last executing test programs:

5.491799988s ago: executing program 3:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r0, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f40108807000008048000980280000f8060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000908000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a034e200000040100000000000000000000ffffac14142a06000000240001000000000000000000000000000000000000000000000000000000000000000000d4000980"], 0x21c}}, 0x0)
unshare(0x2c060000)
unshare(0x24020400)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(r2, 0x65, 0x1, 0x0, 0x0)
bind$can_raw(r2, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0xffffffffffffff35, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x0, 0x2}}]}}]}, 0x44}}, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
close(r6)

5.41136541s ago: executing program 3:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x168e, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000600)=[{0x0}], 0x0, 0x1}, 0x20)

5.364292708s ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a9a4850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
getdents64(r6, 0x0, 0x2)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)

5.355189959s ago: executing program 2:
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@enum={0x2}]}, {0x0, [0x0, 0x5f, 0x61]}}, 0x0, 0x29}, 0x20)

5.300494778s ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='ext4_es_lookup_extent_exit\x00', r1}, 0x10)
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)

5.237448388s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='ext4_drop_inode\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='ext4_drop_inode\x00', r3}, 0x10)
unlink(&(0x7f0000000140)='./cgroup\x00')

5.193925235s ago: executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x6, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1a0cc10, &(0x7f00000059c0)=ANY=[], 0x1, 0x559f, &(0x7f0000000400)="$eJzs3M2LG2UYAPBnkm6/rYt48NaBIuxCE5rtB3qyaosf2FL8OHjSbJKGtElm2aTp2lMPHsWD/4koePLo3+BBj3oTD4o3oZKZWWn6/ZFmtf39YPLMPHnzzPsOYeGZWRLAM2s5/euPJA7FvoioRsTBJPL9pNwirkecLsa+FBGHI6Jy05aU+X8TuyNif0QcmhYvaiblW18dnRw5+fu7f37/455dB77+7qcdXTiwo16OiMFGsX91UMSsm4cb1TLfnPTyODgxKePGTI1BVuSvdtbzCleb2+OaeTzeLcZnG1dG03ix32xNY7d3Mc9vDIsTjibd7TrTD6SXmpv5cbuznsfeKMtj91px3q1rxd+2a6NxUadd1vssLx/j8XYs8p2tTrGejct5bA3HZb6om7U7W9M4KWN5umhl/XY+j/VHvcr/fe/1hle20klnc9TLhunJeuOVeuNUrbGZtTvjzolac9A+dSJd6fanw2rjTnNwuptl3X6n3soGq+lKt9WqNRrpypnOeq85TBuN+vH6sdrJ1XLvaPrW+Y/SfjtdmcY3esMr415/lF7MNtPiE6vpWv34q6vpkUb6wbkL6YX3z549d+HDT858fP71c++8WQ66bVrpytqxtbVa41htrbH6DK3/83LSD7H+5M7pX35+vMsGADyi2/r/uLX/D/0/MHf36P/j0n36/8Hl8vjJ9P9xx/6/Mtv/xzz7/2lLpf+/f/9b2YH+dyn0/w+8/upjfhvgId3lBtN97J77PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWLhfl755O99ZLo4PlPnnytQL5XESEZWIuHEH1dg9U7Na1lm6y/ilW+bwQxJ5hek59pTb/og4XW5/P/+krwIAAAA8vb69fvjLolsvXpZ3ekIsUnHTpnLw0znVSyJiafm3OVWrTF9enFOx/Pu9K7bmVC2/gbV3TsWKW2675lXtgVRnwt6bQlKEykKnAwAALMRsJ7DYLgQAAIBF+uKe7762sHmwYElsP8rcfhac/+d9xL7ygeC+mfcAAACA/6FkpycAAAAAPHF5/+/3/wAAAODpVvz+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7NxdrtJAFADg0/YW/I3E+O5WfINluAQffRQW4CZYAq7AxA2wBkx8cAcqGDojSRUSYltQ7vclnd6ZC2dOgZczbQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCF9rlezD+9evu8Y5uOPXTd/N+32rmPeAAAAcC9s6tWs+WOS+o/z+NM89Dz3i4goI+JY7V7FqBWzynHqE6+vf8vhU0QTYT8+zsejiHiVj+/Phv4UAAAA4HatF8tpqtZTk5cAvpz37m8DZsYFpEWb8snrnuIVEVFPvvYUrdw3Lw7debdo+9/3XbztnFXSLGA96ClYWnI78SDLqK9J2qrW6deVzJsvsemVw8wLAABcU7sS8Dg9AADA7Xpz7QS4hD9L++LQHO4zjtMp3xB82OoBAAAA/6Hi2gkAAAAAfaqODTb1/7+0/19h/z8AAADoXdr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCFt6tVsvVhOT/1/fmac7a6b/q4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAn+/OOAiEQBmGwd31nMvc/rDRoaGxSBcLH3xgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzsz0sKhEAQRMGc8b+Tvv9hJUHPIEIENDyqqEUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzs27FvG1UYAPDPvthtCogQUCQCKEgdYKGpW1o6ghAoYuBPQIpSpwRSCm0GWkWULGwocxcEI0JIoLDlf+jcSF3K1iFDkJgYgu5855xjQ6MSnU39+0nP77vn67vvzlaV794ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjsvhMv1/M4SV+mOnExdm9vfSntdw71qe3N+7NpS+NaxXmPnonDA6+UN+ZmKk0GAACAMZUU9f3bB2P1qaz+b3S3I+L7ZzpxUc8frvt39tZP5m/NFvX/b78+fKE76VSSHSeddHlltX22P5W+QnlcPPvIPSayK5/de0myD6T+wcbzu43seta+vXv3vWYWnqgiWwDgcZwp+jwo/h5K+9YwEwNgbEyUCu8Hja2FtE+mhpsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBV2N+KpIq5FxOzEQZza2VtfGtR/vXl/djtvF+/c2SzPmU7RiIjlldX22QrPZXQVV/PWp4urq+3rN25WHcxFxIC3bh/tnyd5+v+4TzMiekZOvzhgno+OcKxD8/QF+dczqr2Gk+n5PXLnWs9Ire+Cv7vfMYwvwPEFc/knMHifev7uSKR6zEHx3Tv+mSv8rwgAgLHQyFtaiT5obC2kY7XpiP0feuv/10px9NT9+7c7I53t7VL9//Dji/fKxyrX/62Kzu//YH7t6ufzN27eemPl6uKV9pX2Z2+ea73VOn/pwoVL89m9kvnlqLtjAgAAwH/QzFu5/q9P96//nyrF8S/r/+X6/4vvWl+Vj5Wo/wc6WPQbdiYAAADjqNmNnnv1zz9qA/aoNZvx5eLa2vVW57W7fa7zWmm6j+lE3sr1fzI97KwAAACAKuxu1HrW/y+X4jji+v/TP770c3nOJCImI65FRPvM0rXVy9Wdzkir4ofK2YGawz5TAAAAhmUyb+X1/0b2/H+9+8hDPSJePx3xV/4b/jhi/Z+8/81P5WOVn/8/X+lZjp76TOd6ZP1MxMTMsDMCAADgSXYyb2mx/3tja+GTX0592PT8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDV/g4AAP//kF4wGA==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000001840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xda0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
write$P9_RGETLOCK(r5, 0x0, 0x200002e6)
r6 = creat(&(0x7f00000059c0)='./file0\x00', 0x2a0522b31c0d5ac0)
io_submit(0x0, 0x0, &(0x7f0000000840))
ioctl$PPPIOCGCHAN(r6, 0x80047437, &(0x7f0000000280))
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766574680000000018000280", @ANYRES32=0x0, @ANYBLOB="000000000000000008002000aa000000801f1640f4bb534129143b5ab5822e5e2af9b371fc671111cfe404c259405ac8b02b1628f740f8de18723bd1e315668b5f0f8b2aed3ba02e75c1724d2253dfcb7b62d3315255a8267c3d9acf7c88ca"], 0x50}}, 0x0)

5.178806567s ago: executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_mballoc_prealloc\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x2000)

5.039662239s ago: executing program 3:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000001000010701700ff000000000001090224000100000000090400000203000000092100000001220b0009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x64342, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000ff0f0000000000ff000000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
r4 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
ftruncate(r1, 0x2007ffb)
sendfile(r2, r4, 0x0, 0x1000000201005)
rename(&(0x7f00000002c0)='./bus\x00', &(0x7f00000004c0)='./file2\x00')
syz_usb_control_io$hid(r0, &(0x7f0000000d00)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220b00000005a0a0"], 0x0}, 0x0)

2.54789395s ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000009712457af26d841f87cc0000000000", @ANYRES32, @ANYBLOB="00000000000000001820", @ANYRES32, @ANYBLOB="000000000000000000002000fcffffff95"], 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})

2.372273137s ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x8000, &(0x7f0000002640)={[{@noinit_itable}, {@sysvgroups}, {@dioread_lock}, {@debug}, {@sb={'sb', 0x3d, 0x4}}, {@resgid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8001}}, {@nodelalloc}, {@nombcache}]}, 0x12, 0x4cb, &(0x7f0000000a00)="$eJzs3VFrW9cdAPD/la3MSZzZ2fawBZaFJSMJWyQ7XhKzhyyDsTyMwLbsPXNs2RjLlrHkJDZhc9gHGIyxFvrUp74U+gEKJR+hFALte2lLS2mT9qEPaVUkXZnElWK7kX1b+/eDk3vOvZL+/xOjo3vuPUgB7FsnIuJKRPRFxNmIGEr359JytdFYaz3u0cO7k42SRL1+/ZMkknRf+7WSdHu49ZQYiIi/XY24mXwzbnVldW6iXC4tpe1ibX6xWF1ZPTc7PzFTmiktjI2NXhy/NH5hfKQn/RyOiMt//OD//3nlT5ff+M3td298dOafjbQG0+NP9qOXWl3PN/8v2vojYmkngmWgL93mM84DAICtaZzj/ygiftk8/x+KvubZKQAAALCX1H8/GI+TiDoAAACwZ+Waa2CTXCFdCzAYuVyh0FrD+5M4lCtXqrVfT1eWF6Zaa2WHI5+bni2XRtK1wsORTxrt0XSNbbt9fkN7LCKORsT/hg4224XJSnkq64sfAAAAsE8c3jD//3yoNf8HAAAA9pjhrBMAAAAAdpz5PwAAAOx95v8AAACwp/3l2rVGqbd//3rq1sryXOXWualSda4wvzxZmKwsLRZmKpWZ5nf2zW/2euVKZfG3sbB8p1grVWvF6srqjfnK8kLtxuxTP4ENAAAA7KKjv7j/ThIRa7872CwNB7JOCtgVyXYe/P7O5QHsvr6sEwAy0591AkBm8lknAGRus+sAXRfvvNn7XAAAgJ1x+mfd7/+7NgB7Wy7dbmsdAADwveb+P+xfeSsAYd/74SbHn//+f72+rYQAAICeG2yWJFdI7wUORi5XKEQcaf4sQD6Zni2XRtL5wdtD+R802qPNZybuGQIAAAAAAAAAAAAAAAAAAAAAAADAFtXrSdQBAACAPS0i92HS/Db//og4Nbjx+sCB5Iuh5jYibr90/YU7E7Xa0mhj/6fr+2svpvvPZ3EFAwAAANioPU9vz+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJcePbw72S67GffjP0TEcKf4/THQ3A5EPiIOfZZE/xPPSyKirwfx1+5FxE87xU8aacVwmkWn+AczjJ+LiMM9iA/72f3G+HOl0/svFyea287vv/60PK/u419uffzr6zL+HNlijGMPXit2jX8v4lh/5/GnHT/pEv/kFuP/4++rq92O1V+OON3x8yd5KlaxNr9YrK6snpudn5gpzZQWxsZGL45fGr8wPlKcni2X0n87xvjvz1//6ln9P9Ql/vAm/T+1xf5/+eDOwx+3qvlO8c+c7Pz5+7ivc/zG2D8UEb9K643jp9v1tVb9Scdffev4s/o/1aX/m/39z2yx/2f/+u/30movPjIBgOdUXVmdmyiXS0tbrPxrOw9WUfl2lYHvRhr7ubI+RNzMdIACAAB6Zv2k/89ZZwIAAAAAAAAAAAAAAAAAAAD71258ndjGmGvZdBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Jm+DgAA//+79dWi")
sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, 0x0, 0x40000)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000180), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = creat(&(0x7f0000000340)='./file0\x00', 0x0)
close(r3)
r4 = socket(0x2, 0x2, 0x0)
shutdown(r4, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r5, &(0x7f0000000180), &(0x7f00000001c0)=@tcp=r4}, 0x20)
read$FUSE(r3, &(0x7f00000004c0)={0x2020}, 0x2020)

2.263475205s ago: executing program 2:
ptrace(0x10, 0x1)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r1=>0x0})
ptrace$getenv(0x4205, r1, 0x202, &(0x7f0000000000))

588.762127ms ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='ext4_drop_inode\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='ext4_drop_inode\x00', r2}, 0x10)
unlink(&(0x7f0000000140)='./cgroup\x00')

