x320
[  106.166343][ T1544]  internal_create_group+0x573/0xf00
[  106.171469][ T1544]  ? sysvec_reschedule_ipi+0x8c/0x160
[  106.176206][ T1545] overlayfs: missing 'lowerdir'
[  106.176675][ T1544]  ? sysfs_create_group+0x30/0x30
[  106.186276][ T1544]  ? __kasan_check_write+0x14/0x20
[  106.191165][ T1544]  sysfs_create_group+0x1f/0x30
[  106.195850][ T1544]  loop_configure+0x100a/0x1710
[  106.200537][ T1544]  lo_ioctl+0x925/0x2710
[  106.201914][    T6] usb 3-1: Using ep0 maxpacket: 16
[  106.204620][ T1544]  ? bstr_printf+0x10c5/0x1160
[  106.214164][ T1544]  ? lo_release+0x210/0x210
[  106.218504][ T1544]  ? vbin_printf+0x1be0/0x1be0
[  106.223103][ T1544]  ? bpf_snprintf+0xa1/0x260
[  106.227537][ T1544]  ? memcpy+0x56/0x70
[  106.231349][ T1544]  ? memset+0x35/0x40
[  106.235168][ T1544]  ? __kasan_check_write+0x14/0x20
[  106.240112][ T1544]  ? _raw_spin_lock+0xa4/0x1b0
[  106.244714][ T1544]  ? _raw_spin_trylock_bh+0x190/0x190
[  106.249922][ T1544]  ? avc_denied+0x1b0/0x1b0
[  106.254264][ T1544]  ? _raw_spin_unlock+0x4d/0x70
[  106.258946][ T1544]  ? find_inode_fast+0x421/0x450
[  106.263731][ T1544]  ? bpf_bprintf_prepare+0x14e/0x1450
[  106.268933][ T1544]  ? debug_smp_processor_id+0x17/0x20
[  106.274135][ T1544]  ? bpf_bprintf_prepare+0x11b4/0x1450
[  106.279431][ T1544]  ? bstr_printf+0x10c5/0x1160
[  106.284047][ T1544]  ? vbin_printf+0x1be0/0x1be0
[  106.288632][ T1544]  ? bpf_snprintf+0xa1/0x260
[  106.293056][ T1544]  ? memcpy+0x56/0x70
[  106.296879][ T1544]  ? bpf_bprintf_prepare+0x14e/0x1450
[  106.302083][ T1544]  ? debug_smp_processor_id+0x17/0x20
[  106.307291][ T1544]  ? bpf_bprintf_prepare+0x11b4/0x1450
[  106.312586][ T1544]  ? bstr_printf+0x10c5/0x1160
[  106.317186][ T1544]  ? vbin_printf+0x1be0/0x1be0
[  106.321786][ T1544]  ? bpf_snprintf+0xa1/0x260
[  106.326214][ T1544]  ? memcpy+0x56/0x70
[  106.330063][ T1544]  ? bpf_snprintf+0x22a/0x260
[  106.334544][ T1544]  ? __kasan_check_write+0x14/0x20
[  106.339510][ T1544]  ? __switch_to+0x62a/0x1190
[  106.344008][ T1544]  ? compat_start_thread+0x20/0x20
[  106.348951][ T1544]  ? bpf_trace_run3+0x123/0x250
[  106.353642][ T1544]  ? native_set_ldt+0x360/0x360
[  106.358365][ T1544]  ? bpf_trace_run2+0x210/0x210
[  106.363019][ T1544]  ? blkdev_common_ioctl+0x570/0x1ec0
[  106.368221][ T1544]  ? blkdev_bszset+0x240/0x240
[  106.372820][ T1544]  ? __kasan_check_read+0x11/0x20
[  106.377687][ T1544]  ? preempt_schedule_irq+0xe7/0x140
[  106.382816][ T1544]  ? __cond_resched+0x20/0x20
[  106.387319][ T1544]  ? has_cap_mac_admin+0x3c0/0x3c0
[  106.392263][ T1544]  ? irqentry_exit_cond_resched+0x2a/0x30
[  106.397822][ T1544]  ? irqentry_exit+0x30/0x40
[  106.402242][ T1544]  ? sysvec_reschedule_ipi+0x8c/0x160
[  106.407454][ T1544]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  106.412920][ T1544]  ? blkdev_ioctl+0x82/0x620
[  106.417347][ T1544]  ? lo_release+0x210/0x210
[  106.421692][ T1544]  blkdev_ioctl+0x2ea/0x620
[  106.426046][ T1544]  ? blkdev_compat_ptr_ioctl+0xc0/0xc0
[  106.431326][ T1544]  block_ioctl+0xb2/0xf0
[  106.435403][ T1544]  ? blkdev_iopoll+0x100/0x100
[  106.439998][ T1544]  __se_sys_ioctl+0x114/0x190
[  106.444517][ T1544]  __x64_sys_ioctl+0x7b/0x90
[  106.448945][ T1544]  x64_sys_call+0x98/0x9a0
[  106.453194][ T1544]  do_syscall_64+0x3b/0xb0
[  106.457453][ T1544]  ? clear_bhb_loop+0x35/0x90
[  106.461960][ T1544]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  106.467691][ T1544] RIP: 0033:0x7f9436aef44b
[  106.471945][ T1544] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  106.482014][    T6] usb 3-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb
[  106.491381][ T1544] RSP: 002b:00007f9435165de0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  106.491410][ T1544] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f9436aef44b
[  106.491425][ T1544] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008
[  106.500403][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.508480][ T1544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000357
[  106.508496][ T1544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007
[  106.508508][ T1544] R13: 00007f9435165f10 R14: 00007f9435165ed0 R15: 00007f942cd46000
[  106.508527][ T1544]  </TASK>
[  106.548136][ T1544] loop1: detected capacity change from 0 to 128
[  106.555978][    T6] usb 3-1: Product: syz
[  106.578280][    T6] usb 3-1: Manufacturer: syz
[  106.583122][    T6] usb 3-1: SerialNumber: syz
[  106.625198][ T1552] loop5: detected capacity change from 0 to 8192
[  106.657667][ T1557] FAULT_INJECTION: forcing a failure.
[  106.657667][ T1557] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.670822][ T1557] CPU: 1 PID: 1557 Comm: syz.1.336 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  106.680452][ T1557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  106.690350][ T1557] Call Trace:
[  106.693472][ T1557]  <TASK>
[  106.696247][ T1557]  dump_stack_lvl+0x151/0x1c0
[  106.700760][ T1557]  ? io_uring_drop_tctx_refs+0x190/0x190
[  106.706231][ T1557]  ? __kasan_check_read+0x11/0x20
[  106.711094][ T1557]  dump_stack+0x15/0x20
[  106.715083][ T1557]  should_fail+0x3c6/0x510
[  106.719336][ T1557]  should_fail_usercopy+0x1a/0x20
[  106.724195][ T1557]  copy_page_from_iter_atomic+0x423/0x10e0
[  106.729837][ T1557]  ? pipe_zero+0x4e0/0x4e0
[  106.734091][ T1557]  generic_perform_write+0x360/0x750
[  106.739211][ T1557]  ? grab_cache_page_write_begin+0xa0/0xa0
[  106.744852][ T1557]  ? file_remove_privs+0x610/0x610
[  106.749796][ T1557]  ? rwsem_write_trylock+0x153/0x340
[  106.754918][ T1557]  ? rwsem_mark_wake+0x770/0x770
[  106.759692][ T1557]  __generic_file_write_iter+0x25b/0x4b0
[  106.765162][ T1557]  generic_file_write_iter+0xaf/0x1c0
[  106.770367][ T1557]  vfs_write+0xd5d/0x1110
[  106.774537][ T1557]  ? file_end_write+0x1c0/0x1c0
[  106.779229][ T1557]  ? __fdget_pos+0x209/0x3a0
[  106.783649][ T1557]  ? ksys_write+0x77/0x2c0
[  106.787899][ T1557]  ksys_write+0x199/0x2c0
[  106.792073][ T1557]  ? exc_page_fault+0x47a/0x7f0
[  106.796839][ T1557]  ? __ia32_sys_read+0x90/0x90
[  106.801443][ T1557]  __x64_sys_write+0x7b/0x90
[  106.805868][ T1557]  x64_sys_call+0x2f/0x9a0
[  106.810118][ T1557]  do_syscall_64+0x3b/0xb0
[  106.814371][ T1557]  ? clear_bhb_loop+0x35/0x90
[  106.818885][ T1557]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  106.824613][ T1557] RIP: 0033:0x7f9436aee2ff
[  106.828875][ T1557] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 8e 02 00 48
[  106.848329][ T1557] RSP: 002b:00007f9435165e10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  106.856559][ T1557] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f9436aee2ff
[  106.864368][ T1557] RDX: 0000000000020000 RSI: 00007f942cd46000 RDI: 0000000000000006
[  106.872174][ T1557] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000036a
[  106.880000][ T1557] R10: 00000000000003b6 R11: 0000000000000293 R12: 0000000000000006
[  106.887804][ T1557] R13: 00007f9435165f10 R14: 00007f9435165ed0 R15: 00007f942cd46000
[  106.895614][ T1557]  </TASK>
[  106.900623][ T1557] loop1: detected capacity change from 0 to 256
[  106.941009][ T1560] loop4: detected capacity change from 0 to 512
[  106.959150][ T1552] loop5: detected capacity change from 0 to 1024
[  106.982102][  T397] usb 1-1: Using ep0 maxpacket: 32
[  106.993761][ T1552] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  106.997376][ T1557] FAT-fs (loop1): Directory bread(block 64) failed
[  107.010706][ T1557] FAT-fs (loop1): Directory bread(block 65) failed
[  107.017262][ T1557] FAT-fs (loop1): Directory bread(block 66) failed
[  107.023898][ T1557] FAT-fs (loop1): Directory bread(block 67) failed
[  107.025175][  T877] EXT4-fs error (device loop5): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[  107.030320][ T1557] FAT-fs (loop1): Directory bread(block 68) failed
[  107.042496][  T877] EXT4-fs error (device loop5): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[  107.062672][ T1557] FAT-fs (loop1): Directory bread(block 69) failed
[  107.080250][ T1557] FAT-fs (loop1): Directory bread(block 70) failed
[  107.090025][ T1557] FAT-fs (loop1): Directory bread(block 71) failed
[  107.096725][ T1557] FAT-fs (loop1): Directory bread(block 72) failed
[  107.103233][ T1557] FAT-fs (loop1): Directory bread(block 73) failed
[  107.112223][  T397] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.140261][ T1570] xt_hashlimit: size too large, truncated to 1048576
[  107.241332][ T1580] loop1: detected capacity change from 0 to 256
[  107.262149][  T397] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  107.275524][  T397] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  107.290400][  T397] usb 1-1: Product: syz
[  107.297847][  T397] usb 1-1: Manufacturer: syz
[  107.352646][  T397] hub 1-1:4.0: bad descriptor, ignoring hub
[  107.354670][ T1580] FAT-fs (loop1): Directory bread(block 64) failed
[  107.358402][  T397] hub: probe of 1-1:4.0 failed with error -5
[  107.366953][ T1580] FAT-fs (loop1): Directory bread(block 65) failed
