last executing test programs:

2m15.73176024s ago: executing program 2 (id=547):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002200)=ANY=[], 0x20}}, 0x0)
openat$ptp0(0xffffff9c, 0x0, 0x140, 0x0)
r0 = creat(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
syz_io_uring_setup(0x2406, &(0x7f0000000040)={0x0, 0x0, 0x32, 0x0, 0xffffffff, 0x0, r0}, &(0x7f00000000c0), &(0x7f0000ffc000))

2m15.69686157s ago: executing program 2 (id=549):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x10000, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
mincore(&(0x7f0000f0c000/0x3000)=nil, 0x3000, 0x0)

2m15.65629228s ago: executing program 2 (id=552):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

2m12.826535523s ago: executing program 2 (id=573):
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000180)='./file0\x00', 0x0, 0x36fe8a, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x24000, 0x0)

2m12.758197493s ago: executing program 2 (id=575):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x25c, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002064070000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
timer_create(0x0, 0x0, &(0x7f0000000000))
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r0}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

2m12.653353443s ago: executing program 2 (id=579):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000014b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
bind$netlink(r2, &(0x7f0000000140)={0x10, 0x0, 0x25dfdbfd, 0x2000}, 0xc)

2m12.570981502s ago: executing program 32 (id=579):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000014b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
bind$netlink(r2, &(0x7f0000000140)={0x10, 0x0, 0x25dfdbfd, 0x2000}, 0xc)

2m8.586028973s ago: executing program 0 (id=723):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0xf, 0x0, &(0x7f0000000000))
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x42, &(0x7f00000000c0)=ANY=[@ANYBLOB="6673796e635f6d6f64653d706f7369782c6e6f696e6c696e655f646174612c6469736361726400aa19fd46b492dc6cf59d696e6c696e655f64656e7472792c00"], 0x1, 0x54f3, &(0x7f000000ab40)="$eJzs3M9rI+UbAPAn7XZ/f/dbRNDbDixCC5uw6XYXvVXdxR/Ypfjj4EnTZBqym2RKk6a1Jw8exYP/iSh48ujf4MGzt8WD4k1QMjPRrSgITRu7/Xxg8sz75s0zz5tD4ZkpCeDMWkx++akS1+JSRMxHxNWI/LxSHrm1IjwfEdcjYu6Jo1LO/zFxPiIuR8S1cfIiZ6V86/Oboxt3fnzz52++u3Duyhdffz+7XQOz9kJE9LaL871eEbN2ER+W841RJ4+91VEZizd6j8pxVsS9dDPPsNeYrGvk8Xa7WJ9t7w7GcavbaI5ju7OVz2/3iwsORu1JnvwDDxs7+biVbuaxM8jy2D4o6to/KP62HQyGRZ5Wme+jPH0Mh5NYzKf7abGf7Ud5bPaH5XyRN2ul++M4KmN5uWhm3VZex+ZRvun/trc6/d39ZJTuDDpZP7lTq79Yq9+t1neyVjpMV6uNXuvuarLU7o6XVYdpo7fWzrJ2N601s95ystRuNqv1erJ0L93sNPpJvV67XbtVvbNcnt1MXnvwXtJtJUvj+EqnvzvsdAfJVraTFJ9YTlZqt19aTm7Uk3fWN5KNt+/fX99494N77z94ef2NV8tFh8t6nK4mSyu3Vlaq9VvVlfryGdr/J2XRU9w/HEll1gUAnD76f2AWTnv/H/r/qThV/e+krLPa/x/D/uFI9P8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGfWDwtfvp6fLBbjK+X8/8qpZ8pxJSLmIuK3vzEf5w/lnC/zLPzD+oW/1PBtJfIM42tcKI/LEbFWHr/+/7i/BQAAAHh6ffXx9c+Kbr14WZx1QZyk4qbN3NUPp5SvEhELi4+nlG1u/PLslJLFcxFxLvanlC2/gXVxSsmKW27nppXtX5k/FC4+ESpFmDvRcgAAgBNxuBM42S4EAACAk/TprAtgNioxeZQ5eRac/+f9nw8ELx0aAQAAAKdQZdYFAAAAAMcu7//9/h8AAAA83Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5n535yUoeiOACfFvoe74+RGOduxRkswyU4dGhYgJtgCbgFN8AacOYSDBjaEq3BxKS3bSTfl7SX25Afp4TJuZcUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuvRcrOaP91cPbXO2u3bS3A0AAABwzKZYzcsX02r+r75+Vl+6qOdZROQRcax3H8WvRuaozim+eH/xqYaniDJh/xm/6+NvRFzXx+t5198CAAAAnK71YjmruvXqNB26IPpULdrk/28S5WURUUxfEqXl+9NlorDy9z2Ou0Rp5QLWJFFYteQ2TpX2LaPGMPkwZNWQ91oOAADQi2Yn0G8XAgAAQJ9uhy6AYWRx2Mo87AWX/7x/3xD805gBAAAAP1A2dAEAAABA58r+3/P/AAAA4LRVz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS5tiNV8vlrO2OdtdO2nuBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Y3/eUSAEwiAM9q7vTOb+h5UGTU1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODN7/7yf2JqnEnmXhtLzyPJ2qmxdWrsnRtHfxhfvwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnft5jaOKAwD+ZmZna6viGmUPEVHwoBe73dbWXj0owYN/ghDSbY1u/dHmYEsRcvEmOfciehQRlHjr/9BzC73UWw57iCAeI/MrmfwAt4TMbJLPB9687w6bed83CSHfeS8LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZfLATJ9mhV8Rxee7R5r2lrH+8p888WHsyn7UsjppM+nh4vf4i6reXCAAAAKdHUtX3IYSn6fpC1se9vP5Pq/dkNf9PLxZxVc/vrfurvqr9s/bnHxuvbg/UK8bJLnp9eTy6sD+VztHNckb8u1XYc/ql//3CTn7n82cvSf4NiT9efWWS5vcz+uHhww+7eXjmqBIHAA7rfNWXQfX3UNYP20wMgFOjUyu8q/o/6bWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEATJqvh+SqOQgjznZ0483jz3tJB/YO1J/NVu3L//lr9mtkl0hDC9eXx6EKDc5l1t+/c/WJxPB7daj54I4TQ3uhl8OkU7wmhzQwFhw3i8md9VvI5HkHLv5gAADhx0rJldf3TdH0hOxfNhbD18+76/+1aHKas/zc+u/KoPla9/h82NsPZN1i5+fXg9p277y7fXLwxujH68r2Lw/eHl65evnx1kD8rGXhiAgAAwOF0y1av/+O5/ev/52pxmLL+/+bH4Xf1sRL1/4F2Fv3azgQAAOB0e/nNf/6ODjgfdbvh28WVlVvD4rj9+mJxbCHVZ3ambPX6P5lrOysAAACgCZPVaNf6/7VaHKZc/3/hl9d+q18zCSGcLdf/zy99Nb7W3HRmWhP/Ttz2HAEAAGjX2bLV1//TfP9/vL3lIQ4hvPNWEZcfAzhV/Z989P2v9bHq+/8vNTfFmRT3i/uR9/0QOv22MwIAAOAke65sWbH/V7q+8Pnv5z7p2v8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LT/AgAA//8Yl0ni")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1e3340, 0x0)
ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x4004f506, &(0x7f0000000100))

2m7.995818661s ago: executing program 0 (id=743):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x7c, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a7000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a800000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

2m7.756025621s ago: executing program 0 (id=750):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x38, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_FEATURES_WANTED={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}]}, 0x38}}, 0x0)

2m7.712995691s ago: executing program 0 (id=753):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fallocate(r0, 0x100000011, 0x0, 0x28000000)

2m7.47962057s ago: executing program 0 (id=759):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000000)=0x2, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x24000800, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @local}, 0x1c)
recvmmsg(r0, &(0x7f00000066c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2000, 0x0)

2m7.21640537s ago: executing program 0 (id=763):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001"])
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008004"])

2m7.194643279s ago: executing program 33 (id=763):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001"])
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008004"])

1m23.112352243s ago: executing program 5 (id=2284):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'sit0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=@ipv6_newnexthop={0x28, 0x68, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x4}, [@NHA_ID={0x8, 0x6, 0xffffffff}, @NHA_OIF={0x8, 0x5, r2}]}, 0x28}}, 0x0)

1m23.111973263s ago: executing program 5 (id=2286):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000008a02"])

1m23.024258092s ago: executing program 5 (id=2294):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x5a, &(0x7f00000000c0)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a35f2", 0x24, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0x7, 0x0, 0x0, 0x0, {[@generic={0x2, 0x2}, @mptcp=@mp_fclose={0x1e, 0xc, 0xca4, 0x0, 0x2800000000000}]}}}}}}}}, 0x0)

1m22.940764602s ago: executing program 5 (id=2297):
syz_mount_image$erofs(&(0x7f00000003c0), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA")
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000100)='./file0\x00')

1m21.296660108s ago: executing program 5 (id=2299):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f00000000c0)={0x28eae77, 0x71})

1m20.132467645s ago: executing program 5 (id=2308):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f9ffff030000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2}, 0x10)
syz_emit_ethernet(0x66, &(0x7f00000002c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x30, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "00641a", 0x0, 0x3a, 0x0, @mcast1, @mcast1}}}}}}}, 0x0)

1m20.121776265s ago: executing program 34 (id=2308):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f9ffff030000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2}, 0x10)
syz_emit_ethernet(0x66, &(0x7f00000002c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x30, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "00641a", 0x0, 0x3a, 0x0, @mcast1, @mcast1}}}}}}}, 0x0)

1m7.588496595s ago: executing program 3 (id=2728):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
fchmod(r1, 0x11)

1m7.390536194s ago: executing program 3 (id=2730):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
socketpair(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
io_setup(0x7f, &(0x7f0000000100)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000580)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
close_range(r0, 0xffffffffffffffff, 0x0)

1m7.291278984s ago: executing program 3 (id=2736):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
setreuid(0x0, 0x0)

1m7.154528124s ago: executing program 3 (id=2740):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000080)={[{@dioread_nolock}, {@errors_remount}, {@nolazytime}, {@stripe={'stripe', 0x3d, 0x4000020}}, {@bh}, {@lazytime}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x12, r0, 0xf23d6000)

1m6.875992773s ago: executing program 3 (id=2749):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000054f000/0x4000)=nil, 0x4000, 0x17)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

1m6.488479462s ago: executing program 3 (id=2755):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
mount_setattr(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x47)

1m6.438890872s ago: executing program 35 (id=2755):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
mount_setattr(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x47)

44.584571569s ago: executing program 8 (id=3538):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'macvlan0\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [0x0, 0x0, 0x0, 0xffffff00], [0x0, 0x0, 0xffffffff], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x2, @mcast1, 0x9}, 0x1c)
sendmmsg$inet(r1, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000800)="21ae1b", 0x3}], 0x1, 0x0, 0x0, 0x900}}], 0x1, 0x0)

44.320077819s ago: executing program 8 (id=3544):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x64c159d03152c38, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)

44.287103788s ago: executing program 8 (id=3545):
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x80000803, 0x81, 0xe49, 0x3}, 0x10)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local, @loopback}, 0xc)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000140)={0x6, {{0x2, 0x0, @multicast1}}}, 0x88)
getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000040)=""/185, &(0x7f0000000100)=0xb9)

44.264202319s ago: executing program 8 (id=3546):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@minixdf}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x8000000000000002, 0x0, 0x0, 0x0, 0x1d, 0x4, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "0347c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a12ffffffffffffffe000000000e8f20000000200", "b90000cd1a0900000000000000000002000000000200", [0x1]})

44.104425498s ago: executing program 8 (id=3550):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
capget(&(0x7f0000000040)={0x19980330}, 0x0)

43.928796368s ago: executing program 8 (id=3555):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400ea00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xb9, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r2}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)

43.903259528s ago: executing program 36 (id=3555):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400ea00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xb9, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r2}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)

3.163597418s ago: executing program 6 (id=4802):
socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x34, 0x10, 0x503, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, 0x1159b, 0x800}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}]}, 0x34}}, 0x0)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r1, 0x40383d0c, &(0x7f0000000040))

3.109754548s ago: executing program 6 (id=4808):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x4, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
syz_emit_ethernet(0x5e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000702", 0x28, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @mcast2, @remote}}}}}}, 0x0)

2.026742385s ago: executing program 6 (id=4823):
chdir(0x0)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
copy_file_range(r1, 0x0, r0, 0x0, 0x8, 0x0)

2.009450805s ago: executing program 6 (id=4816):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d00)={&(0x7f0000000cc0)='mm_page_alloc\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)}, {&(0x7f0000000140)="ec", 0x1}, {0x0}], 0x308, 0x0, 0x3e80}, 0x0)

1.777466615s ago: executing program 6 (id=4831):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x404, &(0x7f0000000000)={[{@nogrpid}, {@nogrpid}, {@test_dummy_encryption}, {@debug}, {@nobarrier}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0xffffffc9, 0xfecc)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0xf4ff, 0x8008})

1.618965744s ago: executing program 6 (id=4824):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r0, 0x400448dd, &(0x7f00000003c0))

1.348682094s ago: executing program 4 (id=4840):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000004f80)=""/17, 0x11}, 0x401}], 0x1, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1.059091833s ago: executing program 7 (id=4848):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000000)={0x3, 0x4007})

1.058653803s ago: executing program 1 (id=4849):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$selinux_context(r2, &(0x7f00000003c0)='system_u:object_r:klogd_exec_t:s0\x00', 0x22)

1.011272743s ago: executing program 1 (id=4851):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x4, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
syz_emit_ethernet(0x5e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000702", 0x28, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @mcast2, @remote}}}}}}, 0x0)

996.639843ms ago: executing program 1 (id=4852):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
setsockopt$inet_tcp_int(r0, 0x6, 0x25, &(0x7f0000000240)=0x44800, 0x4)

757.530232ms ago: executing program 9 (id=4855):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
remap_file_pages(&(0x7f000053b000/0x4000)=nil, 0x4000, 0x0, 0xc4, 0x20000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

756.968622ms ago: executing program 7 (id=4865):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x404, &(0x7f0000000000)={[{@nogrpid}, {@nogrpid}, {@test_dummy_encryption}, {@debug}, {@nobarrier}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0xffffffc9, 0xfecc)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0xf4ff, 0x8008})

513.057802ms ago: executing program 4 (id=4856):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2a, &(0x7f0000000100)=r2, 0x4)
sendmsg$unix(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000000)="826d", 0x2}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x4000010}, 0x0)
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x60)

512.710412ms ago: executing program 4 (id=4857):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r1}, 0x10)
timerfd_create(0x7, 0x0)

512.270802ms ago: executing program 7 (id=4868):
r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x5)
r2 = openat(r1, &(0x7f0000000340)='.\x00', 0x0, 0x131)
lseek(r2, 0x0, 0x0)

476.106381ms ago: executing program 9 (id=4858):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000006c0)='sys_enter\x00', r1}, 0x18)
execve(0x0, 0x0, 0x0)