567.731501ms ago: executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0xb, &(0x7f0000000000)=ANY=[], 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$BTRFS_IOC_ADD_DEV(r1, 0x40085507, &(0x7f00000000c0)={{r1}, "c4005a51cf48a456fe399e96793568de827d6e3af15928143f77a2c2bf19506fac2c94a8808e7365569e94b6012f452ddbdb4acaadf3199a4fa57eab4549a87e05bb9a155f3d08704dc753cff79d5128dc113e58ecd5a19e0bc7bef139e74acaed4f126be4cc57e22d44a734c7f2c44b2b2dc3ecfb59318827549e5b2679b3cc4f9e5df2bc30b674fb5f8e181e7dab6cc37989c9911a3d5b32ac444ebf78c76d68c313ed1bcaa4bfcdddc200878c72704b48f4cda8c86a41c703694c1e57aaf73751f45d5ed54010c14c30ea8ca2f620ab57b6ad6bdf3263aeab2de44576b10a1040c6cc84fcf2cb5037e025b227baf26e0c5bda231531365c778ef42bc49fd603b98b7b5173f2f1669834e8cd5167092f5d56e6c2623165710ec863179f143dba38551641ea77676773f3a18e97ada500fe448f172e6e714e16079d8233626d4c5c08c9117c5872c5d815ae0d481c25f2cfd2c76c6723e5ee78d5941b7d49e3d123294dd4c04c2691c5d086393047e3fd027daebf2114d1e9da89a36a49f7a411638060e87593ed8e45fb4292ff888e2eb7b776c9428623a34454eb2f11a47b43707e4b161faa8b8dc0d9cb2a0ac253ab41d0172190749ae06af564cabff5a0ba5df004c44138b49d2e17944f6588839fdedcf6ddef583df85490fa3a956e416e02943d56f734c3d3aa8b4898544e8f417c79bb5532b4ab2393c6723488c627a285686a0dac4cd6df370ab806b80f251256cfc058f8c2c2b46dca533048a18315caca12ad5915f077285ffbe1a4b5f46f2af4e45695348200e1f5a57a698acae6b4f6124fc076af5f40c3461e91b2639a84be51abe62d27cde1642731d31ae1264d20a21011bd221f8d0e4fc9835ccb61405e1ba6fcd48b9d3487909f89a0f40f91abfd3d33876b707d908bd2b076d37f5b2e2d530210e3930cf0418c3a7d8d4ac8cd16b4d2b2d4ebf6134c88813a808d82c86a20b7beb6534bb112b374d5b0a2beacb4e37872a2df879ebd568f0b20ce7d4aeb5ef6c960093b8a3d0e0332d821fdd099269364539d876caf78e60232baf7cc26589453666f17f94ac05fc2b752546a9586f9f18288e5944effa6f912709652113377ee14d949842910b0af467706b42d969908840fe55857f526694cdacb7735f2e0bdc49ca50ca57193aec63535f679e1486185bae007a7cd345bf8d7428e1a2881f6d327ee34ef0bbd67b51d25000fc59ed894c001ca327898dc4a3e7c33e20542772f31e7f125eedec11604b6569f051e643bff91d616284d2ea0f25320c22caba4d681781a13bf341dc22f882540aaab75d5bba9bbfe8aa960705d1d903a7ed8b7a14cc18b2ec9d1640ba3b6cf9c2a6cde4f7b23d1eb42fa57d2b2206c6cd6f84a5b7d682a09064e341c844edd3361f2e457a5057e1c3d97916190d9749adbadb70797f1729cc01c6146a23942e245021fe02748e2235582b36df8236c8b25fa94d1ed7e495f0df447b36f609b17526b2c8c43f1ded38f99344f2553fd911deed701d89fdf92ed6368d74f6f09ce2d26a3916f28eda4fac022f043aff14bab96f3841980533b2f935cfe7e40ad9cc77557d50a32a73aa71ae37a0cece6580887608d028b55fa7a1a1cf214098fe13c1a32ee5890e3d2c9a4d23041f89bac353aa1641df4375080b2181555e9667082a35b041645be39a47298b747eed9d127d8d342b620d0ecd2a48a86bd7dbfa04b3cfad62f5b1055b2259dc64b02d27599fff87c8303b47174e3ee66645d1eaaa05d63bad90ef4fdb97d21b478b37c313571d5776495460b57ba25dc2a5def286c8e81a3fdaa3dfb1dfb9deec86aa3629a03b9722bd95a96972a32552ba5d74f03989c73598b3ba0ef19151631ba4cf90d1bcc35c7cd2fecd6c271564df5ed232581417488454f5878f09523ce1b966162808d13a86872ad04bc777544ae4477459d197c6aaecf52e229a6cc94d151e014b589311f8e5bb7eb57605a80c11a7df2110b70735ae34a21e467f7bd8c3f81c1f9dfcf9464365566786b086637717df597c05b45249b04faa2269ca5a3fca2f1797682f24a34c9f70c27b6dd47fe9f6f006c934481524985afeec903f160c4e2c36c2bbe2081ff33733ca17ca2a2d794fd3af80d5a1adcbfa384e1ba851f4a554433e532f321b332d640513c9df326ddaa4691201f94d1b4b82b82f9bb986e00242fce6588d906cd820640a59707cecf78533496fdc49d90effde5769812ae474ef31adb849542ef23359a640eeeadecf273713a46e96c836823012fc190c8d1dd88d965fbe11074da36375c11fedc648160b55b8b8bc830b72a6f98b1396a72d96f06fab40ddd4729dc162d30e8a34c4041cc22fd62eb501fa685ae7d53376cca12e40f53edd0ae8abbb666c75a6ca8658b4ef8810931158868afb757831d14e81cdadc995fcb98e2da29300480ca03494f81b59985dbe3da8634a3c4a00626d08d6f1f997ccd63a1a103d292d29cdf15b2c4bca2f34ba406a47d9a184ed712356257ec45aa9a8ed8b8daca20f6a2edb1494a2af100000000000000006f1bfeb0edfdb1f10b66753f3fe900b95be3aafbfb5e2976de8b2c6b485243770da0cdc8f4d7384b6f39817f5661429442b20cab08cc28cf814ebf10d7ad4de140241ec169d70781524127a9454e5f1ee9fd5652818683a2f7ff0b11c8fea2ff7398e01df48c8eb62123f2630d561470003d020f4cc8923654fcf65d400ed0792af6bf1876099951e938adc275f47b9ba178b8ae3e9b295fab66c144ad8ad2fd29bced367833b76b2f0ded8dfead5dfccfc9ba2d658688abeb41f53eaf6efa82e5947f8d7a6e1010517032443507f5bd419317324000ca02e49db1cb985f8f11149496bfe54629f3f759c3100e0ab50c95446fd390a87b884930763ac810bdcdaee81b64343b955eba24d34d816bcf3eb5df1b6b44317e033a9015640942da607e3ea61727b97eab7511ff680dc5f4e54fa19e07c0023152272edc066010e661de98f73f913bc04983b325ff62134b41081dce65528af69b5206f9522b3e09f78dea218621e60f5ca9c58212526d96aace431133528b8a5354b213ef4883ef271e488bf629284c277843202bf7a41dbe2616e8338ab14f83bd6da1d1c4a4b50b6372564187a497036f2040f77c099bd0d98d3e4eebd4bf433360c518fc965e966642a22a335f3a9688336bd254dc9fe32632d4c1599c6b72fca290d9cae38548f4ad5d2a165053b7d392276d81ff26e97ebcfa210eddc832240de22bbfc6623929aa2d8bad6c41db54e2125063f9153e98b2316ae5e9d51a3a9efe5a81242f7045dbafa8db63cafad19e32b767dcd5adfd5e5459dce45c71f61a18a3e6a7de43bd61d6015fac48dcecb60795e02b30dc04cc4a408abc2dee10a97fb387a229ba5c07cebc63037c0102c846393b2bf865db38e51ce44b5cede8d530cb6496e5a34b9b0b060b8bd6f98cd53169518a1732d92af494c351f8ce753754f7d944865de345d8520a9232a1c5e516e61f23c39e09bac5d7c70a478e0b7a3208f61f090f69b9ab33da7a8ae16626c3d26f11065fd46851eff2c5968f937e90abe02555cad9e54b4bcaf3ee55aba96406cd457e27c1ad5b9cc640afff1d94d7d5f854fd50a66bf37355c548f840129ae0d81dc23202e4d7921236172d1c4920c1bf5e7bfad21740acd8f5fa278b6de2336276e271045d0ef0a9a566ae988269cb16f7eee941941d3a9f05d754cbb92a27ad9cb374872c3566a9db35920d63f0cfa69ef8dfc41f307f7c1f1ae712e3f6001e57e1de99777212ede107b692182c507b168c77a3824f0cd663f6d2ffe73e3d90587b3444e9a3cb093ddefd2869db927938ecf6cbd16a85d0849b7c829a37b70b24868e7ab1aa2adc012d85a8bf374225281b50882a40e6bed667f0538d8c85768cc9d8537bedfebe64cddf937a150c565e3824a75f5e7a173fed0ed3b3aa8750fde47ce1c219d5fc1977abc24c7a28aa8251e29a17eee3405d4c1f1f5e8b53df9425d6dde4b9de4715097c58062a977637b42974a40f0bf24dcca060871b759e5f42a12da7d89a494468f6c91c47ac17e7bfd61e62872541fd5d3941c0f0ebca3de06ca63cb52b186737fc61ade4eaed0fd5dd1eb4b8e2d2ebb689741fb354c8bbdc9092f68a156952395585113d78254ec826ba49204d76b8dcd854c4cf942c50c38ad5f8db2bf032d5eced178b25e56f9b39961aea03785119cab42fffbbbeaa15f0c21511f441fd72ab25014dbe5a35dfe295486e0d2e5803304deff8736e1d8df7886e4725321bc450c68459f01b5b3014735e81f989945e59b4c5e367976e90124e9cf422cc0f0d624627ab83ccd65ac7c1b91424672ebb3d91d932994c6e215a9d60efb6ed87eb579951668273e9a38f9089179459d2f670a21bd999a97c968891c59402d188dc601ef033fb9af3291b8778f2a38d379913a02d2215f2960f80847afe4d65f1fc7bcd1995e83fc88d87d799af0bf16060780efc8dbd08b041d8c2f646ca18ea18d3d295e172b344b6aea8d2a2620b6379c5c368459fee07bfcc83c83acaf3dc67755bbe8fe58b1a39051ef2327b30c886a0a5183e38c199e32365cb8194deade3262ea5ffa559b789da10f2948e135ce5858e1b016c153b14795a085b5bef350f95487a3f748afa943179d87a1e8828edc33804c2ea49979074fe162a8a36689286c390585d9f83645be3b921c4a6678b8ffd7edfb7a85265d5796ce4f12595b364fcc81b58c267beaa85dd47ad8c55783fe526d6dd0e3cc1f70a7e88d6f826b18aeab8282ff8e2a13ee8f03fab41be97af13c87883f87e6f0bdda04deebc05e35b601a55cc984478a997725d3faab2101cd9596c757c659e6b6c9178f620fbdcb87e399404f4bcd9b57dd1013818e58a785bed0a7fd1f5e5e355816ceba6745a42e10a145c87aedede2e0bed7bc75015a8354ba95a226c87df41d41e4ae368c4e84e8a032c48977601d71eae547f95375746e1f9c86135481bd09a08fee04db26b96cc9327bbde61cec27a56d114cc0e6459170e6cc44d846a2a55046b505e14dbdac32aa759e5d0268fe819a3dc503247b6c24c1607b4742671f5ad63c21812b1904b3c39ec8734fb1ee77a124a29c50154f53c89754f5e4719cc0279c851a63fc33e16f2393e5134568b78126b5680664fcd1fbf9d88f4efdadc120bbb4f21ddd7bf4c445a534631c5f2c4b51d7842743493b4a13bb99f160987284bc7960aaa6d40dbe05e20f42ff48425d1c8166b7fd457d33d808b456b7b11d3d3c1f445a9698ee8a473fb116c5c4824fa224088fa6f031f07f2972e62592d59536dc4cbe3c1cb33e922b0f35f79f1df10ab43e1d3e5dc480bdd8a7039f71ee9c73f976809ec2853ad0c18e4f0ee73fd1361591375d3db6c822e7baae597fc454aae7b426922e9fd9a87fe52a25d5cd03434d7ffb9f319fbeb403c0836f2117cf851bf7660ecb567a6cd918e85190683c1c0a79da1cd92b8527400008f047a436a4859be0e7b9469c6830a81d81f93ea8ba1b614de4386296089c9b34f4b8116ae7afedd43f6a82abf4302e4d8a9fba0b87347df1f5bb676f496bf29bf9ea9e3ea4bd1dd3f3d4feb7609f96424f35035b5a13fd6efd0441dea1c1f17feae7d5a1ef77aa05537fc87cc2021c92d5cbbbd159258a45972e112e123e306ef0daa36e1ff069be815c5d0b74b6b41c6d5b76c04057de0a43c2e40b04fc11b60f0f1e7ff0b88fb600d79e03cc8b73fed0af95601acca"})

537.326086ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000009712457af26d841f87cc0000000000", @ANYRES32, @ANYBLOB="00000000000000001820", @ANYRES32, @ANYBLOB="000000000000000000002000fcffffff95"], 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})

520.180508ms ago: executing program 3:
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x2e, 0x4, 0x0, 0x0, 0xb8, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x7e, 0x0, 0x9, [0x401, 0x1000, 0x5, 0x0, 0x0, 0x8]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote, 0x8}, {@dev, 0x659}, {@broadcast, 0x8000}, {@empty}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x3c, 0x2c, 0x3, 0x0, [{@dev}, {@remote, 0x3}, {@multicast2}, {@private=0xa010101}, {@rand_addr, 0x800}, {@broadcast, 0x52b4}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

518.345768ms ago: executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000180)='ext4_ext_show_extent\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000000), 0x400000)

471.730516ms ago: executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "e90e5b", 0xc, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, @remote, {[], {0x0, 0x0, 0x2, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0)

462.359317ms ago: executing program 4:
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x2000000, &(0x7f0000000500), 0x1, 0x487, &(0x7f00000010c0)="$eJzs3M1vVFUbAPDn3n5A+Wrf9+VFQdAqGokfLS2oLNxoNHGhiYkucFnbgshADa2JECLVGFwaEvfGpYl/gTs3Rl0YE3dGE5eGhCgxAV2NuV8wHWZKgWkHmN8vucw5957pOc/ce+49cw93AuhZo9k/ScSmiPglIoaL7NICo8XL5Yunp/++eHo6iXr9tT+SvNyli6enq6LV+zZGxPokYk8akX6UlJUsNX/y1NGpWm32RJkfX6ifGZ8/eerJI8emDs8enj0+eeDA/n0Tzzw9+VRH4sziurTj/bmd219649wr0wfPvfndl1l7t+0qtjfG0SmjWeB/1nPN2x7pdGVdtrkhnfR3sSHckL6IyHbXQN7/h6Mvru684Xjxw642DlhV2bVpXfvNi3XgLpZEt1sAdEd1oc++/1bLGg09bgsXnouY/rmI/3K5FFv6Iy3LDKxi/aMRcXDxn8+yJVbpPgQAQKN8bPNEq/FfGtvy12JWZ0s5hzISEf+JiP9GxP8iYmtE/D8iL3tPRNxbvLk+vML6m6eGrh3/pOdvKcDryMZ/z5ZzW9WyWNRbVh8jfWVucx7/QHLoSG12b/mZ7ImBdVl+Ypk6vn7hp0+a1w2Vr43jv2zJ6q/GgqXz/U036GamFqY6NSi98EHEjv6l8RdbkiszAdkRsD0idtzYn95SJY489sXOdoVWEH97HZhnqn8e8Wix/xejKf5Kks9PHnunzfzk+Pqoze4dr46Ka33/49lX29V/S/F3QLb/Nyw9/ptKDP+VFPO1A1GrzZ6Yv/E6zv76cdvvNNePP215/A8mr+dz1j+8Vax7b2ph4cRExGDycp4fjIb1k1ffW+Wr8ln8e3a3Ov7T/BwX5f6/LyKyg3hXRNwfEQ+UbX8wIh6KiN3LxP/t8w+/ffPxr64s/plo3f9LI0njfP38yVPVZ3t1zfKJvqPffJW0qX9l+39/LObn2kJ+/ruOlbTr5o5mAAAAuPOkEbEpknTsSjpNx8aK/8O/NTaktbn5hccPzb17fKZ4RmAkBtLqTtdww/3QiWSx/ItFfrK8V1xt31feN/60byjPj03P1Wa6HDv0uo1t+n/m975utw5YdZ7Xgt7V3P/TLrUDWHuu/9C7WvT/oW60A1h7rv/Qu1r1/zNNeXMBcHe6tv//1uIn6yqDq90cYA0Z/0Pv0v+hd+n/0JOWPBJ/fPNKH5uX6PlEpLdFMzqbGFrxj1rc+Ynssr9MmW6fmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj3wAAAP//YyLvrA==")
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c710016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa73d897e3896d863081b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbd744e517e65ddab19e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f200004304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188541c300f5c1bf56705ba12d198e897186b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710f7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47cbb0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9ea410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be0a33c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06a6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c6062368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c5bed4b0d73dffb17a88aaad5921aee7dae6a2f3009d9cb434898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a64d903b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e7ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000006a728258ca3d846a000e80d5f43109a48ddc54cec5d7f78c80e010ed02ffc0846577cafcd9e0ad83149bfb08ba7b5b431311041deb5e5d65610ad6e8d6ed55e900071b4d37d9fadb17a0407e7251866b63faccfe936980f59ceaa9d6b6863024b482023799a4f30a225b560f320e89ed44130e78f8cf000ac3c743b08d4256f282fc36162ac4b59527a3b67560313914ff6ac4ac43cd0e79d6372da631de3fde6c29de3b43d3046df23019ecadd57f175a2443928b1bcb9be16f54936796c3b928dc07c70771622cef2fafeb239a3ca4"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2810000, &(0x7f0000000380)={[{@nobarrier}, {@noquota}, {@barrier_val}, {@jqfmt_vfsv1}, {@block_validity}, {@mblk_io_submit}, {@noquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x8}}, {@delalloc}, {@user_xattr}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r3, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000f4)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
keyctl$read(0x2, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='veth1_virt_wifi\x00', 0x10)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r4, 0x4b52, &(0x7f0000000000))