[  107.377865][ T1581] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.381085][  T397] usbhid 1-1:4.0: couldn't find an input interrupt endpoint
[  107.385203][ T1580] FAT-fs (loop1): Directory bread(block 66) failed
[  107.398698][ T1581] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.413431][ T1580] FAT-fs (loop1): Directory bread(block 67) failed
[  107.419816][ T1580] FAT-fs (loop1): Directory bread(block 68) failed
[  107.427032][ T1581] device bridge_slave_0 entered promiscuous mode
[  107.436268][ T1581] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.443538][ T1580] FAT-fs (loop1): Directory bread(block 69) failed
[  107.449921][ T1580] FAT-fs (loop1): Directory bread(block 70) failed
[  107.456485][ T1581] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.464148][ T1581] device bridge_slave_1 entered promiscuous mode
[  107.472112][ T1580] FAT-fs (loop1): Directory bread(block 71) failed
[  107.478491][ T1580] FAT-fs (loop1): Directory bread(block 72) failed
[  107.487484][ T1580] FAT-fs (loop1): Directory bread(block 73) failed
[  107.502386][    T6] snd-usb-audio: probe of 3-1:222.0 failed with error -2
[  107.606056][ T1590] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=1590 comm=syz.0.347
[  107.633963][ T1581] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.640882][ T1581] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.647976][ T1581] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.654826][ T1581] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.061701][ T1595] loop0: detected capacity change from 0 to 2048
[  108.108194][ T1595]  loop0: p2 p3 p7
[  108.155278][  T321] usb 1-1: USB disconnect, device number 8
[  108.185443][  T882] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.253870][ T1465] attempt to access beyond end of device
[  108.253870][ T1465] loop2: rw=2049, want=45112, limit=40427
[  108.266550][  T101]  loop0: p2 p3 p7
[  108.302377][  T882] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.313129][ T1465] attempt to access beyond end of device
[  108.313129][ T1465] loop2: rw=2049, want=45112, limit=40427
[  108.581337][  T320] device bridge_slave_1 left promiscuous mode
[  108.597998][ T1601] FAULT_INJECTION: forcing a failure.
[  108.597998][ T1601] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.618589][  T320] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.638709][  T320] device bridge_slave_0 left promiscuous mode
[  108.644870][ T1465] attempt to access beyond end of device
[  108.644870][ T1465] loop2: rw=2049, want=45160, limit=40427
[  108.664473][ T1601] CPU: 1 PID: 1601 Comm: syz.4.350 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  108.674116][ T1601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  108.684008][ T1601] Call Trace:
[  108.687136][ T1601]  <TASK>
[  108.689911][ T1601]  dump_stack_lvl+0x151/0x1c0
[  108.694424][ T1601]  ? io_uring_drop_tctx_refs+0x190/0x190
[  108.699893][ T1601]  ? lock_sock_nested+0x266/0x300
[  108.704752][ T1601]  dump_stack+0x15/0x20
[  108.708742][ T1601]  should_fail+0x3c6/0x510
[  108.712997][ T1601]  should_fail_usercopy+0x1a/0x20
[  108.717854][ T1601]  _copy_from_user+0x20/0xd0
[  108.722290][ T1601]  tcp_setsockopt+0x212c/0x3800
[  108.726973][ T1601]  ? tcp_set_window_clamp+0x1b0/0x1b0
[  108.732179][ T1601]  ? selinux_socket_setsockopt+0x260/0x360
[  108.737821][ T1601]  ? selinux_socket_getsockopt+0x340/0x340
[  108.743472][ T1601]  sock_common_setsockopt+0xa2/0xc0
[  108.748503][ T1601]  ? sock_common_recvmsg+0x240/0x240
[  108.753618][ T1601]  __sys_setsockopt+0x4dc/0x840
[  108.758308][ T1601]  ? __ia32_sys_recv+0xb0/0xb0
[  108.762992][ T1601]  ? debug_smp_processor_id+0x17/0x20
[  108.768202][ T1601]  __x64_sys_setsockopt+0xbf/0xd0
[  108.773065][ T1601]  x64_sys_call+0x1a2/0x9a0
[  108.777396][ T1601]  do_syscall_64+0x3b/0xb0
[  108.781649][ T1601]  ? clear_bhb_loop+0x35/0x90
[  108.786170][ T1601]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  108.791900][ T1601] RIP: 0033:0x7f19574df849
[  108.796146][ T1601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.815674][ T1601] RSP: 002b:00007f1955b56058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  108.823925][ T1601] RAX: ffffffffffffffda RBX: 00007f19576a4fa0 RCX: 00007f19574df849
[  108.831728][ T1601] RDX: 0000000000000016 RSI: 0000000000000006 RDI: 0000000000000004
[  108.839539][ T1601] RBP: 00007f1955b560a0 R08: 0000000008cbd752 R09: 0000000000000000
[  108.847353][ T1601] R10: 0000000020000600 R11: 0000000000000246 R12: 0000000000000002
[  108.855167][ T1601] R13: 0000000000000000 R14: 00007f19576a4fa0 R15: 00007ffd3823c158
[  108.862980][ T1601]  </TASK>
[  108.869509][  T320] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.876889][ T1465] attempt to access beyond end of device
[  108.876889][ T1465] loop2: rw=2049, want=45104, limit=40427
[  108.889364][  T320] device veth1_macvtap left promiscuous mode
[  108.900228][  T320] device veth0_vlan left promiscuous mode
[  108.913696][   T39] usb 3-1: USB disconnect, device number 9
[  108.976360][  T294] attempt to access beyond end of device
[  108.976360][  T294] loop2: rw=2049, want=45168, limit=40427
[  109.011968][  T355] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  109.027563][ T1607] usb usb7: usbfs: process 1607 (syz.0.353) did not claim interface 0 before use
[  109.097331][ T1609] loop0: detected capacity change from 0 to 512
[  109.114076][  T434] udevd[434]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  109.125464][ T1609] EXT4-fs (loop0): Value of option "test_dummy_encryption=test_dummy_encryption" is unrecognized
[  109.126161][  T440] udevd[440]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[  109.149313][ T1000] udevd[1000]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  109.193743][ T1613] overlayfs: missing 'lowerdir'
[  109.206158][ T1610] netlink: 8 bytes leftover after parsing attributes in process `syz.4.354'.
[  109.225703][ T1611] netlink: 'syz.4.354': attribute type 16 has an invalid length.
[  109.232782][ T1617] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64545 sclass=netlink_route_socket pid=1617 comm=syz.2.358
[  109.248975][ T1611] netlink: 'syz.4.354': attribute type 17 has an invalid length.
[  109.293219][ T1611] device veth0_vlan left promiscuous mode
[  109.299266][ T1611] device veth0_vlan entered promiscuous mode
[  109.309566][ T1611] device veth1_macvtap left promiscuous mode
[  109.316637][ T1611] device veth1_macvtap entered promiscuous mode
[  109.331976][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  109.343740][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  109.347129][ T1625] loop2: detected capacity change from 0 to 128
[  109.351183][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.366475][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.374680][  T882] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.381538][  T882] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.388925][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.397251][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.402736][ T1611] syz.4.354 (1611) used greatest stack depth: 18432 bytes left
[  109.407017][  T882] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.419324][  T882] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.427404][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  109.449216][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  109.462606][  T355] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.492045][  T355] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.503236][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.511676][  T882] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.518558][  T882] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.527683][  T355] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  109.537900][  T355] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.547327][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.558950][ T1625] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  109.572980][   T30] kauditd_printk_skb: 86 callbacks suppressed
[  109.573004][   T30] audit: type=1326 audit(1733072557.157:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1628 comm="syz.4.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  109.612484][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.620654][  T882] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.627544][  T882] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.634793][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.635724][  T355] usb 2-1: config 0 descriptor??
[  109.643088][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  109.655705][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  109.656246][ T1625] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  109.663756][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  109.679706][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  109.687745][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  109.692394][ T1625] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 not in group (block 3)!