475.722852ms ago: executing program 4 (id=4859):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000040)='./bus\x00', 0x2008410, &(0x7f0000005f80)=ANY=[], 0x1, 0x5551, &(0x7f0000000a00)="$eJzs3EtvG1UUAOA7TpPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKKhJ48R9fJ80PjPX12fusUaRzkzkADy15tPff03CxXAmhDATQjifhHw/KbbcSgwvhBAuhRBK/9iSYvzvgbkQwtkQwsVR8pgzKd768srw8vIvb/323Q+nT5376tsfp1c1MG0vhhC6m3F/pxtj1orxTjFeG7bz2L0+LGJ8o3u3OM5i3Gmu5xl2auN5tTxea8X52eZ2fxQ3OrX6KLbaG/n4Zi+esD9sjfPkH7hT28qPG831PLb7WR5be3Fdu3vxb9tefxDzNIp8H+fpw2AwjnG8uduM9WzezWO9NyjGY96s0dwdxWERi9OFetZp5OtYP8o3/Wh7u93b3k2Hza1+O+uly5XqS5XqjXJ1K2s0B83r5Vq3ceN6utDqjKaVB81ad6WVZa1Os1LPuovpQqteL1er6cLN5nq71kur1cq1ytXy8mKxdyV9/fb7aaeRLoziq+3e9ly70083sq00fmIxXapce3kxvVxN311dS9feuXVrde29D29+cPuV1TdfKybdt6x0Yenq0lK5erW8VF18cI1zx13/6AQHrH9wlPo/KxZ9iPqTQ10NcEguMIBDu6//D/p/4OFdPOC8x73/D5Ps/0ctlf7/wf1v6ej9/5H634fs/ydW/wTufzxq9cOR6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5aP81+/Ua+Mx+PzxXjF4qh54rjJIRQCiH8+R9mwty+nDNFntn/mT/7rzV8n4Q8w+gcp4vtbAhhpdj+ePa4vwUAAAB4cn3zyaUvYrceX+anvSBOUrxpUzr/0YTyJSGE2fmfJ5StNHp5fkLJ8uv7VNidULb8BtYzE0oWb7mdmlS2A5kZh08v3BvMC0piKJ3ocgAAgBMxsy+cbBcCAADASfp82gtgOpIwfpQ5fhac/+f9vUebZ/a9BwAAADyGkmkvAAAAADh2ef/v9/8AAADgyRZ//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiLnfu5TRyI4gD8bDCw/7RotfdtZW9QRkrIMcdAAWmCEkgLaYAayC0lRBBhj5AcgRSJcayg75M8ztjRb2aAyxtLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC49V+v54/2/h0tzdvvL5FkNAAAAcMq2Ws/rP6ZN/0e6/itd+pP6RUSUEXGqdh/EqJU5SDnVmf+v3s3hKaJOOIwxTsf3iPifjtffXX8KAAAAcL02y9WsqdabZtr3hPhMzaZN+fMmU14REdX0JVNaeWj+Zgqrf9/DuMuUVm9gTTKFNVtuw9P3RrkGaRu0Tmklk0X9Jda9sptxAQCAPrUrgTNVCAAAAFfgtu8J0I/i2ByfM46bU3og+K3VAwAAAL6gou8JAAAAAJ2r63/v/wMAAIDr1rz/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/V8s1zNzt1ffDBnt79MvhUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAG/vzjgIhEAZhsHd9ZzL3P6w0aGhsUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7NzPaxxVHADw787sbH9oMUbJISoVPOjFJtva2qMelODBP0EI6aZGt1bbHmwJSi56kpwLKnoUEZR46//QcwO91FsPOUTwrMzsTDpto11KnNkmnw+8ed/ZDO993+wS8s2bBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMrW2/FiUsZpfpgaxdVrt7ZXl/J+84E+d2P99mze8rjzqIm+fmvvk59sL9VPjs/UTr5sPhkAAAAOhrSq7yPiTraxkPfJVFH/Z9U1ec3/w7FRXNXzD9b9m9urh8svzVb1/++/3X1+Z6Kp0Tz5oMsrw8H8w6l0/6clTrxnHnlFt7jzxe9e0uINSd5be24rK+5n55ubN9/pFeGhJrIFAB7Hiaovg+rnobzvt5kYAAdGt1Z4V/V/OtVuTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABN2FqLp6q4ExGz3XtxbnN7dWm3/sb67dmqnbl+fb0+Zj5EFhHLK8NB1uBaJt3lq9c+XhwOB5eaD45HRHuzl8EHY1wT8d/XlB/PaG8V/x50JiONVoOkfH8mJZ+9DKrP3t6P3NI3JAAA9qH0WJT1eFbW9XeyjYX8tc50xN8/3l//v1qLY8z6/+6HZ27VZ6zX//2mljnxvv0u4sKnc5evXnt95cLi+cH5wSdvnOy/2T919vTps3P5vZqfW45kMN92ogAAADzBemWr1//J9MP7/0drcYxZ/3/2ff+L+lyp+n9X9zb92s4EAADgIOrtRM++/NefnV2u6PR68fnilSuX+qPjzvnJ0bHRdB/TobLV6/90uu2sAAAAgCZsrXXu2/8/V4tjzP3/p3964Zf6mGlEHIm4GBGDE0sXh+eaW85Ea+IPlYuJem2vFAAAgLYcKdto/79b7P9nxfP/yc4jD0lEvPbKKK7+19U49X/67lc/1+eqP/9/qrklTqRkZnQ/in4mojvTdkYAAADsZ4fLlhf7f2QbCx/9evT9nuf/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJr2TwAAAP//Ngk2Dg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000100)=0xfffffcf3)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r1, 0x0, 0x0, 0x1000f4)

475.184672ms ago: executing program 7 (id=4871):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
arch_prctl$ARCH_REQ_XCOMP_GUEST_PERM(0x1025, 0x8)

230.010481ms ago: executing program 4 (id=4860):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f00000001c0)={@local}, 0x14)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100003020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

229.262561ms ago: executing program 1 (id=4861):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0500000008000000e27f00000100000000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='mm_khugepaged_scan_pmd\x00', r1}, 0x18)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)

229.053801ms ago: executing program 9 (id=4862):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$selinux_context(r2, &(0x7f00000003c0)='system_u:object_r:klogd_exec_t:s0\x00', 0x22)

223.765681ms ago: executing program 7 (id=4863):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff)
sendfile(r1, r1, 0x0, 0xfffe80)

190.580671ms ago: executing program 9 (id=4864):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='sys_enter\x00', r1}, 0x10)
io_uring_enter(0xffffffffffffffff, 0xcbffffff, 0x0, 0x11, 0x0, 0x0)

120.46164ms ago: executing program 9 (id=4866):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x3f, 0x40, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r0}, 0x38)

78.574821ms ago: executing program 9 (id=4867):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000000)={0x3, 0x4007})

19.62736ms ago: executing program 1 (id=4869):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2a, &(0x7f0000000100)=r2, 0x4)
sendmsg$unix(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000000)="826d", 0x2}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x4000010}, 0x0)
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x60)

19.452571ms ago: executing program 4 (id=4870):
r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x5)
r2 = openat(r1, &(0x7f0000000340)='.\x00', 0x0, 0x131)
lseek(r2, 0x0, 0x0)

16.977741ms ago: executing program 7 (id=4880):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x3f, 0x40, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r0}, 0x38)

0s ago: executing program 1 (id=4872):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000407b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0)

kernel console output (not intermixed with test programs):