419.840664ms ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0x16d)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$netlink(r1, 0x10e, 0x3, 0x0, &(0x7f0000000040))

410.673005ms ago: executing program 0:
unshare(0x2a020400)
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x0)
setresuid(0x0, r0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r1, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc)

400.319307ms ago: executing program 0:
r0 = socket(0x10, 0x400000000080803, 0x0)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, 0x0)
bind$802154_raw(0xffffffffffffffff, &(0x7f0000000100), 0x14)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
prlimit64(r2, 0x8, &(0x7f0000000000)={0x2, 0x3}, &(0x7f0000000080))
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_inet_udp_SIOCOUTQ(r4, 0x8901, &(0x7f0000000000))
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @private}, {0x0, @random="ca1597489704"}, 0x8, {0x2, 0x0, @empty}, 'veth0\x00'})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r5, &(0x7f0000000040)=[{&(0x7f0000000200)=""/233, 0xe9}], 0x1, 0xfff, 0x0)

388.627399ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x0, 0x0)
ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0xdd218)

370.492562ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xc}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./file2\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1548f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000015b80)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5")
r3 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00')
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f0000000200), &(0x7f0000000400)}, 0x20)
setns(r3, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

286.676135ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='ext4_drop_inode\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='ext4_drop_inode\x00', r2}, 0x10)
unlink(&(0x7f0000000140)='./cgroup\x00')

221.215945ms ago: executing program 4:
r0 = syz_io_uring_setup(0x5, &(0x7f0000000140)={0x0, 0x0, 0x3e40}, &(0x7f0000ffb000), &(0x7f0000fff000))
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000240)=[@ioring_restriction_register_op={0x0, 0x2}], 0x1)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f00000000c0), 0x0)

204.383408ms ago: executing program 4:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000001000010701700ff000000000001090224000100000000090400000203000000092100000001220b0009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x64342, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000ff0f0000000000ff000000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
r4 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
ftruncate(r1, 0x2007ffb)
sendfile(r2, r4, 0x0, 0x1000000201005)
rename(&(0x7f00000002c0)='./bus\x00', &(0x7f00000004c0)='./file2\x00')
syz_usb_control_io$hid(r0, &(0x7f0000000d00)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220b00000005a0a0"], 0x0}, 0x0)

48.893372ms ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r2}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

30.135675ms ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000009712457af26d841f87cc0000000000", @ANYRES32, @ANYBLOB="00000000000000001820", @ANYRES32, @ANYBLOB="000000000000000000002000fcffffff95"], 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})

0s ago: executing program 1:
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x0)

kernel console output (not intermixed with test programs):