[  109.697354][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  109.705605][ T1625] EXT4-fs (loop2): group descriptors corrupted!
[  109.719315][   T30] audit: type=1326 audit(1733072557.187:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1628 comm="syz.4.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  109.743106][   T30] audit: type=1326 audit(1733072557.187:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1628 comm="syz.4.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  109.743311][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.766856][   T30] audit: type=1326 audit(1733072557.187:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1628 comm="syz.4.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  109.774487][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.806274][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  109.818289][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  109.827614][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  109.837329][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  109.846196][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  109.910080][ T1634] loop4: detected capacity change from 0 to 2048
[  109.918253][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  110.005946][ T1634]  loop4: p2 p3 p7
[  110.035567][   T30] audit: type=1326 audit(1733072557.187:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1628 comm="syz.4.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  110.078548][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  110.090990][   T30] audit: type=1326 audit(1733072557.187:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1628 comm="syz.4.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  110.104546][  T101]  loop4: p2 p3 p7
[  110.165033][   T30] audit: type=1326 audit(1733072557.187:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1628 comm="syz.4.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  110.246605][  T355] hid-thrustmaster 0003:044F:B65D.0011: bogus close delimiter
[  110.269913][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  110.283810][  T355] hid-thrustmaster 0003:044F:B65D.0011: item 0 0 2 10 parsing failed
[  110.362390][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  110.374731][  T355] hid-thrustmaster 0003:044F:B65D.0011: parse failed with error -22
[  110.396874][   T30] audit: type=1326 audit(1733072557.237:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1628 comm="syz.4.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  110.515716][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  110.541030][  T355] hid-thrustmaster: probe of 0003:044F:B65D.0011 failed with error -22
[  110.666789][ T1639] loop0: detected capacity change from 0 to 512
[  110.683885][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  110.693638][  T355] usb 2-1: USB disconnect, device number 6
[  110.734707][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  110.746859][ T1642] sit: non-ECT from 0.0.0.0 with TOS=0x3
[  110.761196][   T30] audit: type=1326 audit(1733072557.257:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1628 comm="syz.4.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  110.787537][ T1639] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  110.802441][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  110.830747][ T1639] EXT4-fs (loop0): 1 orphan inode deleted
[  110.891687][   T30] audit: type=1326 audit(1733072557.257:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1628 comm="syz.4.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  110.916337][ T1639] EXT4-fs (loop0): 1 truncate cleaned up
[  110.921815][ T1639] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,noinit_itable,debug_want_extra_isize=0x000000000000002a,errors=remount-ro,nodelalloc,grpjquota=,. Quota mode: none.
[  110.924900][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  110.948802][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  110.957286][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  110.965698][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  110.974158][  T882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.062601][ T1648] usb usb7: selecting invalid altsetting 6
[  111.070369][ T1648] netlink: 'syz.2.367': attribute type 5 has an invalid length.
[  111.762635][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  111.776030][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  111.812771][ T1654] raw_sendmsg: syz.0.369 forgot to set AF_INET. Fix it!
[  111.824775][ T1652] loop4: detected capacity change from 0 to 512
[  111.839493][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  111.890163][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  111.932127][ T1652] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[  111.959088][ T1581] device veth0_vlan entered promiscuous mode
[  111.989367][ T1665] xt_hashlimit: size too large, truncated to 1048576
[  111.997299][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  112.006308][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  112.021104][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  112.039230][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  112.052263][ T1666] netlink: 8 bytes leftover after parsing attributes in process `syz.1.372'.
[  112.083723][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  112.111842][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  112.142217][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  112.179660][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  112.230473][ T1581] device veth1_macvtap entered promiscuous mode
[  112.244277][ T1672] loop2: detected capacity change from 0 to 512
[  112.256413][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  112.264579][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  112.272786][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  112.502211][  T393] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  112.612963][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  112.621255][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  112.667031][ T1675] loop6: detected capacity change from 0 to 512
[  112.682785][ T1672] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  112.703990][ T1672] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier,jqfmt=vfsold,noquota,min_batch_time=0x0000000000000010,journal_dev=0x000000000000000d,,errors=continue. Quota mode: writeback.
[  112.723260][ T1672] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.734464][ T1672] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #15: comm syz.2.374: corrupted xattr block 32
[  112.750122][ T1672] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  112.766286][ T1675] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  112.777543][ T1675] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.794979][ T1675] FAULT_INJECTION: forcing a failure.
[  112.794979][ T1675] name failslab, interval 1, probability 0, space 0, times 0
[  112.807691][ T1675] CPU: 0 PID: 1675 Comm: syz.6.344 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  112.817323][ T1675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  112.827218][ T1675] Call Trace:
[  112.830335][ T1675]  <TASK>
[  112.833114][ T1675]  dump_stack_lvl+0x151/0x1c0
[  112.837629][ T1675]  ? io_uring_drop_tctx_refs+0x190/0x190
[  112.843095][ T1675]  ? sched_clock+0x9/0x10
[  112.847263][ T1675]  ? native_set_ldt+0x360/0x360
[  112.851959][ T1675]  dump_stack+0x15/0x20
[  112.855947][ T1675]  should_fail+0x3c6/0x510
[  112.860203][ T1675]  __should_failslab+0xa4/0xe0
[  112.864793][ T1675]  should_failslab+0x9/0x20
[  112.869134][ T1675]  slab_pre_alloc_hook+0x37/0xd0
[  112.872034][  T393] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  112.873911][ T1675]  __kmalloc+0x6d/0x270
[  112.885029][  T393] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  112.888930][ T1675]  ? ext4_find_extent+0x375/0xe30
[  112.888959][ T1675]  ext4_find_extent+0x375/0xe30
[  112.900054][  T393] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  112.904812][ T1675]  ext4_ext_map_blocks+0x269/0x7450
[  112.904840][ T1675]  ? __schedule+0xcd4/0x1590
[  112.904863][ T1675]  ? __kasan_check_read+0x11/0x20
[  112.909568][  T393] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.918347][ T1675]  ? down_read+0xd50/0x1900
[  112.918371][ T1675]  ? preempt_schedule_irq+0xe7/0x140
[  112.918391][ T1675]  ? ext4_ext_release+0x10/0x10
[  112.941988][ T1667] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  112.944941][ T1675]  ? __down_common+0x550/0x550
[  112.966119][ T1675]  ? irqentry_exit_cond_resched+0x2a/0x30
[  112.971670][ T1675]  ? irqentry_exit+0x30/0x40
[  112.976101][ T1675]  ? sysvec_reschedule_ipi+0x8c/0x160
[  112.981316][ T1675]  ? _raw_read_unlock+0x25/0x40
[  112.985993][ T1675]  ? ext4_es_lookup_extent+0x33b/0x940
[  112.991286][ T1675]  ext4_map_blocks+0x408/0x1c70
[  112.995978][ T1675]  ? unwind_get_return_address+0x4d/0x90
[  113.001450][ T1675]  ? ext4_issue_zeroout+0x250/0x250
[  113.006474][ T1675]  ? stack_trace_snprint+0xf0/0xf0
[  113.011424][ T1675]  ext4_getblk+0x19f/0x700
[  113.015683][ T1675]  ? ext4_get_block_unwritten+0x40/0x40
[  113.021061][ T1675]  ? __d_alloc+0x2d/0x6c0
[  113.025222][ T1675]  ? walk_component+0x48c/0x610
[  113.029919][ T1675]  ? path_lookupat+0x16d/0x450
[  113.034508][ T1675]  ? filename_lookup+0x230/0x5c0
[  113.039369][ T1675]  ? user_path_at_empty+0x43/0x1a0
[  113.044316][ T1675]  ? __se_sys_mount+0x285/0x3b0
[  113.049005][ T1675]  ? x64_sys_call+0x49d/0x9a0
[  113.053515][ T1675]  ? do_syscall_64+0x3b/0xb0
[  113.057941][ T1675]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  113.063935][ T1675]  ext4_bread_batch+0x67/0x4c0
[  113.068535][ T1675]  __ext4_find_entry+0xfbe/0x1af0
[  113.073395][ T1675]  ? ext4_ci_compare+0x660/0x660
[  113.078168][ T1675]  ? slab_post_alloc_hook+0x72/0x2c0
[  113.083285][ T1675]  ? __d_alloc+0x2d/0x6c0
[  113.087455][ T1675]  ? _raw_spin_trylock_bh+0x190/0x190
[  113.092662][ T1675]  ? ext4_fname_setup_ci_filename+0x70/0x480
[  113.098506][ T1675]  ? generic_set_encrypted_ci_d_ops+0x91/0xf0
[  113.104379][ T1675]  ext4_lookup+0x3c6/0xaa0
[  113.108636][ T1675]  ? ext4_add_entry+0x12b0/0x12b0