.875636][ T7276] syz.4.2979[7276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.960312][ T7282] xt_hashlimit: size too large, truncated to 1048576
[  122.015053][ T7272] loop6: detected capacity change from 0 to 40427
[  122.022094][ T7272] F2FS-fs (loop6): Invalid SB checksum offset: 0
[  122.028572][ T7272] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  122.043524][ T7272] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  122.076579][ T7272] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[  122.088166][ T7272] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  122.146396][ T2149] syz-executor: attempt to access beyond end of device
[  122.146396][ T2149] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  122.305901][ T7303] device ip6erspan0 entered promiscuous mode
[  122.475010][ T7295] loop4: detected capacity change from 0 to 40427
[  122.485381][ T7295] F2FS-fs (loop4): fault_injection options not supported
[  122.509486][ T7295] F2FS-fs (loop4): Image doesn't support compression
[  122.532359][ T7295] F2FS-fs (loop4): Image doesn't support compression
[  122.539526][ T7295] F2FS-fs (loop4): fault_type options not supported
[  122.546790][ T7295] F2FS-fs (loop4): invalid crc value
[  122.569064][ T7295] F2FS-fs (loop4): Found nat_bits in checkpoint
[  122.584155][ T7333] loop7: detected capacity change from 0 to 4096
[  122.608830][ T7333] EXT4-fs (loop7): unsupported descriptor size 1344
[  122.658421][ T7295] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  122.714479][   T28] audit: type=1400 audit(1737155889.647:3381): avc:  denied  { getattr } for  pid=7352 comm="syz.6.3011" name="/" dev="incremental-fs" ino=1947 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  122.738296][ T7353] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  122.817616][  T297] syz-executor: attempt to access beyond end of device
[  122.817616][  T297] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  123.018118][ T2221] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  123.208174][ T2221] usb 9-1: Using ep0 maxpacket: 8
[  123.214177][ T2221] usb 9-1: config 0 has an invalid interface number: 31 but max is 0
[  123.230435][ T2221] usb 9-1: config 0 has no interface number 0
[  123.247917][ T2221] usb 9-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  123.261718][ T2221] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.270046][ T2221] usb 9-1: Product: syz
[  123.274302][ T2221] usb 9-1: Manufacturer: syz
[  123.279459][ T2221] usb 9-1: SerialNumber: syz
[  123.288257][   T19] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  123.292544][ T2221] usb 9-1: config 0 descriptor??
[  123.329160][ T7382] loop4: detected capacity change from 0 to 40427
[  123.348336][ T7382] F2FS-fs (loop4): fault_injection options not supported
[  123.362751][ T7382] F2FS-fs (loop4): invalid crc value
[  123.387938][ T7382] F2FS-fs (loop4): Found nat_bits in checkpoint
[  123.489212][   T19] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.500362][ T7382] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  123.514809][   T19] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.519985][ T2221] usb 9-1: Found UVC 0.04 device syz (046d:08c3)
[  123.538454][ T2221] usb 9-1: No valid video chain found.
[  123.549197][ T2221] usb 9-1: USB disconnect, device number 4
[  123.551615][   T19] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  123.604942][   T19] usb 7-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  123.616362][   T19] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.616433][ T7399] f2fs_ckpt-7:4: attempt to access beyond end of device
[  123.616433][ T7399] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  123.638777][   T19] usb 7-1: config 0 descriptor??
[  123.959295][ T7427] loop4: detected capacity change from 0 to 1024
[  123.978195][ T7427] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  124.016388][ T7427] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  124.039073][   T28] audit: type=1400 audit(1737155890.977:3382): avc:  denied  { execute } for  pid=7426 comm="syz.4.3044" path="/565/file1/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  124.063701][   T19] isku 0003:1E7D:319C.0014: invalid report_size 23040
[  124.082148][   T19] isku 0003:1E7D:319C.0014: item 0 2 1 7 parsing failed
[  124.094573][   T19] isku 0003:1E7D:319C.0014: parse failed
[  124.094596][  T297] EXT4-fs (loop4): unmounting filesystem.
[  124.100336][   T19] isku: probe of 0003:1E7D:319C.0014 failed with error -22
[  124.111189][ T7438] loop7: detected capacity change from 0 to 1024
[  124.164378][   T28] audit: type=1400 audit(1737155891.097:3383): avc:  denied  { create } for  pid=7447 comm="syz.1.3051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  124.226542][ T7450] loop4: detected capacity change from 0 to 4096
[  124.231897][ T7456] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  124.249872][ T7450] EXT4-fs (loop4): unsupported descriptor size 1344
[  124.278574][ T7460] xt_hashlimit: size too large, truncated to 1048576
[  124.302575][   T19] usb 7-1: USB disconnect, device number 13
[  124.360389][   T28] audit: type=1400 audit(1737155891.297:3384): avc:  denied  { create } for  pid=7464 comm="syz.1.3060" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  124.666398][ T7495] xt_hashlimit: size too large, truncated to 1048576
[  124.685064][ T7493] loop8: detected capacity change from 0 to 4096
[  124.712372][ T7493] EXT4-fs (loop8): unsupported descriptor size 1344
[  124.970193][ T7520] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3086'.
[  125.065705][ T7530] loop6: detected capacity change from 0 to 512
[  125.113845][ T7530] ext4 filesystem being mounted at /372/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.225571][ T7547] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.233386][ T7547] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.266614][ T7547] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  125.273830][ T7547] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  125.283154][ T7547] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.290050][ T7547] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.297866][ T7547] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.304752][ T7547] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.360169][ T7559] loop8: detected capacity change from 0 to 512
[  125.377466][   T28] audit: type=1400 audit(1737155892.307:3385): avc:  denied  { write } for  pid=7560 comm="syz.4.3103" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  125.406133][ T7559] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  125.429417][ T7559] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  125.455403][ T7559] EXT4-fs (loop8): 1 truncate cleaned up
[  125.467330][ T7566] loop4: detected capacity change from 0 to 512
[  125.474095][ T7559] EXT4-fs mount: 4 callbacks suppressed
[  125.474113][ T7559] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  125.493319][ T7566] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  125.518945][ T6779] EXT4-fs (loop8): unmounting filesystem.
[  125.528696][ T7566] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  125.554658][ T7566] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz.4.3106: corrupted in-inode xattr
[  125.571708][ T7566] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.3106: couldn't read orphan inode 15 (err -117)
[  125.590415][ T7566] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  125.603963][ T7575] Invalid ELF header magic: != ELF
[  125.605942][   T28] audit: type=1400 audit(1737155892.537:3386): avc:  denied  { module_load } for  pid=7574 comm="syz.8.3108" path="/sys/kernel/notes" dev="sysfs" ino=1141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  125.645601][ T7581] xt_hashlimit: size too large, truncated to 1048576
[  125.677044][  T297] EXT4-fs (loop4): unmounting filesystem.
[  125.798412][ T7597] netlink: 'syz.6.3120': attribute type 12 has an invalid length.
[  125.814922][ T7597] netlink: 'syz.6.3120': attribute type 29 has an invalid length.
[  125.828246][ T7597] netlink: 148 bytes leftover after parsing attributes in process `syz.6.3120'.
[  125.837593][ T7597] netlink: 'syz.6.3120': attribute type 1 has an invalid length.
[  125.875629][   T28] audit: type=1326 audit(1737155892.807:3387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7526 comm="syz.7.3089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f60b85d29 code=0x7fc00000
[  125.923380][ T7607] loop7: detected capacity change from 0 to 4096
[  125.930458][ T7607] EXT4-fs: Ignoring removed nobh option
[  125.941583][ T7607] EXT4-fs: Ignoring removed i_version option
[  125.961393][ T7607] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  126.008804][ T7612] device veth1_macvtap left promiscuous mode
[  126.021326][ T7612] device macsec0 entered promiscuous mode
[  126.053118][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  126.092263][ T7619] loop7: detected capacity change from 0 to 128
[  126.106664][ T7619] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  126.117862][ T7619] ext4 filesystem being mounted at /132/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  126.118760][ T7623] loop8: detected capacity change from 0 to 512
[  126.157628][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  126.176020][ T7623] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  126.185501][ T7623] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.224335][ T6779] EXT4-fs (loop8): unmounting filesystem.
[  126.252760][ T7637] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  126.262149][ T7637] FAT-fs (loop17): unable to read boot sector
[  126.322792][ T7643] xt_hashlimit: size too large, truncated to 1048576
[  126.323552][ T7642] loop8: detected capacity change from 0 to 512
[  126.348211][ T7642] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  126.385248][ T7642] EXT4-fs (loop8): 1 truncate cleaned up
[  126.394534][ T7642] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  126.431694][ T6779] EXT4-fs (loop8): unmounting filesystem.
[  126.518497][  T308] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  126.532983][ T7664] loop8: detected capacity change from 0 to 128
[  126.540244][ T7664] FAT-fs (loop8): Unrecognized mount option "’’’0xffffffffffffffff00000000000000000000000’’’’’’’’’’" or missing value
[  126.555960][ T7666] futex_wake_op: syz.1.3150 tries to shift op by -1; fix this program
[  126.607854][ T7670] loop4: detected capacity change from 0 to 512
[  126.636146][ T7670] EXT4-fs: Ignoring removed mblk_io_submit option
[  126.658713][ T7670] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  126.703172][ T7670] Quota error (device loop4): do_check_range: Getting dqdh_next_free 15 out of range 0-5
[  126.719262][  T308] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  126.728523][ T7670] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  126.739251][ T7670] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.3152: Failed to acquire dquot type 1
[  126.742055][  T308] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  126.759488][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  126.765942][ T7670] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  126.787962][ T7683] futex_wake_op: syz.1.3157 tries to shift op by 32; fix this program
[  126.800684][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  126.807055][ T7670] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #12: comm syz.4.3152: corrupted inode contents
[  126.825593][  T308] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  126.828159][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  126.841439][ T7670] EXT4-fs error (device loop4): ext4_dirty_inode:6091: inode #12: comm syz.4.3152: mark_inode_dirty error
[  126.843291][  T308] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  126.861087][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  126.868418][ T7670] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #12: comm syz.4.3152: corrupted inode contents
[  126.881434][  T308] usb 7-1: SerialNumber: syz
[  126.887238][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  126.894003][ T7670] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #12: comm syz.4.3152: mark_inode_dirty error
[  126.907368][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  126.925987][ T7670] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #12: comm syz.4.3152: corrupted inode contents
[  126.941487][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  126.947918][ T7670] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  126.962171][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  126.972330][ T7670] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #12: comm syz.4.3152: corrupted inode contents
[  126.985096][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  126.991952][ T7670] EXT4-fs error (device loop4): ext4_truncate:4313: inode #12: comm syz.4.3152: mark_inode_dirty error
[  127.009654][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  127.018321][ T7670] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  127.031781][ T7710] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3170'.
[  127.034023][ T7670] EXT4-fs (loop4): Remounting filesystem read-only
[  127.060610][ T7670] EXT4-fs (loop4): 1 truncate cleaned up
[  127.070547][ T7670] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  127.095330][  T308] usb 7-1: 0:2 : does not exist
[  127.108220][  T308] usb 7-1: USB disconnect, device number 14
[  127.157773][  T297] EXT4-fs (loop4): unmounting filesystem.
[  127.338593][ T7741] loop4: detected capacity change from 0 to 1024
[  127.347299][ T7741] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  127.362078][ T7741] EXT4-fs error (device loop4): ext4_get_inode_usage:834: inode #2: comm syz.4.3185: corrupted in-inode xattr
[  127.381514][ T7741] EXT4-fs (loop4): Remounting filesystem read-only
[  127.388770][ T7741] EXT4-fs error (device loop4): ext4_xattr_ibody_get:603: inode #2: comm syz.4.3185: corrupted in-inode xattr
[  127.400680][ T7741] EXT4-fs (loop4): Remounting filesystem read-only
[  127.414516][  T297] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2739: inode #2: comm syz-executor: corrupted in-inode xattr
[  127.427132][  T297] EXT4-fs (loop4): Remounting filesystem read-only
[  127.438261][  T297] EXT4-fs (loop4): unmounting filesystem.
[  127.634949][ T7787] loop6: detected capacity change from 0 to 512
[  127.641543][ T7787] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  127.668149][ T5411] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  127.859360][ T5411] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.877671][ T5411] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.890000][ T5411] usb 9-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  127.899677][ T5411] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.918649][ T5411] usb 9-1: config 0 descriptor??
[  128.232474][ T7892] loop6: detected capacity change from 0 to 128
[  128.253964][ T7892] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  128.289787][ T7892] ext4 filesystem being mounted at /406/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  128.328728][ T5411] hid-steam 0003:28DE:1142.0015: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.8-1/input0
[  128.350680][ T5411] hid-steam 0003:28DE:1142.0016: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.8-1/input0
[  128.397015][ T7892] EXT4-fs warning (device loop6): ext4_group_add:1743: No reserved GDT blocks, can't resize
[  128.426594][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  128.441257][ T5411] hid-steam 0003:28DE:1142.0015: Steam wireless receiver connected
[  128.528553][ T5411] usb 9-1: USB disconnect, device number 5
[  128.535915][ T5411] hid-steam 0003:28DE:1142.0015: Steam wireless receiver disconnected
[  128.582000][ T7935] input: syz0 as /devices/virtual/input/input15
[  128.695320][ T7960] loop7: detected capacity change from 0 to 512
[  128.714686][ T7964] loop4: detected capacity change from 0 to 512
[  128.722196][ T7960] EXT4-fs error (device loop7): ext4_orphan_get:1400: inode #15: comm syz.7.3258: casefold flag without casefold feature
[  128.738902][ T7960] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.3258: couldn't read orphan inode 15 (err -117)
[  128.759651][ T7964] EXT4-fs (loop4): 1 truncate cleaned up
[  128.765357][ T7960] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  128.778547][ T7964] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  128.795458][   T28] audit: type=1400 audit(1737155895.727:3388): avc:  denied  { watch_reads } for  pid=7959 comm="syz.7.3258" path="/155/file0" dev="loop7" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  128.847204][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  128.856874][  T297] EXT4-fs (loop4): unmounting filesystem.
[  128.863085][ T7970] syz.6.3261[7970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.863161][ T7970] syz.6.3261[7970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.894146][ T7972] loop7: detected capacity change from 0 to 2048
[  128.940638][ T7972] Alternate GPT is invalid, using primary GPT.
[  128.946801][ T7972]  loop7: p2 p3 p7
[  129.068359][ T7984] netlink: 'syz.1.3268': attribute type 1 has an invalid length.
[  129.085252][ T7984] netlink: 'syz.1.3268': attribute type 2 has an invalid length.
[  129.107837][ T7984] netlink: 'syz.1.3268': attribute type 1 has an invalid length.
[  129.119941][ T7992] loop7: detected capacity change from 0 to 16
[  129.124197][ T7994] xt_hashlimit: size too large, truncated to 1048576
[  129.130629][ T7984] netlink: 'syz.1.3268': attribute type 2 has an invalid length.
[  129.140282][ T7992] erofs: (device loop7): mounted with root inode @ nid 36.
[  129.150445][   T28] audit: type=1400 audit(1737155896.087:3389): avc:  denied  { execute } for  pid=7991 comm="syz.7.3271" name="file2" dev="loop7" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  129.173942][   T47] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[9000]
[  129.174054][   T28] audit: type=1400 audit(1737155896.107:3390): avc:  denied  { transition } for  pid=7991 comm="syz.7.3271" path="/159/file1/file2" dev="loop7" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  129.214863][ T7992] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  129.226335][   T28] audit: type=1400 audit(1737155896.107:3391): avc:  denied  { entrypoint } for  pid=7991 comm="syz.7.3271" path="/159/file1/file2" dev="loop7" ino=89 scontext=system_u:object_r:hugetlbfs_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  129.264911][   T28] audit: type=1400 audit(1737155896.107:3392): avc:  denied  { noatsecure } for  pid=7991 comm="syz.7.3271" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  129.323097][ T8003] loop7: detected capacity change from 0 to 512
[  129.349730][ T8003] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  129.399373][ T8003] ext4 filesystem being mounted at /160/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  129.465454][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  129.495320][ T8021] 9pnet_fd: Insufficient options for proto=fd
[  129.648724][ T8032] syz.7.3288[8032] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.648809][ T8032] syz.7.3288[8032] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.809342][ T7789] Bluetooth: hci0: Frame reassembly failed (-84)
[  130.209748][ T8060] netlink: 'syz.4.3300': attribute type 11 has an invalid length.
[  130.263375][ T8069] device bridge_slave_0 left promiscuous mode
[  130.269546][ T8069] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.277839][ T8069] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  130.318359][ T8073] device wg2 entered promiscuous mode
[  130.414710][ T8081] device vlan3 entered promiscuous mode
[  130.420195][ T8081] device dummy0 entered promiscuous mode
[  130.537421][ T8098] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3318'.
[  130.839021][   T28] audit: type=1400 audit(1737155897.777:3393): avc:  denied  { remount } for  pid=8123 comm="syz.4.3329" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  130.865898][ T8126] loop4: detected capacity change from 0 to 256
[  130.875079][ T8126] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  131.155814][ T8182] loop8: detected capacity change from 0 to 256
[  131.171825][ T8182] exfat: Deprecated parameter 'namecase'
[  131.177847][ T8182] exfat: Deprecated parameter 'namecase'
[  131.186266][   T28] audit: type=1400 audit(1737155898.117:3394): avc:  denied  { append } for  pid=8183 comm="syz.4.3358" name="rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  131.220434][ T8182] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x1fdf94bc, utbl_chksum : 0xe619d30d)
[  131.244362][   T28] audit: type=1400 audit(1737155898.177:3395): avc:  denied  { watch } for  pid=8181 comm="syz.8.3357" path="/89/file0/file0" dev="loop8" ino=1048723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  131.331653][ T8214] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8214 comm=syz.6.3373
[  131.672562][ T8271] overlayfs: failed to clone upperpath
[  131.685729][   T28] audit: type=1400 audit(1737155898.617:3396): avc:  denied  { validate_trans } for  pid=8273 comm="syz.8.3401" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  131.719630][   T28] audit: type=1400 audit(1737155898.657:3397): avc:  denied  { write } for  pid=8280 comm="syz.8.3404" name="file0" dev="tmpfs" ino=543 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  131.741941][   T28] audit: type=1400 audit(1737155898.657:3398): avc:  denied  { open } for  pid=8280 comm="syz.8.3404" path="/100/file0" dev="tmpfs" ino=543 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  131.848190][ T3577] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  131.848236][ T1882] Bluetooth: hci0: command 0x1003 tx timeout
