last executing test programs:

13m7.00776435s ago: executing program 32 (id=8715):
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$netlink(r0, 0x10e, 0xb, &(0x7f00000001c0)=""/224, &(0x7f0000000000)=0xe0)

9m37.429425055s ago: executing program 33 (id=9263):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)

9m36.984353012s ago: executing program 34 (id=9264):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000011c0)={0x110, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PEERS={0xc4, 0x8, 0x0, 0x1, [{0xb8, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x58b, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x3e03}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "2eb8284ca5a361794d123b372f12d30314e17be0513990c775957563f0bb2031"}, @WGPEER_A_ALLOWEDIPS={0x44, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}]}]}]}, {0x4}, {0x4}]}]}, 0x110}}, 0x0)

9m35.109482851s ago: executing program 35 (id=9268):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000002c0)={0x2, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @local}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000b40)={0x2, {{0xa, 0x4e20, 0x1, @mcast2}}, 0x0, 0x2, [{{0xa, 0x4e20, 0x4, @rand_addr=' \x01\x00', 0x2}}, {{0xa, 0x4e24, 0x3, @rand_addr=' \x01\x00', 0x5}}]}, 0x190)

9m30.909196244s ago: executing program 36 (id=9273):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r0)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000030000005800018044000400200001000a000000000000003a000000000000004000000000003a2d00000000200002000a00000000000000fc010000000000000000000000000000000000000d0001007564703a73"], 0x6c}}, 0x0)

9m25.297365218s ago: executing program 37 (id=9277):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x10)
write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000000100000000000000080009000b820000", 0x24)

8m32.04046131s ago: executing program 38 (id=10748):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f00000004c0)=0xf2b, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0xfffffffffffffffd, &(0x7f00000000c0))

8m5.398807901s ago: executing program 39 (id=10938):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)={0x30, r1, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'veth0_vlan\x00'}}, @TIPC_NLA_BEARER_PROP={0x4}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x5}, 0x0)

6m14.804375155s ago: executing program 40 (id=14376):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b34373b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d3b6d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e75a5cffcdc2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7969d1685a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa439d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000003017808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24ee0c4f1c5e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f29c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7a97bc641df07720ba2b26b01000000a0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836154faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b000000000000000000000000000000000000f000", 0x1000}}, 0x1006)

5m11.068111805s ago: executing program 41 (id=16764):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x101142, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000000000000000000c001000000010000008200000000000100b54e00000200000000000000000000000000000001000000f60b00000500"])

3m56.839131331s ago: executing program 42 (id=18332):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x7}]}, 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003400000100e14000580050001"], 0x80}}, 0x0)

3m55.013799154s ago: executing program 9 (id=18380):
r0 = socket$tipc(0x1e, 0x5, 0x0)
fcntl$setstatus(r0, 0x4, 0xc0c00)
listen(r0, 0x0)
accept4(r0, 0x0, 0x0, 0x0)

3m54.976772385s ago: executing program 9 (id=18381):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002e80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x18)
fstatfs(0xffffffffffffffff, 0x0)

3m54.961987585s ago: executing program 9 (id=18382):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0)
bind$bt_hci(r0, &(0x7f00000000c0)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)

3m54.947175945s ago: executing program 9 (id=18384):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f0000000400)={[{@allow_utime={'allow_utime', 0x3d, 0x6}}, {@umask={'umask', 0x3d, 0x2}}, {@gid}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@namecase}, {@fmask={'fmask', 0x3d, 0x106}}, {@fmask={'fmask', 0x3d, 0x5}}, {@fmask={'fmask', 0x3d, 0x6}}, {@gid}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}]}, 0x1, 0x1524, &(0x7f00000037c0)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x9)

3m54.897207876s ago: executing program 9 (id=18385):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r0}, &(0x7f0000000300), &(0x7f00000005c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r1}, 0xc)

3m54.778047918s ago: executing program 9 (id=18387):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x10000, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x8031, 0xffffffffffffffff, 0xe6446000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x4001031, 0xffffffffffffffff, 0xe948f000)
mremap(&(0x7f00004fe000/0x4000)=nil, 0x4000, 0x3000, 0x2, &(0x7f0000ffa000/0x3000)=nil)

3m54.759319048s ago: executing program 43 (id=18387):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x10000, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x8031, 0xffffffffffffffff, 0xe6446000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x4001031, 0xffffffffffffffff, 0xe948f000)
mremap(&(0x7f00004fe000/0x4000)=nil, 0x4000, 0x3000, 0x2, &(0x7f0000ffa000/0x3000)=nil)

2m55.692734901s ago: executing program 8 (id=20319):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_buf(r1, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x192)

2m55.692319251s ago: executing program 8 (id=20320):
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000340)={[{@nodiscard}, {@nocheckpoint_merge}, {@alloc_mode_def}, {@six_active_logs}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@discard_unit_section}, {@noacl}, {@compress_cache}, {@alloc_mode_def}, {@noextent_cache}, {@compress_cache}, {@fault_type={'fault_type', 0x3d, 0x3}}]}, 0x3, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x4008f510, &(0x7f0000000180)={0x1000, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x8, 0x9, 0x3, 0x2401})

2m55.269962966s ago: executing program 8 (id=20322):
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000480)={[{@fault_injection={'fault_injection', 0x3d, 0x4ed}}, {@compress_chksum}, {}, {@six_active_logs}, {@six_active_logs}, {}, {@jqfmt_vfsv1}, {@noacl}, {@checkpoint_diasble}, {@fsync_mode_strict}, {@noextent_cache}, {@nouser_xattr}, {@two_active_logs}, {@fastboot}, {@jqfmt_vfsold}, {@inlinecrypt}]}, 0x1, 0x5508, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnbnIThwEwgDqBDMyfBo1mP1eZHRxjjjDLWSIO0EtwgC7oFXoBzkB3PUIFFbFLoSqoUpxErd6TgnFkPmxEFrYlAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbbqrVrOb+e+rpjnb3QXz1OhCk+YjAQAAAM7ZVKtZ/WYS61/T/e/p1s9UL0II5Zkp/CB8OskcpJzquf31cfvqRR9uQ6gT9t8xSteXEMKfdD38aPtXAAAAgI9rvVhO42w9vkz67hBdios25be/mfKKEEI1uc+UVu7zfmUKq//fw/A/U1q9gDXOFBaX3Ia50t6kftwPq3bjo6KIRfnqxw6dzDZ2AACgQ4OTottZCAAAAF3613cH6EcRnrYyD1uBo1ik7b3PJzUAAADgHSr67gAAAADQunr+39H5fzvn/wEAAEA/4vl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtGlTrWbrxXLaNGe7aybPaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/XlHgRAIgzDYu74zmfsfVho0NTWpAuHjbwwGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe/O4v/yemxplk7rWx9DySrJ0aW6fG3rlx9Ifx9WsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC725yUFQiAIomDO+N9J3/+wkqBnECECGh5V1KIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC527uc1jioOAPibmZ2trYprlD1ERMGDXux2W1t7Ew9K8OCfIIR0W2O3/mhzsKWIuXiTnHsRPYoISrz1f8g5gVziLYc9RPCszOxMdvIDXH/NbJLPB9687w7DvO+bhZDvvJcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQGr09iZPs0BnHcXFuc+/hUtZvHeozj9e257OWxVGdSZ8ML1Y/RN3mEgEAAODsSMr6PoSwk64vZH3cyev/tLwmq/m/fXocl/X84bq/7MvaP2u//Lz7/P5AnfE42U1vLg8Hl46m0vr/ZjnbnvnLK1r5k8/fvST5FxK/t/rcKM2fZ/T1xsY77Tw8V0e2AMA/cbHsi6D8fSjr+00mBsCZ0aoU3mX9n3SazQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgDqPV8GQZRyGE+dYkzmztPVw6rn+8tj1ftmuPHq2FLyf3zG6RhhBuLg8Hl2qdzWy7d//B7cXhcHC3/uClEEJTo79VTP/2B1NcHEIjz0fwHwVx8WXPSj4nI2jwhxIAAKdSWrSsrt9J1xeyc9FcCH98d7D+f7UShynr/90Pr21Wx6rW//3aZjj7eit3Pu3du//g9eU7i7cGtwYfv3G5/2b/yvWrV6/38nclPW9MAAAA+HfaRavW//Hc0fX/C5U4TFn/f/ZN/4vqWIn6/1iTRb+mMwEAADjbnn3599+iY85H7Xb4fHFl5W5/fNz/fHl8bCDVv+1c0ar1fzLXdFYAAABAHUar0YH1/xuVOEy5/v/U9y/8WL1nEkI4X6z/X1z6ZHijvunMtDr+nLjpOQIAANCs80Wrrv+n+f7/eH/LQxxCeO2VcVz8G8Cp6v/k3a9+qI5V3f9/pb4pzqS4O34eed8NodVtOiMAAABOsyeKlhX7v6brCx/9dOH9tv3/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHX7MwAA//8Eczca")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f00000001c0)=0x1)

2m54.860528421s ago: executing program 8 (id=20323):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")
stat(&(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
quotactl$Q_GETQUOTA(0xffffffff80000700, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, r0, 0x0)
chown(0x0, 0x0, 0xee01)

2m54.462146936s ago: executing program 8 (id=20330):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)

2m54.419036147s ago: executing program 8 (id=20331):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40042, 0x1ff)
write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000400000000000000000030003000000000000000000380000000000000000000000000020"], 0x158)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

2m44.826656959s ago: executing program 0 (id=20534):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000040000850000000100000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='signal_generate\x00', r1}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2m44.78114288s ago: executing program 0 (id=20535):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=@newlink={0x4c, 0x10, 0x1, 0x78bd27, 0xa5dfdbfb, {0x0, 0x0, 0x0, r2, 0xa2e89, 0x56211}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x14, 0x5, 0x0, 0x1, [@IFLA_BRPORT_MCAST_TO_UCAST={0x5}, @IFLA_BRPORT_BCAST_FLOOD={0x5}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x408c141}, 0x20000002)

2m44.74287507s ago: executing program 0 (id=20536):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xf, &(0x7f0000000200)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

2m44.651877422s ago: executing program 0 (id=20553):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
waitid$P_PIDFD(0x3, r1, 0x0, 0x4, 0x0)

2m44.365262075s ago: executing program 0 (id=20545):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x1)
unlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2m44.327370036s ago: executing program 0 (id=20547):
r0 = socket(0x200000000000011, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0x3a, &(0x7f0000000540)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x3, 0xe000, 0x0, 0x5, 0x0, @dev={0xac, 0x14, 0x14, 0xff}, @private=0xa010100, {[@generic={0x44, 0x2}]}}, {{0x1, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x0, 0x0, 0xdadf}}}}}}, 0x0)

2m37.980849047s ago: executing program 44 (id=20331):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40042, 0x1ff)
write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000400000000000000000030003000000000000000000380000000000000000000000000020"], 0x158)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

2m31.081082374s ago: executing program 1 (id=20825):
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0xdca079fdbfcc0b19, 0x0)
mprotect(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r0, 0x28, 0x6, 0x0, &(0x7f0000000000))

2m31.038663905s ago: executing program 1 (id=20826):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2m31.021735595s ago: executing program 1 (id=20827):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
read$FUSE(r1, &(0x7f0000010140)={0x2020}, 0x2036)

2m30.957528166s ago: executing program 1 (id=20828):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x4400, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54dabaa5206d4a2a060b5ccc774b3ec4c81a1a9852327ff871d16d0d9344e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9aeb8576d329be6e4bb168f1434000000", @ANYRES32], 0xfd, 0x296, &(0x7f0000001080)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=")
readv(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x0, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0xd0060, &(0x7f0000000180)=ANY=[@ANYBLOB='uid=', @ANYRESHEX])

2m30.902342287s ago: executing program 1 (id=20829):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001000)=@base={0xb, 0x5, 0x4, 0xa932, 0x9, 0xffffffffffffffff, 0x800008, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffff9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
getitimer(0x1, &(0x7f0000000280))

2m30.772576998s ago: executing program 1 (id=20835):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000002c0)={0x10000000})

2m30.68777277s ago: executing program 45 (id=20835):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000002c0)={0x10000000})

2m27.967995964s ago: executing program 46 (id=20547):
r0 = socket(0x200000000000011, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0x3a, &(0x7f0000000540)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x3, 0xe000, 0x0, 0x5, 0x0, @dev={0xac, 0x14, 0x14, 0xff}, @private=0xa010100, {[@generic={0x44, 0x2}]}}, {{0x1, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x0, 0x0, 0xdadf}}}}}}, 0x0)

2m17.516536277s ago: executing program 4 (id=21371):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000004800)=@newqdisc={0x68, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0x0, 0x0, 0x9, 0x401}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0x0, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}, @TCA_TBF_PBURST={0x8, 0x7, 0xcd7}]}}]}, 0x68}}, 0x44080)

2m17.483634718s ago: executing program 4 (id=21373):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e570028925a01000000000000008000f0fffeffe809000000fff5dd000000100001000c081000418e00000004fcff", 0x58}], 0x1)

2m17.462793948s ago: executing program 4 (id=21378):
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @local}, 0xc)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000003c0)={0x6, {{0x2, 0x4e22, @multicast1}}}, 0x88)
getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x192)

2m17.449015658s ago: executing program 4 (id=21380):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x4400, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54dabaa5206d4a2a060b5ccc774b3ec4c81a1a9852327ff871d16d0d9344e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9aeb8576d329be6e4bb168f1434000000", @ANYRES32], 0xfd, 0x296, &(0x7f0000001080)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=")
readv(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x0, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0xd0060, &(0x7f0000000180)=ANY=[@ANYBLOB='uid=', @ANYRESHEX])

2m17.418016879s ago: executing program 4 (id=21383):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1f8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x20000000}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @filter_kind_options=@f_route={{0xa}, {0x1a8, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0xca}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x194, 0x6, [@m_mirred={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x2d, 0x6, "b9e6cb743efb5818279b291a7d56a99d728d0d3c5750442cdd89714a7135052ff6aa167b6d47ccb820"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_mirred={0x134, 0x9, 0x0, 0x0, {{0xb}, {0xa4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0x5, 0x10000000, 0xae, 0x2}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x3, 0x10000000, 0x8, 0x8}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1336e5ff, 0x9, 0x6, 0x0, 0x1}, 0x7}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x4, 0x20000000, 0x8}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x100, 0x6, 0x7, 0x1f31, 0xfffffff5}, 0x4}}]}, {0x65, 0x6, "216194e50e7faa7649d1c06839be3b59a7f1bb6c7fbd0e7344b4e9b561d4b406f4a7a0c7e6ebe935ccd4c10fd3ff9357cc52da0d5a0f390e738e2309dae089a4a01ae1f8d77e0d976b93b2929ebf4d7c028b6d90a88896647bad3c945db8d809a4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}]}]}}]}, 0x1f8}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

2m17.292572121s ago: executing program 4 (id=21389):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x3})
r1 = syz_open_pts(r0, 0x101000)
ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f00000003c0)={0x55cb, 0x7, 0xd460, 0x28da, 0x10, "9f5cdbac6d746707a9b3d2dc75f4e57c66f56b", 0x2, 0x5})

2m17.27973359s ago: executing program 47 (id=21389):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x3})
r1 = syz_open_pts(r0, 0x101000)
ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f00000003c0)={0x55cb, 0x7, 0xd460, 0x28da, 0x10, "9f5cdbac6d746707a9b3d2dc75f4e57c66f56b", 0x2, 0x5})

16.375944412s ago: executing program 2 (id=25301):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x400, 0x0, 0x0)

16.361480452s ago: executing program 2 (id=25302):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000002380)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000140)={0xc, r1, 0x0, 0x0, 0x0, 0xfffffffffffffffd})

16.306821733s ago: executing program 2 (id=25303):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
getpgrp(0xffffffffffffffff)

16.223414814s ago: executing program 2 (id=25304):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0x4, 0x7}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x6}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0x800}]}}]}, 0x48}}, 0x0)