[  113.113491][ T1675]  ? __down_common+0x550/0x550
[  113.118091][ T1675]  __lookup_slow+0x2b9/0x400
[  113.122517][ T1675]  ? lookup_one_len+0x2c0/0x2c0
[  113.127214][ T1675]  ? lookup_fast+0x306/0x7b0
[  113.131631][ T1675]  ? handle_dots+0x1030/0x1030
[  113.136231][ T1675]  lookup_slow+0x5a/0x80
[  113.140310][ T1675]  walk_component+0x48c/0x610
[  113.144824][ T1675]  ? nd_alloc_stack+0xf0/0xf0
[  113.149336][ T1675]  ? handle_lookup_down+0x130/0x130
[  113.154375][ T1675]  path_lookupat+0x16d/0x450
[  113.158799][ T1675]  filename_lookup+0x230/0x5c0
[  113.163405][ T1675]  ? hashlen_string+0x120/0x120
[  113.168096][ T1675]  ? getname_flags+0x1fd/0x520
[  113.172687][ T1675]  user_path_at_empty+0x43/0x1a0
[  113.177458][ T1675]  __se_sys_mount+0x285/0x3b0
[  113.181974][ T1675]  ? __x64_sys_mount+0xd0/0xd0
[  113.186577][ T1675]  ? __kasan_check_write+0x14/0x20
[  113.191520][ T1675]  ? switch_fpu_return+0x15f/0x2e0
[  113.196467][ T1675]  __x64_sys_mount+0xbf/0xd0
[  113.200894][ T1675]  x64_sys_call+0x49d/0x9a0
[  113.205238][ T1675]  do_syscall_64+0x3b/0xb0
[  113.209487][ T1675]  ? clear_bhb_loop+0x35/0x90
[  113.213997][ T1675]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  113.219726][ T1675] RIP: 0033:0x7f04f1042849
[  113.223981][ T1675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.243524][ T1675] RSP: 002b:00007f04ef6b9058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  113.251780][ T1675] RAX: ffffffffffffffda RBX: 00007f04f1207fa0 RCX: 00007f04f1042849
[  113.259584][ T1675] RDX: 0000000020000200 RSI: 00000000200001c0 RDI: 0000000000000000
[  113.267394][ T1675] RBP: 00007f04ef6b90a0 R08: 0000000020000240 R09: 0000000000000000
[  113.275214][ T1675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.283102][ T1675] R13: 0000000000000000 R14: 00007f04f1207fa0 R15: 00007ffdfbf102c8
[  113.290917][ T1675]  </TASK>
[  113.671037][ T1693] loop0: detected capacity change from 0 to 2048
[  113.715868][ T1695] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=59937 sclass=netlink_route_socket pid=1695 comm=syz.6.376
[  113.784981][  T393] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  113.817282][ T1693]  loop0: p2 p3 p7
[  113.952456][  T101]  loop0: p2 p3 p7
[  113.959196][  T393] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input7
[  114.161813][  T393] usb 2-1: USB disconnect, device number 7
[  114.171899][    C1] aiptek 2-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  114.704889][ T1707] xt_hashlimit: max too large, truncated to 1048576
[  115.625263][   T26] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  115.674967][  T434] udevd[434]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  115.675203][ T1000] udevd[1000]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  115.696090][  T440] udevd[440]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[  115.699516][   T30] kauditd_printk_skb: 84 callbacks suppressed
[  115.699537][   T30] audit: type=1326 audit(1733072563.277:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1711 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  115.748381][   T30] audit: type=1326 audit(1733072563.287:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1711 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  115.772114][   T30] audit: type=1326 audit(1733072563.287:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1711 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  115.797268][   T30] audit: type=1326 audit(1733072563.287:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1711 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  115.822705][   T30] audit: type=1326 audit(1733072563.287:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1711 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  115.846320][   T30] audit: type=1326 audit(1733072563.287:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1711 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  115.869554][   T30] audit: type=1326 audit(1733072563.287:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1711 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  115.892802][   T30] audit: type=1326 audit(1733072563.287:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1711 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  115.916708][   T30] audit: type=1326 audit(1733072563.287:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1711 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  115.940290][   T30] audit: type=1326 audit(1733072563.287:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1711 comm="syz.4.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19574df849 code=0x7ffc0000
[  115.941171][ T1721] serio: Serial port ptm0
[  116.022002][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  116.032812][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  116.045733][   T26] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  116.054687][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.062999][   T26] usb 3-1: config 0 descriptor??
[  116.125662][ T1729] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  116.133498][ T1729] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  116.261994][    T6] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  116.368587][ T1734] loop0: detected capacity change from 0 to 256
[  116.376354][  T393] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  116.414742][ T1734] FAT-fs (loop0): Unrecognized mount option "iocharset" or missing value
[  116.543314][   T26] hid (null): bogus close delimiter
[  116.762188][   T26] usb 3-1: language id specifier not provided by device, defaulting to English
[  116.771230][  T393] usb 2-1: config 0 has no interfaces?
[  116.777321][  T393] usb 2-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36
[  116.788871][  T393] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.817019][  T393] usb 2-1: config 0 descriptor??
[  117.358950][   T26] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0012/input/input8
[  117.369412][ T1738] loop0: detected capacity change from 0 to 256
[  117.384460][   T26] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0012/input/input9
[  117.397355][   T26] uclogic 0003:256C:006D.0012: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  117.418356][ T1738] FAT-fs (loop0): Directory bread(block 64) failed
[  117.424775][ T1738] FAT-fs (loop0): Directory bread(block 65) failed
[  117.431108][ T1738] FAT-fs (loop0): Directory bread(block 66) failed
[  117.437442][ T1738] FAT-fs (loop0): Directory bread(block 67) failed
[  117.443766][ T1738] FAT-fs (loop0): Directory bread(block 68) failed
[  117.450036][ T1738] FAT-fs (loop0): Directory bread(block 69) failed
[  117.456990][ T1738] FAT-fs (loop0): Directory bread(block 70) failed
[  117.463397][ T1738] FAT-fs (loop0): Directory bread(block 71) failed
[  117.469684][ T1738] FAT-fs (loop0): Directory bread(block 72) failed
[  117.476088][ T1738] FAT-fs (loop0): Directory bread(block 73) failed
[  117.523466][   T26] usb 3-1: USB disconnect, device number 10
[  117.531953][    T6] usb 5-1: Using ep0 maxpacket: 16
[  117.672050][    T6] usb 5-1: config 0 has an invalid interface number: 181 but max is 0
[  117.682685][ T1741] FAULT_INJECTION: forcing a failure.
[  117.682685][ T1741] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.690636][    T6] usb 5-1: config 0 has no interface number 0
[  117.695632][ T1741] CPU: 1 PID: 1741 Comm: syz.0.392 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  117.711072][ T1741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  117.720963][ T1741] Call Trace:
[  117.724086][ T1741]  <TASK>
[  117.726866][ T1741]  dump_stack_lvl+0x151/0x1c0
[  117.731376][ T1741]  ? io_uring_drop_tctx_refs+0x190/0x190
[  117.736848][ T1741]  ? __kasan_check_read+0x11/0x20
[  117.741704][ T1741]  dump_stack+0x15/0x20
[  117.745698][ T1741]  should_fail+0x3c6/0x510
[  117.749950][ T1741]  should_fail_usercopy+0x1a/0x20
[  117.754813][ T1741]  copy_page_from_iter_atomic+0x423/0x10e0
[  117.760454][ T1741]  ? pipe_zero+0x4e0/0x4e0
[  117.764708][ T1741]  generic_perform_write+0x360/0x750
[  117.769827][ T1741]  ? __mark_inode_dirty+0x54e/0xa50
[  117.774864][ T1741]  ? grab_cache_page_write_begin+0xa0/0xa0
[  117.780500][ T1741]  ? file_remove_privs+0x610/0x610
[  117.785449][ T1741]  ? rwsem_write_trylock+0x153/0x340
[  117.790568][ T1741]  ? rwsem_mark_wake+0x770/0x770
[  117.795344][ T1741]  __generic_file_write_iter+0x25b/0x4b0
[  117.800811][ T1741]  generic_file_write_iter+0xaf/0x1c0
[  117.806022][ T1741]  vfs_write+0xd5d/0x1110
[  117.810188][ T1741]  ? file_end_write+0x1c0/0x1c0
[  117.814876][ T1741]  ? __fdget_pos+0x209/0x3a0
[  117.819297][ T1741]  ? ksys_write+0x77/0x2c0
[  117.823558][ T1741]  ksys_write+0x199/0x2c0
[  117.827724][ T1741]  ? exc_page_fault+0x47a/0x7f0
[  117.832411][ T1741]  ? __ia32_sys_read+0x90/0x90
[  117.837014][ T1741]  __x64_sys_write+0x7b/0x90
[  117.841434][ T1741]  x64_sys_call+0x2f/0x9a0
[  117.845690][ T1741]  do_syscall_64+0x3b/0xb0
[  117.849942][ T1741]  ? clear_bhb_loop+0x35/0x90
[  117.854456][ T1741]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  117.860180][ T1741] RIP: 0033:0x7f21092922ff
[  117.864433][ T1741] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 8e 02 00 48
[  117.883874][ T1741] RSP: 002b:00007f2107909e10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  117.892116][ T1741] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f21092922ff
[  117.899931][ T1741] RDX: 0000000000040000 RSI: 00007f20ff4ea000 RDI: 0000000000000005
[  117.907739][ T1741] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000000004ee
[  117.915553][ T1741] R10: 00000000200008c2 R11: 0000000000000293 R12: 0000000000000005
[  117.923362][ T1741] R13: 00007f2107909f10 R14: 00007f2107909ed0 R15: 00007f20ff4ea000
[  117.931192][ T1741]  </TASK>
[  117.935475][ T1741] loop0: detected capacity change from 0 to 512
[  118.022097][    T6] usb 5-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=a7.38
[  118.030977][    T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.047396][    T6] usb 5-1: Product: syz
[  118.051530][    T6] usb 5-1: Manufacturer: syz
[  118.056756][    T6] usb 5-1: SerialNumber: syz
[  118.072458][    T6] usb 5-1: config 0 descriptor??