[  131.913378][ T8300] loop7: detected capacity change from 0 to 512
[  131.930217][ T8300] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  131.939136][ T8300] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.956800][ T8300] EXT4-fs (loop7): re-mounted. Quota mode: writeback.
[  131.964017][ T8300] EXT4-fs: Ignoring removed orlov option
[  131.965904][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  131.969658][ T8300] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  131.977114][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  131.986249][ T8300] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  131.994003][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.009566][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.013123][ T8300] EXT4-fs error (device loop7): __ext4_remount:6436: comm syz.7.3413: Abort forced by user
[  132.019417][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.033907][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041189][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041216][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041237][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041259][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041281][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041309][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041332][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041355][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041376][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041397][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041419][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041440][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041462][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041484][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041505][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041525][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041547][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041568][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041588][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041608][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041628][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.041648][ T2221] hid-generic 0000:0000:0003.0017: unknown main item tag 0x0
[  132.042198][ T2221] hid-generic 0000:0000:0003.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  132.210742][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  132.478175][ T2221] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  132.506783][ T8332] loop4: detected capacity change from 0 to 2048
[  132.519728][ T8332] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  132.538693][  T297] EXT4-fs (loop4): unmounting filesystem.
[  132.659182][ T2221] usb 9-1: config 0 has no interfaces?
[  132.664554][ T2221] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  132.684731][ T2221] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.701408][ T2221] usb 9-1: config 0 descriptor??
[  132.919000][ T2221] usb 9-1: USB disconnect, device number 6
[  133.115806][ T8420] loop7: detected capacity change from 0 to 1024
[  133.149341][ T8420] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  133.168684][ T8420] EXT4-fs (loop7): orphan cleanup on readonly fs
[  133.197713][ T8420] EXT4-fs error (device loop7): ext4_ext_check_inode:520: inode #3: comm syz.7.3467: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 2(4), depth 0(0)
[  133.225407][ T8420] EXT4-fs (loop7): Remounting filesystem read-only
[  133.233395][ T8420] EXT4-fs error (device loop7): ext4_quota_enable:6982: comm syz.7.3467: Bad quota inode: 3, type: 0
[  133.244399][ T8420] EXT4-fs (loop7): Remounting filesystem read-only
[  133.250787][ T8420] EXT4-fs warning (device loop7): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  133.265499][ T8420] EXT4-fs (loop7): Cannot turn on quotas: error -117
[  133.272083][ T8420] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  133.290421][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  133.338498][ T8440] loop7: detected capacity change from 0 to 512
[  133.359868][ T8440] EXT4-fs error (device loop7): ext4_orphan_get:1400: inode #15: comm syz.7.3476: casefold flag without casefold feature
[  133.384963][ T8440] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.3476: couldn't read orphan inode 15 (err -117)
[  133.396903][ T8440] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  133.487881][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  133.558414][ T8459] binder: 8458:8459 ioctl 40046205 0 returned -22
[  133.718298][ T8486] loop6: detected capacity change from 0 to 512
[  133.743092][ T8490] loop4: detected capacity change from 0 to 2048
[  133.750702][ T8486] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.3494: inode #1: comm syz.6.3494: iget: illegal inode #
[  133.764687][ T8486] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.3494: error while reading EA inode 1 err=-117
[  133.777512][ T8486] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.3494: inode #1: comm syz.6.3494: iget: illegal inode #
[  133.790789][ T8486] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.3494: error while reading EA inode 1 err=-117
[  133.803631][ T8486] EXT4-fs (loop6): 1 orphan inode deleted
[  133.809450][ T8490] Alternate GPT is invalid, using primary GPT.
[  133.809750][ T8486] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  133.817813][ T8490]  loop4: p1 p2 p3
[  133.833157][ T8498] netlink: 'syz.1.3500': attribute type 1 has an invalid length.
[  133.840978][ T8498] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3500'.
[  133.888239][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  133.965008][ T8515] 9pnet_fd: p9_fd_create_unix (8515): problem connecting socket: ./file0: -111
[  134.031915][ T8527] input: syz1 as /devices/virtual/input/input17
[  134.154851][ T8548] device batadv_slave_1 entered promiscuous mode
[  134.163215][ T8547] device batadv_slave_1 left promiscuous mode
[  134.203997][ T8558] input: syz0 as /devices/virtual/input/input18
[  134.323776][ T8577] xt_hashlimit: size too large, truncated to 1048576
[  134.448145][ T2221] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  134.451277][ T8573] loop4: detected capacity change from 0 to 40427
[  134.462843][ T8573] F2FS-fs (loop4): fault_injection options not supported
[  134.471351][ T8573] F2FS-fs (loop4): invalid crc value
[  134.477709][ T8573] F2FS-fs (loop4): Found nat_bits in checkpoint
[  134.548015][ T8573] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  134.580710][  T297] syz-executor: attempt to access beyond end of device
[  134.580710][  T297] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  134.638188][ T2221] usb 7-1: Using ep0 maxpacket: 16
[  134.645546][ T2221] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.666899][ T2221] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.687082][ T2221] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  134.698714][ T8596] loop8: detected capacity change from 0 to 512
[  134.707306][ T2221] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.712589][ T8596] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  134.726063][ T2221] usb 7-1: config 0 descriptor??
[  134.748952][ T8596] EXT4-fs (loop8): 1 truncate cleaned up
[  134.755151][ T8596] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  134.818771][ T6779] EXT4-fs error (device loop8): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  134.869394][ T6779] EXT4-fs (loop8): unmounting filesystem.
[  134.924702][   T28] kauditd_printk_skb: 29 callbacks suppressed
[  134.924718][   T28] audit: type=1400 audit(1737155901.857:3428): avc:  denied  { ioctl } for  pid=8612 comm="syz.4.3553" path="/680/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  135.167057][ T2221] appleir 0003:05AC:8241.0018: unknown main item tag 0x0
[  135.178647][ T2221] appleir 0003:05AC:8241.0018: unknown main item tag 0x0
[  135.203646][ T2221] appleir 0003:05AC:8241.0018: unknown main item tag 0x0
[  135.211520][ T2221] appleir 0003:05AC:8241.0018: unknown main item tag 0x0
[  135.218475][ T2221] appleir 0003:05AC:8241.0018: unknown main item tag 0x0
[  135.227267][ T2221] appleir 0003:05AC:8241.0018: No inputs registered, leaving
[  135.237270][ T8618] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.245590][ T8618] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.252656][ T2221] appleir 0003:05AC:8241.0018: hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.6-1/input0
[  135.253279][ T8618] device bridge_slave_0 entered promiscuous mode
[  135.271421][ T8628] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3559'.
[  135.286077][ T8618] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.293017][ T8618] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.300934][ T8618] device bridge_slave_1 entered promiscuous mode
[  135.307298][ T8628] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3559'.
[  135.358778][ T8637] loop7: detected capacity change from 0 to 128
[  135.381883][ T8637] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  135.398232][ T8637] FAT-fs (loop7): Filesystem has been set read-only
[  135.404671][ T8637] syz.7.3563: attempt to access beyond end of device
[  135.404671][ T8637] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  135.428838][ T5411] usb 7-1: USB disconnect, device number 15
[  135.445496][ T8622] loop4: detected capacity change from 0 to 40427
[  135.447419][ T8637] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  135.464362][ T8622] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  135.470908][ T8637] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  135.479267][ T8622] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  135.488359][ T8637] syz.7.3563: attempt to access beyond end of device
[  135.488359][ T8637] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.502823][ T8637] syz.7.3563: attempt to access beyond end of device
[  135.502823][ T8637] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.524554][ T8622] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  135.535707][ T8637] syz.7.3563: attempt to access beyond end of device
[  135.535707][ T8637] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.538627][ T8618] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.555597][ T8618] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.562769][ T8618] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.569639][ T8618] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.604145][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  135.618512][ T7789] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.629918][ T7789] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.637038][ T8622] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  135.648268][ T8622] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  135.664256][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  135.673276][ T7789] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.680166][ T7789] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.698616][ T8622] syz.4.3557: attempt to access beyond end of device
[  135.698616][ T8622] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  135.715235][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  135.723861][ T7771] kworker/u4:14: attempt to access beyond end of device
[  135.723861][ T7771] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  135.724174][ T7789] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.744557][ T7789] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.752003][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  135.759914][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  135.780865][ T7791] device bridge_slave_1 left promiscuous mode
[  135.787158][ T7791] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.794699][ T7791] device bridge_slave_0 left promiscuous mode
[  135.800954][ T7791] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.809614][ T7791] device veth1_macvtap left promiscuous mode
[  135.815470][ T7791] device veth0_vlan left promiscuous mode
[  135.910274][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  135.921254][ T8618] device veth0_vlan entered promiscuous mode
[  135.928718][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  135.936506][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  135.950918][ T8618] device veth1_macvtap entered promiscuous mode
[  135.957689][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  135.965589][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  135.966970][ T8665] loop6: detected capacity change from 0 to 1024
[  135.973520][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  135.987156][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  135.987429][ T8665] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  135.996533][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  136.006334][ T6828] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  136.025038][ T7810] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  136.034161][ T8665] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  136.038590][ T7810] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  136.056279][ T7810] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  136.064673][ T7810] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  136.080999][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  136.167354][ T8686] loop4: detected capacity change from 0 to 1024
[  136.191472][ T8686] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  136.210000][ T6828] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.231817][  T297] EXT4-fs (loop4): unmounting filesystem.
[  136.238801][ T6828] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  136.261526][ T6828] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.269412][ T6828] usb 8-1: Product: syz
[  136.286672][ T8700] loop9: detected capacity change from 0 to 1024
[  136.292902][ T6828] usb 8-1: Manufacturer: syz
[  136.297280][ T6828] usb 8-1: SerialNumber: syz
[  136.307181][ T8700] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  136.330331][ T8700] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  136.352507][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  136.445991][ T8723] loop9: detected capacity change from 0 to 1024
[  136.460236][ T8723] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  136.499438][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  136.698736][ T8729] loop6: detected capacity change from 0 to 40427
[  136.717393][ T8729] F2FS-fs (loop6): fault_injection options not supported
[  136.734786][ T8729] F2FS-fs (loop6): invalid crc value
[  136.745213][ T8729] F2FS-fs (loop6): Found nat_bits in checkpoint
[  136.792471][ T8729] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  136.827589][ T8742] loop9: detected capacity change from 0 to 40427
[  136.834547][ T8742] F2FS-fs (loop9): Invalid SB checksum offset: 0
[  136.840831][ T8742] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock
[  136.854120][ T2149] syz-executor: attempt to access beyond end of device
[  136.854120][ T2149] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  136.885326][ T8757] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3611'.
[  136.893964][ T8742] F2FS-fs (loop9): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  136.958513][ T8742] F2FS-fs (loop9): Try to recover 2th superblock, ret: 0
[  136.965446][ T8742] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  136.970025][ T8769] loop4: detected capacity change from 0 to 512
[  137.021849][ T8769] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  137.029587][ T8742] syz.9.3606: attempt to access beyond end of device
[  137.029587][ T8742] loop9: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  137.031104][ T8769] ext4 filesystem being mounted at /705/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.077629][  T297] EXT4-fs (loop4): unmounting filesystem.
[  137.086587][ T7810] kworker/u4:43: attempt to access beyond end of device
[  137.086587][ T7810] loop9: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  137.263251][ T8791] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.309904][ T6828] cdc_ncm 8-1:1.0: SET_NTB_FORMAT failed
[  137.314954][ T8791] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  137.322586][ T8791] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  137.330704][ T8799] Invalid ELF header magic: != ELF
[  137.331658][ T8791] device wg2 left promiscuous mode
[  137.338807][ T6828] cdc_ncm 8-1:1.0: bind() failure
[  137.341542][ T8791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  137.351415][ T6828] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  137.353503][ T8791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  137.368405][ T8791] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.375266][ T8791] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.378362][ T6828] cdc_ncm 8-1:1.1: bind() failure
[  137.388805][ T8791] device macsec0 left promiscuous mode
[  137.394178][ T8791] device vlan2 left promiscuous mode
[  137.396699][ T6828] usb 8-1: USB disconnect, device number 8
[  137.399822][ T8791] device vlan3 left promiscuous mode
[  137.410099][ T8791] device dummy0 left promiscuous mode
[  137.423525][ T8803] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3627'.
[  137.514020][ T8818] netlink: 'syz.9.3637': attribute type 12 has an invalid length.
[  137.522097][ T8818] netlink: 'syz.9.3637': attribute type 29 has an invalid length.
[  137.530700][ T8818] netlink: 148 bytes leftover after parsing attributes in process `syz.9.3637'.
[  137.539959][ T8818] netlink: 'syz.9.3637': attribute type 1 has an invalid length.
[  137.569437][ T8822] device veth1_macvtap left promiscuous mode
[  137.575392][ T8822] device macsec0 entered promiscuous mode
[  137.644950][ T8816] loop4: detected capacity change from 0 to 40427
[  137.652153][ T8816] F2FS-fs (loop4): fault_injection options not supported
[  137.659223][ T8816] F2FS-fs (loop4): Image doesn't support compression
[  137.665752][ T8816] F2FS-fs (loop4): Image doesn't support compression
[  137.672517][ T8816] F2FS-fs (loop4): fault_type options not supported
[  137.679883][ T8816] F2FS-fs (loop4): invalid crc value
[  137.686108][ T8816] F2FS-fs (loop4): Found nat_bits in checkpoint
[  137.721218][ T8816] F2FS-fs (loop4): Start checkpoint disabled!
[  137.728234][ T8816] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  137.909662][ T8834] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.917276][ T8834] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.999027][ T8841] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  138.018419][ T8834] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  138.025566][ T8834] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  138.035036][ T8834] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.041920][ T8834] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.049642][ T8841] FAT-fs (loop9): unable to read boot sector
[  138.049856][ T8834] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.062345][ T8834] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.076645][ T8845] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3650'.
[  138.094156][ T8848] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3662'.
[  138.162839][ T8860] netlink: 'syz.7.3657': attribute type 12 has an invalid length.
[  138.172517][ T8860] netlink: 'syz.7.3657': attribute type 29 has an invalid length.
[  138.180464][ T8860] netlink: 148 bytes leftover after parsing attributes in process `syz.7.3657'.
[  138.197650][ T8860] netlink: 'syz.7.3657': attribute type 1 has an invalid length.
[  138.220235][ T8864] futex_wake_op: syz.9.3660 tries to shift op by 32; fix this program
[  138.359140][ T8879] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3665'.
[  138.395592][ T8883] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.403452][ T8883] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.456459][ T8883] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  138.463912][ T8883] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  138.465320][ T8868] loop7: detected capacity change from 0 to 40427
[  138.473347][ T8883] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.484066][ T8883] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.492032][ T8883] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.498907][ T8883] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.506108][ T8868] F2FS-fs (loop7): Invalid SB checksum offset: 0
[  138.513175][ T8883] device macsec0 left promiscuous mode
[  138.513821][ T8868] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock
[  138.534714][ T8887] loop4: detected capacity change from 0 to 128
[  138.559242][ T8868] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  138.620089][ T8899] device veth1_macvtap left promiscuous mode
[  138.624545][ T8868] F2FS-fs (loop7): Try to recover 2th superblock, ret: 0
[  138.633029][ T8899] device macsec0 entered promiscuous mode
[  138.638190][ T8868] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  138.752906][ T8917] loop9: detected capacity change from 0 to 128
[  138.761159][ T8917] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  138.770369][ T8917] ext4 filesystem being mounted at /32/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  138.806493][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  138.815613][ T8923] loop4: detected capacity change from 0 to 256
[  138.827606][ T8923] exfat: Unknown parameter '0xffffffffffffffff’’'