16.215018204s ago: executing program 2 (id=25305):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000240), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000700)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0xae9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x202, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x4374, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], [0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x9b6d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x89fe, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffff]}, 0x45c)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0x5501, 0x0)
writev(r0, &(0x7f0000000e00)=[{&(0x7f0000000100)="f723", 0x2}], 0x1)

16.120703075s ago: executing program 2 (id=25307):
ptrace(0x10, 0x1)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0)

2.345299401s ago: executing program 6 (id=25662):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\n'], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0x100, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x8, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r0}, 0x38)

2.344981341s ago: executing program 6 (id=25663):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000200)='kfree\x00', r2}, 0x18)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f0000000200)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)

2.284430662s ago: executing program 6 (id=25664):
r0 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r0, &(0x7f0000002780)={0x2, 0x4e22, @remote}, 0x10)
setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000140)=0x8000000a, 0x4)
write(r0, &(0x7f0000000440)="08008edf773c8000", 0x8)
recvmsg$inet_nvme(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)

2.279367831s ago: executing program 6 (id=25666):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

2.241984122s ago: executing program 6 (id=25667):
r0 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020000000000000800000524050000082407000000009e0c240700000000a3e82f07070d2407010604000000000000e90924030000000001"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000140)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x407}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0xb4, &(0x7f0000000400)={0x40, 0x1e, 0x1, "e6"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000480)={0x84, &(0x7f00000005c0)={0x0, 0x10, 0x4, '|svB'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.873405797s ago: executing program 3 (id=25683):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000000c0)={[{0x0, 0x800, 0x0, 0x0, 0x0, 0xa5, 0xbd, 0x9, 0xa9, 0x3, 0x0, 0x0, 0x40000000}, {0x8, 0x4005, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x6, 0xff, 0x0, 0x2, 0x6}, {0x3fe, 0x9, 0x0, 0xb, 0x0, 0x0, 0xb3, 0x0, 0x3, 0xfe, 0x80, 0xf6}], 0x2})

1.738848168s ago: executing program 3 (id=25688):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000200)='./file0\x00', 0x50)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300), 0x80, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',access=', @ANYRESDEC=0x0])

1.680524569s ago: executing program 3 (id=25689):
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200017ed, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_vlan\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000100)="d4ea", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000001780)="af", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000003400)=[{&(0x7f00000033c0)="97", 0x1}], 0x1}}], 0x3, 0x1)

806.77005ms ago: executing program 3 (id=25696):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001500b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

771.472751ms ago: executing program 3 (id=25698):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000800000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='rss_stat\x00', r0}, 0x18)
syz_clone(0x44208400, 0x0, 0x0, 0x0, 0x0, 0x0)

685.579372ms ago: executing program 3 (id=25704):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x11)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac010902"], 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

662.864382ms ago: executing program 5 (id=25705):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
setitimer(0x2, 0x0, 0x0)

647.567142ms ago: executing program 5 (id=25706):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
bind$unix(r0, &(0x7f00000002c0)=@file={0x1, './file0\x00'}, 0x6e)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
connect$unix(r0, &(0x7f0000004d00)=@file={0x1, './file0\x00'}, 0x6e)

630.620433ms ago: executing program 5 (id=25707):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
write$selinux_validatetrans(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a756e636f6e66696e65645f657865636d656d5f657865635f873a73302073797374656d5f753a6f626a65637457723a64656661756c745f636f6e746578745f743a7330203030302030"], 0x82)

608.805153ms ago: executing program 5 (id=25709):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

568.933543ms ago: executing program 5 (id=25711):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = dup(r1)
fsetxattr$security_selinux(r2, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

539.326334ms ago: executing program 5 (id=25712):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x9, '\t\x00'}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0x6, "00008000"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0x501c4814, &(0x7f00000000c0)={0x2, 0xffffffff, 0x0, 0x80000002, 0x0, 0xfffffefc})

206.783678ms ago: executing program 7 (id=25726):
r0 = socket$inet6(0xa, 0x3, 0x8)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x78, 0x0, 0x7e0, {0x7, 0x1e54, 0x0, {0x2, 0xfffffffffffffffc, 0x4, 0x6, 0x200000000, 0x0, 0x2, 0x9, 0x5, 0x2000, 0x1000, 0x0, 0x0, 0x1ff, 0x2}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000540)=0x2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002'], 0x28}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000001e00)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x0, 0x0)

152.531699ms ago: executing program 7 (id=25727):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

152.244839ms ago: executing program 7 (id=25728):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r1, 0x4068aea3, &(0x7f0000000300)={0x74, 0x0, 0x13})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200"])

70.34585ms ago: executing program 7 (id=25729):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x49, 0x0, &(0x7f0000000680)="755bb05395201ad875a81f08fbf73c46403cbcf9922ed5e124d4576314b9d703e2270ea77e8be9b7d6a78d90f5cd95c2293b2397fd6fbb743e63ffe5e2e2d924e7f40180f4b1704f0f", 0x0}, 0x50)

56.41435ms ago: executing program 7 (id=25730):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x80000001, 0x0, 0xffffffffffffffff, 0x163, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37266021"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x1400000000000000, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="06000000040000007c0500000a"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), &(0x7f0000000900), 0x404, r0, 0x0, 0x1ba8847c99}, 0x38)

39.26396ms ago: executing program 7 (id=25731):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r0}, 0x10)
setitimer(0x2, 0x0, 0x0)

0s ago: executing program 6 (id=25732):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xffef1000, 0x2000, &(0x7f0000ff1000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ff1000/0xd000)=nil})

kernel console output (not intermixed with test programs):