[  118.217528][ T1748] loop0: detected capacity change from 0 to 2048
[  118.322942][ T1748]  loop0: p2 p3 p7
[  119.024913][ T1754] loop2: detected capacity change from 0 to 16
[  119.040608][ T1756] loop6: detected capacity change from 0 to 1024
[  119.071395][    T6] usb 5-1: USB disconnect, device number 10
[  119.094262][ T1756] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  119.103671][ T1756] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  119.214096][ T1000] udevd[1000]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.181/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  119.241416][ T1756] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,jqfmt=vfsold,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  119.600041][ T1767] loop2: detected capacity change from 0 to 128
[  119.619512][ T1769] loop0: detected capacity change from 0 to 256
[  119.628111][ T1767] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  119.647498][ T1769] FAT-fs (loop0): Directory bread(block 64) failed
[  119.653894][ T1769] FAT-fs (loop0): Directory bread(block 65) failed
[  119.660299][ T1769] FAT-fs (loop0): Directory bread(block 66) failed
[  119.660614][ T1774] UDC core: couldn't find an available UDC or it's busy: -16
[  119.667077][ T1769] FAT-fs (loop0): Directory bread(block 67) failed
[  119.674026][ T1774] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  119.688277][ T1767] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  119.695472][ T1769] FAT-fs (loop0): Directory bread(block 68) failed
[  119.706561][ T1767] EXT4-fs (loop2): mounted filesystem without journal. Opts: noinit_itable,max_dir_size_kb=0x0000000000000000,,errors=continue. Quota mode: none.
[  119.710206][ T1769] FAT-fs (loop0): Directory bread(block 69) failed
[  119.722039][ T1774] fuse: blksize only supported for fuseblk
[  119.728800][ T1769] FAT-fs (loop0): Directory bread(block 70) failed
[  119.734907][ T1767] SELinux: security_context_str_to_sid(system_u) failed for (dev loop2, type ext2) errno=-22
[  119.739956][ T1769] FAT-fs (loop0): Directory bread(block 71) failed
[  119.756037][ T1769] FAT-fs (loop0): Directory bread(block 72) failed
[  119.762516][ T1769] FAT-fs (loop0): Directory bread(block 73) failed
[  119.827817][ T1767] fuse: blksize only supported for fuseblk
[  119.848912][ T1778] netlink: 20 bytes leftover after parsing attributes in process `syz.2.405'.
[  119.875914][ T1780] loop2: detected capacity change from 0 to 512
[  119.974364][ T1780] EXT4-fs (loop2): mounted filesystem without journal. Opts: usrquota,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback.
[  119.989278][ T1780] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.023891][ T1788] loop0: detected capacity change from 0 to 128
[  120.499690][ T1798] loop1: detected capacity change from 0 to 256
[  120.514329][ T1798] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x207d53fc, utbl_chksum : 0xe619d30d)
[  120.711712][ T1807] loop0: detected capacity change from 0 to 2048
[  121.092377][ T1807]  loop0: p2 p3 p7
[  121.934052][ T1819] loop0: detected capacity change from 0 to 1024
[  121.941318][ T1819] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  121.958885][  T440] udevd[440]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[  121.970967][  T434] udevd[434]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  121.982106][ T1819] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  122.013639][ T1000] udevd[1000]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  122.031457][ T1819] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,jqfmt=vfsold,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  122.062884][ T1824] FAULT_INJECTION: forcing a failure.
[  122.062884][ T1824] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.071642][  T434] udevd[434]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  122.078578][ T1824] CPU: 0 PID: 1824 Comm: syz.4.418 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  122.089796][ T1000] udevd[1000]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  122.094839][ T1824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  122.094867][ T1824] Call Trace:
[  122.094873][ T1824]  <TASK>
[  122.094888][ T1824]  dump_stack_lvl+0x151/0x1c0
[  122.094931][ T1824]  ? io_uring_drop_tctx_refs+0x190/0x190
[  122.094956][ T1824]  dump_stack+0x15/0x20
[  122.134253][ T1824]  should_fail+0x3c6/0x510
[  122.138505][ T1824]  should_fail_usercopy+0x1a/0x20
[  122.143361][ T1824]  _copy_from_user+0x20/0xd0
[  122.147804][ T1824]  usbdev_ioctl+0x1f01/0x5e20
[  122.152311][ T1824]  ? usbdev_poll+0x200/0x200
[  122.156729][ T1824]  ? 0xffffffffa00188fc
[  122.160720][ T1824]  ? is_bpf_text_address+0x172/0x190
[  122.165844][ T1824]  ? stack_trace_save+0x1c0/0x1c0
[  122.170701][ T1824]  ? __kernel_text_address+0x9b/0x110
[  122.175911][ T1824]  ? unwind_get_return_address+0x4d/0x90
[  122.181378][ T1824]  ? arch_stack_walk+0xf3/0x140
[  122.186067][ T1824]  ? bpf_bprintf_prepare+0x14e/0x1450
[  122.191273][ T1824]  ? bpf_bprintf_prepare+0x1270/0x1450
[  122.196566][ T1824]  ? avc_has_extended_perms+0x90b/0x10f0
[  122.202035][ T1824]  ? memcpy+0x56/0x70
[  122.205851][ T1824]  ? avc_has_extended_perms+0xad7/0x10f0
[  122.211321][ T1824]  ? avc_flush+0x290/0x290
[  122.215572][ T1824]  ? _kstrtoull+0x3a0/0x4a0
[  122.219917][ T1824]  ? do_vfs_ioctl+0xbc1/0x2a80
[  122.224512][ T1824]  ? kstrtol_from_user+0x310/0x310
[  122.229459][ T1824]  ? __x64_compat_sys_ioctl+0x90/0x90
[  122.234673][ T1824]  ? __kasan_check_write+0x14/0x20
[  122.239613][ T1824]  ? proc_fail_nth_write+0x20b/0x290
[  122.244735][ T1824]  ? selinux_file_permission+0x2c4/0x570
[  122.250202][ T1824]  ? ioctl_has_perm+0x1f8/0x560
[  122.254891][ T1824]  ? ioctl_has_perm+0x3f5/0x560
[  122.259578][ T1824]  ? has_cap_mac_admin+0x3c0/0x3c0
[  122.264529][ T1824]  ? file_end_write+0x1c0/0x1c0
[  122.269215][ T1824]  ? selinux_file_ioctl+0x3cc/0x540
[  122.274245][ T1824]  ? __mutex_lock_slowpath+0x10/0x10
[  122.279369][ T1824]  ? selinux_file_alloc_security+0x120/0x120
[  122.285183][ T1824]  ? __fget_files+0x31e/0x380
[  122.289700][ T1824]  ? security_file_ioctl+0x84/0xb0
[  122.294643][ T1824]  ? usbdev_poll+0x200/0x200
[  122.299069][ T1824]  __se_sys_ioctl+0x114/0x190
[  122.303584][ T1824]  __x64_sys_ioctl+0x7b/0x90
[  122.308008][ T1824]  x64_sys_call+0x98/0x9a0
[  122.312263][ T1824]  do_syscall_64+0x3b/0xb0
[  122.316512][ T1824]  ? clear_bhb_loop+0x35/0x90
[  122.321029][ T1824]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  122.326757][ T1824] RIP: 0033:0x7f19574df849
[  122.331011][ T1824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.350452][ T1824] RSP: 002b:00007f1955b56058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  122.358695][ T1824] RAX: ffffffffffffffda RBX: 00007f19576a4fa0 RCX: 00007f19574df849
[  122.366505][ T1824] RDX: 0000000020000380 RSI: 000000008038550a RDI: 0000000000000003
[  122.374317][ T1824] RBP: 00007f1955b560a0 R08: 0000000000000000 R09: 0000000000000000
[  122.382141][ T1824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.389949][ T1824] R13: 0000000000000000 R14: 00007f19576a4fa0 R15: 00007ffd3823c158
[  122.397760][ T1824]  </TASK>
[  122.402546][  T440] udevd[440]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[  122.447609][ T1831] loop4: detected capacity change from 0 to 128
[  122.476349][ T1833] usb usb7: usbfs: process 1833 (syz.1.420) did not claim interface 0 before use
[  122.486093][ T1833] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  122.494200][   T30] kauditd_printk_skb: 114 callbacks suppressed
[  122.494216][   T30] audit: type=1326 audit(1733072570.077:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1817 comm="syz.0.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  122.523853][   T30] audit: type=1326 audit(1733072570.077:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1817 comm="syz.0.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  122.547392][   T30] audit: type=1326 audit(1733072570.107:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1817 comm="syz.0.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  122.580327][   T30] audit: type=1326 audit(1733072570.107:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1817 comm="syz.0.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  122.622995][   T30] audit: type=1326 audit(1733072570.107:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1817 comm="syz.0.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  122.683244][   T30] audit: type=1326 audit(1733072570.107:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1817 comm="syz.0.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  122.730588][ T1836] cgroup: none used incorrectly
[  122.739651][ T1836] loop1: detected capacity change from 0 to 512
[  122.746019][   T30] audit: type=1326 audit(1733072570.107:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1817 comm="syz.0.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  122.792098][   T30] audit: type=1326 audit(1733072570.107:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1817 comm="syz.0.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  122.815641][   T30] audit: type=1326 audit(1733072570.107:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1817 comm="syz.0.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  122.838901][   T30] audit: type=1326 audit(1733072570.107:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1817 comm="syz.0.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2109293849 code=0x7ffc0000
[  122.883018][ T1836] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #3: comm syz.1.422: corrupted inode contents
[  122.895819][ T1836] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #3: comm syz.1.422: mark_inode_dirty error
[  122.907521][ T1836] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #3: comm syz.1.422: corrupted inode contents
[  122.911019][ T1844] loop0: detected capacity change from 0 to 512
[  122.926835][ T1836] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #3: comm syz.1.422: mark_inode_dirty error
[  122.938698][ T1836] EXT4-fs error (device loop1): ext4_acquire_dquot:6188: comm syz.1.422: Failed to acquire dquot type 0
[  122.962465][ T1836] EXT4-fs (loop1): 1 orphan inode deleted
[  122.968098][ T1836] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  122.979539][ T1836] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.075248][ T1844] EXT4-fs (loop0): 1 orphan inode deleted
[  123.081993][ T1844] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  123.252638][ T1844] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.332038][  T393] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  123.568265][ T1854] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #12: comm syz.1.422: pblk 0 bad header/extent: invalid magic - magic 2, entries 0, max 0(0), depth 0(0)
[  124.002077][  T393] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.022406][  T393] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  124.053338][  T393] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  124.064094][ T1862] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=1862 comm=syz.4.428
[  124.078591][ T1864] loop6: detected capacity change from 0 to 256
[  124.092215][  T393] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.124844][ T1864] FAT-fs (loop6): Directory bread(block 64) failed
[  124.145502][  T393] usb 3-1: config 0 descriptor??