[  139.035561][ T8927] loop9: detected capacity change from 0 to 40427
[  139.043797][ T8927] F2FS-fs (loop9): fault_injection options not supported
[  139.051254][ T8927] F2FS-fs (loop9): Image doesn't support compression
[  139.057902][ T8927] F2FS-fs (loop9): Image doesn't support compression
[  139.065300][ T8927] F2FS-fs (loop9): fault_type options not supported
[  139.072718][ T8927] F2FS-fs (loop9): invalid crc value
[  139.086918][ T8942] futex_wake_op: syz.4.3694 tries to shift op by -1; fix this program
[  139.095962][ T8927] F2FS-fs (loop9): Found nat_bits in checkpoint
[  139.149369][ T8948] loop4: detected capacity change from 0 to 128
[  139.165098][ T8927] F2FS-fs (loop9): Start checkpoint disabled!
[  139.171879][ T8948] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  139.180963][ T8948] ext4 filesystem being mounted at /725/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  139.191696][ T8927] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  139.218495][  T297] EXT4-fs (loop4): unmounting filesystem.
[  139.410328][ T8964] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.418049][ T8964] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.456523][   T28] audit: type=1326 audit(1737155906.387:3429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8897 comm="syz.6.3674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05cfd85d29 code=0x7fc00000
[  139.476039][ T8964] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  139.486815][ T8964] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  139.496041][ T8964] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.502927][ T8964] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.510841][ T8964] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.516862][   T28] audit: type=1326 audit(1737155906.387:3430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8897 comm="syz.6.3674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f05cfd85d29 code=0x7fc00000
[  139.517693][ T8964] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.554409][ T8964] device macsec0 left promiscuous mode
[  139.570510][ T8968] loop6: detected capacity change from 0 to 512
[  139.598244][   T28] audit: type=1326 audit(1737155906.387:3431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8897 comm="syz.6.3674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05cfd85d29 code=0x7fc00000
[  139.608570][ T8968] EXT4-fs: Ignoring removed mblk_io_submit option
[  139.658146][   T28] audit: type=1326 audit(1737155906.387:3432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8897 comm="syz.6.3674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05cfd85d29 code=0x7fc00000
[  139.708174][   T28] audit: type=1326 audit(1737155906.387:3433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8897 comm="syz.6.3674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05cfd85d29 code=0x7fc00000
[  139.728419][ T8968] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  139.763307][ T8962] loop7: detected capacity change from 0 to 40427
[  139.769903][   T28] audit: type=1326 audit(1737155906.387:3434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8897 comm="syz.6.3674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05cfd85d29 code=0x7fc00000
[  139.770771][ T8962] F2FS-fs (loop7): fault_injection options not supported
[  139.802827][ T8968] Quota error (device loop6): do_check_range: Getting dqdh_next_free 15 out of range 0-5
[  139.811379][   T28] audit: type=1326 audit(1737155906.387:3435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8897 comm="syz.6.3674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05cfd85d29 code=0x7fc00000
[  139.835726][ T8968] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  139.836619][ T8962] F2FS-fs (loop7): Image doesn't support compression
[  139.845817][ T8968] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.3704: Failed to acquire dquot type 1
[  139.852043][ T8962] F2FS-fs (loop7): Image doesn't support compression
[  139.863669][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  139.869838][ T8962] F2FS-fs (loop7): fault_type options not supported
[  139.887888][ T8968] EXT4-fs error (device loop6): mb_free_blocks:1815: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  139.890383][ T8962] F2FS-fs (loop7): invalid crc value
[  139.907728][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  139.911296][ T8986] loop9: detected capacity change from 0 to 128
[  139.914795][ T8968] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #12: comm syz.6.3704: corrupted inode contents
[  139.938303][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  139.945690][ T8962] F2FS-fs (loop7): Found nat_bits in checkpoint
[  139.954926][ T8968] EXT4-fs error (device loop6): ext4_dirty_inode:6091: inode #12: comm syz.6.3704: mark_inode_dirty error
[  139.974818][ T8986] bio_check_eod: 7 callbacks suppressed
[  139.974841][ T8986] syz.9.3712: attempt to access beyond end of device
[  139.974841][ T8986] loop9: rw=2049, sector=153, nr_sectors = 888 limit=128
[  139.994265][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  140.000803][ T8968] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #12: comm syz.6.3704: corrupted inode contents
[  140.003811][ T8962] F2FS-fs (loop7): Start checkpoint disabled!
[  140.026820][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  140.046229][ T8968] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #12: comm syz.6.3704: mark_inode_dirty error
[  140.057575][ T8962] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  140.073682][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  140.082720][ T8968] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #12: comm syz.6.3704: corrupted inode contents
[  140.095272][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  140.101896][ T8968] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[  140.108772][ T8962] syz.7.3711: attempt to access beyond end of device
[  140.108772][ T8962] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  140.110868][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  140.130767][ T8968] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #12: comm syz.6.3704: corrupted inode contents
[  140.145402][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  140.152259][ T8968] EXT4-fs error (device loop6): ext4_truncate:4313: inode #12: comm syz.6.3704: mark_inode_dirty error
[  140.163743][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  140.171676][ T8968] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[  140.172164][ T7791] kworker/u4:24: attempt to access beyond end of device
[  140.172164][ T7791] loop7: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  140.180980][ T8968] EXT4-fs (loop6): Remounting filesystem read-only
[  140.207338][ T8968] EXT4-fs (loop6): 1 truncate cleaned up
[  140.212866][ T8968] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  140.265617][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  140.413625][ T9006] loop4: detected capacity change from 0 to 40427
[  140.420582][ T9006] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  140.428185][ T9006] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  140.436960][ T9006] F2FS-fs (loop4): invalid crc value
[  140.443641][ T9006] F2FS-fs (loop4): Found nat_bits in checkpoint
[  140.479803][ T9006] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  140.486688][ T9006] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  140.898960][   T28] kauditd_printk_skb: 43 callbacks suppressed
[  140.898978][   T28] audit: type=1326 audit(1737155907.837:3479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8996 comm="syz.1.3715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd3d85d29 code=0x7fc00000
[  140.946837][ T9025] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.954683][ T9025] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.987700][ T9028] loop7: detected capacity change from 0 to 128
[  141.002275][ T9025] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  141.009530][ T9025] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  141.018545][ T9025] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.024074][ T9034] loop9: detected capacity change from 0 to 256
[  141.025412][ T9025] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.036076][ T9034] exfat: Unknown parameter '0xffffffffffffffff’’'
[  141.039458][ T9025] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.051652][ T9025] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.064503][ T9025] device macsec0 left promiscuous mode
[  141.069926][ T9025] device ip6erspan0 left promiscuous mode
[  141.087838][ T9028] syz.7.3730: attempt to access beyond end of device
[  141.087838][ T9028] loop7: rw=2049, sector=153, nr_sectors = 888 limit=128
[  141.165297][ T9044] loop9: detected capacity change from 0 to 1024
[  141.216594][ T9044] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  141.274071][ T9044] EXT4-fs error (device loop9): ext4_get_inode_usage:834: inode #2: comm syz.9.3737: corrupted in-inode xattr
[  141.312183][ T9066] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.320160][ T9066] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.358440][ T9044] EXT4-fs (loop9): Remounting filesystem read-only
[  141.363845][ T9071] EXT4-fs error (device loop9): ext4_xattr_ibody_get:603: inode #2: comm syz.9.3737: corrupted in-inode xattr
[  141.401432][ T9066] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  141.403940][ T9071] EXT4-fs (loop9): Remounting filesystem read-only
[  141.408609][ T9066] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  141.423728][ T9066] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.424374][ T9075] loop6: detected capacity change from 0 to 128
[  141.430622][ T9066] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.431526][ T9066] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.450319][ T8618] EXT4-fs error (device loop9): ext4_expand_extra_isize_ea:2739: inode #2: comm syz-executor: corrupted in-inode xattr
[  141.450571][ T9066] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.478175][ T8618] EXT4-fs (loop9): Remounting filesystem read-only
[  141.507585][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  141.522572][ T9075] syz.6.3751: attempt to access beyond end of device
[  141.522572][ T9075] loop6: rw=2049, sector=153, nr_sectors = 888 limit=128
[  141.561960][ T9086] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.634532][ T9086] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  141.641701][ T9086] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  141.651201][ T9086] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  141.659182][ T9086] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  141.667496][ T9086] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.674382][ T9086] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.891236][ T9087] loop7: detected capacity change from 0 to 40427
[  141.914253][ T9087] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  141.932043][ T9087] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  141.949748][ T9087] F2FS-fs (loop7): invalid crc value
[  141.963383][ T9126] loop4: detected capacity change from 0 to 128
[  141.972046][ T9126] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  141.981616][ T9087] F2FS-fs (loop7): Found nat_bits in checkpoint
[  142.000817][ T9126] ext4 filesystem being mounted at /744/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  142.020973][ T9133] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.036140][ T9126] EXT4-fs warning (device loop4): ext4_group_add:1743: No reserved GDT blocks, can't resize
[  142.041097][ T9133] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.070506][  T297] EXT4-fs (loop4): unmounting filesystem.
[  142.145424][ T9133] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  142.152736][ T9133] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  142.153187][ T9144] loop6: detected capacity change from 0 to 1024
[  142.161877][ T9133] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.172911][ T9133] bridge0: port 1(bridge_slave_0) entered forwarding state
[  142.180785][ T9133] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.187646][ T9133] bridge0: port 2(bridge_slave_1) entered forwarding state
[  142.208723][ T9087] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  142.215595][ T9087] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  142.241478][ T9144] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  142.277502][ T9144] EXT4-fs error (device loop6): ext4_get_inode_usage:834: inode #2: comm syz.6.3780: corrupted in-inode xattr
[  142.305439][ T9144] EXT4-fs (loop6): Remounting filesystem read-only
[  142.339010][ T9144] EXT4-fs error (device loop6): ext4_xattr_ibody_get:603: inode #2: comm syz.6.3780: corrupted in-inode xattr
[  142.383750][ T9144] EXT4-fs (loop6): Remounting filesystem read-only
[  142.399249][ T2149] EXT4-fs error (device loop6): ext4_expand_extra_isize_ea:2739: inode #2: comm syz-executor: corrupted in-inode xattr
[  142.412174][ T2149] EXT4-fs (loop6): Remounting filesystem read-only
[  142.432767][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  142.829509][ T9195] loop9: detected capacity change from 0 to 40427
[  142.841370][ T9195] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  142.849491][ T9195] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  142.858605][ T9195] F2FS-fs (loop9): invalid crc value
[  142.878702][ T9195] F2FS-fs (loop9): Found nat_bits in checkpoint
[  142.924772][ T9195] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  142.931737][ T9195] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  143.058135][ T2221] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  143.237234][ T9260] loop9: detected capacity change from 0 to 512
[  143.244734][ T2221] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  143.255599][ T2221] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  143.276562][ T9260] EXT4-fs error (device loop9): ext4_orphan_get:1400: inode #15: comm syz.9.3833: casefold flag without casefold feature
[  143.294902][ T2221] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  143.301540][ T9260] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.3833: couldn't read orphan inode 15 (err -117)
[  143.303859][ T2221] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  143.316067][ T9260] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  143.323312][ T2221] usb 8-1: SerialNumber: syz
[  143.349895][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  143.497966][ T9280] netlink: 'syz.4.3842': attribute type 1 has an invalid length.
[  143.519417][ T9280] netlink: 'syz.4.3842': attribute type 2 has an invalid length.
[  143.528996][ T2221] usb 8-1: 0:2 : does not exist
[  143.537252][ T2221] usb 8-1: USB disconnect, device number 9
[  143.561098][ T9282] netlink: 'syz.4.3842': attribute type 1 has an invalid length.
[  143.581287][ T9282] netlink: 'syz.4.3842': attribute type 2 has an invalid length.
[  143.727437][ T9303] loop4: detected capacity change from 0 to 2048
[  143.771602][ T9303] Alternate GPT is invalid, using primary GPT.
[  143.798217][ T9303]  loop4: p2 p3 p7
[  143.844427][ T9288] loop6: detected capacity change from 0 to 40427
[  143.853652][ T9288] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  143.872977][ T9288] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  143.881971][ T9288] F2FS-fs (loop6): invalid crc value
[  143.912285][ T9288] F2FS-fs (loop6): Found nat_bits in checkpoint
[  143.969446][ T9288] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  143.976996][ T9288] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  144.109327][ T9331] xt_hashlimit: size too large, truncated to 1048576
[  144.142091][ T9337] loop7: detected capacity change from 0 to 128
[  144.171659][ T9337] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  144.195800][ T9337] ext4 filesystem being mounted at /219/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  144.234383][ T9337] EXT4-fs warning (device loop7): ext4_group_add:1743: No reserved GDT blocks, can't resize
[  144.257273][ T9345] loop4: detected capacity change from 0 to 512
[  144.296880][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  144.307160][ T9345] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  144.319625][ T9345] ext4 filesystem being mounted at /771/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  144.354829][  T297] EXT4-fs (loop4): unmounting filesystem.
[  144.864500][ T9373] netlink: 'syz.6.3891': attribute type 4 has an invalid length.
[  144.878256][  T502] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  145.008134][ T2221] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  145.064106][ T9383] device bridge_slave_0 left promiscuous mode
[  145.078252][ T9383] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.079323][  T502] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  145.095236][  T502] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  145.105323][ T9383] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  145.122078][  T502] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  145.131050][  T502] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  145.139006][  T502] usb 5-1: SerialNumber: syz
[  145.151414][ T9385] syz.1.3884[9385] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.151514][ T9385] syz.1.3884[9385] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.188193][ T2221] usb 8-1: Using ep0 maxpacket: 16
[  145.205308][ T9388] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  145.213892][ T2221] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.226400][ T2221] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.236144][ T2221] usb 8-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  145.245085][ T2221] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.253643][ T2221] usb 8-1: config 0 descriptor??
[  145.352368][  T502] usb 5-1: 0:2 : does not exist
[  145.359443][  T502] usb 5-1: USB disconnect, device number 11
[  145.452565][ T9409] device wg2 entered promiscuous mode
[  145.661867][ T2221] hid-generic 0003:04F3:0755.0019: unknown main item tag 0x0
[  145.669168][ T2221] hid-generic 0003:04F3:0755.0019: unknown main item tag 0x0
[  145.676319][ T2221] hid-generic 0003:04F3:0755.0019: unknown main item tag 0x0
[  145.683548][ T2221] hid-generic 0003:04F3:0755.0019: unknown main item tag 0x0
[  145.690750][ T2221] hid-generic 0003:04F3:0755.0019: unknown main item tag 0x0
[  145.698220][ T2221] hid-generic 0003:04F3:0755.0019: failed to start in urb: -90
[  145.706671][ T2221] hid-generic 0003:04F3:0755.0019: hidraw0: USB HID v0.00 Device [HID 04f3:0755] on usb-dummy_hcd.7-1/input0
[  145.717776][ T9424] device vlan2 entered promiscuous mode
[  145.723570][ T9424] device dummy0 entered promiscuous mode
[  145.789464][ T9438] netlink: 'syz.6.3913': attribute type 11 has an invalid length.
[  145.865983][  T502] usb 8-1: USB disconnect, device number 10
[  146.049496][ T9467] input: syz0 as /devices/virtual/input/input20
[  146.251568][ T9493] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3937'.
[  146.438199][ T5411] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  146.630275][ T5411] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  146.643732][ T9548] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  146.662667][ T5411] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  146.672446][ T9548] FAT-fs (loop3): unable to read boot sector
[  146.682406][ T5411] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  146.692399][ T5411] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  146.701061][ T5411] usb 10-1: SerialNumber: syz
[  146.914747][ T5411] usb 10-1: 0:2 : does not exist
[  146.925572][ T5411] usb 10-1: USB disconnect, device number 2
[  147.413149][ T9599] xt_hashlimit: size too large, truncated to 1048576
[  147.868288][ T5411] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  148.079322][ T5411] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.092103][ T5411] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  148.104835][ T5411] usb 10-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  148.113964][ T5411] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.134185][ T5411] usb 10-1: config 0 descriptor??
[  148.543581][ T5411] hid-steam 0003:28DE:1142.001A: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.9-1/input0
[  148.555525][ T5411] hid-steam 0003:28DE:1142.001B: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.9-1/input0
[  148.628195][ T5411] hid-steam 0003:28DE:1142.001A: Steam wireless receiver connected
[  148.752625][ T5411] usb 10-1: USB disconnect, device number 3
[  148.759282][ T5411] hid-steam 0003:28DE:1142.001A: Steam wireless receiver disconnected
[  149.273517][ T9622] loop4: detected capacity change from 0 to 512
[  149.331931][ T9622] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.3988: casefold flag without casefold feature
[  149.376021][ T9635] loop9: detected capacity change from 0 to 512
[  149.386095][ T9622] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.3988: couldn't read orphan inode 15 (err -117)
[  149.426381][ T9635] EXT4-fs (loop9): 1 truncate cleaned up
[  149.546390][ T9652] loop9: detected capacity change from 0 to 256
[  149.555161][ T9652] exfat: Deprecated parameter 'namecase'
[  149.561479][ T9652] exfat: Deprecated parameter 'namecase'
[  149.585519][ T9652] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x1fdf94bc, utbl_chksum : 0xe619d30d)
[  150.328393][ T9685] loop6: detected capacity change from 0 to 512
[  150.337573][ T9685] EXT4-fs (loop6): 1 truncate cleaned up
[  150.812810][ T9708] loop4: detected capacity change from 0 to 16