5.359247][   T39] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[ 1015.473159][ T2423] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0094.00B6/input/input179
[ 1015.500201][ T2423] uclogic 0003:28BD:0094.00B6: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.3-1/input1
[ 1015.528899][   T28] audit: type=1400 audit(947.144:7696): avc:  denied  { setopt } for  pid=19131 comm="syz.2.23929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1015.545869][T19134] netlink: 56 bytes leftover after parsing attributes in process `syz.2.23930'.
[ 1015.575923][   T39] usb 7-1: Using ep0 maxpacket: 32
[ 1015.582550][   T39] usb 7-1: config 0 has an invalid interface number: 16 but max is 0
[ 1015.590961][   T39] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1015.601595][   T39] usb 7-1: config 0 has no interface number 0
[ 1015.607999][   T39] usb 7-1: config 0 interface 16 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1015.617884][   T39] usb 7-1: config 0 interface 16 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[ 1015.628128][   T39] usb 7-1: config 0 interface 16 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1015.643258][   T39] usb 7-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d
[ 1015.652742][   T39] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1015.660948][   T39] usb 7-1: Product: syz
[ 1015.665274][   T39] usb 7-1: Manufacturer: syz
[ 1015.670142][   T39] usb 7-1: SerialNumber: syz
[ 1015.675937][   T39] usb 7-1: config 0 descriptor??
[ 1015.685002][   T39] snd-usb-audio: probe of 7-1:0.16 failed with error -12
[ 1015.701095][ T2423] usb 4-1: USB disconnect, device number 20
[ 1015.803436][  T990] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[ 1015.821328][   T28] audit: type=1326 audit(947.412:7697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19166 comm="syz.2.23946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e6f8e929 code=0x7ffc0000
[ 1015.844953][   T28] audit: type=1326 audit(947.412:7698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19166 comm="syz.2.23946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f63e6f8e929 code=0x7ffc0000
[ 1015.868264][   T28] audit: type=1326 audit(947.412:7699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19166 comm="syz.2.23946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f63e6f8e963 code=0x7ffc0000
[ 1015.900721][   T39] usb 7-1: USB disconnect, device number 28
[ 1015.907264][   T28] audit: type=1326 audit(947.485:7700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19166 comm="syz.2.23946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f63e6f8d3df code=0x7ffc0000
[ 1015.962176][   T28] audit: type=1326 audit(947.541:7701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19166 comm="syz.2.23946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f63e6f8e9b7 code=0x7ffc0000
[ 1015.985408][   T28] audit: type=1326 audit(947.541:7702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19166 comm="syz.2.23946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f63e6f8d290 code=0x7ffc0000
[ 1016.009306][   T28] audit: type=1326 audit(947.541:7703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19166 comm="syz.2.23946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f63e6f8d58a code=0x7ffc0000
[ 1016.041761][  T990] usb 6-1: Using ep0 maxpacket: 32
[ 1016.048712][  T990] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1016.058057][  T990] usb 6-1: config 7 has an invalid interface number: 187 but max is 0
[ 1016.066670][  T990] usb 6-1: config 7 has no interface number 0
[ 1016.073070][  T990] usb 6-1: config 7 interface 187 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 16
[ 1016.083471][  T990] usb 6-1: config 7 interface 187 has no altsetting 0
[ 1016.092286][  T990] usb 6-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[ 1016.101553][  T990] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1016.109587][  T990] usb 6-1: Product: syz
[ 1016.113893][  T990] usb 6-1: Manufacturer: syz
[ 1016.118632][  T990] usb 6-1: SerialNumber: syz
[ 1016.124466][T19128] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[ 1016.145447][T19178] pim6reg0: tun_chr_ioctl cmd 2147767521
[ 1016.535245][T19243] loop6: detected capacity change from 0 to 256
[ 1016.550036][T19243] FAT-fs (loop6): Directory bread(block 64) failed
[ 1016.556967][T19243] FAT-fs (loop6): Directory bread(block 65) failed
[ 1016.564981][T19243] FAT-fs (loop6): Directory bread(block 66) failed
[ 1016.571758][T19243] FAT-fs (loop6): Directory bread(block 67) failed
[ 1016.578476][T19243] FAT-fs (loop6): Directory bread(block 68) failed
[ 1016.585133][T19243] FAT-fs (loop6): Directory bread(block 69) failed
[ 1016.587458][T19245] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1016.598130][T19243] FAT-fs (loop6): Directory bread(block 70) failed
[ 1016.608081][T19245] FAT-fs (loop7): unable to read boot sector
[ 1016.608249][T19243] FAT-fs (loop6): Directory bread(block 71) failed
[ 1016.621820][T19243] FAT-fs (loop6): Directory bread(block 72) failed
[ 1016.628629][T19243] FAT-fs (loop6): Directory bread(block 73) failed
[ 1016.669590][T19242] syz.6.23981: attempt to access beyond end of device
[ 1016.669590][T19242] loop6: rw=2049, sector=1224, nr_sectors = 12 limit=256
[ 1016.754659][T19269] loop7: detected capacity change from 0 to 512
[ 1016.852897][T19293] loop6: detected capacity change from 0 to 256
[ 1016.925036][T19304] netlink: 12 bytes leftover after parsing attributes in process `syz.6.24009'.
[ 1016.935033][T19304] netlink: 12 bytes leftover after parsing attributes in process `syz.6.24009'.
[ 1017.035479][T19312] loop6: detected capacity change from 0 to 256
[ 1017.045714][T19312] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe55691ff, utbl_chksum : 0xe619d30d)
[ 1017.069653][T19312] exFAT-fs (loop6): hint_cluster is invalid (4278190089)
[ 1017.077004][T19312] exFAT-fs (loop6): error, failed to bmap (inode : ffff888124bf6e30 iblock : 8, err : -5)
[ 1017.087322][T19312] exFAT-fs (loop6): Filesystem has been set read-only
[ 1017.094380][T19312] exFAT-fs (loop6): error, invalid access to FAT (entry 0xff000008)
[ 1017.325883][T19333] loop6: detected capacity change from 0 to 128
[ 1017.336874][T19333] fscrypt (loop6, inode 12): Unsupported encryption flags (0x14)
[ 1017.430421][T19348] loop7: detected capacity change from 0 to 256
[ 1017.480303][T19348] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe55691ff, utbl_chksum : 0xe619d30d)
[ 1017.498963][T19348] exFAT-fs (loop7): hint_cluster is invalid (4278190089)
[ 1017.506359][T19348] exFAT-fs (loop7): error, failed to bmap (inode : ffff8881006b04f0 iblock : 8, err : -5)
[ 1017.516415][T19348] exFAT-fs (loop7): Filesystem has been set read-only
[ 1017.523474][T19348] exFAT-fs (loop7): error, invalid access to FAT (entry 0xff000008)
[ 1017.716961][T19350] loop6: detected capacity change from 0 to 40427
[ 1017.724268][T19350] F2FS-fs (loop6): fault_injection options not supported
[ 1017.731432][T19350] F2FS-fs (loop6): heap/no_heap options were deprecated
[ 1017.738592][T19350] F2FS-fs (loop6): Image doesn't support compression
[ 1017.746295][T19350] F2FS-fs (loop6): invalid crc value
[ 1017.753433][T19350] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1017.806889][T19380] netlink: 2 bytes leftover after parsing attributes in process `syz.7.24052'.
[ 1017.817611][T19350] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1017.864856][T19350] syz.6.24028: attempt to access beyond end of device
[ 1017.864856][T19350] loop6: rw=34817, sector=77824, nr_sectors = 128 limit=40427
[ 1017.888200][T13272] syz-executor: attempt to access beyond end of device
[ 1017.888200][T13272] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1017.929613][T19388] loop3: detected capacity change from 0 to 256
[ 1017.939298][T19388] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe55691ff, utbl_chksum : 0xe619d30d)
[ 1017.979888][T19388] exFAT-fs (loop3): hint_cluster is invalid (4278190089)
[ 1017.996393][T19388] exFAT-fs (loop3): error, failed to bmap (inode : ffff8881006b2e30 iblock : 8, err : -5)
[ 1018.024732][T19388] exFAT-fs (loop3): Filesystem has been set read-only
[ 1018.045679][T19388] exFAT-fs (loop3): error, invalid access to FAT (entry 0xff000008)
[ 1018.055622][T19404] syz.2.24051[19404] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1018.055717][T19404] syz.2.24051[19404] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1018.292700][T19441] netlink: 12 bytes leftover after parsing attributes in process `syz.3.24071'.
[ 1018.438188][  T990] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[ 1018.631182][ T2423] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1018.631222][  T990] usb 7-1: Using ep0 maxpacket: 8
[ 1018.645468][  T990] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[ 1018.654098][  T990] usb 7-1: config 179 has no interface number 0
[ 1018.660477][  T990] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1018.671613][  T990] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1018.682850][  T990] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1018.694451][  T990] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1018.706155][  T990] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1018.719661][  T990] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1018.729105][  T990] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1018.738217][T19414] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1018.755698][T18428] usb 6-1: USB disconnect, device number 21
[ 1018.836976][ T2423] usb 3-1: Using ep0 maxpacket: 32
[ 1018.843641][ T2423] usb 3-1: config index 0 descriptor too short (expected 7067, got 36)
[ 1018.852052][ T2423] usb 3-1: config 153 has too many interfaces: 56, using maximum allowed: 32
[ 1018.860984][ T2423] usb 3-1: config 153 has an invalid descriptor of length 64, skipping remainder of the config
[ 1018.872982][ T2423] usb 3-1: config 153 has 0 interfaces, different from the descriptor's value: 56
[ 1018.882301][ T2423] usb 3-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice= 0.00
[ 1018.892786][ T2423] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1018.970558][ T2223] usb 7-1: USB disconnect, device number 29
[ 1018.970618][    C1] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1018.985883][    C1] dummy_hcd dummy_hcd.6: timer fired with no URBs pending?
[ 1019.120046][ T2423] usb 3-1: string descriptor 0 read error: -71
[ 1019.126769][ T2423] usb 3-1: USB disconnect, device number 13
[ 1019.269973][T19485] netlink: 36 bytes leftover after parsing attributes in process `syz.7.24099'.
[ 1019.703756][ T2423] usb 7-1: new full-speed USB device number 30 using dummy_hcd
[ 1019.900041][ T2423] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[ 1019.908314][ T2423] usb 7-1: config 179 has no interface number 0
[ 1019.914648][ T2423] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[ 1019.925800][ T2423] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 64
[ 1019.936873][ T2423] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1019.948177][ T2423] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 64
[ 1019.959608][ T2423] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1019.972857][ T2423] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1019.982091][ T2423] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1019.991488][T19414] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1019.998731][T19414] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1020.226370][ T2423] usb 7-1: USB disconnect, device number 30
[ 1020.232593][    C0] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1020.232620][    C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1020.863736][T19501] netlink: 40 bytes leftover after parsing attributes in process `syz.5.24097'.
[ 1021.036210][   T28] kauditd_printk_skb: 20 callbacks suppressed
[ 1021.036228][   T28] audit: type=1400 audit(952.220:7724): avc:  denied  { checkpoint_restore } for  pid=19523 comm="syz.5.24111" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1021.092789][T19536] netlink: 4 bytes leftover after parsing attributes in process `syz.6.24115'.
[ 1021.183514][   T28] audit: type=1400 audit(952.368:7725): avc:  denied  { create } for  pid=19557 comm="syz.2.24126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1021.276938][   T28] audit: type=1400 audit(952.451:7726): avc:  denied  { append } for  pid=19565 comm="syz.2.24130" name="file0" dev="tmpfs" ino=11000 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1021.348337][   T28] audit: type=1400 audit(952.451:7727): avc:  denied  { open } for  pid=19565 comm="syz.2.24130" path="/2145/file0" dev="tmpfs" ino=11000 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1021.380044][T19576] netlink: 'syz.5.24135': attribute type 34 has an invalid length.
[ 1021.401563][T19578] netlink: 40 bytes leftover after parsing attributes in process `syz.2.24136'.
[ 1021.494254][T19601] loop5: detected capacity change from 0 to 128
[ 1021.502485][T19598] netlink: 208 bytes leftover after parsing attributes in process `syz.7.24147'.
[ 1021.525014][T19601] syz.5.24146: attempt to access beyond end of device
[ 1021.525014][T19601] loop5: rw=2049, sector=131, nr_sectors = 1 limit=128
[ 1021.540258][T19601] Buffer I/O error on dev loop5, logical block 131, lost async page write
[ 1021.548901][T19601] syz.5.24146: attempt to access beyond end of device
[ 1021.548901][T19601] loop5: rw=2049, sector=132, nr_sectors = 1 limit=128
[ 1021.562721][T19601] Buffer I/O error on dev loop5, logical block 132, lost async page write
[ 1021.571569][T19601] syz.5.24146: attempt to access beyond end of device
[ 1021.571569][T19601] loop5: rw=2049, sector=133, nr_sectors = 1 limit=128
[ 1021.585188][T19601] Buffer I/O error on dev loop5, logical block 133, lost async page write
[ 1021.593869][T19601] syz.5.24146: attempt to access beyond end of device
[ 1021.593869][T19601] loop5: rw=2049, sector=134, nr_sectors = 1 limit=128
[ 1021.618620][T19601] Buffer I/O error on dev loop5, logical block 134, lost async page write
[ 1021.635276][T19601] syz.5.24146: attempt to access beyond end of device
[ 1021.635276][T19601] loop5: rw=2049, sector=135, nr_sectors = 1 limit=128
[ 1021.650958][T19601] Buffer I/O error on dev loop5, logical block 135, lost async page write
[ 1021.674102][T19601] syz.5.24146: attempt to access beyond end of device
[ 1021.674102][T19601] loop5: rw=2049, sector=136, nr_sectors = 1 limit=128
[ 1021.699222][T19601] Buffer I/O error on dev loop5, logical block 136, lost async page write
[ 1021.719042][T19601] syz.5.24146: attempt to access beyond end of device
[ 1021.719042][T19601] loop5: rw=2049, sector=137, nr_sectors = 81 limit=128
[ 1022.196132][T19602] loop3: detected capacity change from 0 to 131072
[ 1022.203470][T19602] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0)
[ 1022.212220][T19602] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1022.221418][T19602] F2FS-fs (loop3): invalid crc value
[ 1022.229708][T19602] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1022.272330][T19602] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1022.279734][T19602] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[ 1022.390191][T19671] loop6: detected capacity change from 0 to 1024
[ 1022.424987][T19671] EXT4-fs mount: 28 callbacks suppressed
[ 1022.425006][T19671] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1022.441884][T19671] EXT4-fs (loop6): shut down requested (1)
[ 1022.448179][T19671] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[ 1022.457841][T19671] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[ 1022.466804][   T28] audit: type=1400 audit(953.563:7728): avc:  denied  { rmdir } for  pid=19670 comm="syz.6.24177" name="file0" dev="loop6" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1022.498348][   T28] audit: type=1400 audit(953.563:7729): avc:  denied  { read } for  pid=19681 comm="syz.5.24181" lport=74 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1022.519290][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1022.554284][T19689] loop6: detected capacity change from 0 to 256
[ 1022.563414][T19689] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[ 1022.636482][T19694] netlink: 16 bytes leftover after parsing attributes in process `syz.6.24186'.
[ 1022.815383][T19715] device batadv_slave_0 entered promiscuous mode
[ 1022.834683][   T28] audit: type=1400 audit(953.886:7730): avc:  denied  { create } for  pid=19716 comm="syz.3.24195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1022.853982][   T28] audit: type=1400 audit(953.886:7731): avc:  denied  { bind } for  pid=19716 comm="syz.3.24195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1022.874552][   T28] audit: type=1400 audit(953.886:7732): avc:  denied  { write } for  pid=19716 comm="syz.3.24195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1022.904483][T19721] loop3: detected capacity change from 0 to 16
[ 1022.911602][T19721] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1022.920946][   T28] audit: type=1400 audit(953.969:7733): avc:  denied  { mounton } for  pid=19720 comm="syz.3.24197" path="/730/file0" dev="loop3" ino=36 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1023.257389][ T2423] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 1023.335678][   T39] kernel write not supported for file /310/attr/exec (pid: 39 comm: kworker/1:1)
[ 1023.463307][ T2423] usb 4-1: Using ep0 maxpacket: 32
[ 1023.473386][ T2423] usb 4-1: config 1 has an invalid interface number: 242 but max is 0
[ 1023.495079][ T2423] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1023.516454][ T2423] usb 4-1: config 1 has no interface number 0
[ 1023.532995][ T2423] usb 4-1: config 1 interface 242 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1023.533035][ T2423] usb 4-1: config 1 interface 242 has no altsetting 0
[ 1023.571019][ T2423] usb 4-1: New USB device found, idVendor=2eca, idProduct=c101, bcdDevice=e2.df
[ 1023.571055][ T2423] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1023.588479][ T2423] usb 4-1: Product: syz
[ 1023.588506][ T2423] usb 4-1: Manufacturer: syz
[ 1023.597731][ T2423] usb 4-1: SerialNumber: syz
[ 1023.647711][T19763] netlink: 12 bytes leftover after parsing attributes in process `syz.6.24218'.
[ 1023.665432][T19765] loop5: detected capacity change from 0 to 1024
[ 1023.672918][T19765] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1023.682632][T19765] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1023.695080][T19771] loop6: detected capacity change from 0 to 256
[ 1023.707304][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1023.860114][T19792] netlink: 'syz.6.24230': attribute type 15 has an invalid length.
[ 1024.029706][T19813] loop5: detected capacity change from 0 to 16
[ 1024.034530][ T2423] aqc111: probe of 4-1:1.242 failed with error -22
[ 1024.037949][T19813] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1024.102741][T19821] loop6: detected capacity change from 0 to 256
[ 1024.147465][T19828] loop5: detected capacity change from 0 to 256
[ 1024.180580][T19831] loop6: detected capacity change from 0 to 8192
[ 1024.189252][T19831] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1024.260249][   T39] kernel write not supported for file /stat (pid: 39 comm: kworker/1:1)
[ 1024.275855][T19847] netlink: 12 bytes leftover after parsing attributes in process `syz.5.24255'.
[ 1024.291137][T18428] usb 4-1: USB disconnect, device number 21
[ 1025.049688][T19930] loop5: detected capacity change from 0 to 256
[ 1025.112242][T19938] lo: MTU too low for tipc bearer
[ 1025.118639][T19938] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[ 1025.180317][T19946] loop5: detected capacity change from 0 to 4096