int
[  113.123505][ T3610] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  113.130447][ T3610] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  113.140018][   T28] audit: type=1400 audit(1718616133.999:1707): avc:  denied  { write } for  pid=3617 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  113.151317][ T3610] syz-executor.0: attempt to access beyond end of device
[  113.151317][ T3610] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  113.231604][ T3314] EXT4-fs (loop2): unmounting filesystem.
[  113.320059][ T3633] loop0: detected capacity change from 0 to 512
[  113.326984][ T3633] EXT4-fs (loop0): bad geometry: first data block is 0 with a 1k block and cluster size
[  113.376954][ T3635] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  113.577385][  T492] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  113.852575][ T3646] device wireguard0 entered promiscuous mode
[  114.027752][  T492] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.089914][   T28] audit: type=1400 audit(1718616134.939:1708): avc:  denied  { append } for  pid=3648 comm="syz-executor.4" name="loop9" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  114.114235][  T492] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.134654][  T492] usb 3-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[  114.161368][  T492] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.169958][  T492] usb 3-1: config 0 descriptor??
[  114.285295][ T3654] fuse: Bad value for 'fd'
[  114.527440][  T335] uclogic 0003:256C:006D.0010: failed retrieving string descriptor #100: -71
[  114.572318][  T335] uclogic 0003:256C:006D.0010: failed retrieving pen parameters: -71
[  114.580399][  T335] uclogic 0003:256C:006D.0010: failed probing pen v1 parameters: -71
[  114.588554][  T335] uclogic 0003:256C:006D.0010: failed probing parameters: -71
[  114.595949][  T335] uclogic: probe of 0003:256C:006D.0010 failed with error -71
[  114.604481][  T335] usb 4-1: USB disconnect, device number 14
[  114.639629][ T3656] loop4: detected capacity change from 0 to 40427
[  114.646964][ T3656] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  114.654564][ T3656] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  114.733057][ T3656] F2FS-fs (loop4): Found nat_bits in checkpoint
[  114.749268][  T492] logitech-djreceiver 0003:046D:C534.0011: hidraw0: USB HID v0.00 Device [HID 046d:c534] on usb-dummy_hcd.2-1/input0
[  114.777467][ T3656] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  114.784442][ T3656] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  115.327702][ T3650] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  115.467911][   T28] audit: type=1400 audit(1718616136.209:1709): avc:  denied  { map } for  pid=3663 comm="syz-executor.1" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=29532 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  115.528756][ T3650] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  115.554686][  T492] usb 3-1: USB disconnect, device number 8
[  115.614420][ T3666] loop0: detected capacity change from 0 to 40427
[  115.621532][ T3666] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  115.629055][ T3666] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  115.638316][ T3666] F2FS-fs (loop0): invalid crc value
[  115.679836][ T3676] loop4: detected capacity change from 0 to 512
[  115.689981][ T3676] EXT4-fs (loop4): bad geometry: first data block is 0 with a 1k block and cluster size
[  115.701056][ T3666] F2FS-fs (loop0): Found nat_bits in checkpoint
[  115.768484][ T3666] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  115.775553][ T3666] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  115.785591][   T28] audit: type=1400 audit(1718616136.619:1710): avc:  denied  { read write } for  pid=3682 comm="syz-executor.3" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  115.794993][ T3666] syz-executor.0: attempt to access beyond end of device
[  115.794993][ T3666] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  115.814519][   T28] audit: type=1400 audit(1718616136.619:1711): avc:  denied  { open } for  pid=3682 comm="syz-executor.3" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  116.030361][ T3693] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  116.080397][   T28] audit: type=1400 audit(1718616136.939:1712): avc:  denied  { map } for  pid=3692 comm="syz-executor.0" path="socket:[29557]" dev="sockfs" ino=29557 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  116.118273][ T3693] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  116.237722][ T3697] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  116.269917][ T3697] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.277102][ T3697] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.324121][ T3697] device wireguard0 left promiscuous mode
[  117.407090][   T28] audit: type=1400 audit(1718616138.259:1713): avc:  denied  { read write } for  pid=3715 comm="syz-executor.2" name="uhid" dev="devtmpfs" ino=175 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  117.481398][   T28] audit: type=1400 audit(1718616138.259:1714): avc:  denied  { open } for  pid=3715 comm="syz-executor.2" path="/dev/uhid" dev="devtmpfs" ino=175 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  117.551980][ T3714] loop0: detected capacity change from 0 to 40427
[  117.558962][ T3714] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  117.566527][ T3714] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  117.579162][ T3714] F2FS-fs (loop0): Found nat_bits in checkpoint
[  117.627631][ T3714] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  117.634509][ T3714] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  117.651409][ T3714] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  117.662242][ T3714] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  117.759449][ T3037] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  117.795933][   T28] audit: type=1326 audit(1718616138.649:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3741 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  119.023434][   T28] audit: type=1326 audit(1718616138.649:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3741 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  119.045772][ T3746] loop4: detected capacity change from 0 to 128
[  119.054441][   T28] audit: type=1326 audit(1718616138.649:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3741 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  119.078721][   T28] audit: type=1326 audit(1718616138.649:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3741 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  119.102645][   T28] audit: type=1326 audit(1718616138.649:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3741 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  119.137914][   T28] audit: type=1326 audit(1718616138.649:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3741 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb06587bb20 code=0x7ffc0000
[  119.178296][   T28] audit: type=1326 audit(1718616138.649:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3741 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  119.203065][   T28] audit: type=1326 audit(1718616138.649:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3741 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  119.647540][ T3037] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.658726][ T3037] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.668538][ T3037] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  119.677518][ T3037] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.685722][ T3037] usb 3-1: config 0 descriptor??
[  119.699108][ T3767] kvm: emulating exchange as write
[  120.549323][ T3792] loop4: detected capacity change from 0 to 512
[  120.591079][ T3792] EXT4-fs (loop4): 1 orphan inode deleted
[  120.597772][ T3792] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  120.617026][ T3792] ext4 filesystem being mounted at /root/syzkaller-testdir3142474931/syzkaller.yX2iMy/24/file1 supports timestamps until 2038 (0x7fffffff)
[  120.618199][ T3790] loop0: detected capacity change from 0 to 40427
[  120.638133][ T3790] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  120.645676][ T3790] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  120.735962][ T3790] F2FS-fs (loop0): Found nat_bits in checkpoint
[  120.856687][ T3806] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  120.957314][ T3790] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  120.964319][ T3790] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  121.088372][ T3780] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  121.097856][ T3780] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  121.181963][ T3796] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3796 comm=syz-executor.1
[  121.215240][ T3817] loop3: detected capacity change from 0 to 512
[  121.222236][ T3817] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  121.230561][ T3817] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  121.249645][ T3817] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters
[  121.264695][ T3817] EXT4-fs (loop3): 1 truncate cleaned up
[  121.270265][ T3817] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  121.288208][ T2831] EXT4-fs (loop3): unmounting filesystem.
[  121.301271][ T3817] syz-executor.3 (3817) used greatest stack depth: 19432 bytes left
[  121.404497][ T3303] EXT4-fs (loop4): unmounting filesystem.
[  121.408111][ T3829] loop3: detected capacity change from 0 to 128
[  121.467269][ T3836] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  121.515891][ T3841] overlayfs: statfs failed on './file0'
[  121.818918][ T3037] uclogic 0003:256C:006D.0012: failed retrieving string descriptor #100: -71
[  121.833564][ T3037] uclogic 0003:256C:006D.0012: failed retrieving pen parameters: -71
[  121.845655][ T3037] uclogic 0003:256C:006D.0012: failed probing pen v1 parameters: -71
[  121.854626][ T3037] uclogic 0003:256C:006D.0012: failed probing parameters: -71
[  121.865052][ T3037] uclogic: probe of 0003:256C:006D.0012 failed with error -71
[  121.935438][ T3037] usb 3-1: USB disconnect, device number 9
[  122.118240][ T3864] loop4: detected capacity change from 0 to 512
[  122.129315][ T3864] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  122.138331][ T3864] ext4 filesystem being mounted at /root/syzkaller-testdir3142474931/syzkaller.yX2iMy/31/file0 supports timestamps until 2038 (0x7fffffff)
[  122.325039][ T3864] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3864 comm=syz-executor.4
[  122.505937][ T3883] device wireguard1 entered promiscuous mode
[  122.722629][   T28] kauditd_printk_skb: 12 callbacks suppressed
[  122.722646][   T28] audit: type=1400 audit(1718616143.579:1729): avc:  denied  { write } for  pid=3879 comm="syz-executor.3" path="socket:[30595]" dev="sockfs" ino=30595 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  122.757767][ T3887] raw_sendmsg: syz-executor.2 forgot to set AF_INET. Fix it!
[  122.761766][   T28] audit: type=1400 audit(1718616143.609:1730): avc:  denied  { bind } for  pid=3886 comm="syz-executor.2" lport=9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  122.786206][   T28] audit: type=1400 audit(1718616143.609:1731): avc:  denied  { node_bind } for  pid=3886 comm="syz-executor.2" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  122.805725][ T3893] syz-executor.2[3893] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.808707][ T3893] syz-executor.2[3893] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.835301][ T3895] loop2: detected capacity change from 0 to 128
[  123.015327][ T3303] EXT4-fs (loop4): unmounting filesystem.
[  123.261283][  T316] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  123.274516][   T28] audit: type=1326 audit(1718616144.129:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3891 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x0
[  123.491834][ T3923] loop4: detected capacity change from 0 to 128
[  123.502406][ T3923] incfs: ino conflict with backing FS 1
[  123.657502][  T316] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.676285][ T3929] syz-executor.1[3929] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.676410][ T3929] syz-executor.1[3929] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.720352][  T316] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.743247][  T316] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  123.752877][  T316] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.761732][  T316] usb 4-1: config 0 descriptor??
[  124.268766][ T3932] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3932 comm=syz-executor.1
[  124.547444][ T3037] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  124.846338][   T28] audit: type=1326 audit(1718616145.699:1733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3957 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x0
[  124.943502][ T3953] loop4: detected capacity change from 0 to 131072
[  124.950666][ T3953] F2FS-fs (loop4): Wrong segment_count / block_count (65567 > 16384)
[  124.958663][ T3953] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  124.968874][ T3953] F2FS-fs (loop4): Found nat_bits in checkpoint
[  124.987474][ T3037] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.998195][ T3037] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  125.010858][ T3037] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  125.013037][ T3953] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  125.019769][ T3037] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.020451][ T3037] usb 1-1: config 0 descriptor??
[  125.026758][ T3953] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  125.207509][  T316] uclogic 0003:256C:006D.0013: failed retrieving string descriptor #100: -71
[  125.219190][  T316] uclogic 0003:256C:006D.0013: failed retrieving pen parameters: -71
[  125.227229][  T316] uclogic 0003:256C:006D.0013: failed probing pen v1 parameters: -71
[  125.235628][  T316] uclogic 0003:256C:006D.0013: failed probing parameters: -71
[  125.243218][  T316] uclogic: probe of 0003:256C:006D.0013 failed with error -71
[  125.266165][  T316] usb 4-1: USB disconnect, device number 15
[  125.505550][   T28] audit: type=1400 audit(1718616146.359:1734): avc:  denied  { wake_alarm } for  pid=3979 comm="syz-executor.1" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  125.618642][ T3037] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[  125.631103][   T28] audit: type=1400 audit(1718616146.489:1735): avc:  denied  { map } for  pid=3989 comm="syz-executor.1" path="socket:[31047]" dev="sockfs" ino=31047 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  125.659413][ T3037] plantronics 0003:047F:FFFF.0014: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  125.718558][ T4004] loop4: detected capacity change from 0 to 512
[  125.727222][ T4004] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.4: inline data xattr refers to an external xattr inode
[  125.742466][ T4004] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 12 (err -117)
[  125.755122][ T4004] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  125.784530][ T3303] EXT4-fs (loop4): unmounting filesystem.
[  125.878028][ T4023] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  125.979557][   T28] audit: type=1326 audit(1718616146.839:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4001 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2d6fe7cf29 code=0x0
[  126.010134][ T4020] loop3: detected capacity change from 0 to 40427
[  126.017268][ T4020] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  126.025212][ T4020] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  126.035889][ T4020] F2FS-fs (loop3): Found nat_bits in checkpoint
[  126.077189][ T4020] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  126.080547][ T4048] loop4: detected capacity change from 0 to 512
[  126.090833][ T4020] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  126.098974][ T4020] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  126.110240][ T4048] EXT4-fs (loop4): 1 orphan inode deleted
[  126.115872][ T4048] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  126.124791][ T4048] ext4 filesystem being mounted at /root/syzkaller-testdir3142474931/syzkaller.yX2iMy/57/file1 supports timestamps until 2038 (0x7fffffff)
[  127.022600][ T4053] syz-executor.3: attempt to access beyond end of device
[  127.022600][ T4053] loop3: rw=2049, sector=45096, nr_sectors = 64 limit=40427
[  127.041091][ T4056] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  127.404824][ T3303] EXT4-fs (loop4): unmounting filesystem.
[  127.442416][ T4061] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  127.617889][  T335] usb 1-1: USB disconnect, device number 13
[  127.689412][ T4083] loop4: detected capacity change from 0 to 512
[  127.719493][ T4083] EXT4-fs (loop4): 1 orphan inode deleted
[  127.725915][ T4083] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  127.767385][   T28] audit: type=1400 audit(1718616148.619:1737): avc:  denied  { write } for  pid=4088 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  127.884443][ T4083] ext4 filesystem being mounted at /root/syzkaller-testdir3142474931/syzkaller.yX2iMy/61/file1 supports timestamps until 2038 (0x7fffffff)
[  128.077069][ T4080] loop2: detected capacity change from 0 to 40427
[  128.084405][ T4080] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  128.092351][ T4080] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  128.119764][ T4080] F2FS-fs (loop2): Found nat_bits in checkpoint
[  128.160231][ T4080] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  128.187705][ T4080] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  128.203127][ T4080] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  128.233478][ T4099] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  128.310393][   T28] audit: type=1326 audit(1718616149.169:1738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4091 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd9d27cf29 code=0x0
[  128.656125][ T3303] EXT4-fs (loop4): unmounting filesystem.
[  128.662816][ T4111] loop0: detected capacity change from 0 to 256
[  128.678559][ T4111] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  128.747523][ T4115] syz-executor.2: attempt to access beyond end of device
[  128.747523][ T4115] loop2: rw=2049, sector=45096, nr_sectors = 64 limit=40427
[  128.867546][   T28] audit: type=1400 audit(1718616149.709:1739): avc:  denied  { read append open } for  pid=4110 comm="syz-executor.0" path="/root/syzkaller-testdir4228964418/syzkaller.UQQW9b/57/file0/memory.events" dev="loop0" ino=1048683 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  128.954741][   T28] audit: type=1400 audit(1718616149.809:1740): avc:  denied  { map } for  pid=4110 comm="syz-executor.0" path="/root/syzkaller-testdir4228964418/syzkaller.UQQW9b/57/file0/memory.events" dev="loop0" ino=1048683 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  129.072031][ T4131] device vlan2 entered promiscuous mode
[  129.090605][ T4131] device bridge0 entered promiscuous mode
[  129.097198][ T4131] device bridge0 left promiscuous mode
[  129.106563][   T28] audit: type=1400 audit(1718616149.959:1741): avc:  denied  { ioctl } for  pid=4140 comm="syz-executor.0" path="/dev/usbmon0" dev="devtmpfs" ino=139 ioctlcmd=0x9208 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  129.181431][ T4151] loop3: detected capacity change from 0 to 256
[  129.247499][ T4151] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  129.497795][   T28] audit: type=1326 audit(1718616150.349:1742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4145 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffba067cf29 code=0x0
[  129.628968][ T4149] loop4: detected capacity change from 0 to 40427
[  129.688433][ T4149] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  129.738037][ T4149] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  129.762731][ T4149] F2FS-fs (loop4): Found nat_bits in checkpoint
[  129.778793][   T28] audit: type=1400 audit(1718616150.639:1743): avc:  denied  { map } for  pid=4176 comm="syz-executor.3" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  129.821883][   T28] audit: type=1400 audit(1718616150.639:1744): avc:  denied  { execute } for  pid=4176 comm="syz-executor.3" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  129.827653][ T4149] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  129.874736][ T4149] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  129.884143][ T4149] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  130.078077][ T4195] syz-executor.4: attempt to access beyond end of device
[  130.078077][ T4195] loop4: rw=2049, sector=45096, nr_sectors = 64 limit=40427
[  130.275528][ T4199] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  130.338306][ T4199] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  130.457813][ T4215] netlink: 'syz-executor.2': attribute type 27 has an invalid length.
[  130.524826][ T4218] syz-executor.3[4218] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  130.525157][ T4218] syz-executor.3[4218] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  130.788981][ T4215] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.807454][ T4215] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.117409][   T28] audit: type=1326 audit(1718616151.959:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8c7207cf29 code=0x0
[  131.584672][ T4246] loop3: detected capacity change from 0 to 512
[  131.599723][ T4246] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  131.608694][ T4246] ext4 filesystem being mounted at /root/syzkaller-testdir928278895/syzkaller.jJGTur/102/file0 supports timestamps until 2038 (0x7fffffff)
[  131.610281][ T4237] loop0: detected capacity change from 0 to 40427
[  131.629762][ T4237] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  131.637523][ T4237] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  131.647839][ T4237] F2FS-fs (loop0): Found nat_bits in checkpoint
[  131.724091][ T4237] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  131.765056][ T4258] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  131.771896][ T4237] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  131.778922][ T4237] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  131.782773][ T4258] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  132.349589][ T4258] netlink: 'syz-executor.4': attribute type 27 has an invalid length.
[  132.390769][ T4258] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.397850][ T4258] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.465561][ T4269] syz-executor.0: attempt to access beyond end of device
[  132.465561][ T4269] loop0: rw=2049, sector=45096, nr_sectors = 64 limit=40427