[  150.836501][ T9708] erofs: (device loop4): mounted with root inode @ nid 36.
[  150.863076][   T47] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[9000]
[  150.874321][ T9708] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  150.959789][ T9719] loop4: detected capacity change from 0 to 128
[  151.271168][ T9723] netlink: 'syz.9.4032': attribute type 1 has an invalid length.
[  151.296656][ T9729] loop7: detected capacity change from 0 to 512
[  151.308279][ T9723] netlink: 'syz.9.4032': attribute type 2 has an invalid length.
[  151.335931][ T9723] netlink: 'syz.9.4032': attribute type 1 has an invalid length.
[  151.337496][ T9729] EXT4-fs (loop7): 1 truncate cleaned up
[  151.359128][ T9723] netlink: 'syz.9.4032': attribute type 2 has an invalid length.
[  151.412762][ T9737] syz.1.4048[9737] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  151.412842][ T9737] syz.1.4048[9737] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  151.698139][  T502] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  151.898122][  T502] usb 10-1: Using ep0 maxpacket: 16
[  151.906232][  T502] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.920061][  T502] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.930605][  T502] usb 10-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  151.940773][  T502] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.950299][  T502] usb 10-1: config 0 descriptor??
[  152.361562][  T502] hid-generic 0003:04F3:0755.001C: unknown main item tag 0x0
[  152.371457][  T502] hid-generic 0003:04F3:0755.001C: unknown main item tag 0x0
[  152.383969][  T502] hid-generic 0003:04F3:0755.001C: unknown main item tag 0x0
[  152.396660][  T502] hid-generic 0003:04F3:0755.001C: unknown main item tag 0x0
[  152.407817][  T502] hid-generic 0003:04F3:0755.001C: unknown main item tag 0x0
[  152.418206][  T502] hid-generic 0003:04F3:0755.001C: failed to start in urb: -90
[  152.426374][  T502] hid-generic 0003:04F3:0755.001C: hidraw0: USB HID v0.00 Device [HID 04f3:0755] on usb-dummy_hcd.9-1/input0
[  152.564659][ T2221] usb 10-1: USB disconnect, device number 4
[  153.088407][ T9758] loop6: detected capacity change from 0 to 512
[  153.096146][ T9758] EXT4-fs: Ignoring removed i_version option
[  153.102418][ T9758] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  153.122942][ T9758] EXT4-fs (loop6): 1 truncate cleaned up
[  153.192365][ T9774] loop6: detected capacity change from 0 to 16
[  153.202315][ T9774] erofs: (device loop6): mounted with root inode @ nid 36.
[  153.218187][   T47] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[9000]
[  153.234934][ T9774] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  153.293257][ T9791] device bridge_slave_0 left promiscuous mode
[  153.293620][ T9793] loop4: detected capacity change from 0 to 256
[  153.307129][ T9793] FAT-fs (loop4): Unrecognized mount option "shortnaŁčme=winnt" or missing value
[  153.311836][ T9791] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.334611][ T9791] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  153.393736][ T9800] device wg2 entered promiscuous mode
[  153.584084][ T9837] device wg2 entered promiscuous mode
[  153.619785][ T9842] device vlan2 entered promiscuous mode
[  153.625326][ T9842] device dummy0 entered promiscuous mode
[  153.913605][ T7808] Bluetooth: hci0: Frame reassembly failed (-84)
[  154.424368][ T9891] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9891 comm=syz.9.4107
[  154.500997][ T9897] netlink: 'syz.1.4112': attribute type 11 has an invalid length.
[  154.518976][ T9902] loop6: detected capacity change from 0 to 512
[  154.530463][ T9902] ext4 filesystem being mounted at /580/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.551367][ T9902] EXT4-fs (loop6): re-mounted. Quota mode: writeback.
[  154.559017][ T9902] EXT4-fs: Ignoring removed orlov option
[  154.564601][ T9902] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  154.573999][ T9902] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  154.582377][ T9902] EXT4-fs error (device loop6): __ext4_remount:6436: comm syz.6.4124: Abort forced by user
[  154.836176][ T9923] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4132'.
[  155.127181][ T9954] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4136'.
[  155.510715][ T9983] loop6: detected capacity change from 0 to 256
[  155.520902][ T9983] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  155.561680][ T9987] netlink: 16 bytes leftover after parsing attributes in process `syz.9.4151'.
[  155.633904][T10000] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.644758][T10000] FAT-fs (loop13): unable to read boot sector
[  155.807272][T10031] loop6: detected capacity change from 0 to 256
[  155.813804][T10031] exfat: Deprecated parameter 'namecase'
[  155.819412][T10031] exfat: Deprecated parameter 'namecase'
[  155.827542][T10031] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1fdf94bc, utbl_chksum : 0xe619d30d)
[  155.928138][ T3577] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  155.928136][ T1882] Bluetooth: hci0: command 0x1003 tx timeout
[  155.992990][T10044] loop4: detected capacity change from 0 to 2048
[  156.019758][T10044] EXT4-fs mount: 12 callbacks suppressed
[  156.019774][T10044] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  156.044235][  T297] EXT4-fs (loop4): unmounting filesystem.
[  156.612306][T10093] loop7: detected capacity change from 0 to 2048
[  156.644449][T10093] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  156.689972][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  156.847168][T10140] loop9: detected capacity change from 0 to 128
[  156.954575][T10163] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10163 comm=syz.1.4243
[  157.222284][T10203] loop7: detected capacity change from 0 to 512
[  157.229929][T10203] EXT4-fs: Ignoring removed i_version option
[  157.241127][T10203] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  157.264694][T10203] EXT4-fs (loop7): 1 truncate cleaned up
[  157.288291][T10203] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  157.289912][T10209] loop9: detected capacity change from 0 to 256
[  157.332251][T10215] loop4: detected capacity change from 0 to 512
[  157.338843][T10209] FAT-fs (loop9): Unrecognized mount option "shortnaŁčme=winnt" or missing value
[  157.352935][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  157.389352][T10215] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.4254: casefold flag without casefold feature
[  157.427840][T10215] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.4254: couldn't read orphan inode 15 (err -117)
[  157.448116][T10215] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  157.527180][T10227] loop6: detected capacity change from 0 to 256
[  157.539621][  T297] EXT4-fs (loop4): unmounting filesystem.
[  157.555796][T10227] FAT-fs (loop6): Unrecognized mount option "shortnaŁčme=winnt" or missing value
[  157.700886][T10249] loop9: detected capacity change from 0 to 512
[  157.709478][T10249] EXT4-fs: Ignoring removed i_version option
[  157.715977][T10249] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  157.729732][T10249] EXT4-fs (loop9): 1 truncate cleaned up
[  157.735216][T10249] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  157.755157][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  158.003310][T10291] netlink: 'syz.6.4289': attribute type 1 has an invalid length.
[  158.014972][T10291] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4289'.
[  158.091711][T10300] binder: 10299:10300 ioctl 40046205 0 returned -22
[  158.102125][   T28] audit: type=1326 audit(1737155925.037:3480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10301 comm="syz.7.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f60b85d29 code=0x7ffc0000
[  158.103577][T10302] loop7: detected capacity change from 0 to 512
[  158.133953][   T28] audit: type=1326 audit(1737155925.037:3481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10301 comm="syz.7.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f60b85d29 code=0x7ffc0000
[  158.176880][T10307] loop6: detected capacity change from 0 to 2048
[  158.183311][   T28] audit: type=1326 audit(1737155925.037:3482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10301 comm="syz.7.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2f60b85d29 code=0x7ffc0000
[  158.206742][   T28] audit: type=1326 audit(1737155925.037:3483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10301 comm="syz.7.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2f60b85d63 code=0x7ffc0000
[  158.206910][T10302] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.4294: inode #1: comm syz.7.4294: iget: illegal inode #
[  158.230020][   T28] audit: type=1326 audit(1737155925.037:3484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10301 comm="syz.7.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2f60b847df code=0x7ffc0000
[  158.266143][   T28] audit: type=1326 audit(1737155925.037:3485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10301 comm="syz.7.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2f60b85db7 code=0x7ffc0000
[  158.289963][   T28] audit: type=1326 audit(1737155925.037:3486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10301 comm="syz.7.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2f60b84690 code=0x7ffc0000
[  158.298621][T10307] Alternate GPT is invalid, using primary GPT.
[  158.313429][   T28] audit: type=1326 audit(1737155925.037:3487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10301 comm="syz.7.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2f60b8592b code=0x7ffc0000
[  158.343615][   T28] audit: type=1326 audit(1737155925.067:3488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10301 comm="syz.7.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2f60b8498a code=0x7ffc0000
[  158.367333][   T28] audit: type=1326 audit(1737155925.067:3489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10301 comm="syz.7.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2f60b8498a code=0x7ffc0000
[  158.367418][T10307]  loop6: p1 p2 p3
[  158.394377][T10302] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.4294: error while reading EA inode 1 err=-117
[  158.407806][T10302] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.4294: inode #1: comm syz.7.4294: iget: illegal inode #
[  158.417029][T10314] loop4: detected capacity change from 0 to 512
[  158.430914][T10314] EXT4-fs: Ignoring removed i_version option
[  158.450176][T10302] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.4294: error while reading EA inode 1 err=-117
[  158.453315][T10314] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  158.473079][T10302] EXT4-fs (loop7): 1 orphan inode deleted
[  158.478932][T10302] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  158.482200][T10314] EXT4-fs (loop4): 1 truncate cleaned up
[  158.492882][T10314] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  158.524896][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  158.536840][  T297] EXT4-fs (loop4): unmounting filesystem.
[  158.555447][T10321] loop7: detected capacity change from 0 to 256
[  158.562533][T10321] FAT-fs (loop7): Unrecognized mount option "shortnaŁčme=winnt" or missing value
[  158.670356][T10334] 9pnet_fd: p9_fd_create_unix (10334): problem connecting socket: ./file0: -111
[  158.831292][T10366] loop7: detected capacity change from 0 to 256
[  158.858667][T10366] FAT-fs (loop7): Unrecognized mount option "shortnaŁčme=winnt" or missing value
[  159.098341][ T7776] Bluetooth: hci0: Frame reassembly failed (-84)
[  159.302828][T10441] loop4: detected capacity change from 0 to 512
[  159.331762][T10441] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  159.332527][T10449] device batadv_slave_1 entered promiscuous mode
[  159.340751][T10441] ext4 filesystem being mounted at /861/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.366175][T10448] device batadv_slave_1 left promiscuous mode
[  159.385291][T10441] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  159.396532][T10441] EXT4-fs: Ignoring removed orlov option
[  159.402152][T10441] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  159.411616][T10441] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  159.420228][T10441] EXT4-fs error (device loop4): __ext4_remount:6436: comm syz.4.4358: Abort forced by user
[  159.437891][  T297] EXT4-fs (loop4): unmounting filesystem.
[  159.507554][T10471] loop7: detected capacity change from 0 to 2048
[  159.519459][T10471] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  159.538768][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  159.849770][T10494] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4380'.
[  159.907377][T10500] futex_wake_op: syz.6.4386 tries to shift op by 32; fix this program
[  159.959218][T10513] loop7: detected capacity change from 0 to 512
[  159.964528][T10510] loop6: detected capacity change from 0 to 4096
[  159.972346][T10510] EXT4-fs: Ignoring removed nobh option
[  159.976787][T10513] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  159.978019][T10510] EXT4-fs: Ignoring removed i_version option
[  159.995582][T10510] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  160.005645][T10513] EXT4-fs (loop7): 1 truncate cleaned up
[  160.011339][T10513] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  160.049968][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  160.093981][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  161.015608][T10533] futex_wake_op: syz.7.4402 tries to shift op by 32; fix this program
[  161.052690][T10539] loop6: detected capacity change from 0 to 2048
[  161.073382][T10539] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  161.075957][T10548] loop4: detected capacity change from 0 to 512
[  161.095024][T10548] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  161.096013][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  161.112672][T10548] EXT4-fs (loop4): 1 truncate cleaned up
[  161.118188][T10548] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  161.128177][ T4258] Bluetooth: hci0: command 0x1003 tx timeout
[  161.128194][ T3577] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  161.170694][  T297] EXT4-fs (loop4): unmounting filesystem.
[  162.050096][T10574] futex_wake_op: syz.4.4415 tries to shift op by 32; fix this program
[  162.065872][T10572] loop9: detected capacity change from 0 to 4096
[  162.072409][T10572] EXT4-fs: Ignoring removed nobh option
[  162.077768][T10572] EXT4-fs: Ignoring removed i_version option
[  162.085554][T10572] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  162.161132][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  162.169325][T10585] overlayfs: failed to clone upperpath
[  162.196198][ T7832] Bluetooth: hci0: Frame reassembly failed (-84)
[  163.799136][T10697] loop9: detected capacity change from 0 to 1024
[  163.806961][T10697] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  163.815595][T10697] EXT4-fs (loop9): orphan cleanup on readonly fs
[  163.821905][T10697] EXT4-fs error (device loop9): ext4_ext_check_inode:520: inode #3: comm syz.9.4473: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 2(4), depth 0(0)
[  163.840285][T10697] EXT4-fs (loop9): Remounting filesystem read-only
[  163.846718][T10697] EXT4-fs error (device loop9): ext4_quota_enable:6982: comm syz.9.4473: Bad quota inode: 3, type: 0
[  163.857681][T10697] EXT4-fs (loop9): Remounting filesystem read-only
[  163.864171][T10697] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  163.878766][T10697] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  163.885346][T10697] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  163.904640][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  163.937378][T10708] loop9: detected capacity change from 0 to 512
[  163.946095][T10708] EXT4-fs error (device loop9): ext4_orphan_get:1400: inode #15: comm syz.9.4479: casefold flag without casefold feature
[  163.959039][T10708] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.4479: couldn't read orphan inode 15 (err -117)
[  163.970951][T10708] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  164.028824][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  164.248169][ T3577] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  164.248187][ T4258] Bluetooth: hci0: command 0x1003 tx timeout
[  164.288547][T10726] loop4: detected capacity change from 0 to 1024
[  164.315260][T10726] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  164.330748][T10726] EXT4-fs (loop4): orphan cleanup on readonly fs
[  164.338268][T10726] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #3: comm syz.4.4489: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 2(4), depth 0(0)
[  164.372805][T10726] EXT4-fs (loop4): Remounting filesystem read-only
[  164.379509][T10726] EXT4-fs error (device loop4): ext4_quota_enable:6982: comm syz.4.4489: Bad quota inode: 3, type: 0
[  164.390647][T10726] EXT4-fs (loop4): Remounting filesystem read-only
[  164.397179][T10726] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  164.411837][T10726] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  164.418677][T10726] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  164.456586][  T297] EXT4-fs (loop4): unmounting filesystem.
[  165.303276][T10749] loop6: detected capacity change from 0 to 1024
[  165.333775][T10749] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  165.346437][T10749] EXT4-fs (loop6): orphan cleanup on readonly fs
[  165.361493][T10749] EXT4-fs error (device loop6): ext4_ext_check_inode:520: inode #3: comm syz.6.4504: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 2(4), depth 0(0)
[  165.382696][T10749] EXT4-fs (loop6): Remounting filesystem read-only
[  165.389466][T10749] EXT4-fs error (device loop6): ext4_quota_enable:6982: comm syz.6.4504: Bad quota inode: 3, type: 0
[  165.400469][T10749] EXT4-fs (loop6): Remounting filesystem read-only
[  165.406783][T10749] EXT4-fs warning (device loop6): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  165.421382][T10749] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  165.428018][T10749] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  165.444903][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  165.531234][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.543653][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.561054][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.569037][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.578882][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.586107][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.600702][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.615088][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.624794][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.633652][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.633904][T10785] binder: 10781:10785 ioctl 40046205 0 returned -22
[  165.647493][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.654829][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.662382][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.681170][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.690424][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.697660][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.705073][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.712361][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.720119][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.734693][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.742510][   T28] kauditd_printk_skb: 15 callbacks suppressed
[  165.742527][   T28] audit: type=1326 audit(1737155932.677:3505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.4.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a45d85d29 code=0x7ffc0000
[  165.774750][T10792] loop4: detected capacity change from 0 to 512
[  165.781911][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.794287][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.802854][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.810393][   T28] audit: type=1326 audit(1737155932.677:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.4.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a45d85d29 code=0x7ffc0000
[  165.835293][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.842945][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.849489][T10792] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.4512: inode #1: comm syz.4.4512: iget: illegal inode #
[  165.850347][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.871414][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.878685][ T5411] hid-generic 0000:0000:0003.001D: unknown main item tag 0x0
[  165.884887][T10792] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4512: error while reading EA inode 1 err=-117
[  165.886825][   T28] audit: type=1326 audit(1737155932.707:3507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.4.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3a45d85d29 code=0x7ffc0000
[  165.921339][ T5411] hid-generic 0000:0000:0003.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  165.932293][   T28] audit: type=1326 audit(1737155932.707:3508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.4.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3a45d85d63 code=0x7ffc0000
[  165.935749][T10792] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.4512: inode #1: comm syz.4.4512: iget: illegal inode #
[  165.959956][T10797] netlink: 'syz.9.4513': attribute type 1 has an invalid length.
[  165.975875][T10797] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4513'.
[  165.996093][   T28] audit: type=1326 audit(1737155932.707:3509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.4.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3a45d847df code=0x7ffc0000