[ 1025.214929][T19946] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1025.228338][T19946] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #15: comm syz.5.24301: corrupted inode contents
[ 1025.304114][T19946] EXT4-fs error (device loop5): ext4_dirty_inode:6120: inode #15: comm syz.5.24301: mark_inode_dirty error
[ 1025.333469][T19946] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #15: comm syz.5.24301: corrupted inode contents
[ 1025.348451][T19946] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #15: comm syz.5.24301: mark_inode_dirty error
[ 1025.416050][T19946] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #15: comm syz.5.24301: corrupted inode contents
[ 1025.672011][T19946] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #15: comm syz.5.24301: mark_inode_dirty error
[ 1026.672133][T19946] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #15: comm syz.5.24301: corrupted inode contents
[ 1026.684390][T19946] EXT4-fs error (device loop5): ext4_truncate:4314: inode #15: comm syz.5.24301: mark_inode_dirty error
[ 1026.687283][   T28] kauditd_printk_skb: 6 callbacks suppressed
[ 1026.687302][   T28] audit: type=1400 audit(957.449:7740): avc:  denied  { map } for  pid=19952 comm="syz.6.24303" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1026.726864][   T28] audit: type=1400 audit(957.486:7741): avc:  denied  { execute } for  pid=19952 comm="syz.6.24303" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1026.731709][T19946] EXT4-fs error (device loop5) in ext4_setattr:5659: Corrupt filesystem
[ 1026.803711][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1026.826535][T19957] syz.5.24304[19957] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1026.826618][T19957] syz.5.24304[19957] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1026.864491][T19962] netlink: 8 bytes leftover after parsing attributes in process `syz.6.24307'.
[ 1026.908530][T19962] device lo left promiscuous mode
[ 1026.927621][T19973] loop3: detected capacity change from 0 to 512
[ 1026.941645][   T28] audit: type=1400 audit(957.689:7742): avc:  denied  { mounton } for  pid=19963 comm="syz.5.24309" path="/192/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[ 1026.964634][T19973] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1027.008118][T19973] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters
[ 1027.008235][T19973] Quota error (device loop3): write_blk: dquota write failed
[ 1027.008270][T19973] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[ 1027.008293][T19973] EXT4-fs error (device loop3): ext4_acquire_dquot:6789: comm syz.3.24313: Failed to acquire dquot type 0
[ 1027.008550][T19973] EXT4-fs (loop3): 1 truncate cleaned up
[ 1027.008573][T19973] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1027.017313][T19973] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[ 1027.090435][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1027.222151][T19967] loop7: detected capacity change from 0 to 40427
[ 1027.243562][T19967] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504)
[ 1027.251010][T19967] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1027.264913][T20003] device bridge0 entered promiscuous mode
[ 1027.271050][T19967] F2FS-fs (loop7): fault_injection options not supported
[ 1027.279432][T19967] F2FS-fs (loop7): fault_type options not supported
[ 1027.296437][T19967] F2FS-fs (loop7): invalid crc value
[ 1027.308080][T19967] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1027.373164][T19967] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1027.383871][T19967] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1027.443701][T19967] syz.7.24310: attempt to access beyond end of device
[ 1027.443701][T19967] loop7: rw=2049, sector=53248, nr_sectors = 136 limit=40427
[ 1027.473692][T19967] syz.7.24310: attempt to access beyond end of device
[ 1027.473692][T19967] loop7: rw=2049, sector=53384, nr_sectors = 8 limit=40427
[ 1027.498268][ T7228] syz-executor: attempt to access beyond end of device
[ 1027.498268][ T7228] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1028.016343][T20045] netlink: 8 bytes leftover after parsing attributes in process `syz.7.24340'.
[ 1028.029641][   T28] audit: type=1400 audit(958.685:7743): avc:  denied  { read write } for  pid=20046 comm="syz.5.24341" name="uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1028.055016][ T2223] hid-generic 0000:0000:0000.00B7: unknown main item tag 0x0
[ 1028.074654][ T2223] hid-generic 0000:0000:0000.00B7: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1028.100272][   T28] audit: type=1400 audit(958.713:7744): avc:  denied  { open } for  pid=20046 comm="syz.5.24341" path="/dev/uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1028.266156][T20069] netlink: 44 bytes leftover after parsing attributes in process `syz.3.24352'.
[ 1028.449781][T20085] device bond_slave_1 entered promiscuous mode
[ 1028.456145][T20085] netlink: 'syz.3.24359': attribute type 2 has an invalid length.
[ 1028.503232][T20085] A link change request failed with some changes committed already. Interface bond_slave_1 may have been left with an inconsistent configuration, please check.
[ 1028.549381][T20057] loop5: detected capacity change from 0 to 40427
[ 1028.568401][   T28] audit: type=1400 audit(959.193:7745): avc:  denied  { mount } for  pid=20091 comm="syz.6.24363" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1028.571042][T20057] F2FS-fs (loop5): Not support 9007199254740992, larger than 256
[ 1028.606926][   T28] audit: type=1400 audit(959.193:7746): avc:  denied  { mounton } for  pid=20091 comm="syz.6.24363" path="/625/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[ 1028.639095][   T28] audit: type=1400 audit(959.248:7747): avc:  denied  { unmount } for  pid=13272 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1028.741898][T20103] netlink: 20 bytes leftover after parsing attributes in process `syz.6.24368'.
[ 1028.772088][T20103] netlink: 20 bytes leftover after parsing attributes in process `syz.6.24368'.
[ 1028.793911][T20107] loop7: detected capacity change from 0 to 128
[ 1028.803142][T20109] loop3: detected capacity change from 0 to 256
[ 1028.814032][T20111] loop5: detected capacity change from 0 to 256
[ 1028.831835][T20111] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x0d2a05fc, utbl_chksum : 0xe619d30d)
[ 1028.962663][T20125] loop5: detected capacity change from 0 to 4096
[ 1028.990955][T20125] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1029.032474][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1029.147708][T20155] loop7: detected capacity change from 0 to 512
[ 1029.158743][T20155] EXT4-fs: Ignoring removed nobh option
[ 1029.215718][T20155] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #11: comm syz.7.24392: invalid indirect mapped block 256 (level 2)
[ 1029.259941][T20155] EXT4-fs (loop7): 2 truncates cleaned up
[ 1029.279982][T20155] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1029.324945][T20155] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm syz.7.24392: bg 0: block 5: invalid block bitmap
[ 1029.380156][T20155] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 28
[ 1029.433649][T20155] EXT4-fs (loop7): This should not happen!! Data will be lost
[ 1029.433649][T20155] 
[ 1029.473932][T20155] EXT4-fs (loop7): Total free blocks count 0
[ 1029.498074][T20155] EXT4-fs (loop7): Free/Dirty block details
[ 1029.515962][T20183] loop6: detected capacity change from 0 to 2048
[ 1029.528326][T20155] EXT4-fs (loop7): free_blocks=0
[ 1029.535545][T20155] EXT4-fs (loop7): dirty_blocks=5
[ 1029.559682][T20155] EXT4-fs (loop7): Block reservation details
[ 1029.566943][T20183] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1029.588181][T20191] loop3: detected capacity change from 0 to 256
[ 1029.600057][T20155] EXT4-fs (loop7): i_reserved_data_blocks=5
[ 1029.626109][ T7228] EXT4-fs (loop7): unmounting filesystem.
[ 1029.633415][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1029.654848][T20191] FAT-fs (loop3): Directory bread(block 64) failed
[ 1029.669378][T20191] FAT-fs (loop3): Directory bread(block 65) failed
[ 1029.691399][T20191] FAT-fs (loop3): Directory bread(block 66) failed
[ 1029.711591][T20191] FAT-fs (loop3): Directory bread(block 67) failed
[ 1029.728041][T20191] FAT-fs (loop3): Directory bread(block 68) failed
[ 1029.745818][T20191] FAT-fs (loop3): Directory bread(block 69) failed
[ 1029.767673][T20191] FAT-fs (loop3): Directory bread(block 70) failed
[ 1029.786940][T20210] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1029.811247][T20191] FAT-fs (loop3): Directory bread(block 71) failed
[ 1029.820054][T20191] FAT-fs (loop3): Directory bread(block 72) failed
[ 1029.833977][T20191] FAT-fs (loop3): Directory bread(block 73) failed
[ 1030.061109][  T990] kernel write not supported for file /473/attr/fscreate (pid: 990 comm: kworker/1:3)
[ 1030.268389][T20273] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1030.276227][T20273] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1030.284113][T20273] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1030.311809][T20277] netlink: 'syz.5.24448': attribute type 25 has an invalid length.
[ 1030.331561][T20277] netlink: 'syz.5.24448': attribute type 7 has an invalid length.
[ 1030.348609][T20282] syz.6.24449[20282] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1030.348690][T20282] syz.6.24449[20282] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1030.363230][T20283] netlink: 27 bytes leftover after parsing attributes in process `syz.7.24451'.
[ 1030.809701][T20341] loop5: detected capacity change from 0 to 512
[ 1030.817279][T20341] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1030.830286][T20341] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[ 1030.838632][T20341] System zones: 1-12
[ 1030.844932][T20341] EXT4-fs (loop5): 1 truncate cleaned up
[ 1030.850770][T20341] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1030.865100][T20341] EXT4-fs (loop5): shut down requested (0)
[ 1030.872620][T20341] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=15
[ 1030.881717][T20341] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=15
[ 1030.890669][T20341] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=15
[ 1030.906167][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1030.982199][ T2223] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[ 1030.990075][T18428] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[ 1031.112209][ T2423] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1031.129386][T20352] SELinux: failed to load policy
[ 1031.188069][ T2223] usb 7-1: Using ep0 maxpacket: 8
[ 1031.193985][T18428] usb 4-1: Using ep0 maxpacket: 8
[ 1031.203980][T18428] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1031.215729][ T2223] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[ 1031.225505][ T2223] usb 7-1: config 179 has no interface number 0
[ 1031.232187][T18428] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1031.242054][T18428] usb 4-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00
[ 1031.252290][ T2223] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1031.263467][ T2223] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1031.274950][T18428] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1031.283042][ T2223] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1031.295829][T18428] usb 4-1: config 0 descriptor??
[ 1031.300944][ T2223] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1031.312539][ T2423] usb 3-1: Using ep0 maxpacket: 16
[ 1031.318405][ T2223] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1031.331890][ T2223] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1031.341278][ T2223] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1031.350797][T20326] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1031.360286][ T2423] usb 3-1: New USB device found, idVendor=07ab, idProduct=fc01, bcdDevice=28.e0
[ 1031.370882][ T2423] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1031.379036][ T2423] usb 3-1: Product: syz
[ 1031.383316][ T2423] usb 3-1: Manufacturer: syz
[ 1031.387997][ T2423] usb 3-1: SerialNumber: syz
[ 1031.393628][ T2423] usb 3-1: config 0 descriptor??
[ 1031.396895][T20364] netlink: 32 bytes leftover after parsing attributes in process `syz.7.24487'.
[ 1031.416241][ T2423] ums-freecom 3-1:0.0: USB Mass Storage device detected
[ 1031.592654][ T2223] input: Generic X-Box pad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:179.65/input/input180
[ 1031.627721][ T2223] usb 3-1: USB disconnect, device number 14
[ 1031.653486][T20400] loop7: detected capacity change from 0 to 128
[ 1031.662979][T20400] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1031.687346][ T7228] EXT4-fs (loop7): unmounting filesystem.
[ 1031.704080][T20403] incfs: iterate_incfs_dir / -22
[ 1031.754668][T18428] waltop 0003:172F:0038.00B8: unknown main item tag 0x0
[ 1031.762103][T18428] waltop 0003:172F:0038.00B8: unknown main item tag 0x0
[ 1031.770006][T18428] waltop 0003:172F:0038.00B8: unknown main item tag 0x0
[ 1031.777615][T18428] waltop 0003:172F:0038.00B8: unknown main item tag 0x0
[ 1031.784710][T18428] waltop 0003:172F:0038.00B8: unknown main item tag 0x0
[ 1031.792744][T18428] waltop 0003:172F:0038.00B8: hidraw0: USB HID v0.00 Device [HID 172f:0038] on usb-dummy_hcd.3-1/input0
[ 1031.804910][T20409] loop7: detected capacity change from 0 to 512
[ 1031.812270][T20409] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1031.816241][   T39] usb 7-1: USB disconnect, device number 31
[ 1031.822260][    C0] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1031.822295][    C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1031.824531][T20409] EXT4-fs error (device loop7): ext4_orphan_get:1426: comm syz.7.24508: bad orphan inode 16
[ 1031.829437][   T39] xpad 7-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[ 1031.836946][T20409] ext4_test_bit(bit=15, block=4) = 0
[ 1031.870947][ T2423] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[ 1031.870972][T20409] EXT4-fs (loop7): 1 orphan inode deleted
[ 1031.884855][T20409] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1031.904350][ T7228] EXT4-fs (loop7): unmounting filesystem.
[ 1031.970889][ T2223] usb 4-1: USB disconnect, device number 22
[ 1032.065722][ T2423] usb 6-1: Using ep0 maxpacket: 16
[ 1032.072483][ T2423] usb 6-1: config 0 has an invalid interface number: 109 but max is 0
[ 1032.080981][ T2423] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1032.091194][ T2423] usb 6-1: config 0 has no interface number 0
[ 1032.098953][ T2423] usb 6-1: New USB device found, idVendor=0421, idProduct=0094, bcdDevice=28.8e
[ 1032.108041][ T2423] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1032.116184][ T2423] usb 6-1: Product: syz
[ 1032.120847][ T2423] usb 6-1: Manufacturer: syz
[ 1032.125765][ T2423] usb 6-1: SerialNumber: syz
[ 1032.141625][ T2423] usb 6-1: config 0 descriptor??
[ 1032.241909][   T28] kauditd_printk_skb: 90 callbacks suppressed
[ 1032.241926][   T28] audit: type=1400 audit(962.577:7838): avc:  denied  { create } for  pid=20425 comm="syz.2.24515" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1032.269714][   T28] audit: type=1400 audit(962.577:7839): avc:  denied  { map } for  pid=20425 comm="syz.2.24515" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=216804 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1032.277508][T20428] netlink: 92 bytes leftover after parsing attributes in process `syz.2.24517'.
[ 1032.300305][   T28] audit: type=1400 audit(962.577:7840): avc:  denied  { read write } for  pid=20425 comm="syz.2.24515" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=216804 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1032.333046][   T28] audit: type=1400 audit(962.632:7841): avc:  denied  { read } for  pid=20429 comm="syz.7.24516" dev="nsfs" ino=4026532327 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1032.354430][   T28] audit: type=1400 audit(962.632:7842): avc:  denied  { open } for  pid=20429 comm="syz.7.24516" path="net:[4026532327]" dev="nsfs" ino=4026532327 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1032.382019][T20390] loop5: detected capacity change from 0 to 512
[ 1032.394267][   T28] audit: type=1400 audit(962.632:7843): avc:  denied  { create } for  pid=20429 comm="syz.7.24516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1032.397799][T20390] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1032.415441][   T28] audit: type=1400 audit(962.650:7844): avc:  denied  { setopt } for  pid=20429 comm="syz.7.24516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1032.449896][   T28] audit: type=1400 audit(962.678:7845): avc:  denied  { bind } for  pid=20429 comm="syz.7.24516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1032.491785][   T28] audit: type=1400 audit(962.697:7846): avc:  denied  { write } for  pid=20429 comm="syz.7.24516" path="socket:[216819]" dev="sockfs" ino=216819 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1032.540490][   T28] audit: type=1400 audit(962.715:7847): avc:  denied  { create } for  pid=20433 comm="syz.6.24519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1032.591519][T20390] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: inode #2: comm syz.5.24499: missing EA_INODE flag
[ 1032.664041][T20390] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.24499: error while reading EA inode 2 err=-117
[ 1032.718120][T20390] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: inode #2: comm syz.5.24499: missing EA_INODE flag
[ 1032.799668][  T891] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1032.807036][    T8] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 0
[ 1032.824658][T20390] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.24499: error while reading EA inode 2 err=-117
[ 1032.845901][T20390] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: comm syz.5.24499: inode #65536: comm syz.5.24499: iget: illegal inode #
[ 1032.874252][T20390] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.24499: error while reading EA inode 65536 err=-117
[ 1032.917360][T20390] EXT4-fs (loop5): 1 orphan inode deleted
[ 1032.927966][T20390] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1032.949057][T20453] loop3: detected capacity change from 0 to 40427
[ 1032.964846][T20453] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1032.973438][T20453] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1032.982474][ T2423] usb 6-1: bad CDC descriptors
[ 1032.988585][ T2423] usb 6-1: USB disconnect, device number 22
[ 1032.998734][T20453] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1033.036875][T20453] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1033.044253][T20453] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1033.062694][T20453] syz.3.24528: attempt to access beyond end of device
[ 1033.062694][T20453] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1033.312949][T20498] loop3: detected capacity change from 0 to 128
[ 1033.321934][T20498] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1033.339433][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1033.384146][T20505] loop3: detected capacity change from 0 to 2048
[ 1033.400266][T20505] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1033.419382][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1033.442128][T20509] loop3: detected capacity change from 0 to 2048
[ 1033.485962][T20509] Alternate GPT is invalid, using primary GPT.
[ 1033.492210][T20509]  loop3: p1 p2 p3