[  132.526316][ T4246] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4246 comm=syz-executor.3
[  132.545354][ T4258] device wireguard0 left promiscuous mode
[  132.656805][ T4285] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  132.679418][ T4290] /dev/loop0: Can't open blockdev
[  132.717877][ T2831] EXT4-fs (loop3): unmounting filesystem.
[  133.269974][ T4323] loop4: detected capacity change from 0 to 512
[  133.315732][ T4313] loop2: detected capacity change from 0 to 40427
[  133.333839][ T4313] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  133.341609][ T4313] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  133.351909][ T4313] F2FS-fs (loop2): Found nat_bits in checkpoint
[  133.364731][ T4323] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  133.384270][ T4323] ext4 filesystem being mounted at /root/syzkaller-testdir3142474931/syzkaller.yX2iMy/75/file0 supports timestamps until 2038 (0x7fffffff)
[  133.399945][ T4313] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  133.406789][ T4313] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  133.439488][ T4305] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  133.451561][ T4305] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  133.683527][ T4323] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4323 comm=syz-executor.4
[  134.130299][ T3303] EXT4-fs (loop4): unmounting filesystem.
[  134.246949][ T4364] overlayfs: unrecognized mount option "euid<00000000000000000000" or missing value
[  134.301950][ T4380] syz-executor.0[4380] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.302025][ T4380] syz-executor.0[4380] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.314509][ T4380] overlayfs: invalid redirect ((null))
[  134.499009][ T4387] loop0: detected capacity change from 0 to 40427
[  134.512812][ T4387] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  134.522893][ T4387] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  134.537647][ T4387] F2FS-fs (loop0): user quota file already specified
[  134.623760][ T4403] loop4: detected capacity change from 0 to 1024
[  134.638868][ T4403] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  134.640449][ T4387] netlink: 'syz-executor.0': attribute type 11 has an invalid length.
[  134.647283][ T4403] ext4 filesystem being mounted at /root/syzkaller-testdir3142474931/syzkaller.yX2iMy/86/file1 supports timestamps until 2038 (0x7fffffff)
[  134.671802][   T28] audit: type=1400 audit(1718616155.529:1746): avc:  denied  { mount } for  pid=4402 comm="syz-executor.4" name="/" dev="configfs" ino=8004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  134.696856][   T28] audit: type=1400 audit(1718616155.549:1747): avc:  denied  { unmount } for  pid=3303 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  134.718153][ T3303] EXT4-fs (loop4): unmounting filesystem.
[  134.755727][ T4412] syz-executor.4[4412] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.755820][ T4412] syz-executor.4[4412] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.768203][ T4412] overlayfs: invalid redirect ((null))
[  134.787653][ T4408] overlayfs: unrecognized mount option "euid<00000000000000000000" or missing value
[  134.969573][ T4417] loop4: detected capacity change from 0 to 40427
[  134.976608][ T4417] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  134.984191][ T4417] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  134.994792][ T4417] F2FS-fs (loop4): Found nat_bits in checkpoint
[  135.394216][ T4417] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  135.424989][ T4417] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  135.433476][ T4417] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  135.442284][   T28] audit: type=1400 audit(1718616156.299:1748): avc:  denied  { bind } for  pid=4427 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  135.573167][ T4444] syz-executor.1[4444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  135.573246][ T4444] syz-executor.1[4444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  135.667929][ T4445] syz-executor.4: attempt to access beyond end of device
[  135.667929][ T4445] loop4: rw=2049, sector=45096, nr_sectors = 64 limit=40427
[  135.973590][ T4441] loop2: detected capacity change from 0 to 40427
[  135.998991][ T4441] F2FS-fs (loop2): invalid crc value
[  136.028529][ T4441] F2FS-fs (loop2): Found nat_bits in checkpoint
[  136.126789][ T4447] overlayfs: unrecognized mount option "euid<00000000000000000000" or missing value
[  136.147552][ T4441] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  136.175837][ T4441] syz-executor.2: attempt to access beyond end of device
[  136.175837][ T4441] loop2: rw=2049, sector=53248, nr_sectors = 128 limit=40427
[  136.243640][ T3314] syz-executor.2: attempt to access beyond end of device
[  136.243640][ T3314] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  136.250580][ T4455] loop0: detected capacity change from 0 to 8192
[  136.347738][ T4461] syz-executor.1[4461] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.348041][ T4461] syz-executor.1[4461] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.560108][ T4455]  loop0: p1 p2[DM] p4
[  136.576163][ T4455] loop0: p1 size 196608 extends beyond EOD, truncated
[  136.589643][ T4455] loop0: p2 start 4292936063 is beyond EOD, truncated
[  136.596309][ T4455] loop0: p4 size 50331648 extends beyond EOD, truncated
[  136.625358][ T4467] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  136.717404][ T3037] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  136.967401][ T1295] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  138.027320][    C1] sched: RT throttling activated
[  138.081343][ T4486] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.088682][ T4486] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.096035][ T4486] device bridge_slave_0 entered promiscuous mode
[  138.105923][ T4486] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.112859][ T4486] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.130509][ T4486] device bridge_slave_1 entered promiscuous mode
[  138.145715][   T28] audit: type=1400 audit(1718616158.999:1749): avc:  denied  { write } for  pid=4499 comm="syz-executor.3" name="anycast6" dev="proc" ino=4026532928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  138.169062][ T1295] usb 1-1: Using ep0 maxpacket: 32
[  138.169474][   T28] audit: type=1400 audit(1718616158.999:1750): avc:  denied  { create } for  pid=4502 comm="syz-executor.1" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  138.252764][ T4486] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.260164][ T4486] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.267215][ T4486] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.274135][ T4486] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.314066][  T335] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.323995][  T335] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.332924][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  138.340299][ T3037] usb 5-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[  138.361828][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  138.369172][ T3037] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.387661][ T4517] device wireguard0 entered promiscuous mode
[  138.432503][ T3037] usb 5-1: Product: syz
[  138.451767][ T3037] usb 5-1: Manufacturer: syz
[  138.476088][ T3037] usb 5-1: SerialNumber: syz
[  138.583541][ T3037] usb 5-1: config 0 descriptor??
[  140.017645][ T3037] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  140.028172][ T3037] asix: probe of 5-1:0.0 failed with error -71
[  140.035065][ T3037] usb 5-1: USB disconnect, device number 6
[  140.047464][ T1295] usb 1-1: New USB device found, idVendor=0572, idProduct=cb07, bcdDevice=f6.19
[  140.057033][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  140.079005][ T1295] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.087568][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  140.094939][ T1295] usb 1-1: Product: syz
[  140.099736][  T492] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.100444][ T1295] usb 1-1: Manufacturer: syz
[  140.106591][  T492] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.118517][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  140.127782][ T1295] usb 1-1: config 0 descriptor??
[  140.134620][  T492] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.141481][  T492] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.147433][ T1295] usb 1-1: can't set config #0, error -71
[  140.153373][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  140.168021][ T1295] usb 1-1: USB disconnect, device number 14
[  140.184764][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  140.185138][ T4542] loop0: detected capacity change from 0 to 1024
[  140.203703][ T4486] device veth0_vlan entered promiscuous mode
[  140.224701][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  140.237767][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  140.243995][ T4542] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  140.245439][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  140.263265][ T4486] device veth1_macvtap entered promiscuous mode
[  140.272841][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  140.280908][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  140.289311][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  140.290006][ T4542] ext4 filesystem being mounted at /root/syzkaller-testdir4228964418/syzkaller.UQQW9b/85/file1 supports timestamps until 2038 (0x7fffffff)
[  140.334482][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  140.344651][ T4555] loop4: detected capacity change from 0 to 256
[  140.351833][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  140.359690][ T4531] loop3: detected capacity change from 0 to 40427
[  142.002945][ T4531] F2FS-fs (loop3): invalid crc value
[  142.009962][ T4531] F2FS-fs (loop3): Found nat_bits in checkpoint
[  142.014426][  T334] kernel write not supported for file bpf-prog (pid: 334 comm: kworker/1:3)
[  142.524495][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  142.528726][ T4531] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  142.533221][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  142.550721][ T3168] EXT4-fs (loop0): unmounting filesystem.
[  142.575313][  T348] device bridge_slave_1 left promiscuous mode
[  142.586554][ T4531] syz-executor.3: attempt to access beyond end of device
[  142.586554][ T4531] loop3: rw=2049, sector=53248, nr_sectors = 128 limit=40427
[  142.601235][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.621736][  T348] device bridge_slave_0 left promiscuous mode
[  142.627808][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.642965][ T2831] syz-executor.3: attempt to access beyond end of device
[  142.642965][ T2831] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  142.646676][ T4565] loop2: detected capacity change from 0 to 8192
[  142.681379][ T4580] loop0: detected capacity change from 0 to 512
[  142.697738][ T4565]  loop2: p1 p2[DM] p4
[  142.701703][ T4565] loop2: p1 size 196608 extends beyond EOD, truncated
[  142.712927][ T4565] loop2: p2 start 4292936063 is beyond EOD, truncated
[  142.723477][ T4565] loop2: p4 size 50331648 extends beyond EOD, truncated
[  142.739927][ T4580] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  142.751176][ T4580] ext4 filesystem being mounted at /root/syzkaller-testdir4228964418/syzkaller.UQQW9b/89/file0 supports timestamps until 2038 (0x7fffffff)
[  142.888585][ T4596] syz-executor.1[4596] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.888654][ T4596] syz-executor.1[4596] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.412973][ T4580] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4580 comm=syz-executor.0
[  143.553752][ T4609] loop4: detected capacity change from 0 to 40427
[  143.564342][ T4609] F2FS-fs (loop4): invalid crc value
[  143.593267][ T4609] F2FS-fs (loop4): Found nat_bits in checkpoint
[  143.641173][ T3168] EXT4-fs (loop0): unmounting filesystem.
[  143.691061][ T4609] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  143.732626][ T4609] syz-executor.4: attempt to access beyond end of device
[  143.732626][ T4609] loop4: rw=2049, sector=53248, nr_sectors = 128 limit=40427
[  143.792007][ T3303] syz-executor.4: attempt to access beyond end of device
[  143.792007][ T3303] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  144.017395][   T28] audit: type=1400 audit(1718616164.869:1751): avc:  denied  { getopt } for  pid=4614 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  144.181965][ T4638] loop2: detected capacity change from 0 to 40427
[  144.188865][ T4638] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  144.195011][ T4638] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  144.203318][ T4638] F2FS-fs (loop2): user quota file already specified
[  144.271058][ T4655] fuse: Bad value for 'fd'
[  144.301763][ T4659] syz-executor.1[4659] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.301836][ T4659] syz-executor.1[4659] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.327590][ T4638] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  144.504325][ T4663] fuse: Bad value for 'fd'
[  144.513285][ T4663] request_module fs-ocfs2_dlmfs succeeded, but still no fs?
[  146.555901][ T4684] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4684 comm=syz-executor.4
[  146.581697][ T4684] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  146.587672][   T28] audit: type=1400 audit(1718616167.439:1752): avc:  denied  { setopt } for  pid=4683 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  146.678534][ T4669] loop0: detected capacity change from 0 to 128
[  146.703517][ T4698] loop4: detected capacity change from 0 to 256
[  146.732192][ T4698] exfat: Deprecated parameter 'utf8'
[  146.749075][ T4698] exfat: Deprecated parameter 'namecase'
[  146.773955][ T4698] exfat: Deprecated parameter 'utf8'
[  146.781565][ T4698] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  146.797599][ T4698] syz-executor.4[4698] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.797667][ T4698] syz-executor.4[4698] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.899302][ T4707] loop0: detected capacity change from 0 to 2048
[  148.629472][ T4718] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  148.710627][ T4728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4728 comm=syz-executor.2
[  148.728622][ T4707] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  148.825696][ T4728] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  148.836499][ T4735] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  148.865643][   T28] audit: type=1400 audit(1718616169.719:1753): avc:  denied  { map } for  pid=4737 comm="syz-executor.2" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  148.913756][   T28] audit: type=1400 audit(1718616169.749:1754): avc:  denied  { call } for  pid=4737 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  149.175346][ T4741] loop2: detected capacity change from 0 to 256
[  149.182144][ T4741] exfat: Deprecated parameter 'utf8'
[  149.187368][ T4741] exfat: Deprecated parameter 'namecase'
[  149.223990][ T4741] exfat: Deprecated parameter 'utf8'
[  149.230066][ T3168] EXT4-fs (loop0): unmounting filesystem.
[  149.252644][ T4741] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  149.259615][ T4749] syz-executor.1[4749] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.264519][ T4749] syz-executor.1[4749] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.276945][   T28] audit: type=1400 audit(1718616170.139:1755): avc:  denied  { accept } for  pid=4746 comm="syz-executor.0" path="socket:[33346]" dev="sockfs" ino=33346 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  149.280373][ T4741] syz-executor.2[4741] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.312470][ T4741] syz-executor.2[4741] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.776011][ T4763] binder: BINDER_SET_CONTEXT_MGR already set
[  149.794377][ T4765] syz-executor.1[4765] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.794453][ T4765] syz-executor.1[4765] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.797434][ T4763] binder: 4762:4763 ioctl 4018620d 20000040 returned -16
[  149.919556][ T4780] syz-executor.1[4780] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.919633][ T4780] syz-executor.1[4780] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.053911][ T4786] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  150.098262][ T4792] syz-executor.2[4792] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.098327][ T4792] syz-executor.2[4792] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.117398][  T342] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  151.147064][ T4812] loop2: detected capacity change from 0 to 512
[  151.153932][ T4812] EXT4-fs: Ignoring removed nobh option
[  151.169337][ T4812] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  151.178524][ T4812] ext4 filesystem being mounted at /root/syzkaller-testdir2527714626/syzkaller.9Rw4Q9/15/file0 supports timestamps until 2038 (0x7fffffff)
[  151.199201][ T4812] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 285: padding at end of block bitmap is not set
[  151.214449][ T4812] EXT4-fs (loop2): Remounting filesystem read-only
[  151.227532][ T4812] EXT4-fs error (device loop2) in ext4_evict_inode:254: Readonly filesystem
[  151.247185][ T4486] EXT4-fs (loop2): unmounting filesystem.
[  151.257737][  T348] Quota error (device loop2): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  151.270189][  T348] Quota error (device loop2): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  151.417827][ T4830] loop4: detected capacity change from 0 to 40427
[  151.424887][ T4830] F2FS-fs (loop4): Wrong segment_count / block_count (64 > 16384)
[  151.477464][  T342] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  151.531603][ T4830] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  151.558084][  T342] usb 1-1: too many endpoints for config 1 interface 0 altsetting 0: 36, using maximum allowed: 30
[  151.595440][  T342] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 36
[  151.635631][ T4830] F2FS-fs (loop4): Found nat_bits in checkpoint
[  151.712123][ T4830] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  151.720203][ T4830] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  151.746959][ T3303] syz-executor.4: attempt to access beyond end of device
[  151.746959][ T3303] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  151.761397][  T342] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  151.780430][  T342] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  151.797756][  T342] usb 1-1: SerialNumber: syz
[  151.889662][ T4837] loop2: detected capacity change from 0 to 128
[  151.912370][ T4839] syz-executor.2 (4839) used greatest stack depth: 19352 bytes left
[  152.348530][  T342] usb 1-1: USB disconnect, device number 15
[  152.514339][   T28] audit: type=1326 audit(1718616173.369:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4859 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc2cea7cf29 code=0x0
[  152.734959][ T4864] loop4: detected capacity change from 0 to 512
[  152.741387][ T4864] EXT4-fs: Ignoring removed nobh option
[  152.749340][ T4864] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  152.758149][ T4864] ext4 filesystem being mounted at /root/syzkaller-testdir3142474931/syzkaller.yX2iMy/126/file0 supports timestamps until 2038 (0x7fffffff)
[  152.776071][ T4864] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 285: padding at end of block bitmap is not set
[  152.790804][ T4864] EXT4-fs (loop4): Remounting filesystem read-only
[  152.799979][ T4864] EXT4-fs error (device loop4) in ext4_evict_inode:254: Readonly filesystem
[  152.811941][ T4870] loop0: detected capacity change from 0 to 1024
[  152.819023][ T4870] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  152.828230][ T3303] EXT4-fs (loop4): unmounting filesystem.
[  152.840219][ T4870] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  152.849185][  T511] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  152.863029][  T511] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  152.900529][ T3168] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 48: comm syz-executor.0: lblock 0 mapped to illegal pblock 48 (length 1)
[  152.918475][ T3168] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  152.928608][ T3168] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #2: comm syz-executor.0: mark_inode_dirty error
[  152.940727][ T3168] EXT4-fs (loop0): unmounting filesystem.
[  152.972987][ T3168] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  152.982464][ T3168] EXT4-fs error (device loop0): ext4_quota_off:7041: inode #3: comm syz-executor.0: mark_inode_dirty error
[  152.996237][ T3168] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  153.005845][ T3168] EXT4-fs error (device loop0): ext4_quota_off:7041: inode #4: comm syz-executor.0: mark_inode_dirty error
[  153.388763][   T28] audit: type=1400 audit(1718616174.249:1757): avc:  denied  { read } for  pid=4897 comm="syz-executor.0" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  153.427620][   T28] audit: type=1400 audit(1718616174.269:1758): avc:  denied  { open } for  pid=4897 comm="syz-executor.0" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  153.465246][ T4897] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.472196][ T4897] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.479900][ T4897] device bridge_slave_0 entered promiscuous mode
[  153.488712][ T4897] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.496295][ T4897] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.504506][ T4897] device bridge_slave_1 entered promiscuous mode
[  153.576608][ T4897] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.577364][  T334] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  153.583651][ T4897] bridge0: port 2(bridge_slave_1) entered forwarding state
[  153.598058][ T4897] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.604822][ T4897] bridge0: port 1(bridge_slave_0) entered forwarding state
[  153.632527][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  153.640488][  T342] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.647741][  T342] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.668512][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  153.676743][  T342] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.683606][  T342] bridge0: port 1(bridge_slave_0) entered forwarding state
[  153.690910][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  153.698992][  T342] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.705831][  T342] bridge0: port 2(bridge_slave_1) entered forwarding state