[  124.152124][ T1864] FAT-fs (loop6): Directory bread(block 65) failed
[  124.158669][ T1864] FAT-fs (loop6): Directory bread(block 66) failed
[  124.171914][ T1864] FAT-fs (loop6): Directory bread(block 67) failed
[  124.191982][ T1864] FAT-fs (loop6): Directory bread(block 68) failed
[  124.211949][ T1864] FAT-fs (loop6): Directory bread(block 69) failed
[  124.218633][ T1864] FAT-fs (loop6): Directory bread(block 70) failed
[  124.228239][ T1864] FAT-fs (loop6): Directory bread(block 71) failed
[  124.244768][ T1871] FAULT_INJECTION: forcing a failure.
[  124.244768][ T1871] name failslab, interval 1, probability 0, space 0, times 0
[  124.257308][ T1864] FAT-fs (loop6): Directory bread(block 72) failed
[  124.264263][ T1864] FAT-fs (loop6): Directory bread(block 73) failed
[  124.277579][ T1871] CPU: 1 PID: 1871 Comm: syz.0.432 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  124.287218][ T1871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  124.297116][ T1871] Call Trace:
[  124.300239][ T1871]  <TASK>
[  124.303018][ T1871]  dump_stack_lvl+0x151/0x1c0
[  124.307530][ T1871]  ? io_uring_drop_tctx_refs+0x190/0x190
[  124.313002][ T1871]  dump_stack+0x15/0x20
[  124.316989][ T1871]  should_fail+0x3c6/0x510
[  124.321244][ T1871]  __should_failslab+0xa4/0xe0
[  124.325846][ T1871]  should_failslab+0x9/0x20
[  124.330182][ T1871]  slab_pre_alloc_hook+0x37/0xd0
[  124.334962][ T1871]  ? cond_bools_copy+0x4e/0xd0
[  124.339557][ T1871]  __kmalloc_track_caller+0x6c/0x260
[  124.344674][ T1871]  ? slab_post_alloc_hook+0x72/0x2c0
[  124.349798][ T1871]  ? cond_bools_copy+0x4e/0xd0
[  124.354400][ T1871]  kmemdup+0x24/0x50
[  124.358126][ T1871]  cond_bools_copy+0x4e/0xd0
[  124.362555][ T1871]  hashtab_duplicate+0x19c/0x540
[  124.367335][ T1871]  ? cond_policydb_destroy_dup+0x40/0x40
[  124.372793][ T1871]  ? cond_insertf+0x340/0x340
[  124.377312][ T1871]  cond_policydb_dup+0x13a/0xdb0
[  124.382085][ T1871]  ? __kasan_kmalloc+0x9/0x10
[  124.386595][ T1871]  security_set_bools+0xf2/0x5f0
[  124.391368][ T1871]  ? skip_atoi+0xd0/0xd0
[  124.395451][ T1871]  sel_commit_bools_write+0x38a/0x4f0
[  124.400674][ T1871]  ? sel_read_policyvers+0xf0/0xf0
[  124.405602][ T1871]  ? fsnotify_perm+0x6a/0x5b0
[  124.410116][ T1871]  ? security_file_permission+0x86/0xb0
[  124.415494][ T1871]  ? sel_read_policyvers+0xf0/0xf0
[  124.420444][ T1871]  vfs_write+0x406/0x1110
[  124.424608][ T1871]  ? __traceiter_kmem_cache_free+0x32/0x50
[  124.430417][ T1871]  ? file_end_write+0x1c0/0x1c0
[  124.435093][ T1871]  ? __kasan_check_write+0x14/0x20
[  124.440052][ T1871]  ? mutex_lock+0xb6/0x1e0
[  124.444295][ T1871]  ? wait_for_completion_killable_timeout+0x10/0x10
[  124.450720][ T1871]  ? __fdget_pos+0x2e7/0x3a0
[  124.455145][ T1871]  ? ksys_write+0x77/0x2c0
[  124.459396][ T1871]  ksys_write+0x199/0x2c0
[  124.463563][ T1871]  ? __ia32_sys_read+0x90/0x90
[  124.468164][ T1871]  ? debug_smp_processor_id+0x17/0x20
[  124.473370][ T1871]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  124.479274][ T1871]  __x64_sys_write+0x7b/0x90
[  124.483701][ T1871]  x64_sys_call+0x2f/0x9a0
[  124.487950][ T1871]  do_syscall_64+0x3b/0xb0
[  124.492204][ T1871]  ? clear_bhb_loop+0x35/0x90
[  124.496718][ T1871]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  124.502448][ T1871] RIP: 0033:0x7f2109293849
[  124.506699][ T1871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.526141][ T1871] RSP: 002b:00007f210790a058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  124.534385][ T1871] RAX: ffffffffffffffda RBX: 00007f2109458fa0 RCX: 00007f2109293849
[  124.542197][ T1871] RDX: 0000000000000003 RSI: 0000000020000800 RDI: 0000000000000006
[  124.550010][ T1871] RBP: 00007f210790a0a0 R08: 0000000000000000 R09: 0000000000000000
[  124.557823][ T1871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  124.565632][ T1871] R13: 0000000000000000 R14: 00007f2109458fa0 R15: 00007ffee0c3e758
[  124.573448][ T1871]  </TASK>
[  124.583184][ T1873] loop4: detected capacity change from 0 to 1024
[  124.627160][ T1873] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  124.636524][ T1873] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  124.651818][ T1873] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,jqfmt=vfsold,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  124.784247][ T1884] loop6: detected capacity change from 0 to 16
[  125.045788][ T1850] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  125.085917][ T1888] loop6: detected capacity change from 0 to 512
[  125.101656][ T1850] device syzkaller0 entered promiscuous mode
[  125.110519][ T1849] tipc: Resetting bearer <eth:syzkaller0>
[  125.123028][ T1849] tipc: Disabling bearer <eth:syzkaller0>
[  125.130801][ T1888] EXT4-fs (loop6): orphan cleanup on readonly fs
[  125.137845][ T1888] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.438: bg 0: block 248: padding at end of block bitmap is not set
[  125.152218][  T388] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  125.158118][ T1888] EXT4-fs error (device loop6): ext4_acquire_dquot:6188: comm syz.6.438: Failed to acquire dquot type 1
[  125.171363][ T1888] EXT4-fs (loop6): 1 truncate cleaned up
[  125.177469][ T1888] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  125.211947][  T393] usbhid 3-1:0.0: can't add hid device: -71
[  125.217788][  T393] usbhid: probe of 3-1:0.0 failed with error -71
[  125.224808][  T393] usb 3-1: USB disconnect, device number 11
[  125.542274][  T388] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.566116][  T388] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  125.597728][  T388] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  125.600192][ T1893] loop4: detected capacity change from 0 to 40427
[  125.607664][ T1897] UDC core: couldn't find an available UDC or it's busy: -16
[  125.620148][ T1897] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  125.620151][  T388] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.621156][  T388] usb 1-1: config 0 descriptor??