[ 1033.530261][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1033.626311][T20521] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1033.792134][T20540] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=20540 comm=syz.5.24564
[ 1033.930086][T20541] loop3: detected capacity change from 0 to 40427
[ 1033.937282][T20541] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1033.945267][T20541] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1033.957552][T20541] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1033.994433][T20541] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1034.020190][T20541] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1034.028704][T20541] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1034.054451][T20558] loop5: detected capacity change from 0 to 512
[ 1034.061943][T20558] EXT4-fs: Ignoring removed nobh option
[ 1034.088169][T20558] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.24569: invalid indirect mapped block 256 (level 2)
[ 1034.113020][T20558] EXT4-fs (loop5): 2 truncates cleaned up
[ 1034.127779][T20558] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1034.160903][T20558] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm syz.5.24569: bg 0: block 5: invalid block bitmap
[ 1034.178575][T20558] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 28
[ 1034.191270][T20558] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1034.191270][T20558] 
[ 1034.204387][T20558] EXT4-fs (loop5): Total free blocks count 0
[ 1034.210577][T20558] EXT4-fs (loop5): Free/Dirty block details
[ 1034.220543][T20558] EXT4-fs (loop5): free_blocks=0
[ 1034.225785][T20558] EXT4-fs (loop5): dirty_blocks=5
[ 1034.231180][T20558] EXT4-fs (loop5): Block reservation details
[ 1034.237327][T20558] EXT4-fs (loop5): i_reserved_data_blocks=5
[ 1034.265688][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1034.373380][   T39] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[ 1034.493986][T20586] loop7: detected capacity change from 0 to 256
[ 1034.501333][T20586] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1034.512202][T20586] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[ 1034.523171][T20586] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1034.579213][   T39] usb 7-1: Using ep0 maxpacket: 8
[ 1034.590393][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1034.601675][  T990] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1034.609454][T20594] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1034.609696][   T39] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1034.617418][T20594] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1034.630595][   T39] usb 7-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[ 1034.636455][T20594] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1034.652997][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1034.669917][   T39] usb 7-1: config 0 descriptor??
[ 1034.677407][T20598] loop5: detected capacity change from 0 to 512
[ 1034.687372][T20598] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.24588: corrupted in-inode xattr
[ 1034.700734][T20598] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.24588: couldn't read orphan inode 15 (err -117)
[ 1034.713737][T20598] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1034.726253][T20598] EXT4-fs error (device loop5): ext4_add_entry:2486: inode #2: comm syz.5.24588: Directory hole found for htree leaf block 0
[ 1034.748004][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1034.794616][T20611] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1034.801913][T20611] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1034.819054][  T990] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1034.830615][  T990] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1034.840174][  T990] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1034.851524][  T990] usb 4-1: config 0 descriptor??
[ 1034.964436][T20628] loop7: detected capacity change from 0 to 256
[ 1034.981091][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[ 1034.987282][ T3679] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1035.114342][   T39] hid-rmi 0003:06CB:81A7.00B9: unknown main item tag 0x4
[ 1035.127358][   T39] hid-rmi 0003:06CB:81A7.00B9: unknown main item tag 0x0
[ 1035.135106][   T39] hid-rmi 0003:06CB:81A7.00B9: unknown main item tag 0x0
[ 1035.142366][   T39] hid-rmi 0003:06CB:81A7.00B9: unknown main item tag 0x0
[ 1035.150449][   T39] hid-rmi 0003:06CB:81A7.00B9: unbalanced collection at end of report description
[ 1035.161861][   T39] hid-rmi 0003:06CB:81A7.00B9: parse failed
[ 1035.168129][   T39] hid-rmi: probe of 0003:06CB:81A7.00B9 failed with error -22
[ 1035.256850][T20661] loop5: detected capacity change from 0 to 1024
[ 1035.258263][T20664] pim6reg0: tun_chr_ioctl cmd 1074812118
[ 1035.263929][T20661] ext4: Unknown parameter 'nouser_xattr'
[ 1035.293280][  T990] keytouch 0003:0926:3333.00BA: fixing up Keytouch IEC report descriptor
[ 1035.303420][  T990] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.00BA/input/input182
[ 1035.356616][T18042] usb 7-1: USB disconnect, device number 32
[ 1035.383655][  T990] keytouch 0003:0926:3333.00BA: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[ 1035.427846][T20684] netlink: 8 bytes leftover after parsing attributes in process `syz.5.24627'.
[ 1035.466704][T20690] loop5: detected capacity change from 0 to 512
[ 1035.477196][T20690] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1035.508775][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1035.697203][T20697] loop7: detected capacity change from 0 to 40427
[ 1035.704667][T20697] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[ 1035.712612][T20697] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1035.724599][T20697] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1035.756644][T20697] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1035.770296][ T2223] usb 4-1: USB disconnect, device number 23
[ 1035.771590][T20697] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1035.783637][T20697] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1035.841380][T20714] netlink: 'syz.5.24639': attribute type 12 has an invalid length.
[ 1036.366017][T20748] loop3: detected capacity change from 0 to 4096
[ 1036.380568][T20732] loop6: detected capacity change from 0 to 40427
[ 1036.391316][T20748] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1036.408975][T20748] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.24654: bg 0: block 66: padding at end of block bitmap is not set
[ 1036.415638][T20732] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1036.432330][T20748] fs-verity (loop3, inode 15): ext4_end_enable_verity() failed with err -117
[ 1036.480432][T20732] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1036.498531][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1036.526322][T13272] syz-executor: attempt to access beyond end of device
[ 1036.526322][T13272] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1036.875367][T20809] netlink: 888 bytes leftover after parsing attributes in process `syz.2.24679'.
[ 1036.885961][T20809] netlink: 137 bytes leftover after parsing attributes in process `syz.2.24679'.
[ 1036.906250][T20809] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[ 1036.972037][T20774] loop5: detected capacity change from 0 to 40427
[ 1036.995120][T20774] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[ 1037.003627][T20774] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1037.017287][T20774] F2FS-fs (loop5): invalid crc value
[ 1037.039726][T20774] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1037.126926][T20774] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[ 1037.142088][T20774] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1037.452408][T20873] kvm [20872]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010005 data 0xaf
[ 1037.504429][ T2423] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1037.550438][T20880] netlink: 128 bytes leftover after parsing attributes in process `syz.5.24709'.
[ 1037.693678][T20882] loop5: detected capacity change from 0 to 40427
[ 1037.700935][T20882] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[ 1037.708975][T20882] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1037.717267][ T2423] usb 3-1: Using ep0 maxpacket: 16
[ 1037.720809][T20882] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1037.724074][ T2423] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 192, changing to 11
[ 1037.740402][ T2423] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[ 1037.763411][ T2423] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[ 1037.765238][T20882] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[ 1037.783731][T20882] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1037.789019][ T2423] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1037.809044][ T2423] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1037.826847][ T2423] usb 3-1: SerialNumber: syz
[ 1037.831760][   T28] kauditd_printk_skb: 87 callbacks suppressed
[ 1037.831781][   T28] audit: type=1400 audit(967.789:7935): avc:  denied  { setattr } for  pid=20881 comm="syz.5.24710" name="file1" dev="loop5" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1037.860803][   T28] audit: type=1400 audit(967.789:7936): avc:  denied  { rmdir } for  pid=20881 comm="syz.5.24710" name="file1" dev="loop5" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1037.883451][T20819] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1038.109106][ T2423] cdc_ether: probe of 3-1:1.0 failed with error -71
[ 1038.117240][ T2423] usb 3-1: USB disconnect, device number 15
[ 1038.398275][T20904] loop5: detected capacity change from 0 to 40427
[ 1038.414447][T20904] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[ 1038.433340][T20904] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1038.478052][T20904] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1038.500580][T20909] loop6: detected capacity change from 0 to 40427
[ 1038.513336][T20909] F2FS-fs (loop6): invalid crc value
[ 1038.530994][T20904] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[ 1038.531460][T20909] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1038.538408][T20904] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1038.585979][T20909] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[ 1038.602210][T20909] syz.6.24719: attempt to access beyond end of device
[ 1038.602210][T20909] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1038.663438][T20926] loop5: detected capacity change from 0 to 256
[ 1038.734964][   T28] audit: type=1400 audit(968.629:7937): avc:  denied  { create } for  pid=20937 comm="syz.2.24730" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1038.761126][   T28] audit: type=1400 audit(968.629:7938): avc:  denied  { bind } for  pid=20937 comm="syz.2.24730" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1038.800840][   T28] audit: type=1400 audit(968.629:7939): avc:  denied  { node_bind } for  pid=20937 comm="syz.2.24730" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 1038.959942][T20942] loop6: detected capacity change from 0 to 512
[ 1038.997398][T20942] EXT4-fs (loop6): 1 orphan inode deleted
[ 1039.005953][T20950] netlink: 45 bytes leftover after parsing attributes in process `syz.5.24734'.
[ 1039.015301][    T8] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1039.015579][T20942] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1039.043708][    T8] EXT4-fs error (device loop6): ext4_release_dquot:6825: comm kworker/u4:0: Failed to release dquot type 1
[ 1039.076742][   T28] audit: type=1400 audit(968.943:7940): avc:  denied  { read } for  pid=20955 comm="syz.2.24737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1039.145235][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1039.158183][   T28] audit: type=1400 audit(969.017:7941): avc:  denied  { ioctl } for  pid=20971 comm="syz.5.24744" path="socket:[219681]" dev="sockfs" ino=219681 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1039.158380][T20972] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1039.193517][T20974] loop3: detected capacity change from 0 to 512
[ 1039.210299][T20974] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1039.221305][   T28] audit: type=1400 audit(969.072:7942): avc:  denied  { create } for  pid=20976 comm="syz.6.24745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1039.239324][T20974] EXT4-fs (loop3): 1 truncate cleaned up
[ 1039.259294][T20974] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1039.283121][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1039.332249][T20985] input: syz0 as /devices/virtual/input/input183
[ 1039.491687][T20998] loop6: detected capacity change from 0 to 8192
[ 1039.662902][   T28] audit: type=1400 audit(969.487:7943): avc:  denied  { write } for  pid=21009 comm="syz.6.24760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1039.859857][T21030] netlink: 8 bytes leftover after parsing attributes in process `syz.3.24769'.
[ 1039.952073][T21042] loop3: detected capacity change from 0 to 256
[ 1039.969580][T21044] loop6: detected capacity change from 0 to 16
[ 1039.993730][T21044] erofs: (device loop6): mounted with root inode @ nid 36.
[ 1040.013966][T21044] erofs: (device loop6): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36
[ 1040.036729][T21044] erofs: (device loop6): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36
[ 1040.057137][T21044] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117]
[ 1040.075330][T21044] erofs: (device loop6): erofs_readdir: fail to readdir of logical block 0 of nid 36
[ 1040.101178][T21047] netlink: 36 bytes leftover after parsing attributes in process `syz.2.24776'.
[ 1040.520856][  T891] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1040.542851][T21093] loop5: detected capacity change from 0 to 256
[ 1040.556221][T21093] FAT-fs (loop5): Directory bread(block 64) failed
[ 1040.563179][T21093] FAT-fs (loop5): Directory bread(block 65) failed
[ 1040.569898][T21093] FAT-fs (loop5): Directory bread(block 66) failed
[ 1040.578842][T21093] FAT-fs (loop5): Directory bread(block 67) failed
[ 1040.585857][T21093] FAT-fs (loop5): Directory bread(block 68) failed
[ 1040.592490][T21093] FAT-fs (loop5): Directory bread(block 69) failed
[ 1040.599195][T21093] FAT-fs (loop5): Directory bread(block 70) failed
[ 1040.605810][T21093] FAT-fs (loop5): Directory bread(block 71) failed
[ 1040.612508][T21093] FAT-fs (loop5): Directory bread(block 72) failed
[ 1040.619115][T21093] FAT-fs (loop5): Directory bread(block 73) failed
[ 1040.640351][T21093] FAT-fs (loop5): error, invalid access to FAT (entry 0x00006c61)
[ 1040.751766][T21125] netlink: 8 bytes leftover after parsing attributes in process `syz.5.24811'.
[ 1040.760839][T21125] netlink: 4 bytes leftover after parsing attributes in process `syz.5.24811'.
[ 1040.898712][T21137] loop5: detected capacity change from 0 to 8192
[ 1040.914316][T21139] netlink: 12 bytes leftover after parsing attributes in process `syz.3.24817'.
[ 1041.350551][T18428] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[ 1041.475127][T21179] loop3: detected capacity change from 0 to 131072
[ 1041.484002][T21179] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0)
[ 1041.492534][T21179] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1041.502071][T21179] F2FS-fs (loop3): invalid crc value
[ 1041.509134][T21179] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1041.548683][T21179] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1041.555861][T21179] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[ 1041.567289][T18428] usb 6-1: Using ep0 maxpacket: 16
[ 1041.574745][T18428] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 8
[ 1041.593352][T18428] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[ 1041.610541][T18428] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1041.629639][T18428] usb 6-1: Product: syz
[ 1041.634303][T18428] usb 6-1: Manufacturer: syz
[ 1041.638929][T18428] usb 6-1: SerialNumber: syz
[ 1041.659583][T18428] usb 6-1: config 0 descriptor??
[ 1041.670284][T18428] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[ 1041.686983][T18428] usb 6-1: Detected FT232R
[ 1041.883167][T18428] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1042.113447][T18428] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1042.156324][T21254] binder: 21253:21254 ioctl c0306201 200000000640 returned -22
[ 1042.197679][T21260] loop3: detected capacity change from 0 to 256
[ 1042.206764][T21260] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[ 1042.224184][T21260] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1042.233852][T21260] exFAT-fs (loop3): Filesystem has been set read-only
[ 1042.246343][T21246] loop7: detected capacity change from 0 to 40427
[ 1042.269901][T21246] F2FS-fs (loop7): invalid crc value
[ 1042.276967][T21246] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1042.321518][T21246] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[ 1042.331015][ T2223] usb 6-1: USB disconnect, device number 23
[ 1042.341754][ T2223] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1042.356617][T21246] syz.7.24867: attempt to access beyond end of device
[ 1042.356617][T21246] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1042.395603][ T2223] ftdi_sio 6-1:0.0: device disconnected
[ 1042.469013][T21282] netlink: 28 bytes leftover after parsing attributes in process `syz.3.24884'.
[ 1042.607313][T18428] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1042.627841][T21302] device batadv_slave_0 left promiscuous mode
[ 1042.634324][T21302] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[ 1042.665316][T21305] loop3: detected capacity change from 0 to 128
[ 1042.673063][T21305] FAT-fs (loop3): Directory bread(block 162) failed
[ 1042.679805][T21305] FAT-fs (loop3): Directory bread(block 163) failed
[ 1042.686793][T21305] FAT-fs (loop3): Directory bread(block 164) failed
[ 1042.693464][T21305] FAT-fs (loop3): Directory bread(block 165) failed
[ 1042.700483][T21968] Bluetooth: hci0: command 0x1003 tx timeout
[ 1042.707139][ T3679] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1042.724507][T21305] FAT-fs (loop3): Directory bread(block 166) failed
[ 1042.734281][T21305] FAT-fs (loop3): Directory bread(block 167) failed
[ 1042.741094][T21305] FAT-fs (loop3): Directory bread(block 168) failed
[ 1042.747798][T21305] FAT-fs (loop3): Directory bread(block 169) failed
[ 1042.758967][T21305] FAT-fs (loop3): Directory bread(block 162) failed
[ 1042.765855][T21305] FAT-fs (loop3): Directory bread(block 163) failed
[ 1042.773876][T21305] syz.3.24894: attempt to access beyond end of device
[ 1042.773876][T21305] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[ 1042.787831][T21305] syz.3.24894: attempt to access beyond end of device
[ 1042.787831][T21305] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[ 1042.807460][T18428] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1042.819208][T18428] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1042.833027][T18428] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1042.844470][T18428] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1042.855564][T18428] usb 3-1: config 0 descriptor??
[ 1042.903756][T21328] tmpfs: Bad value for 'gid'
[ 1042.906914][T21329] loop5: detected capacity change from 0 to 512
[ 1042.915765][T21329] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1042.925224][T21329] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[ 1042.934716][T21329] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[ 1042.943055][T21329] System zones: 0-2, 18-18, 34-34
[ 1042.950085][T21329] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[ 1042.965597][T21329] EXT4-fs (loop5): 1 truncate cleaned up