[  153.718308][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  153.726018][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  153.742438][  T365] device bridge_slave_1 left promiscuous mode
[  153.748774][  T365] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.756111][  T365] device bridge_slave_0 left promiscuous mode
[  153.762130][  T365] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.849676][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  153.861650][ T4897] device veth0_vlan entered promiscuous mode
[  153.868228][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  153.876036][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  153.883312][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  153.896584][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  153.906328][ T4897] device veth1_macvtap entered promiscuous mode
[  153.917756][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  153.941047][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  153.949085][  T334] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  153.961327][  T334] usb 5-1: too many endpoints for config 1 interface 0 altsetting 0: 36, using maximum allowed: 30
[  153.983129][  T334] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 36
[  154.067528][  T334] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  154.086724][  T334] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  154.094897][  T334] usb 5-1: SerialNumber: syz
[  154.297538][  T342] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  154.547424][  T342] usb 1-1: Using ep0 maxpacket: 32
[  154.678229][   T24] usb 5-1: USB disconnect, device number 7
[  154.727762][  T342] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.738963][  T342] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.867444][  T342] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  154.876504][  T342] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  154.884599][  T342] usb 1-1: Product: syz
[  154.888841][  T342] usb 1-1: Manufacturer: syz
[  154.927753][  T342] hub 1-1:4.0: USB hub found
[  155.148323][  T342] hub 1-1:4.0: 2 ports detected
[  155.296420][   T28] audit: type=1400 audit(1718616176.149:1759): avc:  denied  { read } for  pid=4958 comm="syz-executor.2" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  155.321754][   T28] audit: type=1400 audit(1718616176.149:1760): avc:  denied  { open } for  pid=4958 comm="syz-executor.2" path="/dev/loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  155.348503][   T28] audit: type=1400 audit(1718616176.149:1761): avc:  denied  { ioctl } for  pid=4958 comm="syz-executor.2" path="/dev/loop-control" dev="devtmpfs" ino=113 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  155.507588][ T4962] loop2: detected capacity change from 0 to 40427
[  155.514429][ T4962] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  155.522080][ T4962] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  155.532343][ T4962] F2FS-fs (loop2): Found nat_bits in checkpoint
[  155.563496][ T4962] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  155.575355][ T4962] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  155.582497][ T4962] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  155.687484][  T492] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  155.762215][ T4980] syz-executor.2: attempt to access beyond end of device
[  155.762215][ T4980] loop2: rw=2049, sector=45096, nr_sectors = 64 limit=40427
[  156.036971][ T4988] fuse: Bad value for 'fd'
[  156.197856][ T5001] fuse: Bad value for 'fd'
[  156.257437][  T492] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  156.267606][  T492] usb 5-1: too many endpoints for config 1 interface 0 altsetting 0: 36, using maximum allowed: 30
[  156.278313][  T492] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 36
[  156.366224][   T28] audit: type=1400 audit(1718616177.219:1762): avc:  denied  { map } for  pid=5006 comm="syz-executor.2" path="/dev/ashmem" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  156.389543][  T492] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  156.398569][  T492] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  156.406307][  T492] usb 5-1: SerialNumber: syz
[  156.487447][   T24] hub 1-1:4.0: activate --> -90
[  156.766597][  T492] kernel write not supported for file bpf-prog (pid: 492 comm: kworker/0:5)
[  156.848835][ T1295] usb 1-1: USB disconnect, device number 16
[  156.867422][   T24] hub 1-1:4.0: hub_ext_port_status failed (err = -71)
[  156.878467][   T24] usb 5-1: USB disconnect, device number 8
[  157.601776][ T5039] loop0: detected capacity change from 0 to 256
[  157.627997][  T342] kernel write not supported for file bpf-prog (pid: 342 comm: kworker/1:4)
[  158.193460][ T5048] loop0: detected capacity change from 0 to 40427
[  158.200879][ T5048] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  158.208504][ T5048] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  158.227592][ T5048] F2FS-fs (loop0): Found nat_bits in checkpoint
[  158.278339][ T5063] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  158.294194][ T5048] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  158.307934][ T5048] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  158.316411][ T5048] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  158.626664][ T5075] overlayfs: failed to resolve './file0': -2
[  158.705694][ T5077] loop4: detected capacity change from 0 to 1024
[  158.720598][ T5077] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  158.756466][ T5077] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  158.792151][ T5077] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  158.804209][ T5077] EXT4-fs (loop4): This should not happen!! Data will be lost
[  158.804209][ T5077] 
[  158.813683][ T5077] EXT4-fs (loop4): Total free blocks count 0
[  158.819543][ T5077] EXT4-fs (loop4): Free/Dirty block details
[  158.825617][ T5077] EXT4-fs (loop4): free_blocks=68451041280
[  158.831471][ T5077] EXT4-fs (loop4): dirty_blocks=32
[  158.836444][ T5077] EXT4-fs (loop4): Block reservation details
[  158.842298][ T5077] EXT4-fs (loop4): i_reserved_data_blocks=2
[  158.855352][  T511] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 4 with error 28
[  158.957397][  T492] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  159.136449][ T5097] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  159.167399][  T335] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  159.627395][  T492] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  159.637820][  T492] usb 3-1: too many endpoints for config 1 interface 0 altsetting 0: 36, using maximum allowed: 30
[  159.642458][ T5106] loop0: detected capacity change from 0 to 40427
[  159.654697][  T492] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 36
[  159.655562][ T5106] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  159.675000][ T5106] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  159.685453][ T5106] F2FS-fs (loop0): Found nat_bits in checkpoint
[  159.717513][ T5106] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  159.729832][ T5106] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  159.736738][ T5106] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  159.757578][  T492] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  159.766526][  T492] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  159.774393][  T492] usb 3-1: SerialNumber: syz
[  159.857415][  T335] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 74, setting to 64
[  159.868953][  T335] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  160.106276][ T5115] overlayfs: failed to resolve './file0': -2
[  160.227486][  T335] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40
[  160.242599][  T335] usb 5-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  160.253011][ T5122] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.1'.
[  160.261449][  T335] usb 5-1: Manufacturer: syz
[  160.263662][   T28] audit: type=1400 audit(1718616181.119:1763): avc:  denied  { lock } for  pid=5121 comm="syz-executor.1" path="socket:[34994]" dev="sockfs" ino=34994 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  160.318091][  T335] cdc_ether: probe of 5-1:1.0 failed with error -22
[  160.337076][ T1295] usb 3-1: USB disconnect, device number 10
[  160.394734][ T5130] loop0: detected capacity change from 0 to 256
[  160.405679][ T5130] FAT-fs (loop0): Directory bread(block 64) failed
[  160.412322][ T5130] FAT-fs (loop0): Directory bread(block 65) failed
[  160.418719][ T5130] FAT-fs (loop0): Directory bread(block 66) failed
[  160.424971][ T5130] FAT-fs (loop0): Directory bread(block 67) failed
[  160.431380][ T5130] FAT-fs (loop0): Directory bread(block 68) failed
[  160.437765][ T5130] FAT-fs (loop0): Directory bread(block 69) failed
[  160.444143][ T5130] FAT-fs (loop0): Directory bread(block 70) failed
[  160.450458][ T5130] FAT-fs (loop0): Directory bread(block 71) failed
[  160.456794][ T5130] FAT-fs (loop0): Directory bread(block 72) failed
[  160.463144][ T5130] FAT-fs (loop0): Directory bread(block 73) failed
[  160.595950][ T5141] tipc: Failed to remove unknown binding: 66,1,1/0:1868152403/1868152405
[  160.604261][ T5141] tipc: Failed to remove unknown binding: 66,1,1/0:1868152403/1868152405
[  160.622577][ T5143] loop0: detected capacity change from 0 to 1024
[  160.639102][ T5143] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  160.650543][ T5143] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  160.665410][ T5143] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  160.677465][ T5143] EXT4-fs (loop0): This should not happen!! Data will be lost
[  160.677465][ T5143] 
[  160.686845][ T5143] EXT4-fs (loop0): Total free blocks count 0
[  160.692693][ T5143] EXT4-fs (loop0): Free/Dirty block details
[  160.698420][ T5143] EXT4-fs (loop0): free_blocks=68451041280
[  160.704029][ T5143] EXT4-fs (loop0): dirty_blocks=32
[  160.708997][ T5143] EXT4-fs (loop0): Block reservation details
[  160.714789][ T5143] EXT4-fs (loop0): i_reserved_data_blocks=2
[  160.724681][  T348] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 4 with error 28
[  161.038469][  T334] usb 5-1: USB disconnect, device number 9
[  161.098808][ T5174] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  161.126958][ T5180] loop0: detected capacity change from 0 to 256
[  161.384443][ T5200] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.0'.
[  161.507502][  T335] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  161.937436][  T335] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 74, setting to 64
[  161.948357][  T335] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  162.047427][  T335] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40
[  162.056339][  T335] usb 3-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  162.064202][  T335] usb 3-1: Manufacturer: syz
[  162.117866][  T335] cdc_ether: probe of 3-1:1.0 failed with error -22
[  162.177739][ T5231] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  162.609610][ T5241] loop0: detected capacity change from 0 to 131072
[  162.616574][ T5241] F2FS-fs (loop0): Invalid log blocks per segment (1)
[  162.623226][ T5241] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  162.631900][ T5241] F2FS-fs (loop0): invalid crc value
[  162.638615][ T5241] F2FS-fs (loop0): Found nat_bits in checkpoint
[  162.672548][ T5241] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  162.679462][ T5241] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  162.826762][  T335] usb 3-1: USB disconnect, device number 11
[  162.877802][ T5258] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  162.911263][ T5262] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.2'.
[  163.056484][ T5264] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.058344][ T5271] bpf_get_probe_write_proto: 2 callbacks suppressed
[  163.058375][ T5271] syz-executor.1[5271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.063754][ T5264] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.077501][ T5271] syz-executor.1[5271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.081997][ T5264] device bridge_slave_0 entered promiscuous mode
[  163.103040][ T5271] syz-executor.1[5271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.106343][ T5271] syz-executor.1[5271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.107482][ T5264] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.136075][ T5264] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.143432][ T5264] device bridge_slave_1 entered promiscuous mode
[  163.160647][ T5273] fuse: Bad value for 'fd'
[  163.245218][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  163.253288][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  163.268331][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  163.277620][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  163.527472][  T342] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.534337][  T342] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.544210][  T365] device bridge_slave_1 left promiscuous mode
[  163.550474][  T365] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.559007][  T365] device bridge_slave_0 left promiscuous mode
[  163.565237][  T365] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.575924][  T365] device veth1_macvtap left promiscuous mode
[  163.582006][  T365] device veth0_vlan left promiscuous mode
[  163.687964][  T334] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  163.813754][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  163.840712][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  163.849418][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  163.857834][ T1295] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.864695][ T1295] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.882274][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  163.903782][ T5288] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  163.913681][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  163.946056][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  164.446539][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  164.454613][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  164.463181][ T5264] device veth0_vlan entered promiscuous mode
[  164.469163][  T334] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 74, setting to 64
[  164.479432][ T5264] device veth1_macvtap entered promiscuous mode
[  164.479674][  T334] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  164.499910][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  164.507268][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  164.514628][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  164.522736][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  164.535033][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  164.546688][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  164.557939][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  164.571127][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  164.579016][  T334] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40
[  164.589841][  T334] usb 5-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  164.600927][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  164.611011][  T334] usb 5-1: Manufacturer: syz
[  164.677865][  T334] cdc_ether: probe of 5-1:1.0 failed with error -22
[  165.346319][ T5308] loop2: detected capacity change from 0 to 256
[  165.552428][ T5318] SELinux: security_context_str_to_sid (s) failed with errno=-22
[  165.860566][  T334] usb 5-1: USB disconnect, device number 10
[  165.975700][ T5332] device wg2 entered promiscuous mode
[  166.042602][ T5329] loop2: detected capacity change from 0 to 40427
[  166.049754][ T5329] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  166.057537][ T5329] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  166.069963][ T5329] F2FS-fs (loop2): Found nat_bits in checkpoint
[  166.118193][ T5329] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  166.134204][ T5329] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  166.141516][ T5329] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  166.202501][ T4486] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  166.202524][ T4486] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  166.210183][ T4486] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  166.217810][ T4486] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  166.225260][ T4486] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  166.232670][ T4486] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  166.240059][ T4486] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  166.369776][ T5343] loop2: detected capacity change from 0 to 256
[  166.397210][ T5347] loop2: detected capacity change from 0 to 256
[  166.403958][ T5347] FAT-fs (loop2): Unrecognized mount option "��������|��ȯ��Y0�_�6m^�Z�zj	5ǫ�%u���m���pڍ�
��/�C�Iq��j脻O�p`�R�&�q�" or missing value
[  166.450276][   T28] audit: type=1400 audit(1718616187.309:1764): avc:  denied  { getopt } for  pid=5346 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  166.466206][ T5352] loop2: detected capacity change from 0 to 512
[  166.472577][ T5351] loop0: detected capacity change from 0 to 256
[  166.480793][ T5352] EXT4-fs (loop2): 1 truncate cleaned up
[  166.488740][ T5352] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  166.498066][   T28] audit: type=1400 audit(1718616187.359:1765): avc:  denied  { getopt } for  pid=5344 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  166.550649][ T5357] 9p: Unknown uid 00000000004294967295
[  166.699547][ T5361] EXT4-fs error (device loop2): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  167.330804][ T4486] EXT4-fs (loop2): unmounting filesystem.
[  167.640529][ T5389] loop2: detected capacity change from 0 to 256
[  167.776322][ T5403] loop0: detected capacity change from 0 to 512
[  167.782461][ T5405] loop4: detected capacity change from 0 to 512
[  167.784927][ T5405] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz-executor.4: casefold flag without casefold feature
[  167.802818][ T5405] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.4: missing EA_INODE flag
[  167.814887][ T5405] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 12 err=-117
[  167.818718][ T5403] EXT4-fs (loop0): 1 truncate cleaned up
[  167.827888][ T5405] EXT4-fs (loop4): 1 orphan inode deleted
[  167.832857][ T5403] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  167.839241][ T5405] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  167.871880][ T3303] EXT4-fs (loop4): unmounting filesystem.
[  167.934406][ T5414] 9p: Unknown uid 00000000004294967295
[  168.027294][ T5417] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  168.207497][  T334] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  168.467430][  T334] usb 5-1: Using ep0 maxpacket: 32
[  168.569387][ T5420] overlayfs: failed to resolve './file0': -2
[  168.587454][  T334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.598333][  T334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.619499][  T334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  168.652776][  T334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  168.662291][  T334] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  168.663324][ T5264] EXT4-fs (loop0): unmounting filesystem.
[  168.675023][  T334] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  168.675051][  T334] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.675777][  T334] usb 5-1: config 0 descriptor??
[  168.851017][   T28] audit: type=1400 audit(1718616189.709:1766): avc:  denied  { setcurrent } for  pid=5449 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  168.965294][ T5462] loop2: detected capacity change from 0 to 256
[  169.010405][ T5461] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.017640][ T5461] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.030444][ T5461] device bridge_slave_0 entered promiscuous mode
[  169.041303][ T5461] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.050327][ T5461] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.062018][ T5461] device bridge_slave_1 entered promiscuous mode
[  169.178933][  T334] ntrig 0003:1B96:000A.0015: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0
[  169.190633][ T5485] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  169.218818][ T5461] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.225833][ T5461] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.232948][ T5461] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.239729][ T5461] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.278011][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  169.285902][ T3037] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.293095][ T3037] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.311244][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  169.319494][ T3037] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.326373][ T3037] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.333770][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  169.341852][ T3037] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.348845][ T3037] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.369285][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  169.377075][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  169.388220][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  169.400879][ T5461] device veth0_vlan entered promiscuous mode
[  169.407066][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  169.415177][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  169.425867][ T5488] overlayfs: failed to resolve './file0': -2
[  169.432053][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  169.446902][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  169.455826][ T5461] device veth1_macvtap entered promiscuous mode
[  169.465645][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  169.475989][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  169.478761][ T1295] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  169.491389][  T334] usb 5-1: USB disconnect, device number 11
[  169.519788][  T348] device bridge_slave_1 left promiscuous mode
[  169.525792][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.533313][  T348] device bridge_slave_0 left promiscuous mode
[  169.539777][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.548845][  T348] device veth1_macvtap left promiscuous mode
[  169.554692][  T348] device veth0_vlan left promiscuous mode
[  169.796758][ T1295] usb 3-1: Using ep0 maxpacket: 16
[  169.957777][ T1295] usb 3-1: unable to get BOS descriptor or descriptor too short
[  170.049606][ T1295] usb 3-1: config 0 has no interfaces?