[  166.019662][T10792] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4512: error while reading EA inode 1 err=-117
[  166.032535][   T28] audit: type=1326 audit(1737155932.707:3510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.4.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3a45d85db7 code=0x7ffc0000
[  166.055879][   T28] audit: type=1326 audit(1737155932.707:3511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.4.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a45d84690 code=0x7ffc0000
[  166.055960][T10792] EXT4-fs (loop4): 1 orphan inode deleted
[  166.079230][   T28] audit: type=1326 audit(1737155932.707:3512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.4.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a45d8592b code=0x7ffc0000
[  166.079267][   T28] audit: type=1326 audit(1737155932.737:3513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.4.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3a45d8498a code=0x7ffc0000
[  166.079294][   T28] audit: type=1326 audit(1737155932.737:3514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.4.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3a45d8498a code=0x7ffc0000
[  166.154399][T10792] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  166.194729][  T297] EXT4-fs (loop4): unmounting filesystem.
[  166.202154][ T5411] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  166.274729][T10820] 9pnet_fd: p9_fd_create_unix (10820): problem connecting socket: ./file0: -111
[  166.409282][ T5411] usb 7-1: config 0 has no interfaces?
[  166.414576][ T5411] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  166.423556][ T5411] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.432137][ T5411] usb 7-1: config 0 descriptor??
[  166.640607][ T5411] usb 7-1: USB disconnect, device number 16
[  167.204578][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.212685][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.213763][T10835] loop9: detected capacity change from 0 to 512
[  167.223265][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.233093][T10835] EXT4-fs error (device loop9): ext4_xattr_inode_iget:404: comm syz.9.4533: inode #1: comm syz.9.4533: iget: illegal inode #
[  167.235618][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.253812][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.261084][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.268590][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.275815][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.278456][T10835] EXT4-fs error (device loop9): ext4_xattr_inode_iget:409: comm syz.9.4533: error while reading EA inode 1 err=-117
[  167.283182][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.303065][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.310321][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.319435][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.326764][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.334020][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.341220][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.344324][T10835] EXT4-fs error (device loop9): ext4_xattr_inode_iget:404: comm syz.9.4533: inode #1: comm syz.9.4533: iget: illegal inode #
[  167.348434][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.368463][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.371647][T10835] EXT4-fs error (device loop9): ext4_xattr_inode_iget:409: comm syz.9.4533: error while reading EA inode 1 err=-117
[  167.375694][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.388330][T10835] EXT4-fs (loop9): 1 orphan inode deleted
[  167.394910][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.400614][T10835] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  167.407630][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.423112][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.430307][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.437491][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.444725][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.452134][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.452959][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  167.459768][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.472419][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.479676][ T2221] hid-generic 0000:0000:0003.001E: unknown main item tag 0x0
[  167.479711][ T5411] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  167.487961][ T2221] hid-generic 0000:0000:0003.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  167.576254][T10853] 9pnet_fd: p9_fd_create_unix (10853): problem connecting socket: ./file0: -111
[  167.680083][T10873] loop7: detected capacity change from 0 to 2048
[  167.695125][ T5411] usb 5-1: config 0 has no interfaces?
[  167.705017][ T5411] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  167.718144][ T5411] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.737105][ T5411] usb 5-1: config 0 descriptor??
[  167.742862][T10873] Alternate GPT is invalid, using primary GPT.
[  167.749031][T10873]  loop7: p1 p2 p3
[  167.813516][T10893] loop7: detected capacity change from 0 to 512
[  167.822644][T10893] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.4568: inode #1: comm syz.7.4568: iget: illegal inode #
[  167.842319][T10893] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.4568: error while reading EA inode 1 err=-117
[  167.854998][T10893] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.4568: inode #1: comm syz.7.4568: iget: illegal inode #
[  167.868174][T10893] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.4568: error while reading EA inode 1 err=-117
[  167.880851][T10893] EXT4-fs (loop7): 1 orphan inode deleted
[  167.888009][T10893] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  167.909342][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  167.935663][T10904] input: syz1 as /devices/virtual/input/input22
[  167.964978][ T2221] usb 5-1: USB disconnect, device number 12
[  167.986158][T10908] loop6: detected capacity change from 0 to 512
[  168.014452][T10908] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.4576: inode #1: comm syz.6.4576: iget: illegal inode #
[  168.027840][T10908] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.4576: error while reading EA inode 1 err=-117
[  168.047714][T10918] device batadv_slave_1 entered promiscuous mode
[  168.055801][T10908] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.4576: inode #1: comm syz.6.4576: iget: illegal inode #
[  168.069661][T10915] device batadv_slave_1 left promiscuous mode
[  168.075625][T10908] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.4576: error while reading EA inode 1 err=-117
[  168.089012][T10908] EXT4-fs (loop6): 1 orphan inode deleted
[  168.094585][T10908] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  168.116725][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  168.146949][T10926] loop6: detected capacity change from 0 to 512
[  168.162086][T10917] loop9: detected capacity change from 0 to 2048
[  168.169866][T10926] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.4584: inode #1: comm syz.6.4584: iget: illegal inode #
[  168.183070][T10926] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.4584: error while reading EA inode 1 err=-117
[  168.195406][T10926] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.4584: inode #1: comm syz.6.4584: iget: illegal inode #
[  168.208526][T10926] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.4584: error while reading EA inode 1 err=-117
[  168.220975][T10926] EXT4-fs (loop6): 1 orphan inode deleted
[  168.226604][T10926] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  168.235216][T10917] Alternate GPT is invalid, using primary GPT.
[  168.246355][T10917]  loop9: p1 p2 p3
[  168.265345][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  168.519830][T10948] loop6: detected capacity change from 0 to 2048
[  168.539335][T10948] Alternate GPT is invalid, using primary GPT.
[  168.554320][T10948]  loop6: p1 p2 p3
[  168.569912][T10965] loop4: detected capacity change from 0 to 512
[  168.581387][T10967] input: syz0 as /devices/virtual/input/input24
[  168.590401][T10965] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.4589: inode #1: comm syz.4.4589: iget: illegal inode #
[  168.604551][T10965] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4589: error while reading EA inode 1 err=-117
[  168.618471][T10965] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.4589: inode #1: comm syz.4.4589: iget: illegal inode #
[  168.631604][T10965] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4589: error while reading EA inode 1 err=-117
[  168.644537][T10965] EXT4-fs (loop4): 1 orphan inode deleted
[  168.650194][T10965] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  168.687618][  T297] EXT4-fs (loop4): unmounting filesystem.
[  168.703162][T10983] loop6: detected capacity change from 0 to 512
[  168.724636][T10983] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.4611: inode #1: comm syz.6.4611: iget: illegal inode #
[  168.738812][T10983] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.4611: error while reading EA inode 1 err=-117
[  168.751630][T10983] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.4611: inode #1: comm syz.6.4611: iget: illegal inode #
[  168.764889][T10983] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.4611: error while reading EA inode 1 err=-117
[  168.778250][T10983] EXT4-fs (loop6): 1 orphan inode deleted
[  168.784025][T10983] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  168.804467][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  168.835617][T10997] loop4: detected capacity change from 0 to 512
[  168.844715][T10997] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.4617: inode #1: comm syz.4.4617: iget: illegal inode #
[  168.857774][T10997] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4617: error while reading EA inode 1 err=-117
[  168.870506][T10997] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.4617: inode #1: comm syz.4.4617: iget: illegal inode #
[  168.883522][T10997] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4617: error while reading EA inode 1 err=-117
[  168.897342][T10997] EXT4-fs (loop4): 1 orphan inode deleted
[  168.902986][T10997] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  168.923762][  T297] EXT4-fs (loop4): unmounting filesystem.
[  168.933138][T11004] loop6: detected capacity change from 0 to 2048
[  168.944430][T11007] input: syz0 as /devices/virtual/input/input25
[  168.979101][T11004] Alternate GPT is invalid, using primary GPT.
[  168.985196][T11004]  loop6: p1 p2 p3
[  169.002721][T11010] xt_hashlimit: size too large, truncated to 1048576
[  169.008110][T11011] loop4: detected capacity change from 0 to 512
[  169.018392][T11011] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.4623: inode #1: comm syz.4.4623: iget: illegal inode #
[  169.031548][T11011] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4623: error while reading EA inode 1 err=-117
[  169.044310][T11011] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.4623: inode #1: comm syz.4.4623: iget: illegal inode #
[  169.058123][T11011] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4623: error while reading EA inode 1 err=-117
[  169.070618][T11011] EXT4-fs (loop4): 1 orphan inode deleted
[  169.076220][T11011] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  169.097854][  T297] EXT4-fs (loop4): unmounting filesystem.
[  169.614059][T11041] loop4: detected capacity change from 0 to 128
[  169.645128][T11041] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  169.663685][T11048] input: syz0 as /devices/virtual/input/input26
[  169.675756][T11041] FAT-fs (loop4): Filesystem has been set read-only
[  169.704133][T11041] syz.4.4622: attempt to access beyond end of device
[  169.704133][T11041] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  169.722889][T11041] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  169.731824][T11041] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  169.739944][T11041] syz.4.4622: attempt to access beyond end of device
[  169.739944][T11041] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  169.758169][T11041] syz.4.4622: attempt to access beyond end of device
[  169.758169][T11041] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  169.776903][T11041] syz.4.4622: attempt to access beyond end of device
[  169.776903][T11041] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  169.826075][T11058] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[  169.851978][T11058] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[  169.961013][ T7832] Bluetooth: hci0: Frame reassembly failed (-84)
[  169.965185][T11083] loop9: detected capacity change from 0 to 128
[  169.988765][T11083] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  169.996740][T11083] FAT-fs (loop9): Filesystem has been set read-only
[  170.003341][T11083] syz.9.4645: attempt to access beyond end of device
[  170.003341][T11083] loop9: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  170.016969][T11083] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  170.024867][T11083] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  170.032662][T11083] syz.9.4645: attempt to access beyond end of device
[  170.032662][T11083] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  170.046039][T11083] syz.9.4645: attempt to access beyond end of device
[  170.046039][T11083] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  170.059636][T11083] syz.9.4645: attempt to access beyond end of device
[  170.059636][T11083] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  170.119134][T11095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4648'.
[  170.138719][T11095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4648'.
[  170.301885][T11113] syz.7.4660 uses obsolete (PF_INET,SOCK_PACKET)
[  170.359067][T11120] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4663'.
[  170.368522][T11120] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4663'.
[  171.149911][T11150] loop6: detected capacity change from 0 to 128
[  171.180139][T11150] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  171.187880][T11150] FAT-fs (loop6): Filesystem has been set read-only
[  171.194359][T11150] syz.6.4675: attempt to access beyond end of device
[  171.194359][T11150] loop6: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  171.208553][T11150] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  171.216220][T11150] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  171.224132][T11150] syz.6.4675: attempt to access beyond end of device
[  171.224132][T11150] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  171.348937][T11174] loop7: detected capacity change from 0 to 1024
[  171.355833][T11174] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  171.366756][T11174] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  171.376963][T11174] EXT4-fs (loop7): invalid journal inode
[  172.008105][ T3577] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  172.008142][ T1882] Bluetooth: hci0: command 0x1003 tx timeout
[  172.019987][T11081] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  172.073044][T11191] loop9: detected capacity change from 0 to 128
[  172.084108][T11191] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  172.092144][T11191] FAT-fs (loop9): Filesystem has been set read-only
[  172.100201][T11191] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  172.107869][T11191] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  172.115549][   T28] kauditd_printk_skb: 207 callbacks suppressed
[  172.115566][   T28] audit: type=1400 audit(1737155939.047:3722): avc:  denied  { create } for  pid=11197 comm="syz.4.4697" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  172.147361][   T28] audit: type=1400 audit(1737155939.047:3723): avc:  denied  { mounton } for  pid=11197 comm="syz.4.4697" path="/908/file0" dev="tmpfs" ino=4775 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  172.171400][   T28] audit: type=1400 audit(1737155939.047:3724): avc:  denied  { ioctl } for  pid=11197 comm="syz.4.4697" path="/dev/fuse" dev="devtmpfs" ino=93 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  172.193302][T11204] loop7: detected capacity change from 0 to 512
[  172.202893][T11204] EXT4-fs (loop7): Test dummy encryption mode enabled
[  172.217865][T11204] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  172.229207][T11204] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  172.238463][T11204] System zones: 1-12
[  172.243217][T11204] EXT4-fs (loop7): 1 truncate cleaned up
[  172.248832][T11204] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  172.299273][   T28] audit: type=1400 audit(1737155939.237:3725): avc:  denied  { unmount } for  pid=297 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  172.328427][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  172.353330][T11228] loop7: detected capacity change from 0 to 1024
[  172.361155][T11228] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  172.376472][T11228] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  172.391619][T11228] EXT4-fs error (device loop7): ext4_get_journal_inode:5721: inode #5: comm syz.7.4711: unexpected bad inode w/o EXT4_IGET_BAD
[  172.405802][T11228] EXT4-fs (loop7): no journal found
[  172.411298][T11228] EXT4-fs (loop7): can't get journal size
[  172.417621][T11228] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  172.444928][ T5746] EXT4-fs (loop7): unmounting filesystem.
[  172.467708][ T7832] Bluetooth: hci0: Frame reassembly failed (-84)
[  172.502134][T11256] loop4: detected capacity change from 0 to 512
[  172.508828][T11256] EXT4-fs (loop4): Test dummy encryption mode enabled
[  172.515421][T11256] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  172.525949][T11256] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  172.533885][T11256] System zones: 1-12
[  172.538562][T11256] EXT4-fs (loop4): 1 truncate cleaned up
[  172.544166][T11256] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  172.580709][  T297] EXT4-fs (loop4): unmounting filesystem.
[  172.926971][T11263] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.217437][T11294] loop6: detected capacity change from 0 to 512
[  173.224256][T11294] EXT4-fs (loop6): Test dummy encryption mode enabled
[  173.231137][T11294] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  173.248823][T11294] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  173.256823][T11294] System zones: 1-12
[  173.261403][T11294] EXT4-fs (loop6): 1 truncate cleaned up
[  173.266996][T11294] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  173.323551][ T2149] EXT4-fs (loop6): unmounting filesystem.
[  173.864838][T11312] loop9: detected capacity change from 0 to 1024
[  173.876228][T11312] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  173.886013][T11312] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  173.896311][T11312] EXT4-fs error (device loop9): ext4_get_journal_inode:5721: inode #5: comm syz.9.4749: unexpected bad inode w/o EXT4_IGET_BAD
[  173.910357][T11312] EXT4-fs (loop9): no journal found
[  173.915438][T11312] EXT4-fs (loop9): can't get journal size
[  173.922317][T11312] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  173.938511][T11314] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.948460][T11314] device dummy0 left promiscuous mode
[  173.959059][ T8618] EXT4-fs (loop9): unmounting filesystem.
[  174.488155][ T4258] Bluetooth: hci0: command 0x1003 tx timeout
[  174.488168][ T3577] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  174.500234][T11248] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  174.524050][T11349] loop9: detected capacity change from 0 to 512
[  174.534560][T11349] EXT4-fs (loop9): Test dummy encryption mode enabled
[  174.544037][T11349] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  174.552305][T11358] loop4: detected capacity change from 0 to 1024
[  174.558193][T11349] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  174.578338][T11358] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  174.589160][T11349] System zones: 1-12
[  174.594849][T11349] EXT4-fs (loop9): 1 truncate cleaned up
[  174.595907][T11358] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  174.612249][T11358] EXT4-fs error (device loop4): ext4_get_journal_inode:5721: inode #5: comm syz.4.4764: unexpected bad inode w/o EXT4_IGET_BAD
[  174.629288][T11358] EXT4-fs (loop4): no journal found
[  174.635311][T11358] EXT4-fs (loop4): can't get journal size
[  174.722401][T11390] loop6: detected capacity change from 0 to 1024
[  174.749859][T11390] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  174.778945][T11390] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  174.809066][T11390] EXT4-fs error (device loop6): ext4_get_journal_inode:5721: inode #5: comm syz.6.4782: unexpected bad inode w/o EXT4_IGET_BAD
[  174.823446][T11392] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.830502][T11392] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.835426][T11399] loop4: detected capacity change from 0 to 512
[  174.844156][T11399] EXT4-fs (loop4): Test dummy encryption mode enabled
[  174.858141][T11390] EXT4-fs (loop6): no journal found
[  174.863187][T11390] EXT4-fs (loop6): can't get journal size
[  174.866580][T11399] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  174.880173][T11392] device dummy0 left promiscuous mode
[  174.896660][T11399] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  174.929477][T11399] System zones: 1-12
[  174.929613][ T7776] Bluetooth: hci0: Frame reassembly failed (-84)