[  125.660185][ T1893] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  125.674410][ T1893] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  125.703770][ T1893] F2FS-fs (loop4): invalid crc value
[  125.711311][ T1893] F2FS-fs (loop4): Found nat_bits in checkpoint
[  125.759780][ T1893] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  125.832150][ T1893] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  125.922503][ T1910] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  126.098929][  T290] ------------[ cut here ]------------
[  126.112520][  T290] WARNING: CPU: 1 PID: 290 at fs/f2fs/inode.c:880 f2fs_evict_inode+0x1246/0x1520
[  126.121687][  T290] Modules linked in:
[  126.125848][  T290] CPU: 1 PID: 290 Comm: syz-executor Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  126.136232][  T290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  126.146620][  T290] RIP: 0010:f2fs_evict_inode+0x1246/0x1520
[  126.152668][  T290] Code: ff ff e8 8d fc 52 ff eb 08 e8 86 fc 52 ff 4d 89 e5 48 8b 7c 24 10 e8 19 19 03 00 4c 8b 64 24 58 e9 b4 fc ff ff e8 6a fc 52 ff <0f> 0b 4c 89 f7 be 08 00 00 00 e8 7b 56 95 ff f0 41 80 0e 04 e9 96
[  126.172657][  T290] RSP: 0018:ffffc90000a278a0 EFLAGS: 00010293
[  126.173474][ T1876] overlayfs: workdir and upperdir must be separate subtrees
[  126.178554][  T290] RAX: ffffffff821d69a6 RBX: 0000000000000002 RCX: ffff88810afb0000
[  126.178575][  T290] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[  126.202095][  T290] RBP: ffffc90000a27a10 R08: ffffffff821d6641 R09: ffffed10250d242d
[  126.209988][  T290] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888128691e90
[  126.218257][  T290] R13: dffffc0000000000 R14: ffff88811c3b0078 R15: 1ffff92000144f28
[  126.226362][  T290] FS:  0000555571e87500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  126.235623][  T290] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  126.242071][  T290] CR2: 0000000020000000 CR3: 000000012596f000 CR4: 00000000003506b0
[  126.249952][  T290] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  126.257854][  T290] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  126.261983][  T388] usbhid 1-1:0.0: can't add hid device: -71
[  126.265860][  T290] Call Trace:
[  126.271435][  T388] usbhid: probe of 1-1:0.0 failed with error -71
[  126.274559][  T290]  <TASK>
[  126.283518][  T290]  ? show_regs+0x58/0x60
[  126.285693][  T388] usb 1-1: USB disconnect, device number 9
[  126.287782][  T290]  ? __warn+0x160/0x2f0
[  126.299005][  T290]  ? f2fs_evict_inode+0x1246/0x1520
[  126.304405][  T290]  ? report_bug+0x3d9/0x5b0
[  126.308742][  T290]  ? f2fs_evict_inode+0x1246/0x1520
[  126.314111][  T290]  ? handle_bug+0x41/0x70
[  126.318351][  T290]  ? exc_invalid_op+0x1b/0x50
[  126.323192][  T290]  ? asm_exc_invalid_op+0x1b/0x20
[  126.328054][  T290]  ? f2fs_evict_inode+0xee1/0x1520
[  126.333475][  T290]  ? f2fs_evict_inode+0x1246/0x1520
[  126.338508][  T290]  ? f2fs_evict_inode+0x1246/0x1520
[  126.344237][  T290]  ? _raw_spin_unlock+0x4d/0x70
[  126.349893][  T290]  ? f2fs_write_inode+0x5d0/0x5d0
[  126.355131][  T290]  ? bit_waitqueue+0x30/0x30
[  126.359553][  T290]  ? locks_free_lock_context+0x42/0x70
[  126.365207][  T290]  ? __destroy_inode+0x35f/0x4e0
[  126.369975][  T290]  ? f2fs_write_inode+0x5d0/0x5d0
[  126.375144][  T290]  evict+0x529/0x930
[  126.378947][  T290]  ? mode_strip_sgid+0x220/0x220
[  126.383952][  T290]  ? __kasan_check_write+0x14/0x20
[  126.388892][  T290]  ? _raw_spin_lock+0xa4/0x1b0
[  126.394038][  T290]  ? _raw_spin_unlock+0x4d/0x70
[  126.398725][  T290]  ? list_lru_del+0x295/0x2d0
[  126.403496][  T290]  evict_inodes+0x642/0x6d0
[  126.407917][  T290]  ? clear_inode+0x150/0x150
[  126.412633][  T290]  generic_shutdown_super+0x97/0x330
[  126.417757][  T290]  kill_block_super+0x7e/0xe0
[  126.422846][  T290]  kill_f2fs_super+0x2f9/0x3c0
[  126.427444][  T290]  ? sysvec_reschedule_ipi+0x8c/0x160
[  126.433044][  T290]  ? f2fs_mount+0x40/0x40
[  126.437209][  T290]  deactivate_locked_super+0xad/0x110
[  126.442789][  T290]  deactivate_super+0xbe/0xf0
[  126.447377][  T290]  cleanup_mnt+0x45c/0x510
[  126.451554][  T290]  __cleanup_mnt+0x19/0x20
[  126.456187][  T290]  task_work_run+0x129/0x190
[  126.460712][  T290]  exit_to_user_mode_loop+0xc4/0xe0
[  126.465965][  T290]  exit_to_user_mode_prepare+0x5a/0xa0
[  126.471332][  T290]  syscall_exit_to_user_mode+0x26/0x160
[  126.477010][  T290]  do_syscall_64+0x47/0xb0
[  126.481258][  T290]  ? clear_bhb_loop+0x35/0x90
[  126.486137][  T290]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  126.492307][  T290] RIP: 0033:0x7f19574e0b77
[  126.496673][  T290] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  126.517102][  T290] RSP: 002b:00007ffd3823b3e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  126.525702][  T290] RAX: 0000000000000000 RBX: 00007f1957552824 RCX: 00007f19574e0b77
[  126.533953][  T290] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd3823b4a0
[  126.542052][  T290] RBP: 00007ffd3823b4a0 R08: 0000000000000000 R09: 0000000000000000
[  126.550100][  T290] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd3823c520
[  126.558222][  T290] R13: 00007f1957552824 R14: 000000000001e9fd R15: 00007ffd3823c560
[  126.566394][  T290]  </TASK>
[  126.569295][  T290] ---[ end trace 8d5de8626f5f42c4 ]---
[  126.612059][  T290] ==================================================================
[  126.620041][  T290] BUG: KASAN: use-after-free in _raw_spin_lock+0x97/0x1b0
[  126.626990][  T290] Write of size 4 at addr ffff888128691ed8 by task syz-executor/290
[  126.634797][  T290] 
[  126.636967][  T290] CPU: 1 PID: 290 Comm: syz-executor Tainted: G        W         5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  126.648163][  T290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  126.658055][  T290] Call Trace:
[  126.661180][  T290]  <TASK>
[  126.663959][  T290]  dump_stack_lvl+0x151/0x1c0
[  126.668470][  T290]  ? io_uring_drop_tctx_refs+0x190/0x190
[  126.673942][  T290]  ? __wake_up_klogd+0xd5/0x110
[  126.678712][  T290]  ? panic+0x760/0x760
[  126.682618][  T290]  print_address_description+0x87/0x3b0
[  126.688000][  T290]  kasan_report+0x179/0x1c0
[  126.692346][  T290]  ? _raw_spin_lock+0x97/0x1b0
[  126.696941][  T290]  ? _raw_spin_lock+0x97/0x1b0
[  126.701543][  T290]  kasan_check_range+0x293/0x2a0
[  126.706320][  T290]  __kasan_check_write+0x14/0x20
[  126.711176][  T290]  _raw_spin_lock+0x97/0x1b0
[  126.715602][  T290]  ? _raw_spin_trylock_bh+0x190/0x190
[  126.720809][  T290]  ? _raw_spin_lock+0xa4/0x1b0
[  126.725409][  T290]  ? _raw_spin_trylock_bh+0x190/0x190
[  126.730620][  T290]  ? remove_wait_queue+0x140/0x140
[  126.735571][  T290]  igrab+0x20/0xa0
[  126.739122][  T290]  f2fs_sync_inode_meta+0x14d/0x2a0
[  126.744154][  T290]  f2fs_write_checkpoint+0xab4/0x1fb0
[  126.749379][  T290]  ? f2fs_get_sectors_written+0x500/0x500
[  126.754915][  T290]  ? rwsem_write_trylock+0x153/0x340
[  126.760040][  T290]  ? __kasan_check_write+0x14/0x20
[  126.764986][  T290]  ? mutex_unlock+0xb2/0x260
[  126.769421][  T290]  f2fs_issue_checkpoint+0x31b/0x4d0
[  126.774547][  T290]  ? f2fs_destroy_checkpoint_caches+0x30/0x30
[  126.780439][  T290]  ? sync_inodes_sb+0x7cd/0x8b0
[  126.785557][  T290]  ? try_to_writeback_inodes_sb+0xc0/0xc0
[  126.791112][  T290]  f2fs_sync_fs+0x186/0x2f0
[  126.795453][  T290]  sync_filesystem+0x1cf/0x250
[  126.800242][  T290]  f2fs_quota_off_umount+0x20e/0x220
[  126.805361][  T290]  ? f2fs_drop_inode+0xa20/0xa20
[  126.810136][  T290]  f2fs_put_super+0xb9/0xc10
[  126.814574][  T290]  ? f2fs_drop_inode+0xa20/0xa20
[  126.819337][  T290]  ? sysvec_reschedule_ipi+0x8c/0x160
[  126.824544][  T290]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  126.830013][  T290]  ? f2fs_drop_inode+0xa20/0xa20
[  126.834784][  T290]  ? fsnotify_sb_delete+0x3a9/0x4e0
[  126.839822][  T290]  ? generic_shutdown_super+0x14a/0x330
[  126.845204][  T290]  ? f2fs_drop_inode+0xa20/0xa20
[  126.849974][  T290]  generic_shutdown_super+0x14f/0x330
[  126.855183][  T290]  kill_block_super+0x7e/0xe0
[  126.859696][  T290]  kill_f2fs_super+0x2f9/0x3c0
[  126.864297][  T290]  ? sysvec_reschedule_ipi+0x8c/0x160
[  126.869508][  T290]  ? f2fs_mount+0x40/0x40
[  126.873680][  T290]  deactivate_locked_super+0xad/0x110
[  126.878878][  T290]  deactivate_super+0xbe/0xf0
[  126.883738][  T290]  cleanup_mnt+0x45c/0x510