[  170.209195][ T5508] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.216213][ T5508] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.223741][ T5508] device bridge_slave_0 entered promiscuous mode
[  170.227566][ T1295] usb 3-1: New USB device found, idVendor=17cc, idProduct=1010, bcdDevice=7d.64
[  170.238936][ T1295] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.239871][ T5508] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.246794][ T1295] usb 3-1: Product: syz
[  170.253850][ T5508] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.257835][ T1295] usb 3-1: Manufacturer: syz
[  170.265307][ T5508] device bridge_slave_1 entered promiscuous mode
[  170.269547][ T1295] usb 3-1: SerialNumber: syz
[  170.280404][ T1295] usb 3-1: config 0 descriptor??
[  170.348733][ T5508] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.355691][ T5508] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.362828][ T5508] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.369685][ T5508] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.405560][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  170.413692][  T342] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.421312][   T28] audit: type=1400 audit(1718616191.279:1767): avc:  denied  { accept } for  pid=5520 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  170.441313][  T342] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.447358][   T28] audit: type=1400 audit(1718616191.279:1768): avc:  denied  { read } for  pid=5520 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  170.479000][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  170.486946][ T3037] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.493796][ T3037] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.500963][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  170.509506][ T3037] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.516369][ T3037] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.523588][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  170.537639][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  170.549155][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  170.558273][ T1295] usb 3-1: USB disconnect, device number 12
[  170.564583][ T5508] device veth0_vlan entered promiscuous mode
[  170.570986][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  170.578824][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  170.586104][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  170.602219][ T5508] device veth1_macvtap entered promiscuous mode
[  170.609054][  T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  170.623631][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  170.631957][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  170.668057][ T5527] device syzkaller0 entered promiscuous mode
[  170.728030][ T5529] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  170.757292][ T5533] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  170.776823][   T28] audit: type=1400 audit(1718616191.629:1769): avc:  denied  { create } for  pid=5534 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=iucv_socket permissive=1
[  170.926441][ T5541] loop4: detected capacity change from 0 to 512
[  170.933003][ T5541] EXT4-fs: Ignoring removed nomblk_io_submit option
[  170.940213][ T5541] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (25532!=20057)
[  170.949824][ T5541] EXT4-fs (loop4): group descriptors corrupted!
[  170.998556][  T348] device bridge_slave_1 left promiscuous mode
[  171.005002][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.012408][  T348] device bridge_slave_0 left promiscuous mode
[  171.012835][ T5541] 9pnet_virtio: no channels available for device syz
[  171.018465][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.272043][ T5558] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  171.417417][ T5568] device wg2 entered promiscuous mode
[  171.440705][   T28] audit: type=1400 audit(1718616192.299:1770): avc:  denied  { sys_module } for  pid=5570 comm="syz-executor.3" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  171.447482][  T342] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  171.676509][ T5577] loop3: detected capacity change from 0 to 40427
[  171.684897][ T5577] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  171.692670][ T5577] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  171.704752][ T5577] F2FS-fs (loop3): Found nat_bits in checkpoint
[  171.727452][  T342] usb 5-1: Using ep0 maxpacket: 8
[  171.756484][ T5577] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  171.769264][ T5577] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  171.776185][ T5577] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  171.840522][ T5461] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  171.840546][ T5461] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  171.847499][  T342] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  171.848352][ T5461] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  171.855350][  T342] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  171.855387][  T342] usb 5-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8
[  171.855413][  T342] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.856332][  T342] usb 5-1: config 0 descriptor??
[  171.866309][ T5461] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  171.904744][ T5461] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  171.909113][  T342] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  171.912216][ T5461] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  171.919956][  T342] usb 5-1: Detected SIO
[  171.926879][ T5461] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  171.935308][  T342] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 1
[  171.953434][  T342] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  172.113921][  T342] usb 5-1: USB disconnect, device number 12
[  172.120315][  T342] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  172.129608][  T342] ftdi_sio 5-1:0.0: device disconnected
[  172.182087][ T5593] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  172.648102][ T5617] device syzkaller0 entered promiscuous mode
[  173.068943][ T5629] overlayfs: missing 'lowerdir'
[  173.231785][ T5646] device syzkaller0 entered promiscuous mode
[  173.281018][ T5650] loop4: detected capacity change from 0 to 128
[  173.310857][  T348] kworker/u4:3: attempt to access beyond end of device
[  173.310857][  T348] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  173.337544][ T5652] loop4: detected capacity change from 0 to 256
[  173.344066][ T5652] exfat: Deprecated parameter 'utf8'
[  173.349341][ T5652] exfat: Deprecated parameter 'utf8'
[  173.356931][ T5652] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  173.397765][  T335] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  174.297156][ T5664] overlayfs: missing 'lowerdir'
[  174.315009][   T28] audit: type=1400 audit(1718616195.149:1771): avc:  denied  { write } for  pid=5651 comm="syz-executor.4" path="/root/syzkaller-testdir236657413/syzkaller.FqR92m/23/file0/bus" dev="loop4" ino=1048744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  174.382079][ T5679] loop4: detected capacity change from 0 to 256
[  174.391197][ T5679] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001023f, chksum : 0x0e440cfe, utbl_chksum : 0xe619d30d)
[  174.437454][  T335] usb 4-1: Using ep0 maxpacket: 8
[  174.577448][  T335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  174.589358][  T335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  174.598992][  T335] usb 4-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8
[  174.607822][  T335] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.625928][  T335] usb 4-1: config 0 descriptor??
[  174.668023][  T335] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  174.675630][  T335] usb 4-1: Detected SIO
[  174.680674][  T335] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 1
[  174.697425][  T335] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  174.789970][ T5685] loop4: detected capacity change from 0 to 131072
[  174.796956][ T5685] F2FS-fs (loop4): Invalid log blocks per segment (1)
[  174.803593][ T5685] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  174.812665][ T5685] F2FS-fs (loop4): invalid crc value
[  174.819401][ T5685] F2FS-fs (loop4): Found nat_bits in checkpoint
[  174.851886][ T5685] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  174.858946][ T5685] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  174.870721][   T24] usb 4-1: USB disconnect, device number 16
[  174.877226][   T24] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  174.886490][   T24] ftdi_sio 4-1:0.0: device disconnected
[  175.356735][ T5693] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.363725][ T5693] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.371152][ T5693] device bridge_slave_0 entered promiscuous mode
[  175.378778][  T348] device bridge_slave_1 left promiscuous mode
[  175.384738][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.392682][  T348] device bridge_slave_0 left promiscuous mode
[  175.398801][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.408854][  T348] device veth1_macvtap left promiscuous mode
[  175.414700][  T348] device veth0_vlan left promiscuous mode
[  175.569040][ T5693] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.576045][ T5693] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.583290][ T5693] device bridge_slave_1 entered promiscuous mode
[  175.607415][ T5703] loop3: detected capacity change from 0 to 256
[  175.614088][ T5703] exfat: Deprecated parameter 'utf8'
[  175.707456][   T28] audit: type=1326 audit(1718616196.539:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x0
[  175.737515][ T5703] exfat: Deprecated parameter 'utf8'
[  175.760492][ T5703] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  175.902459][ T5693] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.909333][ T5693] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.916430][ T5693] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.923219][ T5693] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.947896][  T335] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.955165][  T335] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.972946][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  175.981150][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  175.988677][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  175.996810][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  176.005367][  T492] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.012238][  T492] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.020434][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  176.044372][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  176.052640][  T492] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.059487][  T492] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.067809][ T5717] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  176.087389][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  176.168190][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  176.176094][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  176.184066][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  176.191976][   T28] audit: type=1400 audit(1718616197.019:1773): avc:  denied  { execute } for  pid=5702 comm="syz-executor.3" path="/root/syzkaller-testdir198337735/syzkaller.Gs2hFS/14/file0/bus" dev="loop3" ino=1048746 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  176.201454][ T5693] device veth0_vlan entered promiscuous mode
[  176.227986][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  176.236172][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  176.244619][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  176.254607][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  176.269480][ T5693] device veth1_macvtap entered promiscuous mode
[  176.277388][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  176.284702][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  176.301037][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  176.309017][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  176.316912][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  176.331840][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  176.334112][ T5728] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.1'.
[  176.340030][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  176.357200][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  176.365324][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  176.482755][ T5732] loop3: detected capacity change from 0 to 128
[  176.802583][  T365] kworker/u4:4: attempt to access beyond end of device
[  176.802583][  T365] loop3: rw=1, sector=145, nr_sectors = 896 limit=128
[  176.941312][ T5738] kvm [5737]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe702111
[  176.950097][ T5738] kvm [5737]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe702111
[  177.470421][ T5753] loop4: detected capacity change from 0 to 128
[  177.795678][ T5762] overlayfs: missing 'lowerdir'
[  177.928727][ T5765] loop2: detected capacity change from 0 to 128
[  178.037254][  T348] kworker/u4:3: attempt to access beyond end of device
[  178.037254][  T348] loop2: rw=1, sector=145, nr_sectors = 896 limit=128
[  178.211859][   T28] audit: type=1400 audit(1718616199.069:1774): avc:  denied  { nlmsg_write } for  pid=5779 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  178.239589][ T5782] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  179.499295][ T5792] overlayfs: missing 'lowerdir'
[  179.978310][ T5803] kvm [5801]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe702111
[  179.990561][ T5803] kvm [5801]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe702111
[  180.148876][ T1295] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  180.661619][ T5828] capability: warning: `syz-executor.4' uses 32-bit capabilities (legacy support in use)
[  180.687919][ T5830] loop4: detected capacity change from 0 to 128
[  180.715716][  T348] kworker/u4:3: attempt to access beyond end of device
[  180.715716][  T348] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  180.717483][ T1295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.739747][ T1295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.749487][ T1295] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  180.758548][ T1295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.769498][ T1295] usb 3-1: config 0 descriptor??
[  181.607430][ T1295] usb 3-1: string descriptor 0 read error: -71
[  181.611077][ T5845] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  181.637552][ T1295] uclogic 0003:256C:006D.0016: failed retrieving string descriptor #200: -71
[  181.646786][ T1295] uclogic 0003:256C:006D.0016: failed retrieving pen parameters: -71
[  181.659805][ T1295] uclogic 0003:256C:006D.0016: failed probing pen v2 parameters: -71
[  181.667969][ T1295] uclogic 0003:256C:006D.0016: failed probing parameters: -71
[  181.675291][ T1295] uclogic: probe of 0003:256C:006D.0016 failed with error -71
[  181.687835][ T1295] usb 3-1: USB disconnect, device number 13
[  182.863485][   T28] audit: type=1400 audit(1718616203.719:1775): avc:  denied  { transfer } for  pid=5872 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  183.267427][ T1295] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  183.527400][ T1295] usb 3-1: Using ep0 maxpacket: 16
[  183.609276][ T5887] loop3: detected capacity change from 0 to 512
[  183.631203][ T5887] EXT4-fs: Invalid want_extra_isize 32769
[  183.732151][ T1295] usb 3-1: unable to get BOS descriptor or descriptor too short
[  183.817527][ T1295] usb 3-1: config 0 has no interfaces?
[  183.977556][ T1295] usb 3-1: New USB device found, idVendor=17cc, idProduct=1010, bcdDevice=7d.64
[  183.986534][ T1295] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.994469][ T1295] usb 3-1: Product: syz
[  183.998542][ T1295] usb 3-1: Manufacturer: syz
[  184.002962][ T1295] usb 3-1: SerialNumber: syz
[  184.009713][ T1295] usb 3-1: config 0 descriptor??
[  184.288832][ T1295] usb 3-1: USB disconnect, device number 14
[  184.525061][ T5889] loop4: detected capacity change from 0 to 131072
[  184.534517][ T5889] F2FS-fs (loop4): Found nat_bits in checkpoint
[  184.580669][ T5889] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  184.793790][   T28] audit: type=1326 audit(1718616205.649:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5888 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa84f87cf29 code=0x0
[  185.052435][ T5898] loop3: detected capacity change from 0 to 40427
[  185.067700][ T5898] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  185.075336][ T5898] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  185.098353][ T5898] F2FS-fs (loop3): invalid crc value
[  185.108516][ T5898] F2FS-fs (loop3): Found nat_bits in checkpoint
[  185.152356][ T5898] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  185.159266][ T5898] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  185.247421][   T40] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  185.426110][ T5927] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  185.435303][ T5927] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  185.658718][ T5940] syz-executor.4[5940] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  185.658781][ T5940] syz-executor.4[5940] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  185.725150][  T365] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  185.746815][ T5941] syz-executor.1[5941] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  185.746892][ T5941] syz-executor.1[5941] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  185.757455][   T40] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.759208][  T365] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  185.775038][   T40] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.800041][   T40] usb 3-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 4.00
[  185.809162][   T40] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.818320][   T40] usb 3-1: config 0 descriptor??
[  185.918181][ T5943] loop3: detected capacity change from 0 to 256
[  185.924766][ T5943] exfat: Deprecated parameter 'namecase'
[  185.933140][ T5943] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x6ff59669, utbl_chksum : 0xe619d30d)
[  186.329445][   T40] wacom 0003:056A:00F8.0017: unbalanced delimiter at end of report description
[  186.339492][   T40] wacom 0003:056A:00F8.0017: parse failed
[  186.345223][   T40] wacom: probe of 0003:056A:00F8.0017 failed with error -22
[  186.502989][   T28] audit: type=1400 audit(1718616207.359:1777): avc:  denied  { unlink } for  pid=5461 comm="syz-executor.3" name="file0" dev="loop3" ino=1048765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  186.535913][ T5951] overlayfs: failed to get inode (-116)
[  186.541608][ T5951] overlayfs: failed to get inode (-116)
[  186.547886][   T40] usb 3-1: USB disconnect, device number 15
[  186.779516][ T5958] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.786658][ T5958] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.793922][ T5958] device bridge_slave_0 entered promiscuous mode
[  186.800781][ T5958] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.807942][ T5958] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.815147][ T5958] device bridge_slave_1 entered promiscuous mode
[  186.870700][ T5958] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.877560][ T5958] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.884622][ T5958] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.891542][ T5958] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.915918][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  186.923762][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.930970][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.939749][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  186.948960][  T492] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.955819][  T492] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.974372][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  186.983005][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.989896][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.997420][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  187.028017][ T5846] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  187.048459][ T5971] loop4: detected capacity change from 0 to 512
[  187.051474][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  187.075344][ T5958] device veth0_vlan entered promiscuous mode
[  187.075682][ T5978] loop2: detected capacity change from 0 to 256
[  187.088966][ T5978] exfat: Deprecated parameter 'namecase'
[  187.089356][ T5971] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz-executor.4: iget: bad extended attribute block 65536
[  187.097320][ T5978] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x6ff59669, utbl_chksum : 0xe619d30d)
[  187.108238][ T5971] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 15 (err -117)
[  187.122357][ T5980] syz-executor.1[5980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  187.131626][ T5980] syz-executor.1[5980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  187.140659][ T5971] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  187.167498][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  187.176572][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  187.187704][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  187.195014][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  187.204493][  T511] device bridge_slave_1 left promiscuous mode
[  187.210558][  T511] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.217986][  T511] device bridge_slave_0 left promiscuous mode
[  187.223896][  T511] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.231881][  T511] device veth1_macvtap left promiscuous mode
[  187.237814][  T511] device veth0_vlan left promiscuous mode
[  187.293069][ T5958] device veth1_macvtap entered promiscuous mode
[  187.303292][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  187.313400][ T5846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  187.342024][   T28] audit: type=1400 audit(1718616208.199:1778): avc:  denied  { relabelfrom } for  pid=5981 comm="syz-executor.3" name="" dev="pipefs" ino=40017 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  187.907263][ T5693] EXT4-fs (loop4): unmounting filesystem.
[  187.957897][ T6000] fuse: Bad value for 'fd'
[  188.019784][ T6006] loop4: detected capacity change from 0 to 2048
[  188.055263][ T6006] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  188.154402][ T6017] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  188.178360][ T6017] EXT4-fs (loop4): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 1534 with error 28