[ 1042.971378][T21329] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1042.998736][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1043.076336][T21343] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1043.159317][T21351] netlink: 'syz.7.24915': attribute type 3 has an invalid length.
[ 1043.185874][T21354] tun1: tun_chr_ioctl cmd 1074025681
[ 1043.239306][T21356] xt_NFQUEUE: number of total queues is 0
[ 1043.260680][T21358] loop7: detected capacity change from 0 to 128
[ 1043.267659][T21358] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1043.280571][T21358] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1043.302648][T18428] keytouch 0003:0926:3333.00BB: fixing up Keytouch IEC report descriptor
[ 1043.314255][T18428] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.00BB/input/input184
[ 1043.330127][   T28] kauditd_printk_skb: 1539 callbacks suppressed
[ 1043.330146][   T28] audit: type=1400 audit(1228.896:9483): avc:  denied  { setopt } for  pid=21363 comm="syz.7.24921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1043.357994][   T28] audit: type=1400 audit(1228.896:9484): avc:  denied  { getopt } for  pid=21363 comm="syz.7.24921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1043.382577][   T28] audit: type=1400 audit(1228.951:9485): avc:  denied  { read } for  pid=21365 comm="syz.7.24922" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1043.411603][T18428] keytouch 0003:0926:3333.00BB: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[ 1043.501948][T21371] tc_dump_action: action bad kind
[ 1043.582424][  T990] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[ 1043.745504][T21375] loop6: detected capacity change from 0 to 128
[ 1043.754143][ T2223] usb 3-1: USB disconnect, device number 16
[ 1043.760841][T21375] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1043.777540][  T990] usb 6-1: Using ep0 maxpacket: 32
[ 1043.784214][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1043.795183][  T990] usb 6-1: config 0 has an invalid interface number: 85 but max is 0
[ 1043.807562][  T990] usb 6-1: config 0 has no interface number 0
[ 1043.813992][  T990] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1043.825904][T21386] loop6: detected capacity change from 0 to 512
[ 1043.832207][  T990] usb 6-1: config 0 interface 85 has no altsetting 0
[ 1043.840394][T21386] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1043.840828][  T990] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1043.858943][  T990] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1043.867207][  T990] usb 6-1: Product: syz
[ 1043.871574][  T990] usb 6-1: Manufacturer: syz
[ 1043.872979][T21386] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1043.876274][  T990] usb 6-1: SerialNumber: syz
[ 1043.877192][  T990] usb 6-1: config 0 descriptor??
[ 1043.911038][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1044.052807][   T28] audit: type=1400 audit(1229.570:9486): avc:  denied  { mount } for  pid=21403 comm="syz.6.24938" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[ 1044.106904][   T28] audit: type=1400 audit(1229.616:9487): avc:  denied  { mounton } for  pid=21409 comm="syz.6.24941" path="/722/file0" dev="incremental-fs" ino=3753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1044.107119][T21410] overlayfs: workdir and upperdir must reside under the same mount
[ 1044.145786][   T28] audit: type=1400 audit(1229.653:9488): avc:  denied  { mount } for  pid=21411 comm="syz.3.24942" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1044.168122][   T28] audit: type=1400 audit(1229.662:9489): avc:  denied  { unmount } for  pid=12039 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1044.181836][T21415] loop3: detected capacity change from 0 to 128
[ 1044.214286][   T28] audit: type=1400 audit(1229.717:9490): avc:  denied  { block_suspend } for  pid=21419 comm="syz.3.24946" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1044.259309][T21422] loop3: detected capacity change from 0 to 512
[ 1044.266597][T21422] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1044.278300][T21422] EXT4-fs (loop3): 1 truncate cleaned up
[ 1044.284193][T21422] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1044.316642][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1044.367953][  T990] usb 6-1: USB disconnect, device number 24
[ 1044.404362][T21418] loop6: detected capacity change from 0 to 40427
[ 1044.413914][T21418] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[ 1044.422287][T21418] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[ 1044.431759][T21418] F2FS-fs (loop6): invalid crc value
[ 1044.442790][T21418] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1044.452726][T21443] loop3: detected capacity change from 0 to 1024
[ 1044.477911][T21446] bridge_slave_0: default FDB implementation only supports local addresses
[ 1044.485771][T21418] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[ 1044.494103][T21418] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1044.504361][   T28] audit: type=1400 audit(1229.985:9491): avc:  denied  { bind } for  pid=21449 comm="syz.2.24958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1044.520844][T21443] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1044.557595][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1044.607848][T21461] loop6: detected capacity change from 0 to 128
[ 1044.615264][T21461] FAT-fs (loop6): Directory bread(block 162) failed
[ 1044.622012][T21461] FAT-fs (loop6): Directory bread(block 163) failed
[ 1044.628799][T21461] FAT-fs (loop6): Directory bread(block 164) failed
[ 1044.644260][T21461] FAT-fs (loop6): Directory bread(block 165) failed
[ 1044.650938][T21461] FAT-fs (loop6): Directory bread(block 166) failed
[ 1044.663048][T21461] FAT-fs (loop6): Directory bread(block 167) failed
[ 1044.670101][T21461] FAT-fs (loop6): Directory bread(block 168) failed
[ 1044.677385][T21471] tipc: New replicast peer: 255.255.255.255
[ 1044.683655][T21471] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1044.687904][T21461] FAT-fs (loop6): Directory bread(block 169) failed
[ 1044.703277][T21461] FAT-fs (loop6): Directory bread(block 162) failed
[ 1044.719642][T21475] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1044.727152][T21461] FAT-fs (loop6): Directory bread(block 163) failed
[ 1044.746492][T21461] syz.6.24963: attempt to access beyond end of device
[ 1044.746492][T21461] loop6: rw=3, sector=226, nr_sectors = 6 limit=128
[ 1044.771943][T21461] syz.6.24963: attempt to access beyond end of device
[ 1044.771943][T21461] loop6: rw=2051, sector=232, nr_sectors = 2 limit=128
[ 1044.803650][T21487] syz.3.24976[21487] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1044.803731][T21487] syz.3.24976[21487] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1045.149217][T21526] netlink: 12 bytes leftover after parsing attributes in process `syz.2.24993'.
[ 1045.238626][   T28] audit: type=1400 audit(1230.659:9492): avc:  denied  { mount } for  pid=21532 comm="syz.3.24997" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1045.395109][T18428] kernel write not supported for file /uinput (pid: 18428 comm: kworker/0:0)
[ 1045.423168][T21557] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1045.431154][T21557] IPv6: NLM_F_CREATE should be set when creating new route
[ 1045.438508][T21557] IPv6: NLM_F_CREATE should be set when creating new route
[ 1045.698677][T21586] device bridge2 entered promiscuous mode
[ 1045.710541][T21588] netlink: 16 bytes leftover after parsing attributes in process `syz.5.25023'.
[ 1045.760096][   T39] tipc: Node number set to 4278190080
[ 1045.880536][T21612] loop6: detected capacity change from 0 to 256
[ 1045.891425][T21612] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[ 1045.931628][T21620] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1045.939901][T21620] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1045.980486][T21625] loop5: detected capacity change from 0 to 1024
[ 1045.988532][T21625] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[ 1045.998513][T21625] EXT4-fs (loop5): can't mount with commit=3, fs mounted w/o journal
[ 1046.233151][T21637] device erspan0 entered promiscuous mode
[ 1046.239649][T21637] device erspan0 left promiscuous mode
[ 1046.272775][T21639] loop3: detected capacity change from 0 to 256
[ 1046.312641][T21641] loop3: detected capacity change from 0 to 2048
[ 1046.325575][T21641] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1046.338291][T21641] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[ 1046.355433][T21641] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[ 1046.368154][T21641] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1046.368154][T21641] 
[ 1046.378383][T21641] EXT4-fs (loop3): Total free blocks count 0
[ 1046.378387][   T39] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[ 1046.392141][T21641] EXT4-fs (loop3): Free/Dirty block details
[ 1046.393534][T21645] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1046.398185][T21641] EXT4-fs (loop3): free_blocks=2415919504
[ 1046.410499][T21645] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1046.410499][T21645] 
[ 1046.416421][T21641] EXT4-fs (loop3): dirty_blocks=48
[ 1046.426116][T21645] EXT4-fs (loop3): Total free blocks count 0
[ 1046.573988][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1046.585002][   T39] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1046.594045][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1046.602713][   T39] usb 6-1: config 0 descriptor??
[ 1046.800135][T21651] netlink: 'syz.7.25050': attribute type 11 has an invalid length.
[ 1046.808215][T21651] netlink: 44 bytes leftover after parsing attributes in process `syz.7.25050'.
[ 1046.858891][T21657] loop6: detected capacity change from 0 to 512
[ 1046.903463][T21657] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1046.928825][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1046.946590][T21673] netlink: 8 bytes leftover after parsing attributes in process `syz.6.25059'.
[ 1047.040118][T21684] loop6: detected capacity change from 0 to 1024
[ 1047.044780][   T39] keytouch 0003:0926:3333.00BC: fixing up Keytouch IEC report descriptor
[ 1047.052013][T21684] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1047.057686][   T39] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.00BC/input/input185
[ 1047.080346][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1047.151030][   T39] keytouch 0003:0926:3333.00BC: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[ 1047.220129][T21697] loop6: detected capacity change from 0 to 1024
[ 1047.235677][T21697] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1047.247544][T21697] EXT4-fs error (device loop6): ext4_check_all_de:666: inode #12: block 7: comm syz.6.25070: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0
[ 1047.277272][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1047.389998][T21710] loop3: detected capacity change from 0 to 256
[ 1047.399925][T21710] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[ 1047.419375][T21712] kvm [21711]: vcpu0, guest rIP: 0xfff0 vmx_set_msr: BTF|LBR in IA32_DEBUGCTLMSR 0x1, nop
[ 1047.441828][T21715] netlink: 16 bytes leftover after parsing attributes in process `syz.3.25077'.
[ 1047.451957][T21715] netlink: 4 bytes leftover after parsing attributes in process `syz.3.25077'.
[ 1047.503694][   T39] usb 6-1: USB disconnect, device number 25
[ 1047.683832][T21750] SELinux: failed to load policy
[ 1047.705040][T21755] syz_tun: refused to change device tx_queue_len
[ 1047.744747][T21760] loop6: detected capacity change from 0 to 512
[ 1047.751811][T21760] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1047.762926][T21760] EXT4-fs error (device loop6): ext4_orphan_get:1400: inode #15: comm syz.6.25099: casefold flag without casefold feature
[ 1047.776313][T21760] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.25099: couldn't read orphan inode 15 (err -117)
[ 1047.791790][T21760] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1047.818832][T21760] EXT4-fs warning (device loop6): ext4_empty_dir:3147: inode #2: comm syz.6.25099: directory missing '.'
[ 1047.861783][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1047.890998][T21784] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1047.983240][T21789] loop6: detected capacity change from 0 to 256
[ 1048.622053][T18428] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1049.454569][T18428] usb 3-1: Using ep0 maxpacket: 16
[ 1049.461111][T18428] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1049.469195][T18428] usb 3-1: config 0 has no interface number 0
[ 1049.475393][T18428] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1049.486345][T18428] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1049.496248][T18428] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1049.505445][T18428] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1049.514194][T18428] usb 3-1: config 0 descriptor??
[ 1049.597344][   T28] kauditd_printk_skb: 18 callbacks suppressed
[ 1049.597362][   T28] audit: type=1400 audit(1234.683:9511): avc:  denied  { mounton } for  pid=21807 comm="syz.6.25121" path="/766/file0" dev="tmpfs" ino=3988 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1049.615152][T21808] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1049.635809][T21808] FAT-fs (loop13): unable to read boot sector
[ 1049.665004][T21814] loop5: detected capacity change from 0 to 512
[ 1049.672243][T21814] EXT4-fs: Ignoring removed orlov option
[ 1049.679826][T21814] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1049.686743][T21814] EXT4-fs error (device loop5): ext4_find_extent:900: inode #4: comm syz.5.25124: inode has invalid extent depth: 7
[ 1049.699604][T21814] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=-117
[ 1049.709348][T21814] EXT4-fs warning (device loop5): ext4_enable_quotas:7041: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1049.724517][T21814] EXT4-fs (loop5): Cannot turn on quotas: error -22
[ 1049.731429][T21814] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1049.742840][T21814] EXT4-fs (loop5): unmounting filesystem.
[ 1049.816770][T21836] netlink: 48 bytes leftover after parsing attributes in process `syz.5.25133'.
[ 1049.859584][T21841] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=112 sclass=netlink_audit_socket pid=21841 comm=syz.5.25136
[ 1049.936906][T21849] tap0: tun_chr_ioctl cmd 1074025677
[ 1049.949301][T21849] tap0: linktype set to 270
[ 1050.019311][   T28] audit: type=1400 audit(1235.080:9512): avc:  denied  { execute_no_trans } for  pid=21858 comm="syz.6.25144" path="/775/file1" dev="tmpfs" ino=4036 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1050.084577][T21871] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1050.091897][T21871] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1050.126270][   T28] audit: type=1400 audit(1235.163:9513): avc:  denied  { mount } for  pid=21878 comm="syz.6.25155" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[ 1050.176533][T18428] uclogic 0003:28BD:0071.00BD: pen parameters not found
[ 1050.185137][T18428] uclogic 0003:28BD:0071.00BD: interface is invalid, ignoring
[ 1050.191741][T21890] loop3: detected capacity change from 0 to 128
[ 1050.195678][T18428] usb 3-1: USB disconnect, device number 17
[ 1050.208633][T21890] EXT4-fs: Ignoring removed nobh option
[ 1050.219518][T21894] loop7: detected capacity change from 0 to 512
[ 1050.220984][T21892] loop6: detected capacity change from 0 to 2048
[ 1050.226902][T21894] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1050.236921][T21890] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1050.259119][   T28] audit: type=1400 audit(1235.302:9514): avc:  denied  { lock } for  pid=21889 comm="syz.3.25160" path="/963/mnt/file1" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1050.271595][T21894] EXT4-fs (loop7): revision level too high, forcing read-only mode
[ 1050.281617][   T28] audit: type=1400 audit(1235.302:9515): avc:  denied  { unlink } for  pid=21889 comm="syz.3.25160" name="file1" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1050.296198][T21894] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e128, mo2=0002]
[ 1050.320645][T21894] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 1050.327751][T21894] Quota error (device loop7): v2_read_header: Failed header read: expected=8 got=0
[ 1050.337243][T21894] EXT4-fs warning (device loop7): ext4_enable_quotas:7041: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1050.337797][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1050.352189][T21894] EXT4-fs (loop7): Cannot turn on quotas: error -22
[ 1050.365595][T21894] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.25162: bg 0: block 40: padding at end of block bitmap is not set
[ 1050.380255][T21901] loop6: detected capacity change from 0 to 512
[ 1050.384952][T21894] EXT4-fs (loop7): Remounting filesystem read-only
[ 1050.395286][T21894] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1050.406038][T21894] EXT4-fs (loop7): Remounting filesystem read-only
[ 1050.406478][T21901] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1050.412885][T21894] EXT4-fs (loop7): 1 truncate cleaned up
[ 1050.423895][T21906] loop3: detected capacity change from 0 to 256
[ 1050.427090][T21894] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1050.482579][   T28] audit: type=1400 audit(1235.495:9516): avc:  denied  { name_bind } for  pid=21912 comm="syz.6.25169" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[ 1050.509181][   T28] audit: type=1400 audit(1235.495:9517): avc:  denied  { node_bind } for  pid=21912 comm="syz.6.25169" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 1050.530089][T21894] EXT4-fs error (device loop7): ext4_encrypted_get_link:46: inode #16: comm syz.7.25162: bad symlink.
[ 1050.541673][   T28] audit: type=1400 audit(1235.551:9518): avc:  denied  { read } for  pid=21893 comm="syz.7.25162" name="file2" dev="loop7" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 1050.561125][T21894] EXT4-fs error (device loop7): ext4_encrypted_get_link:46: inode #16: comm syz.7.25162: bad symlink.
[ 1050.577386][T21894] EXT4-fs error (device loop7): ext4_encrypted_get_link:46: inode #16: comm syz.7.25162: bad symlink.
[ 1050.633854][T21927] loop5: detected capacity change from 0 to 128
[ 1050.652761][T21927] FAT-fs (loop5): Directory bread(block 32) failed
[ 1050.659956][T21927] FAT-fs (loop5): Directory bread(block 33) failed
[ 1050.666710][T21927] FAT-fs (loop5): Directory bread(block 34) failed
[ 1050.673914][T21927] FAT-fs (loop5): Directory bread(block 35) failed
[ 1050.680763][T21927] FAT-fs (loop5): Directory bread(block 36) failed
[ 1050.688631][T21927] FAT-fs (loop5): Directory bread(block 37) failed
[ 1050.698742][T21927] FAT-fs (loop5): Directory bread(block 38) failed
[ 1050.706606][T21927] FAT-fs (loop5): Directory bread(block 39) failed
[ 1050.715173][T21927] FAT-fs (loop5): Directory bread(block 40) failed
[ 1050.722043][T21927] FAT-fs (loop5): Directory bread(block 41) failed
[ 1050.764604][ T1056] kernel write not supported for file /input/event2 (pid: 1056 comm: kworker/0:3)
[ 1050.853345][T21957] netlink: 128 bytes leftover after parsing attributes in process `syz.2.25190'.
[ 1051.036926][T21978] loop5: detected capacity change from 0 to 128
[ 1051.057419][T21950] loop6: detected capacity change from 0 to 40427
[ 1051.065948][T21950] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[ 1051.074205][T21950] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[ 1051.084718][T21950] F2FS-fs (loop6): invalid crc value
[ 1051.097701][T21950] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1051.121606][T21990] loop5: detected capacity change from 0 to 512