[  126.887989][  T290]  __cleanup_mnt+0x19/0x20
[  126.892240][  T290]  task_work_run+0x129/0x190
[  126.896668][  T290]  exit_to_user_mode_loop+0xc4/0xe0
[  126.901704][  T290]  exit_to_user_mode_prepare+0x5a/0xa0
[  126.906998][  T290]  syscall_exit_to_user_mode+0x26/0x160
[  126.912377][  T290]  do_syscall_64+0x47/0xb0
[  126.916628][  T290]  ? clear_bhb_loop+0x35/0x90
[  126.921145][  T290]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  126.926874][  T290] RIP: 0033:0x7f19574e0b77
[  126.931126][  T290] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  126.950566][  T290] RSP: 002b:00007ffd3823b3e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  126.958815][  T290] RAX: 0000000000000000 RBX: 00007f1957552824 RCX: 00007f19574e0b77
[  126.966797][  T290] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd3823b4a0
[  126.974610][  T290] RBP: 00007ffd3823b4a0 R08: 0000000000000000 R09: 0000000000000000
[  126.982512][  T290] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd3823c520
[  126.990315][  T290] R13: 00007f1957552824 R14: 000000000001e9fd R15: 00007ffd3823c560
[  126.998144][  T290]  </TASK>
[  127.000993][  T290] 
[  127.003165][  T290] Allocated by task 1893:
[  127.007336][  T290]  __kasan_slab_alloc+0xb1/0xe0
[  127.012015][  T290]  slab_post_alloc_hook+0x53/0x2c0
[  127.016961][  T290]  kmem_cache_alloc+0xf5/0x200
[  127.021563][  T290]  f2fs_alloc_inode+0x26/0x340
[  127.026173][  T290]  new_inode_pseudo+0x64/0x220
[  127.030763][  T290]  new_inode+0x28/0x1c0
[  127.034757][  T290]  f2fs_new_inode+0x10e/0x1410
[  127.039356][  T290]  f2fs_create+0x178/0x1510
[  127.043694][  T290]  path_openat+0x13a8/0x2f40
[  127.048120][  T290]  do_filp_open+0x21c/0x460
[  127.052461][  T290]  do_sys_openat2+0x13f/0x820
[  127.056972][  T290]  __x64_sys_openat+0x243/0x290
[  127.061662][  T290]  x64_sys_call+0x6bf/0x9a0
[  127.066001][  T290]  do_syscall_64+0x3b/0xb0
[  127.070252][  T290]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  127.075984][  T290] 
[  127.078152][  T290] Freed by task 290:
[  127.081883][  T290]  kasan_set_track+0x4b/0x70
[  127.086309][  T290]  kasan_set_free_info+0x23/0x40
[  127.091085][  T290]  ____kasan_slab_free+0x126/0x160
[  127.096030][  T290]  __kasan_slab_free+0x11/0x20
[  127.100633][  T290]  slab_free_freelist_hook+0xbd/0x190
[  127.105839][  T290]  kmem_cache_free+0x116/0x2e0
[  127.110440][  T290]  f2fs_free_inode+0x24/0x30
[  127.114866][  T290]  i_callback+0x4b/0x70
[  127.118859][  T290]  rcu_do_batch+0x57a/0xc10
[  127.123195][  T290]  rcu_core+0x517/0x1020
[  127.127275][  T290]  rcu_core_si+0x9/0x10
[  127.131270][  T290]  handle_softirqs+0x25e/0x5c0
[  127.135867][  T290]  __irq_exit_rcu+0x52/0xf0
[  127.140209][  T290]  irq_exit_rcu+0x9/0x10
[  127.144289][  T290]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  127.149757][  T290]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  127.155570][  T290] 
[  127.157739][  T290] Last potentially related work creation:
[  127.163298][  T290]  kasan_save_stack+0x3b/0x60
[  127.167809][  T290]  __kasan_record_aux_stack+0xd3/0xf0
[  127.173018][  T290]  kasan_record_aux_stack_noalloc+0xb/0x10
[  127.178657][  T290]  call_rcu+0x123/0x10b0
[  127.182735][  T290]  evict+0x87d/0x930
[  127.186471][  T290]  evict_inodes+0x642/0x6d0
[  127.190809][  T290]  generic_shutdown_super+0x97/0x330
[  127.195932][  T290]  kill_block_super+0x7e/0xe0
[  127.200440][  T290]  kill_f2fs_super+0x2f9/0x3c0
[  127.205041][  T290]  deactivate_locked_super+0xad/0x110
[  127.210252][  T290]  deactivate_super+0xbe/0xf0
[  127.214766][  T290]  cleanup_mnt+0x45c/0x510
[  127.219018][  T290]  __cleanup_mnt+0x19/0x20
[  127.223272][  T290]  task_work_run+0x129/0x190
[  127.227696][  T290]  exit_to_user_mode_loop+0xc4/0xe0
[  127.232729][  T290]  exit_to_user_mode_prepare+0x5a/0xa0
[  127.238023][  T290]  syscall_exit_to_user_mode+0x26/0x160
[  127.243406][  T290]  do_syscall_64+0x47/0xb0
[  127.247669][  T290]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  127.253392][  T290] 
[  127.255557][  T290] Second to last potentially related work creation:
[  127.261978][  T290]  kasan_save_stack+0x3b/0x60
[  127.266578][  T290]  __kasan_record_aux_stack+0xd3/0xf0
[  127.271787][  T290]  kasan_record_aux_stack_noalloc+0xb/0x10
[  127.277429][  T290]  call_rcu+0x123/0x10b0
[  127.281511][  T290]  evict+0x87d/0x930
[  127.285239][  T290]  iput+0x63b/0x7e0
[  127.288885][  T290]  f2fs_put_super+0x683/0xc10
[  127.293407][  T290]  generic_shutdown_super+0x14f/0x330
[  127.298606][  T290]  kill_block_super+0x7e/0xe0
[  127.303118][  T290]  kill_f2fs_super+0x2f9/0x3c0
[  127.307736][  T290]  deactivate_locked_super+0xad/0x110
[  127.312928][  T290]  deactivate_super+0xbe/0xf0
[  127.317447][  T290]  cleanup_mnt+0x45c/0x510
[  127.321694][  T290]  __cleanup_mnt+0x19/0x20
[  127.325948][  T290]  task_work_run+0x129/0x190
[  127.330371][  T290]  exit_to_user_mode_loop+0xc4/0xe0
[  127.335405][  T290]  exit_to_user_mode_prepare+0x5a/0xa0
[  127.340786][  T290]  syscall_exit_to_user_mode+0x26/0x160
[  127.346170][  T290]  do_syscall_64+0x47/0xb0
[  127.350422][  T290]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  127.356151][  T290] 
[  127.358322][  T290] The buggy address belongs to the object at ffff888128691e50
[  127.358322][  T290]  which belongs to the cache f2fs_inode_cache of size 1424
[  127.372932][  T290] The buggy address is located 136 bytes inside of
[  127.372932][  T290]  1424-byte region [ffff888128691e50, ffff8881286923e0)
[  127.386136][  T290] The buggy address belongs to the page:
[  127.391605][  T290] page:ffffea0004a1a400 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888128690000 pfn:0x128690
[  127.402962][  T290] head:ffffea0004a1a400 order:3 compound_mapcount:0 compound_pincount:0
[  127.411122][  T290] flags: 0x4000000000010200(slab|head|zone=1)
[  127.417033][  T290] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888107fb2900
[  127.425451][  T290] raw: ffff888128690000 000000008015000a 00000001ffffffff 0000000000000000
[  127.433862][  T290] page dumped because: kasan: bad access detected
[  127.440132][  T290] page_owner tracks the page as allocated
[  127.445664][  T290] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 502, ts 53386442883, free_ts 0
[  127.466148][  T290]  post_alloc_hook+0x1a3/0x1b0
[  127.470746][  T290]  prep_new_page+0x1b/0x110
[  127.475088][  T290]  get_page_from_freelist+0x3550/0x35d0
[  127.480480][  T290]  __alloc_pages+0x27e/0x8f0
[  127.484895][  T290]  new_slab+0x9a/0x4e0
[  127.488802][  T290]  ___slab_alloc+0x39e/0x830
[  127.493225][  T290]  __slab_alloc+0x4a/0x90
[  127.497391][  T290]  kmem_cache_alloc+0x134/0x200
[  127.502078][  T290]  f2fs_alloc_inode+0x26/0x340
[  127.506681][  T290]  iget_locked+0x174/0x860
[  127.510936][  T290]  f2fs_iget+0x55/0x4fe0
[  127.515017][  T290]  f2fs_fill_super+0x4f0f/0x8190
[  127.519786][  T290]  mount_bdev+0x282/0x3b0
[  127.523951][  T290]  f2fs_mount+0x34/0x40
[  127.527942][  T290]  legacy_get_tree+0xf1/0x190
[  127.532459][  T290]  vfs_get_tree+0x88/0x290
[  127.536710][  T290] page_owner free stack trace missing
[  127.541927][  T290] 
[  127.544088][  T290] Memory state around the buggy address:
[  127.549562][  T290]  ffff888128691d80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc
[  127.557456][  T290]  ffff888128691e00: fc fc fc fc fc fc fc fc fc fc fa fb fb fb fb fb
[  127.565366][  T290] >ffff888128691e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  127.573251][  T290]                                                     ^
[  127.580024][  T290]  ffff888128691f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  127.587922][  T290]  ffff888128691f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  127.595814][  T290] ==================================================================
[  127.603714][  T290] Disabling lock debugging due to kernel taint
[  127.671619][   T30] kauditd_printk_skb: 101 callbacks suppressed
[  127.671637][   T30] audit: type=1326 audit(1733072575.247:1214): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1920 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f5b85849 code=0x7ffc0000
[  127.705065][   T30] audit: type=1326 audit(1733072575.287:1215): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1920 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f5b85849 code=0x7ffc0000