[  188.195420][ T6017] EXT4-fs (loop4): This should not happen!! Data will be lost
[  188.195420][ T6017] 
[  188.205425][ T6017] EXT4-fs (loop4): Total free blocks count 0
[  188.211405][ T6017] EXT4-fs (loop4): Free/Dirty block details
[  188.217205][ T6017] EXT4-fs (loop4): free_blocks=2415919104
[  188.223152][ T6017] EXT4-fs (loop4): dirty_blocks=3040
[  188.228349][ T6017] EXT4-fs (loop4): Block reservation details
[  188.234339][ T6017] EXT4-fs (loop4): i_reserved_data_blocks=217
[  188.243200][ T6016] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.250554][ T6016] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.258091][ T6016] device bridge_slave_0 entered promiscuous mode
[  188.265247][ T6016] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.272785][ T6016] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.280244][ T6016] device bridge_slave_1 entered promiscuous mode
[  188.373768][ T6016] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.380665][ T6016] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.387838][ T6016] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.394688][ T6016] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.421905][ T6024] syz-executor.3[6024] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  188.421990][ T6024] syz-executor.3[6024] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  188.452210][ T5846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  188.471620][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.479794][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.491965][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  188.500463][  T492] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.507326][  T492] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.520339][ T5846] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  188.528604][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.535450][ T5846] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.553657][  T348] EXT4-fs (loop4): Delayed block allocation failed for inode 19 at logical offset 1534 with max blocks 2048 with error 28
[  188.568269][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  188.576564][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  188.584774][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  188.592581][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  188.599961][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  188.607845][ T1295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  188.616505][  T365] device bridge_slave_1 left promiscuous mode
[  188.623944][  T365] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.631580][  T365] device bridge_slave_0 left promiscuous mode
[  188.637662][  T365] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.645876][  T365] device veth1_macvtap left promiscuous mode
[  188.652122][  T365] device veth0_vlan left promiscuous mode
[  188.686189][ T6026] loop4: detected capacity change from 0 to 256
[  188.693100][ T6026] exfat: Deprecated parameter 'namecase'
[  188.701049][ T6026] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x6ff59669, utbl_chksum : 0xe619d30d)
[  188.727874][ T6032] fuse: Bad value for 'fd'
[  188.831824][ T6016] device veth0_vlan entered promiscuous mode
[  188.850576][ T5846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  188.859780][ T5846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  188.875013][ T6016] device veth1_macvtap entered promiscuous mode
[  188.890827][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  188.898931][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  188.907118][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  188.924342][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  188.939837][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  189.387661][  T332] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  189.454143][ T6068] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.461109][ T6068] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.468665][ T6068] device bridge_slave_0 entered promiscuous mode
[  189.475643][ T6068] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.476251][ T6066] loop3: detected capacity change from 0 to 40427
[  189.482703][ T6068] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.496203][ T6068] device bridge_slave_1 entered promiscuous mode
[  189.496348][ T6066] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  189.509974][ T6066] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  189.520578][ T6066] F2FS-fs (loop3): Found nat_bits in checkpoint
[  189.561603][ T6066] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  189.574505][ T6066] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  189.581590][ T6066] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  189.608460][ T6068] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.615340][ T6068] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.622480][ T6068] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.629369][ T6068] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.637404][  T332] usb 3-1: Using ep0 maxpacket: 16
[  189.660510][ T5958] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  189.660531][ T5958] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  189.668507][ T5958] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  189.675917][ T5958] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  189.683466][ T5958] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  189.691029][ T5958] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  189.698616][ T5958] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  189.725535][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  189.741097][   T24] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.748964][   T24] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.768489][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  189.776612][  T492] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.783510][  T492] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.791284][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  189.878579][  T332] usb 3-1: unable to get BOS descriptor or descriptor too short
[  189.930181][  T492] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.937038][  T492] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.071528][  T332] usb 3-1: config 0 has no interfaces?
[  190.567395][ T5846] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  190.817426][ T5846] usb 4-1: Using ep0 maxpacket: 16
[  190.834834][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  190.854647][  T348] device bridge_slave_1 left promiscuous mode
[  190.860962][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.868482][  T348] device bridge_slave_0 left promiscuous mode
[  190.874387][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.882376][  T348] device veth1_macvtap left promiscuous mode
[  190.888242][  T348] device veth0_vlan left promiscuous mode
[  190.906870][ T6089] syz-executor.1[6089] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  190.906971][ T6089] syz-executor.1[6089] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  190.937428][ T5846] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.962768][ T5846] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.972390][ T5846] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  190.984943][ T5846] usb 4-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  190.993932][ T5846] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.003339][ T5846] usb 4-1: config 0 descriptor??
[  191.007806][  T332] usb 3-1: New USB device found, idVendor=17cc, idProduct=1010, bcdDevice=7d.64
[  191.019997][  T332] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.028151][  T332] usb 3-1: Product: syz
[  191.032156][  T332] usb 3-1: Manufacturer: syz
[  191.036566][  T332] usb 3-1: SerialNumber: syz
[  191.042147][  T332] usb 3-1: config 0 descriptor??
[  191.049399][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  191.057695][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  191.071443][ T6068] device veth0_vlan entered promiscuous mode
[  191.079179][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  191.087248][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  191.095389][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  191.103516][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  191.115656][ T6068] device veth1_macvtap entered promiscuous mode
[  191.122168][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  191.129429][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  191.136684][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  191.144707][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  191.153029][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  191.168073][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  191.176198][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  191.184299][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  191.192359][  T492] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  191.239431][ T6097] loop4: detected capacity change from 0 to 256
[  191.245871][ T6097] exfat: Deprecated parameter 'utf8'
[  191.251035][ T6097] exfat: Deprecated parameter 'utf8'
[  191.259117][ T6097] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  191.317927][  T332] usb 3-1: USB disconnect, device number 16
[  191.558220][ T5846] gt683r_led 0003:1770:FF00.0018: unknown main item tag 0x0
[  191.565462][ T5846] gt683r_led 0003:1770:FF00.0018: unknown main item tag 0x0
[  191.572767][ T5846] gt683r_led 0003:1770:FF00.0018: unbalanced collection at end of report description
[  191.583154][ T5846] gt683r_led 0003:1770:FF00.0018: hid parsing failed
[  191.589851][ T5846] gt683r_led: probe of 0003:1770:FF00.0018 failed with error -22
[  192.376909][ T6128] syz-executor.2[6128] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  192.377006][ T6128] syz-executor.2[6128] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  193.142784][ T6139] loop4: detected capacity change from 0 to 512
[  193.161141][ T6139] EXT4-fs: Invalid want_extra_isize 32769
[  193.306051][ T5846] usb 4-1: USB disconnect, device number 17
[  193.319378][   T28] audit: type=1400 audit(1718616214.179:1779): avc:  denied  { bind } for  pid=6143 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  193.330956][ T6144] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  194.127445][   T28] audit: type=1326 audit(1718616214.979:1780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6178 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  194.151725][   T28] audit: type=1326 audit(1718616214.979:1781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6178 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  194.191613][  T332] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  194.200440][   T28] audit: type=1326 audit(1718616214.979:1782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6178 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  194.226179][   T28] audit: type=1326 audit(1718616214.979:1783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6178 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  194.779687][   T28] audit: type=1326 audit(1718616214.979:1784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6178 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  194.798543][ T6165] loop2: detected capacity change from 0 to 40427
[  194.807592][   T28] audit: type=1326 audit(1718616214.979:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6178 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb06587a6a7 code=0x7ffc0000
[  194.813488][ T6165] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  194.835180][   T28] audit: type=1326 audit(1718616214.979:1786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6178 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb065840379 code=0x7ffc0000
[  194.842813][ T6165] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  194.866097][   T28] audit: type=1326 audit(1718616214.979:1787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6178 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb06587cf29 code=0x7ffc0000
[  194.877098][ T6165] F2FS-fs (loop2): invalid crc value
[  194.898295][   T28] audit: type=1326 audit(1718616215.029:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6178 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb06587a6a7 code=0x7ffc0000
[  194.930242][ T6165] F2FS-fs (loop2): Found nat_bits in checkpoint
[  194.987562][  T332] usb 4-1: Using ep0 maxpacket: 16
[  195.053898][ T6165] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  195.060800][ T6165] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  196.152971][  T332] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.164386][  T332] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.166942][ T6198] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  196.176757][  T332] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  196.183515][ T6198] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  196.196171][  T332] usb 4-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  196.214341][  T332] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.222946][  T332] usb 4-1: config 0 descriptor??
[  196.254805][ T6193] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.261992][ T6193] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.263038][  T365] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  196.270864][ T6193] device bridge_slave_0 entered promiscuous mode
[  196.286102][  T365] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  196.290295][ T6193] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.318048][ T6193] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.325730][ T6193] device bridge_slave_1 entered promiscuous mode
[  196.400926][ T6193] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.407796][ T6193] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.414915][ T6193] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.421695][ T6193] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.449844][ T6207] loop4: detected capacity change from 0 to 512
[  196.490484][ T6193] device veth0_vlan entered promiscuous mode
[  196.504657][ T6193] device veth1_macvtap entered promiscuous mode
[  196.541242][ T6207] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz-executor.4: iget: bad extended attribute block 65536
[  196.542346][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  196.564103][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  196.576060][ T6207] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 15 (err -117)
[  196.588972][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  196.597567][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  196.598030][ T6207] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  196.606160][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  196.622945][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  196.632004][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  196.641262][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  196.651748][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  196.659964][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  196.668482][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  196.677678][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  196.685554][  T641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  196.731182][ T6230] loop0: detected capacity change from 0 to 128
[  196.910042][  T332] gt683r_led 0003:1770:FF00.0019: unknown main item tag 0x0
[  196.917488][  T332] gt683r_led 0003:1770:FF00.0019: unknown main item tag 0x0
[  196.924888][  T332] gt683r_led 0003:1770:FF00.0019: unbalanced collection at end of report description
[  196.935081][  T332] gt683r_led 0003:1770:FF00.0019: hid parsing failed
[  196.947216][  T332] gt683r_led: probe of 0003:1770:FF00.0019 failed with error -22
[  198.088348][  T348] device bridge_slave_1 left promiscuous mode
[  198.094331][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.129876][  T348] device bridge_slave_0 left promiscuous mode
[  198.154789][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.180451][  T348] device veth1_macvtap left promiscuous mode
[  198.192212][ T6068] EXT4-fs (loop4): unmounting filesystem.
[  198.202357][  T348] device veth0_vlan left promiscuous mode
[  198.276346][   T40] usb 4-1: USB disconnect, device number 18
[  198.351652][ T6261] loop4: detected capacity change from 0 to 512
[  198.358504][ T6261] EXT4-fs (loop4): unsupported inode size: 264
[  198.364705][ T6261] EXT4-fs (loop4): blocksize: 1024
[  198.415332][ T6261] loop4: detected capacity change from 0 to 1024
[  198.434639][ T6261] EXT4-fs: Ignoring removed mblk_io_submit option
[  198.477186][ T6261] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  198.530744][ T6068] EXT4-fs (loop4): unmounting filesystem.
[  198.696002][ T6272] loop0: detected capacity change from 0 to 40427
[  198.704375][ T6272] F2FS-fs (loop0): invalid crc value
[  198.711728][ T6272] F2FS-fs (loop0): Found nat_bits in checkpoint
[  198.780000][ T6272] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  198.819779][ T6291] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  198.831327][ T6291] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  198.839571][ T6291] CPU: 0 PID: 6291 Comm: syz-executor.1 Tainted: G        W          6.1.78-syzkaller-00010-gc0618d182a9c #0
[  198.850943][ T6291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  198.860845][ T6291] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  198.866907][ T6291] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b
[  198.886349][ T6291] RSP: 0018:ffffc9000260f6c0 EFLAGS: 00010246
[  198.892252][ T6291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  198.900065][ T6291] RDX: ffffc90001f30000 RSI: 000000000000041e RDI: 000000000000041f
[  198.907873][ T6291] RBP: ffffc9000260f818 R08: 0000000000000005 R09: ffffffff8411e3d3
[  198.915686][ T6291] R10: 0000000000000004 R11: ffff88811b090000 R12: dffffc0000000000
[  198.923496][ T6291] R13: ffff88812c3b4c80 R14: 1ffff920004c1ee4 R15: 0000000000000000
[  198.931308][ T6291] FS:  00007fb0666206c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  198.940072][ T6291] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  198.946501][ T6291] CR2: 0000000020010000 CR3: 00000001098ad000 CR4: 00000000003526b0
[  198.954312][ T6291] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  198.962120][ T6291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  198.969932][ T6291] Call Trace:
[  198.973053][ T6291]  <TASK>
[  198.975836][ T6291]  ? __die_body+0x62/0xb0
[  198.979996][ T6291]  ? die_addr+0x9f/0xd0
[  198.983993][ T6291]  ? exc_general_protection+0x317/0x4c0
[  198.989385][ T6291]  ? asm_exc_general_protection+0x27/0x30
[  198.994939][ T6291]  ? xdp_do_generic_redirect+0x303/0xad0
[  199.000399][ T6291]  ? dev_map_generic_redirect+0x90/0x7d0
[  199.005863][ T6291]  ? __free_pages_core+0x180/0x180
[  199.010810][ T6291]  ? __this_cpu_preempt_check+0x13/0x20
[  199.016222][ T6291]  ? bq_enqueue+0x3e0/0x3e0
[  199.020534][ T6291]  ? bpf_prog_run_generic_xdp+0x9aa/0x1110
[  199.026176][ T6291]  xdp_do_generic_redirect+0x411/0xad0
[  199.031467][ T6291]  do_xdp_generic+0x53e/0x800
[  199.036067][ T6291]  ? generic_xdp_tx+0x560/0x560
[  199.040754][ T6291]  ? __schedule+0xcaf/0x1550
[  199.045183][ T6291]  ? tun_get_user+0x2340/0x3a90
[  199.049871][ T6291]  tun_get_user+0x238a/0x3a90
[  199.054384][ T6291]  ? futex_q_unlock+0x30/0x30
[  199.058892][ T6291]  ? tun_do_read+0x1ee0/0x1ee0
[  199.063510][ T6291]  ? ref_tracker_alloc+0x31d/0x450
[  199.068440][ T6291]  ? ref_tracker_dir_print+0x160/0x160
[  199.073734][ T6291]  ? futex_wait+0x4b7/0x7e0
[  199.078077][ T6291]  ? avc_policy_seqno+0x1b/0x70
[  199.082761][ T6291]  ? tun_get+0xe9/0x120
[  199.086752][ T6291]  tun_chr_write_iter+0x129/0x210
[  199.091618][ T6291]  vfs_write+0x902/0xeb0
[  199.095695][ T6291]  ? __x64_sys_prctl+0xd0/0xd0
[  199.100296][ T6291]  ? file_end_write+0x1c0/0x1c0
[  199.104983][ T6291]  ? __fget_files+0x2cb/0x330
[  199.109495][ T6291]  ? __fdget_pos+0x204/0x390
[  199.113919][ T6291]  ? ksys_write+0x77/0x2c0
[  199.118173][ T6291]  ksys_write+0x199/0x2c0
[  199.122339][ T6291]  ? kvm_set_user_return_msr+0x3c0/0x3c0
[  199.127816][ T6291]  ? __ia32_sys_read+0x90/0x90
[  199.132406][ T6291]  ? fpregs_restore_userregs+0x130/0x290
[  199.137879][ T6291]  __x64_sys_write+0x7b/0x90
[  199.142300][ T6291]  do_syscall_64+0x3d/0xb0
[  199.146556][ T6291]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  199.152283][ T6291] RIP: 0033:0x7fb06587bc6f
[  199.156534][ T6291] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 b9 80 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 0c 81 02 00 48
[  199.176177][ T6291] RSP: 002b:00007fb066620090 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  199.184393][ T6291] RAX: ffffffffffffffda RBX: 00007fb0659b3f80 RCX: 00007fb06587bc6f
[  199.192213][ T6291] RDX: 000000000000fdef RSI: 0000000020000780 RDI: 00000000000000c8
[  199.200019][ T6291] RBP: 00007fb0658ec074 R08: 0000000000000000 R09: 0000000000000000
[  199.207828][ T6291] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  199.215779][ T6291] R13: 000000000000000b R14: 00007fb0659b3f80 R15: 00007ffc1586a328
[  199.223594][ T6291]  </TASK>
[  199.226446][ T6291] Modules linked in:
[  199.230276][ T6291] ---[ end trace 0000000000000000 ]---
[  199.232840][   T40] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  199.235479][ T6291] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  199.248943][ T6291] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b
[  199.268386][ T6291] RSP: 0018:ffffc9000260f6c0 EFLAGS: 00010246
[  199.274274][ T6291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  199.282205][ T6291] RDX: ffffc90001f30000 RSI: 000000000000041e RDI: 000000000000041f
[  199.290013][ T6291] RBP: ffffc9000260f818 R08: 0000000000000005 R09: ffffffff8411e3d3
[  199.297825][ T6291] R10: 0000000000000004 R11: ffff88811b090000 R12: dffffc0000000000
[  199.305875][ T6291] R13: ffff88812c3b4c80 R14: 1ffff920004c1ee4 R15: 0000000000000000
[  199.313704][ T6291] FS:  00007fb0666206c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  199.322473][ T6291] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  199.328901][ T6291] CR2: 0000000020010000 CR3: 00000001098ad000 CR4: 00000000003526b0
[  199.336691][ T6291] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  199.344515][ T6291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  199.352336][ T6291] Kernel panic - not syncing: Fatal exception in interrupt
[  199.359660][ T6291] Kernel Offset: disabled
[  199.363795][ T6291] Rebooting in 86400 seconds..