[ 1051.137715][T21950] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[ 1051.139000][T21990] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #4: comm syz.5.25197: corrupted inode contents
[ 1051.145335][T21950] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1051.158497][T21990] EXT4-fs error (device loop5): ext4_dirty_inode:6120: inode #4: comm syz.5.25197: mark_inode_dirty error
[ 1051.177914][T21990] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #4: comm syz.5.25197: corrupted inode contents
[ 1051.190263][T21990] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #4: comm syz.5.25197: mark_inode_dirty error
[ 1051.190571][T13272] syz-executor: attempt to access beyond end of device
[ 1051.190571][T13272] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1051.202491][T21990] EXT4-fs error (device loop5): ext4_acquire_dquot:6789: comm syz.5.25197: Failed to acquire dquot type 1
[ 1051.309237][T22004] netlink: 44 bytes leftover after parsing attributes in process `syz.6.25198'.
[ 1051.318545][T22004] netlink: 43 bytes leftover after parsing attributes in process `syz.6.25198'.
[ 1051.327741][T22004] netlink: 'syz.6.25198': attribute type 5 has an invalid length.
[ 1051.336127][T22004] netlink: 43 bytes leftover after parsing attributes in process `syz.6.25198'.
[ 1051.395388][T22011] netlink: 24 bytes leftover after parsing attributes in process `syz.6.25205'.
[ 1051.659167][T22068] pim6reg0: tun_chr_ioctl cmd 35111
[ 1051.770741][T22093] loop7: detected capacity change from 0 to 512
[ 1051.778139][T22093] ext4: Unknown parameter 'permit_directio'
[ 1051.803638][T22098] loop3: detected capacity change from 0 to 16
[ 1051.810673][T22098] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[ 1051.835626][T18042] hid-generic 0000:0004:0000.00BE: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[ 1051.946446][ T2223] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[ 1052.052001][T22125] device lo left promiscuous mode
[ 1052.141449][ T2223] usb 7-1: Using ep0 maxpacket: 16
[ 1052.151750][ T2223] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 8
[ 1052.173341][ T2223] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[ 1052.193405][ T2223] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1052.204712][ T2223] usb 7-1: Product: syz
[ 1052.213600][ T2223] usb 7-1: Manufacturer: syz
[ 1052.220052][T22112] loop5: detected capacity change from 0 to 40427
[ 1052.227005][ T2223] usb 7-1: SerialNumber: syz
[ 1052.232657][T22112] F2FS-fs (loop5): heap/no_heap options were deprecated
[ 1052.240565][ T2223] usb 7-1: config 0 descriptor??
[ 1052.247471][ T2223] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected
[ 1052.255532][T22112] F2FS-fs (loop5): invalid crc value
[ 1052.261486][ T2223] usb 7-1: Detected FT232R
[ 1052.267007][T22112] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1052.313926][T22112] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1052.328444][T22121] loop7: detected capacity change from 0 to 40427
[ 1052.336570][T22121] F2FS-fs (loop7): fault_injection options not supported
[ 1052.345470][T22121] F2FS-fs (loop7): invalid crc value
[ 1052.353363][T22132] loop3: detected capacity change from 0 to 1024
[ 1052.353989][T17865] syz-executor: attempt to access beyond end of device
[ 1052.353989][T17865] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1052.361094][T22132] EXT4-fs: Ignoring removed nobh option
[ 1052.380399][T22132] EXT4-fs: Ignoring removed bh option
[ 1052.386363][T22132] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1052.398506][T22121] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1052.462659][T22121] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1052.464697][ T2223] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1052.498731][T22141] loop3: detected capacity change from 0 to 512
[ 1052.527652][ T7228] syz-executor: attempt to access beyond end of device
[ 1052.527652][ T7228] loop7: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 1052.542439][T22149] netlink: 'syz.5.25267': attribute type 11 has an invalid length.
[ 1052.678690][T22160] loop7: detected capacity change from 0 to 128
[ 1052.702915][ T2223] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1052.722776][T22171] loop5: detected capacity change from 0 to 128
[ 1052.724153][T22170] loop7: detected capacity change from 0 to 512
[ 1052.732531][T22171] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[ 1052.739139][T22170] EXT4-fs error (device loop7): ext4_get_branch:178: inode #13: block 33619980: comm syz.7.25275: invalid block
[ 1052.743767][T22171] FAT-fs (loop5): Filesystem has been set read-only
[ 1052.756469][T22170] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.25275: invalid indirect mapped block 10 (level 1)
[ 1052.762628][T22171] syz.5.25276: attempt to access beyond end of device
[ 1052.762628][T22171] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[ 1052.776500][T22170] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.25275: invalid indirect mapped block 8 (level 1)
[ 1052.790610][T22171] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[ 1052.803338][T22170] EXT4-fs (loop7): 1 truncate cleaned up
[ 1052.811123][T22171] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[ 1052.824544][T22170] syz.7.25275 (pid 22170) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[ 1052.824817][T22171] syz.5.25276: attempt to access beyond end of device
[ 1052.824817][T22171] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[ 1052.837006][T22170] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 213 vs 220 free clusters
[ 1052.849074][T22171] syz.5.25276: attempt to access beyond end of device
[ 1052.849074][T22171] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[ 1052.902166][T22179] tap0: tun_chr_ioctl cmd 1074025677
[ 1052.907698][T22179] tap0: linktype set to 773
[ 1052.929639][T18428] usb 7-1: USB disconnect, device number 33
[ 1052.938640][T22181] loop7: detected capacity change from 0 to 512
[ 1052.945237][T18428] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1052.955235][T18428] ftdi_sio 7-1:0.0: device disconnected
[ 1053.065426][T22198] loop8: detected capacity change from 0 to 7
[ 1053.181606][ T2223] usb 6-1: new full-speed USB device number 26 using dummy_hcd
[ 1053.184894][T22211] __nla_validate_parse: 3 callbacks suppressed
[ 1053.184931][T22211] netlink: 104 bytes leftover after parsing attributes in process `syz.7.25293'.
[ 1053.399515][ T2223] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1053.414424][ T2223] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1053.414947][T22226] loop7: detected capacity change from 0 to 40427
[ 1053.430804][T22226] F2FS-fs (loop7): fault_injection options not supported
[ 1053.436100][ T2223] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1053.437910][T22226] F2FS-fs (loop7): Image doesn't support compression
[ 1053.453842][T22226] F2FS-fs (loop7): Image doesn't support compression
[ 1053.453846][T22234] sch_fq: defrate 2048 ignored.
[ 1053.454790][T22226] F2FS-fs (loop7): invalid crc value
[ 1053.460942][ T2223] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1053.466696][T22226] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1053.478480][ T2223] usb 6-1: Product: syz
[ 1053.504283][ T2223] usb 6-1: Manufacturer: syz
[ 1053.510427][T22239] input: syz1 as /devices/virtual/input/input186
[ 1053.516991][ T2223] usb 6-1: SerialNumber: syz
[ 1053.548206][T22226] F2FS-fs (loop7): Start checkpoint disabled!
[ 1053.555365][T22226] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[ 1053.628788][    T8] kworker/u4:0: attempt to access beyond end of device
[ 1053.628788][    T8] loop7: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 1053.715340][T22237] loop6: detected capacity change from 0 to 40427
[ 1053.722602][T22237] F2FS-fs (loop6): fault_injection options not supported
[ 1053.729946][T22237] F2FS-fs (loop6): heap/no_heap options were deprecated
[ 1053.737236][T22237] F2FS-fs (loop6): Image doesn't support compression
[ 1053.744950][T22237] F2FS-fs (loop6): invalid crc value
[ 1053.751366][T22237] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1053.808649][T22237] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1053.811945][T22260] loop3: detected capacity change from 0 to 512
[ 1053.834273][T13272] syz-executor: attempt to access beyond end of device
[ 1053.834273][T13272] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[ 1053.958787][ T2223] usb 6-1: 0:2 : does not exist
[ 1053.994916][T22277] netlink: 40 bytes leftover after parsing attributes in process `syz.6.25316'.
[ 1054.256458][T22298] loop3: detected capacity change from 0 to 16
[ 1054.263195][T22298] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1054.396941][ T2423] usb 6-1: USB disconnect, device number 26
[ 1054.416608][T18428] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[ 1054.611611][T18428] usb 7-1: Using ep0 maxpacket: 8
[ 1054.618302][T18428] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1054.626802][T18428] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1054.635531][T18428] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1054.644758][T18428] usb 7-1: config 250 has no interface number 0
[ 1054.651111][T18428] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1054.663219][T18428] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1054.674188][T18428] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 256
[ 1054.685145][T18428] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[ 1054.699162][T18428] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1054.707600][T18428] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1054.716862][T18428] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1054.725773][T18428] usb 7-1: Product: syz
[ 1054.730100][T18428] usb 7-1: SerialNumber: syz
[ 1054.742026][T18428] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1054.748412][T18428] hub: probe of 7-1:250.228 failed with error -5
[ 1054.899409][T22306] loop3: detected capacity change from 0 to 256
[ 1054.959574][T18428] usblp 7-1:250.228: usblp0: USB Bidirectional printer dev 34 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[ 1054.964648][T22315] loop5: detected capacity change from 0 to 1024
[ 1054.979408][T22315] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1055.004003][T22315] EXT4-fs mount: 14 callbacks suppressed
[ 1055.004025][T22315] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1055.025552][T22315] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: inode #11: comm syz.5.25341: missing EA_INODE flag
[ 1055.037481][T22315] EXT4-fs (loop5): Remounting filesystem read-only
[ 1055.045675][T22315] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.25341: error while reading EA inode 11 err=-117
[ 1055.059593][T22315] EXT4-fs (loop5): Remounting filesystem read-only
[ 1055.066332][T22315] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: inode #11: comm syz.5.25341: missing EA_INODE flag
[ 1055.078465][T22315] EXT4-fs (loop5): Remounting filesystem read-only
[ 1055.085086][T22315] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.25341: error while reading EA inode 11 err=-117
[ 1055.101614][T22315] EXT4-fs (loop5): Remounting filesystem read-only
[ 1055.121734][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1055.196655][   T28] kauditd_printk_skb: 27 callbacks suppressed
[ 1055.196698][   T28] audit: type=1400 audit(1239.852:9543): avc:  denied  { set_context_mgr } for  pid=22339 comm="syz.7.25351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[ 1055.197094][T22340] binder: 22339:22340 ioctl c0306201 200000000480 returned -14
[ 1055.305107][ T1056] usb 7-1: USB disconnect, device number 34
[ 1055.315013][ T1056] usblp0: removed
[ 1055.393333][   T28] audit: type=1400 audit(1240.037:9544): avc:  denied  { wake_alarm } for  pid=22364 comm="syz.7.25362" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1055.446650][   T28] audit: type=1400 audit(1240.092:9545): avc:  denied  { getopt } for  pid=22372 comm="syz.5.25366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1055.542217][   T28] audit: type=1400 audit(1240.166:9546): avc:  denied  { map } for  pid=22382 comm="syz.7.25371" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[ 1055.641765][T22399] netlink: 16 bytes leftover after parsing attributes in process `syz.5.25378'.
[ 1055.769659][T22414] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[ 1056.121147][T22437] loop5: detected capacity change from 0 to 512
[ 1056.137936][T22437] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1056.151857][T22437] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1056.160284][T22437] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[ 1056.169985][T22437] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[ 1056.182479][T22437] EXT4-fs error (device loop5): ext4_acquire_dquot:6789: comm syz.5.25396: Failed to acquire dquot type 1
[ 1056.204026][T22437] EXT4-fs (loop5): 1 truncate cleaned up
[ 1056.210308][T22437] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1056.240436][   T28] audit: type=1400 audit(1240.821:9547): avc:  denied  { remount } for  pid=22436 comm="syz.5.25396" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1056.242625][T22437] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[ 1056.270327][T22437] EXT4-fs warning (device loop5): ext4_multi_mount_protect:338: MMP startup interrupted, failing mount
[ 1056.270327][T22437] 
[ 1056.310404][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1056.410157][  T990] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[ 1056.626790][  T990] usb 7-1: Using ep0 maxpacket: 16
[ 1056.633208][  T990] usb 7-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[ 1056.642578][  T990] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1056.652330][  T990] usb 7-1: config 0 descriptor??
[ 1057.098441][  T990] lenovo 0003:17EF:6047.00BF: hidraw0: USB HID v1.01 Device [HID 17ef:6047] on usb-dummy_hcd.6-1/input0
[ 1057.529559][  T990] lenovo 0003:17EF:6047.00BF: Failed to switch middle button: -71
[ 1057.541039][  T990] lenovo 0003:17EF:6047.00BF: Fn-lock setting failed: -71
[ 1057.553283][  T990] lenovo 0003:17EF:6047.00BF: Sensitivity setting failed: -71
[ 1057.562084][  T990] usb 7-1: USB disconnect, device number 35
[ 1057.589281][T22476] loop3: detected capacity change from 0 to 256
[ 1057.598701][T22476] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d)
[ 1057.606817][T22480] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1057.618712][   T28] audit: type=1400 audit(1242.086:9548): avc:  denied  { watch } for  pid=22475 comm="syz.3.25413" path="/1016/file2/file0" dev="loop3" ino=1049502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1057.647066][T22482] loop7: detected capacity change from 0 to 512
[ 1057.662010][T22482] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2195: inode #15: comm syz.7.25416: corrupted in-inode xattr
[ 1057.674589][T22482] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.25416: couldn't read orphan inode 15 (err -117)
[ 1057.683659][   T28] audit: type=1400 audit(1242.141:9549): avc:  denied  { ioctl } for  pid=22485 comm="syz.3.25417" path="socket:[225865]" dev="sockfs" ino=225865 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1057.686760][T22482] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1057.743569][ T7228] EXT4-fs (loop7): unmounting filesystem.
[ 1057.794688][   T28] audit: type=1400 audit(1242.252:9550): avc:  denied  { mount } for  pid=22494 comm="syz.7.25421" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 1057.816841][   T39] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[ 1057.938919][T22506] tipc: Cannot configure node identity twice
[ 1057.945016][T22506] tipc: Cannot configure node identity twice
[ 1058.024561][   T39] usb 6-1: Using ep0 maxpacket: 16
[ 1058.031100][   T39] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1058.040338][   T39] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1058.050464][   T39] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1058.061123][   T39] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1058.070581][   T39] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1058.078648][   T39] usb 6-1: Product: syz
[ 1058.078670][   T39] usb 6-1: Manufacturer: syz
[ 1058.078685][   T39] usb 6-1: SerialNumber: syz
[ 1058.530218][   T39] usb 6-1: 0:2 : does not exist
[ 1058.569608][T22528] loop6: detected capacity change from 0 to 256
[ 1058.579295][T22528] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[ 1058.579532][T22528] exFAT-fs (loop6): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1058.664059][T22532] tipc: Enabling of bearer <ib:gretap0> rejected, media not registered
[ 1058.735966][T22539] 9pnet: p9_errstr2errno: server reported unknown error �@�0x0000000000000004
[ 1058.781483][T22543] loop3: detected capacity change from 0 to 256
[ 1058.781845][T22543] FAT-fs (loop3): Unrecognized mount option "��" or missing value
[ 1058.829528][T22550] netlink: 'syz.6.25445': attribute type 4 has an invalid length.
[ 1058.877020][T22555] loop6: detected capacity change from 0 to 512
[ 1058.886161][T22555] EXT4-fs error (device loop6): ext4_ext_check_inode:520: inode #15: comm syz.6.25449: pblk 0 bad header/extent: invalid magic - magic 7973, entries 1402, max 27648(0), depth 25964(25964)
[ 1058.905356][T22555] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.25449: couldn't read orphan inode 15 (err -117)
[ 1058.917495][T22555] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1058.938502][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1058.951910][T22563] bridge0: port 3(syz_tun) entered blocking state
[ 1058.958701][T22563] bridge0: port 3(syz_tun) entered disabled state
[ 1058.966338][T22563] device syz_tun entered promiscuous mode
[ 1058.972421][T22563] bridge0: port 3(syz_tun) entered blocking state
[ 1058.978905][T22563] bridge0: port 3(syz_tun) entered forwarding state
[ 1059.184748][   T39] usb 6-1: USB disconnect, device number 27
[ 1059.490284][T22588] 9p: Unknown uid 00000000004294967295
[ 1059.911109][T22628] loop5: detected capacity change from 0 to 1024
[ 1059.921338][T22628] EXT4-fs: Ignoring removed oldalloc option
[ 1059.927331][T22628] EXT4-fs: Ignoring removed orlov option
[ 1059.927856][T22620] netlink: 'syz.6.25476': attribute type 12 has an invalid length.
[ 1059.955598][T22628] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1059.962412][T22632] loop6: detected capacity change from 0 to 512
[ 1059.972083][T22632] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1059.981756][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1059.982222][T22632] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1059.995231][T22632] EXT4-fs error (device loop6): ext4_acquire_dquot:6789: comm syz.6.25480: Failed to acquire dquot type 1
[ 1060.007475][T22632] EXT4-fs (loop6): 1 truncate cleaned up
[ 1060.013853][T22632] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1060.030510][T22632] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[ 1060.040289][T22632] EXT4-fs warning (device loop6): ext4_multi_mount_protect:338: MMP startup interrupted, failing mount
[ 1060.040289][T22632] 
[ 1060.060758][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1060.119607][T22642] loop6: detected capacity change from 0 to 128
[ 1060.287222][T22655] syz.6.25487[22655] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1060.287299][T22655] syz.6.25487[22655] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1060.390431][T22669] loop5: detected capacity change from 0 to 1024