[  174.939531][T11399] EXT4-fs (loop4): 1 truncate cleaned up
[  175.184353][T11447] loop7: detected capacity change from 0 to 1024
[  175.193131][T11446] loop4: detected capacity change from 0 to 512
[  175.196564][T11447] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  175.200140][T11446] EXT4-fs (loop4): Test dummy encryption mode enabled
[  175.209618][T11447] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  175.215660][T11446] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  175.225767][T11447] EXT4-fs error (device loop7): ext4_get_journal_inode:5721: inode #5: comm syz.7.4790: unexpected bad inode w/o EXT4_IGET_BAD
[  175.235722][T11446] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  175.248322][T11447] EXT4-fs (loop7): no journal found
[  175.260742][T11447] EXT4-fs (loop7): can't get journal size
[  175.262490][T11446] System zones: 1-12
[  175.271314][T11446] EXT4-fs (loop4): 1 truncate cleaned up
[  175.344871][T11453] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.666355][T11473] loop6: detected capacity change from 0 to 512
[  175.673650][T11473] EXT4-fs (loop6): Test dummy encryption mode enabled
[  175.680642][T11473] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  175.697370][T11473] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  175.708262][T11473] System zones: 1-12
[  175.716774][T11473] EXT4-fs (loop6): 1 truncate cleaned up
[  176.888196][ T4258] Bluetooth: hci0: command 0x1003 tx timeout
[  176.888261][ T3577] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  176.900363][T11401] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  176.987006][T11525] loop7: detected capacity change from 0 to 512
[  176.997337][T11518] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.004395][T11518] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.013139][T11525] EXT4-fs (loop7): Test dummy encryption mode enabled
[  177.027372][T11525] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  177.062924][T11525] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  177.070768][T11525] System zones: 1-12
[  177.075441][T11525] EXT4-fs (loop7): 1 truncate cleaned up
[  177.170871][T11537] loop6: detected capacity change from 0 to 512
[  177.198123][T11537] EXT4-fs (loop6): Test dummy encryption mode enabled
[  177.216822][T11537] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  177.237311][T11537] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  177.248746][T11537] System zones: 1-12
[  177.253789][T11537] EXT4-fs (loop6): 1 truncate cleaned up
[  177.371026][ T7808] Bluetooth: hci0: Frame reassembly failed (-84)
[  177.514757][T11527] TCP: TCP_TX_DELAY enabled
[  177.637312][T11586] loop9: detected capacity change from 0 to 512
[  177.654210][T11586] EXT4-fs (loop9): Test dummy encryption mode enabled
[  177.660905][T11586] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  177.682978][T11586] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  177.691357][T11586] System zones: 1-12
[  177.695868][T11586] EXT4-fs (loop9): 1 truncate cleaned up
[  177.734336][T11578] loop7: detected capacity change from 0 to 40427
[  177.744061][T11578] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  177.751776][T11578] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  177.763681][T11578] F2FS-fs (loop7): Found nat_bits in checkpoint
[  177.828888][T11578] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  177.835868][T11578] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  177.898508][T11605] loop9: detected capacity change from 0 to 1024
[  177.905150][T11605] EXT4-fs: Ignoring removed nobh option
[  177.910689][T11605] EXT4-fs: Ignoring removed bh option
[  177.917104][T11605] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  178.011219][T11614] loop9: detected capacity change from 0 to 512
[  178.017951][T11614] EXT4-fs (loop9): Test dummy encryption mode enabled
[  178.024744][T11614] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  178.035252][T11614] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  178.043295][T11614] System zones: 1-12
[  178.047849][T11614] EXT4-fs (loop9): 1 truncate cleaned up
[  178.189772][T11622] loop7: detected capacity change from 0 to 512
[  178.218198][T11622] EXT4-fs (loop7): Test dummy encryption mode enabled
[  178.235073][T11622] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  178.263303][T11622] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  178.278142][T11622] System zones: 1-12
[  178.282767][T11622] EXT4-fs (loop7): 1 truncate cleaned up
[  178.605166][T11639] loop4: detected capacity change from 0 to 40427
[  178.611927][T11639] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  178.619491][T11639] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  178.629690][T11639] F2FS-fs (loop4): Found nat_bits in checkpoint
[  178.663832][T11639] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  178.670763][T11639] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  178.724730][T11647] loop7: detected capacity change from 0 to 1024
[  178.739534][T11647] EXT4-fs: Ignoring removed nobh option
[  178.744939][T11647] EXT4-fs: Ignoring removed bh option
[  178.750665][T11647] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  178.968091][    C0] ==================================================================
[  178.975997][    C0] BUG: KASAN: use-after-free in __run_timers+0x34a/0xa10
[  178.982940][    C0] Write of size 8 at addr ffff888122460a00 by task swapper/0/0
[  178.990309][    C0] 
[  178.992484][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.1.118-syzkaller-00021-gd12538e9da37 #0
[  179.001767][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  179.011665][    C0] Call Trace:
[  179.014800][    C0]  <IRQ>
[  179.017494][    C0]  dump_stack_lvl+0x151/0x1b7
[  179.021993][    C0]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  179.027282][    C0]  ? _printk+0xd1/0x111
[  179.031279][    C0]  ? __virt_addr_valid+0x242/0x2f0
[  179.036229][    C0]  print_report+0x158/0x4e0
[  179.040562][    C0]  ? __virt_addr_valid+0x242/0x2f0
[  179.045515][    C0]  ? kasan_complete_mode_report_info+0x90/0x1b0
[  179.051589][    C0]  ? __run_timers+0x34a/0xa10
[  179.056097][    C0]  kasan_report+0x13c/0x170
[  179.060442][    C0]  ? __run_timers+0x34a/0xa10
[  179.064953][    C0]  __asan_report_store8_noabort+0x17/0x20
[  179.070508][    C0]  __run_timers+0x34a/0xa10
[  179.074847][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  179.079887][    C0]  ? calc_index+0x270/0x270
[  179.084219][    C0]  ? sched_clock+0x9/0x10
[  179.088396][    C0]  ? sched_clock_cpu+0x71/0x2b0
[  179.093076][    C0]  run_timer_softirq+0x69/0xf0
[  179.097675][    C0]  handle_softirqs+0x1db/0x650
[  179.102272][    C0]  ? irqtime_account_irq+0xdc/0x260
[  179.107307][    C0]  __irq_exit_rcu+0x52/0xf0
[  179.111653][    C0]  irq_exit_rcu+0x9/0x10
[  179.115724][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  179.121192][    C0]  </IRQ>
[  179.123969][    C0]  <TASK>
[  179.126748][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  179.132562][    C0] RIP: 0010:acpi_idle_enter+0x416/0x760
[  179.137941][    C0] Code: 89 de 48 83 e6 08 31 ff e8 97 ab 53 fc 48 83 e3 08 0f 85 b1 00 00 00 0f 1f 44 00 00 e8 43 a7 53 fc 0f 00 2d 5c 7d ce 00 fb f4 <fa> e9 e3 00 00 00 49 83 c7 04 4c 89 f8 48 c1 e8 03 42 0f b6 04 30
[  179.157385][    C0] RSP: 0018:ffffffff87007bd0 EFLAGS: 000002d3
[  179.163287][    C0] RAX: ffffffff8521defd RBX: 0000000000000000 RCX: ffffffff8701d4c0
[  179.171098][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  179.178911][    C0] RBP: ffffffff87007c10 R08: ffffffff8521dee9 R09: fffffbfff0e03a99
[  179.186721][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[  179.194529][    C0] R13: ffff888109bc9004 R14: dffffc0000000000 R15: ffff888109a50864
[  179.202346][    C0]  ? acpi_idle_enter+0x3f9/0x760
[  179.207117][    C0]  ? acpi_idle_enter+0x40d/0x760
[  179.211894][    C0]  ? intel_idle_xstate+0xa0/0xa0
[  179.216668][    C0]  cpuidle_enter_state+0x5eb/0x17f0
[  179.221706][    C0]  ? cpuidle_enter_s2idle+0x600/0x600
[  179.226904][    C0]  ? menu_enable_device+0x380/0x380
[  179.231938][    C0]  ? __sched_text_start+0x8/0x8
[  179.236625][    C0]  cpuidle_enter+0x5f/0xa0
[  179.240881][    C0]  do_idle+0x3d1/0x580
[  179.244782][    C0]  ? irqentry_exit+0x37/0x40
[  179.249213][    C0]  ? idle_inject_timer_fn+0x60/0x60
[  179.254244][    C0]  ? schedule_idle+0x5b/0x90
[  179.258672][    C0]  ? do_idle+0x6/0x580
[  179.262581][    C0]  cpu_startup_entry+0x44/0x60
[  179.267178][    C0]  rest_init+0x10b/0x130
[  179.271254][    C0]  ? time_init+0x38/0x38
[  179.275335][    C0]  arch_call_rest_init+0xe/0xe
[  179.279937][    C0]  start_kernel+0x46c/0x4d8
[  179.284275][    C0]  x86_64_start_reservations+0x2a/0x2c
[  179.289584][    C0]  x86_64_start_kernel+0x7c/0x81
[  179.294343][    C0]  secondary_startup_64_no_verify+0xce/0xdb
[  179.300079][    C0]  </TASK>
[  179.302936][    C0] 
[  179.305115][    C0] Allocated by task 11401:
[  179.309360][    C0]  kasan_set_track+0x4b/0x70
[  179.313785][    C0]  kasan_save_alloc_info+0x1f/0x30
[  179.318729][    C0]  __kasan_kmalloc+0x9c/0xb0
[  179.323154][    C0]  __kmalloc+0xb4/0x1e0
[  179.327147][    C0]  hci_alloc_dev_priv+0x27/0x1c00
[  179.332011][    C0]  hci_uart_tty_ioctl+0x401/0xa70
[  179.336867][    C0]  tty_ioctl+0x903/0xc50
[  179.340950][    C0]  __se_sys_ioctl+0x114/0x190
[  179.345461][    C0]  __x64_sys_ioctl+0x7b/0x90
[  179.349887][    C0]  x64_sys_call+0x98/0x9a0
[  179.354140][    C0]  do_syscall_64+0x3b/0xb0
[  179.358393][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  179.364122][    C0] 
[  179.366292][    C0] Freed by task 11401:
[  179.370196][    C0]  kasan_set_track+0x4b/0x70
[  179.374623][    C0]  kasan_save_free_info+0x2b/0x40
[  179.379482][    C0]  ____kasan_slab_free+0x131/0x180
[  179.384433][    C0]  __kasan_slab_free+0x11/0x20
[  179.389030][    C0]  __kmem_cache_free+0x21d/0x410
[  179.393805][    C0]  kfree+0x7a/0xf0
[  179.397363][    C0]  hci_release_dev+0x14d3/0x1640
[  179.402138][    C0]  bt_host_release+0x83/0xa0
[  179.406563][    C0]  device_release+0x95/0x1c0
[  179.410991][    C0]  kobject_put+0x178/0x260
[  179.415242][    C0]  put_device+0x1f/0x30
[  179.419239][    C0]  hci_dev_cmd+0x2be/0x9b0
[  179.423489][    C0]  hci_sock_ioctl+0x415/0x7f0
[  179.427999][    C0]  sock_do_ioctl+0x152/0x450
[  179.432425][    C0]  sock_ioctl+0x455/0x740
[  179.436598][    C0]  __se_sys_ioctl+0x114/0x190
[  179.441105][    C0]  __x64_sys_ioctl+0x7b/0x90
[  179.445538][    C0]  x64_sys_call+0x98/0x9a0
[  179.449784][    C0]  do_syscall_64+0x3b/0xb0
[  179.454037][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  179.459768][    C0] 
[  179.461939][    C0] Last potentially related work creation:
[  179.467489][    C0]  kasan_save_stack+0x3b/0x60
[  179.472004][    C0]  __kasan_record_aux_stack+0xb4/0xc0
[  179.477210][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[  179.482852][    C0]  insert_work+0x56/0x310
[  179.487020][    C0]  __queue_work+0x9b6/0xd70
[  179.491357][    C0]  queue_work_on+0x105/0x170
[  179.495785][    C0]  __hci_cmd_sync_sk+0xc2a/0xf70
[  179.500556][    C0]  hci_cmd_sync_status+0x52/0x130
[  179.505429][    C0]  hci_dev_cmd+0x39e/0x9b0
[  179.509674][    C0]  hci_sock_ioctl+0x415/0x7f0
[  179.514184][    C0]  sock_do_ioctl+0x152/0x450
[  179.518611][    C0]  sock_ioctl+0x455/0x740
[  179.522775][    C0]  __se_sys_ioctl+0x114/0x190
[  179.527287][    C0]  __x64_sys_ioctl+0x7b/0x90
[  179.531715][    C0]  x64_sys_call+0x98/0x9a0
[  179.535971][    C0]  do_syscall_64+0x3b/0xb0
[  179.540222][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  179.545951][    C0] 
[  179.548119][    C0] Second to last potentially related work creation:
[  179.554542][    C0]  kasan_save_stack+0x3b/0x60
[  179.559056][    C0]  __kasan_record_aux_stack+0xb4/0xc0
[  179.564262][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[  179.569906][    C0]  insert_work+0x56/0x310
[  179.574071][    C0]  __queue_work+0x9b6/0xd70
[  179.578414][    C0]  queue_work_on+0x105/0x170
[  179.582835][    C0]  hci_cmd_timeout+0x199/0x200
[  179.587440][    C0]  process_one_work+0x73d/0xcb0
[  179.592125][    C0]  worker_thread+0xa60/0x1260
[  179.596638][    C0]  kthread+0x26d/0x300
[  179.600631][    C0]  ret_from_fork+0x1f/0x30
[  179.604881][    C0] 
[  179.607050][    C0] The buggy address belongs to the object at ffff888122460000
[  179.607050][    C0]  which belongs to the cache kmalloc-8k of size 8192
[  179.620938][    C0] The buggy address is located 2560 bytes inside of
[  179.620938][    C0]  8192-byte region [ffff888122460000, ffff888122462000)
[  179.634218][    C0] 
[  179.636386][    C0] The buggy address belongs to the physical page:
[  179.642643][    C0] page:ffffea0004891800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x122460
[  179.652703][    C0] head:ffffea0004891800 order:3 compound_mapcount:0 compound_pincount:0
[  179.660862][    C0] flags: 0x4000000000010200(slab|head|zone=1)
[  179.666778][    C0] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043500
[  179.675192][    C0] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  179.683609][    C0] page dumped because: kasan: bad access detected
[  179.689864][    C0] page_owner tracks the page as allocated
[  179.695410][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 11386, tgid 11385 (syz.1.4773), ts 174710338789, free_ts 174568810607
[  179.717369][    C0]  post_alloc_hook+0x213/0x220
[  179.721966][    C0]  prep_new_page+0x1b/0x110
[  179.726302][    C0]  get_page_from_freelist+0x2f41/0x2fc0
[  179.731685][    C0]  __alloc_pages+0x234/0x610
[  179.736117][    C0]  alloc_slab_page+0x6c/0xf0
[  179.740541][    C0]  new_slab+0x90/0x3e0
[  179.744443][    C0]  ___slab_alloc+0x6f9/0xb80
[  179.748872][    C0]  __slab_alloc+0x5d/0xa0
[  179.753036][    C0]  __kmem_cache_alloc_node+0x207/0x2a0
[  179.758330][    C0]  __kmalloc+0xa3/0x1e0
[  179.762322][    C0]  incfs_realloc_mount_info+0xa7/0x470
[  179.767622][    C0]  incfs_alloc_mount_info+0x481/0x550
[  179.772829][    C0]  incfs_mount_fs+0x416/0xa30
[  179.777340][    C0]  legacy_get_tree+0xf1/0x190
[  179.781851][    C0]  vfs_get_tree+0x88/0x290
[  179.786104][    C0]  do_new_mount+0x2ba/0xb30
[  179.790441][    C0] page last free stack trace:
[  179.794956][    C0]  free_unref_page_prepare+0x83d/0x850
[  179.800248][    C0]  free_unref_page+0xb2/0x5c0
[  179.804764][    C0]  __free_pages+0x61/0xf0
[  179.808933][    C0]  __free_slab+0xce/0x1a0
[  179.813101][    C0]  __unfreeze_partials+0x165/0x1a0
[  179.818042][    C0]  put_cpu_partial+0xa9/0x100
[  179.822557][    C0]  __slab_free+0x1c8/0x280
[  179.826809][    C0]  ___cache_free+0xc6/0xd0
[  179.831063][    C0]  qlist_free_all+0xc5/0x140
[  179.835486][    C0]  kasan_quarantine_reduce+0x15a/0x180
[  179.840782][    C0]  __kasan_slab_alloc+0x24/0x80
[  179.845468][    C0]  slab_post_alloc_hook+0x53/0x2c0
[  179.850415][    C0]  kmem_cache_alloc_lru+0x102/0x270
[  179.855451][    C0]  sock_alloc_inode+0x28/0xc0
[  179.859963][    C0]  new_inode_pseudo+0x65/0x1d0
[  179.864561][    C0]  __sock_create+0x132/0x7e0
[  179.868993][    C0] 
[  179.871162][    C0] Memory state around the buggy address:
[  179.876630][    C0]  ffff888122460900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  179.884528][    C0]  ffff888122460980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  179.892427][    C0] >ffff888122460a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  179.900323][    C0]                    ^
[  179.904228][    C0]  ffff888122460a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  179.912127][    C0]  ffff888122460b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  179.920033][    C0] ==================================================================
[  179.927919][    C0] Disabling lock debugging due to kernel taint
[  179.933970][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  179.945452][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  179.953700][    C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G    B              6.1.118-syzkaller-00021-gd12538e9da37 #0
[  179.964459][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  179.974353][    C0] RIP: 0010:__queue_work+0x4f1/0xd70
[  179.979473][    C0] Code: 39 03 0f 84 40 01 00 00 e8 8c 6b 2a 00 4c 89 e7 e8 e4 e3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 60 e1 71 00 49 8b 3e e8 98 dc d6
[  179.998916][    C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[  180.004820][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff8701d4c0
[  180.012631][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  180.020440][    C0] RBP: ffffc90000007d00 R08: ffffffff814b186b R09: 0000000000000007
[  180.028248][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881224609c8
[  180.036061][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881224609e0
[  180.043874][    C0] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  180.052654][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  180.059060][    C0] CR2: 0000000020081000 CR3: 000000012354a000 CR4: 00000000003526b0
[  180.066875][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  180.074685][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  180.082582][    C0] Call Trace:
[  180.085726][    C0]  <IRQ>
[  180.088400][    C0]  ? __die_body+0x62/0xb0
[  180.092565][    C0]  ? die_addr+0x9f/0xd0
[  180.096558][    C0]  ? exc_general_protection+0x317/0x4c0
[  180.101945][    C0]  ? asm_exc_general_protection+0x27/0x30
[  180.107498][    C0]  ? __queue_work+0x28b/0xd70
[  180.112006][    C0]  ? __queue_work+0x4f1/0xd70
[  180.116521][    C0]  ? __queue_work+0x29c/0xd70
[  180.121037][    C0]  delayed_work_timer_fn+0x61/0x80
[  180.125983][    C0]  ? queue_work_node+0x1d0/0x1d0
[  180.130760][    C0]  call_timer_fn+0x3b/0x2d0
[  180.135092][    C0]  ? queue_work_node+0x1d0/0x1d0
[  180.139865][    C0]  __run_timers+0x756/0xa10
[  180.144207][    C0]  ? calc_index+0x270/0x270
[  180.148550][    C0]  ? sched_clock+0x9/0x10
[  180.152709][    C0]  ? sched_clock_cpu+0x71/0x2b0
[  180.157399][    C0]  run_timer_softirq+0x69/0xf0
[  180.161998][    C0]  handle_softirqs+0x1db/0x650
[  180.166604][    C0]  ? irqtime_account_irq+0xdc/0x260
[  180.171633][    C0]  __irq_exit_rcu+0x52/0xf0
[  180.175968][    C0]  irq_exit_rcu+0x9/0x10
[  180.180051][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  180.185517][    C0]  </IRQ>
[  180.188293][    C0]  <TASK>
[  180.191074][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  180.196888][    C0] RIP: 0010:acpi_idle_enter+0x416/0x760
[  180.202271][    C0] Code: 89 de 48 83 e6 08 31 ff e8 97 ab 53 fc 48 83 e3 08 0f 85 b1 00 00 00 0f 1f 44 00 00 e8 43 a7 53 fc 0f 00 2d 5c 7d ce 00 fb f4 <fa> e9 e3 00 00 00 49 83 c7 04 4c 89 f8 48 c1 e8 03 42 0f b6 04 30
[  180.222055][    C0] RSP: 0018:ffffffff87007bd0 EFLAGS: 000002d3
[  180.227966][    C0] RAX: ffffffff8521defd RBX: 0000000000000000 RCX: ffffffff8701d4c0
[  180.235771][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  180.243580][    C0] RBP: ffffffff87007c10 R08: ffffffff8521dee9 R09: fffffbfff0e03a99
[  180.251395][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[  180.261114][    C0] R13: ffff888109bc9004 R14: dffffc0000000000 R15: ffff888109a50864
[  180.268930][    C0]  ? acpi_idle_enter+0x3f9/0x760
[  180.273698][    C0]  ? acpi_idle_enter+0x40d/0x760
[  180.278475][    C0]  ? intel_idle_xstate+0xa0/0xa0
[  180.283248][    C0]  cpuidle_enter_state+0x5eb/0x17f0
[  180.288282][    C0]  ? cpuidle_enter_s2idle+0x600/0x600
[  180.293499][    C0]  ? menu_enable_device+0x380/0x380
[  180.298534][    C0]  ? __sched_text_start+0x8/0x8
[  180.303208][    C0]  cpuidle_enter+0x5f/0xa0
[  180.307459][    C0]  do_idle+0x3d1/0x580
[  180.311365][    C0]  ? irqentry_exit+0x37/0x40
[  180.315794][    C0]  ? idle_inject_timer_fn+0x60/0x60
[  180.320825][    C0]  ? schedule_idle+0x5b/0x90
[  180.325251][    C0]  ? do_idle+0x6/0x580
[  180.329159][    C0]  cpu_startup_entry+0x44/0x60
[  180.333787][    C0]  rest_init+0x10b/0x130
[  180.337836][    C0]  ? time_init+0x38/0x38
[  180.342015][    C0]  arch_call_rest_init+0xe/0xe
[  180.346620][    C0]  start_kernel+0x46c/0x4d8
[  180.350955][    C0]  x86_64_start_reservations+0x2a/0x2c
[  180.356250][    C0]  x86_64_start_kernel+0x7c/0x81
[  180.361024][    C0]  secondary_startup_64_no_verify+0xce/0xdb
[  180.366756][    C0]  </TASK>
[  180.369617][    C0] Modules linked in:
[  180.373353][    C0] ---[ end trace 0000000000000000 ]---
[  180.378654][    C0] RIP: 0010:__queue_work+0x4f1/0xd70
[  180.383770][    C0] Code: 39 03 0f 84 40 01 00 00 e8 8c 6b 2a 00 4c 89 e7 e8 e4 e3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 60 e1 71 00 49 8b 3e e8 98 dc d6
[  180.403205][    C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[  180.409104][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff8701d4c0
[  180.416916][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  180.424727][    C0] RBP: ffffc90000007d00 R08: ffffffff814b186b R09: 0000000000000007
[  180.432541][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881224609c8
[  180.440352][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881224609e0
[  180.448161][    C0] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  180.456930][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  180.463352][    C0] CR2: 0000000020081000 CR3: 000000012354a000 CR4: 00000000003526b0
[  180.471165][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  180.478972][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  180.486788][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  180.494877][    C0] Kernel Offset: disabled
[  180.499004][    C0] Rebooting in 86400 seconds..