[ 1060.411805][T22669] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1060.423012][T22669] EXT4-fs (loop5): group descriptors corrupted!
[ 1060.440807][T22671] loop6: detected capacity change from 0 to 2048
[ 1060.491403][T22671] Alternate GPT is invalid, using primary GPT.
[ 1060.502214][T22671]  loop6: p2 p3 p7
[ 1060.541986][T22683] SELinux: failed to load policy
[ 1060.860282][   T28] kauditd_printk_skb: 28 callbacks suppressed
[ 1060.860301][   T28] audit: type=1400 audit(1245.076:9577): avc:  denied  { mount } for  pid=22693 comm="syz.7.25505" name="/" dev="incremental-fs" ino=6380 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1060.895508][ T2423] usb 7-1: new full-speed USB device number 36 using dummy_hcd
[ 1060.902133][   T28] audit: type=1400 audit(1245.076:9578): avc:  denied  { write } for  pid=22693 comm="syz.7.25505" name="/" dev="incremental-fs" ino=6380 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1060.929336][T22698] loop3: detected capacity change from 0 to 512
[ 1060.936130][T22698] ext3: Unknown parameter 'fowner>00000000000000000000'
[ 1060.949665][   T28] audit: type=1400 audit(1245.076:9579): avc:  denied  { add_name } for  pid=22693 comm="syz.7.25505" name=".pending_reads" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1060.982804][   T28] audit: type=1400 audit(1245.076:9580): avc:  denied  { create } for  pid=22693 comm="syz.7.25505" name=".pending_reads" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1061.010413][   T28] audit: type=1400 audit(1245.076:9581): avc:  denied  { associate } for  pid=22693 comm="syz.7.25505" name=".pending_reads" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1061.032929][   T28] audit: type=1400 audit(1245.076:9582): avc:  denied  { append } for  pid=22693 comm="syz.7.25505" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1061.057366][   T28] audit: type=1400 audit(1245.076:9583): avc:  denied  { open } for  pid=22693 comm="syz.7.25505" path="/1229/file0/.pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1061.084628][   T28] audit: type=1400 audit(1245.076:9584): avc:  denied  { setattr } for  pid=22693 comm="syz.7.25505" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1061.108620][   T28] audit: type=1400 audit(1245.113:9585): avc:  denied  { unmount } for  pid=7228 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1061.135123][ T2423] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 512, setting to 64
[ 1061.138440][   T28] audit: type=1400 audit(1245.150:9586): avc:  denied  { execmem } for  pid=22695 comm="syz.5.25516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 1061.155569][ T2423] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1061.173627][ T2423] usb 7-1: New USB device found, idVendor=28bd, idProduct=0078, bcdDevice= 0.00
[ 1061.182942][ T2423] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1061.193683][ T2423] usb 7-1: config 0 descriptor??
[ 1061.200499][T22689] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1061.386156][T22726] loop3: detected capacity change from 0 to 512
[ 1061.426629][T22730] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1061.441246][T22730] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1061.457034][T22726] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1061.470950][T22730] overlayfs: conflicting lowerdir path
[ 1061.477852][T22726] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #2: comm syz.3.25521: corrupted inode contents
[ 1061.490170][T22726] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #2: comm syz.3.25521: mark_inode_dirty error
[ 1061.501979][T22726] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #2: comm syz.3.25521: corrupted inode contents
[ 1061.514594][T22726] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.25521: mark_inode_dirty error
[ 1061.548116][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1061.554037][T22738] loop7: detected capacity change from 0 to 1024
[ 1061.554545][T22738] EXT4-fs: Ignoring removed bh option
[ 1061.566812][T22738] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1061.591150][T22738] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1061.611614][T22738] EXT4-fs (loop7): re-mounted. Quota mode: writeback.
[ 1061.658676][ T7228] EXT4-fs (loop7): unmounting filesystem.
[ 1061.684309][ T2423] uclogic 0003:28BD:0078.00C0: interface is invalid, ignoring
[ 1061.895281][  T990] usb 7-1: USB disconnect, device number 36
[ 1062.523969][T22765] loop6: detected capacity change from 0 to 256
[ 1062.583236][T22771] loop6: detected capacity change from 0 to 512
[ 1062.598119][T22771] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1062.611442][T22771] EXT4-fs error (device loop6): ext4_do_update_inode:5255: inode #2: comm syz.6.25537: corrupted inode contents
[ 1062.623982][T22771] EXT4-fs error (device loop6): ext4_dirty_inode:6120: inode #2: comm syz.6.25537: mark_inode_dirty error
[ 1062.640388][T22771] EXT4-fs error (device loop6): ext4_do_update_inode:5255: inode #2: comm syz.6.25537: corrupted inode contents
[ 1062.653995][T22771] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #2: comm syz.6.25537: mark_inode_dirty error
[ 1062.684315][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1062.750644][  T990] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1062.797936][T22793] loop7: detected capacity change from 0 to 512
[ 1062.805523][T22793] ext3: Unknown parameter 'fowner>00000000000000000000'
[ 1062.953983][  T990] usb 4-1: Using ep0 maxpacket: 16
[ 1062.960505][  T990] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[ 1062.975484][  T990] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1062.985590][  T990] usb 4-1: config 0 descriptor??
[ 1063.429412][  T990] lenovo 0003:17EF:6047.00C1: hidraw0: USB HID v1.01 Device [HID 17ef:6047] on usb-dummy_hcd.3-1/input0
[ 1063.455508][T22811] loop6: detected capacity change from 0 to 1024
[ 1063.462336][T22811] EXT4-fs: Ignoring removed oldalloc option
[ 1063.468736][T22811] EXT4-fs: Ignoring removed orlov option
[ 1063.486883][T22811] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1063.511963][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1063.526788][T22814] netlink: 'syz.5.25554': attribute type 12 has an invalid length.
[ 1063.874972][   T39] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[ 1064.069939][   T39] usb 6-1: Using ep0 maxpacket: 16
[ 1064.076891][   T39] usb 6-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1064.088256][   T39] usb 6-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1064.098223][  T990] lenovo 0003:17EF:6047.00C1: Fn-lock setting failed: -71
[ 1064.113586][   T39] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1064.120692][   T39] usb 6-1: New USB device found, idVendor=04f2, idProduct=0418, bcdDevice= 0.00
[ 1064.134987][  T990] lenovo 0003:17EF:6047.00C1: Sensitivity setting failed: -71
[ 1064.144147][  T990] usb 4-1: USB disconnect, device number 25
[ 1064.151164][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1064.162196][   T39] usb 6-1: config 0 descriptor??
[ 1064.282962][T22862] loop6: detected capacity change from 0 to 40427
[ 1064.290437][T22862] F2FS-fs (loop6): Invalid SB checksum offset: 0
[ 1064.296803][T22862] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[ 1064.306305][T22862] F2FS-fs (loop6): invalid crc value
[ 1064.313413][T22862] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1064.348240][T22862] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[ 1064.355621][T22862] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1064.371892][T22862] syz.6.25576: attempt to access beyond end of device
[ 1064.371892][T22862] loop6: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[ 1064.387924][T22862] syz.6.25576: attempt to access beyond end of device
[ 1064.387924][T22862] loop6: rw=2049, sector=53256, nr_sectors = 8 limit=40427
[ 1064.390450][T22876] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1064.411178][T22876] FAT-fs (loop15): unable to read boot sector
[ 1064.417967][T13272] syz-executor: attempt to access beyond end of device
[ 1064.417967][T13272] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1064.464879][T22880] loop7: detected capacity change from 0 to 256
[ 1064.560390][T22888] loop6: detected capacity change from 0 to 512
[ 1064.570551][T22888] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1064.591303][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1064.605160][   T39] chicony 0003:04F2:0418.00C2: unbalanced collection at end of report description
[ 1064.613060][T22892] device ip6gre2 entered promiscuous mode
[ 1064.617357][   T39] chicony 0003:04F2:0418.00C2: Chicony hid parse failed: -22
[ 1064.628019][   T39] chicony: probe of 0003:04F2:0418.00C2 failed with error -22
[ 1064.686338][T22903] loop3: detected capacity change from 0 to 1024
[ 1064.694098][T22903] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1064.706111][T22903] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[ 1064.717152][T22903] JBD2: no valid journal superblock found
[ 1064.723529][T22903] EXT4-fs (loop3): error loading journal
[ 1064.834437][   T39] usb 6-1: USB disconnect, device number 28
[ 1064.966899][T22937] loop3: detected capacity change from 0 to 1024
[ 1064.968773][T22935] loop7: detected capacity change from 0 to 2048
[ 1064.974700][T22937] EXT4-fs: Ignoring removed bh option
[ 1064.986191][T22937] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1065.003817][T22937] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1065.015232][T22935] GPT:first_usable_lbas don't match.
[ 1065.020691][T22935] GPT:34 != 290
[ 1065.021126][T22937] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[ 1065.024345][T22935] GPT: Use GNU Parted to correct GPT errors.
[ 1065.037403][T22935]  loop7: p1 p2 p3
[ 1065.066948][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1065.128811][T22943] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1066.278324][T22998] kvm: apic: phys broadcast and lowest prio
[ 1066.530524][   T28] kauditd_printk_skb: 94 callbacks suppressed
[ 1066.530544][   T28] audit: type=1400 audit(1250.319:9681): avc:  denied  { unmount } for  pid=17865 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 1066.554231][T23001] loop6: detected capacity change from 0 to 4096
[ 1066.564076][T23001] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1066.572813][T23001] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1066.576034][T23004] loop5: detected capacity change from 0 to 512
[ 1066.595967][T23004] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1066.617226][T17865] EXT4-fs (loop5): unmounting filesystem.
[ 1066.721924][T13272] EXT4-fs (loop6): unmounting filesystem.
[ 1066.967248][   T28] audit: type=1400 audit(1250.716:9682): avc:  denied  { ioctl } for  pid=23033 comm="syz.5.25647" path="socket:[229460]" dev="sockfs" ino=229460 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1067.015474][   T28] audit: type=1400 audit(1250.762:9683): avc:  denied  { create } for  pid=23039 comm="syz.5.25649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1067.061734][   T28] audit: type=1400 audit(1250.808:9684): avc:  denied  { create } for  pid=23043 comm="syz.5.25651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1067.081150][   T28] audit: type=1400 audit(1250.808:9685): avc:  denied  { connect } for  pid=23043 comm="syz.5.25651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1067.111215][   T28] audit: type=1400 audit(1250.808:9686): avc:  denied  { setopt } for  pid=23043 comm="syz.5.25651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1067.147889][   T28] audit: type=1400 audit(1250.891:9687): avc:  denied  { create } for  pid=23053 comm="syz.5.25656" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1067.172982][   T28] audit: type=1400 audit(1250.891:9688): avc:  denied  { write } for  pid=23053 comm="syz.5.25656" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1067.294483][T23056] loop5: detected capacity change from 0 to 40427
[ 1067.302453][T23056] F2FS-fs (loop5): invalid crc value
[ 1067.309606][T23056] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1067.349626][T23056] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[ 1067.369914][   T28] audit: type=1400 audit(1251.085:9689): avc:  denied  { create } for  pid=23074 comm="syz.6.25664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1067.396389][T21968] Bluetooth: hci0: command 0x1003 tx timeout
[ 1067.397038][ T3679] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1067.405409][   T28] audit: type=1400 audit(1251.103:9690): avc:  denied  { connect } for  pid=23074 comm="syz.6.25664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1067.419686][T22953] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 1067.436721][T17865] syz-executor: attempt to access beyond end of device
[ 1067.436721][T17865] loop5: rw=2051, sector=36912, nr_sectors = 8152 limit=40427
[ 1067.451191][T17865] syz-executor: attempt to access beyond end of device
[ 1067.451191][T17865] loop5: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[ 1067.472048][T17865] F2FS-fs (loop5): Issue discard(4614, 4614, 1019) failed, ret: -5
[ 1067.472085][T17865] F2FS-fs (loop5): Issue discard(5637, 5637, 10747) failed, ret: -5
[ 1067.608262][T23096] loop3: detected capacity change from 0 to 1024
[ 1067.636328][T23096] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1067.665454][T12039] EXT4-fs (loop3): unmounting filesystem.
[ 1067.693326][T23104] loop5: detected capacity change from 0 to 256
[ 1067.705735][T23104] FAT-fs (loop5): Directory bread(block 64) failed
[ 1067.712697][T23104] FAT-fs (loop5): Directory bread(block 65) failed
[ 1067.719675][T23104] FAT-fs (loop5): Directory bread(block 66) failed
[ 1067.726340][T23104] FAT-fs (loop5): Directory bread(block 67) failed
[ 1067.733299][T23104] FAT-fs (loop5): Directory bread(block 68) failed
[ 1067.739884][T23104] FAT-fs (loop5): Directory bread(block 69) failed
[ 1067.746836][T23104] FAT-fs (loop5): Directory bread(block 70) failed
[ 1067.753400][T23104] FAT-fs (loop5): Directory bread(block 71) failed
[ 1067.753669][T18428] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[ 1067.760231][T23104] FAT-fs (loop5): Directory bread(block 72) failed
[ 1067.775670][T23104] FAT-fs (loop5): Directory bread(block 73) failed
[ 1067.859043][T23125] netlink: 116 bytes leftover after parsing attributes in process `syz.5.25686'.
[ 1067.970255][T18428] usb 7-1: Using ep0 maxpacket: 16
[ 1067.978462][T18428] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1067.987404][T18428] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1067.997797][T18428] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1068.008507][T18428] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1068.018016][T18428] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1068.026142][T18428] usb 7-1: Product: syz
[ 1068.030435][T18428] usb 7-1: Manufacturer: syz
[ 1068.035047][T18428] usb 7-1: SerialNumber: syz
[ 1068.476378][T18428] usb 7-1: 0:2 : does not exist
[ 1068.863670][T23142] input: syz0 as /devices/virtual/input/input189
[ 1068.953251][T23156] netlink: 116 bytes leftover after parsing attributes in process `syz.5.25701'.
[ 1068.964434][T23156] netlink: 8 bytes leftover after parsing attributes in process `syz.5.25701'.
[ 1069.009870][T23162] input: syz1 as /devices/virtual/input/input190
[ 1069.018327][T23164] can0: slcan on ptm0.
[ 1069.128070][T23176] loop7: detected capacity change from 0 to 8192
[ 1069.137969][T18428] usb 7-1: USB disconnect, device number 37
[ 1069.299855][T23195] loop7: detected capacity change from 0 to 128
[ 1069.308949][T23195] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1069.324829][ T2423] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1069.333701][ T7228] EXT4-fs (loop7): unmounting filesystem.
[ 1069.350326][T23199] loop7: detected capacity change from 0 to 1024
[ 1069.357395][T23199] EXT4-fs: Ignoring removed orlov option
[ 1069.369750][T23199] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1069.394263][ T7228] EXT4-fs (loop7): unmounting filesystem.
[ 1069.443793][  T990] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[ 1069.519523][ T2423] usb 4-1: Using ep0 maxpacket: 32
[ 1069.526198][ T2423] usb 4-1: config 0 has no interfaces?
[ 1069.534345][ T2423] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1069.543631][ T2423] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1069.552203][ T2423] usb 4-1: Product: syz
[ 1069.556428][ T2423] usb 4-1: Manufacturer: syz
[ 1069.561098][ T2423] usb 4-1: SerialNumber: syz
[ 1069.566634][ T2423] usb 4-1: config 0 descriptor??
[ 1069.660347][    C1] ==================================================================
[ 1069.668449][    C1] BUG: KASAN: use-after-free in __run_timers+0x32b/0x9a0
[ 1069.675484][    C1] Write of size 8 at addr ffff888116f70a00 by task syz.7.25731/23223
[ 1069.683732][    C1] 
[ 1069.686082][    C1] CPU: 1 PID: 23223 Comm: syz.7.25731 Tainted: G        W          6.1.138-syzkaller-00056-g7af56ffc913d #0
[ 1069.697638][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1069.707804][    C1] Call Trace:
[ 1069.711134][    C1]  <IRQ>
[ 1069.713990][    C1]  __dump_stack+0x21/0x24
[ 1069.718352][    C1]  dump_stack_lvl+0xee/0x150
[ 1069.723067][    C1]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1069.728114][    C1]  ? profile_hits+0x8e5/0xbe0
[ 1069.732848][    C1]  ? __run_timers+0x32b/0x9a0
[ 1069.738074][    C1]  print_address_description+0x71/0x210
[ 1069.743641][    C1]  print_report+0x4a/0x60
[ 1069.747977][    C1]  kasan_report+0x122/0x150
[ 1069.752501][    C1]  ? __run_timers+0x32b/0x9a0
[ 1069.757204][    C1]  __asan_report_store8_noabort+0x17/0x20
[ 1069.763037][    C1]  __run_timers+0x32b/0x9a0
[ 1069.767551][    C1]  ? sched_clock+0x9/0x10
[ 1069.771973][    C1]  ? sched_clock_cpu+0x6e/0x250
[ 1069.776824][    C1]  ? calc_index+0x200/0x200
[ 1069.781565][    C1]  ? kvm_sched_clock_read+0x18/0x40
[ 1069.786863][    C1]  run_timer_softirq+0x6a/0xf0
[ 1069.791730][    C1]  handle_softirqs+0x1d7/0x600
[ 1069.796611][    C1]  ? irqtime_account_irq+0xc4/0x240
[ 1069.802125][    C1]  __irq_exit_rcu+0x52/0xf0
[ 1069.806646][    C1]  irq_exit_rcu+0x9/0x10
[ 1069.810886][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 1069.816617][    C1]  </IRQ>
[ 1069.819730][    C1]  <TASK>
[ 1069.822768][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1069.828873][    C1] RIP: 0010:__kasan_check_read+0x0/0x20
[ 1069.834537][    C1] Code: 46 86 eb 0a 48 c7 c7 a3 2f 3d 86 48 89 de e8 9f cb 30 03 45 31 ff eb d1 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 f1 16 b4 ef <55> 48 89 e5 89 f6 48 8b 4d 08 31 d2 e8 df e7 ff ff 5d c3 66 2e 0f
[ 1069.854241][    C1] RSP: 0018:ffffc90001b77798 EFLAGS: 00000282
[ 1069.860334][    C1] RAX: ffffffff81a8afe2 RBX: ffffea0004f9b9b0 RCX: ffff88811543e540
[ 1069.868408][    C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea0004f9b9b0
[ 1069.876640][    C1] RBP: ffffc90001b77970 R08: dffffc0000000000 R09: fffff940009f3731
[ 1069.884725][    C1] R10: fffff940009f3731 R11: 1ffffd40009f3730 R12: ffffea0004f9b988
[ 1069.892813][    C1] R13: 00007f3d61000000 R14: ffffea0004f9b980 R15: dffffc0000000000
[ 1069.900799][    C1]  ? unmap_page_range+0x1282/0x2310
[ 1069.906011][    C1]  ? unmap_page_range+0x1296/0x2310
[ 1069.911300][    C1]  ? __cfi_unmap_page_range+0x10/0x10
[ 1069.916760][    C1]  ? mas_find+0x155/0x370
[ 1069.921229][    C1]  unmap_vmas+0x31c/0x430
[ 1069.925574][    C1]  ? __cfi_unmap_vmas+0x10/0x10
[ 1069.930431][    C1]  ? __cfi_lru_add_drain_cpu+0x10/0x10
[ 1069.935949][    C1]  ? __kasan_check_write+0x14/0x20
[ 1069.941070][    C1]  exit_mmap+0x263/0xa40
[ 1069.945325][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 1069.951156][    C1]  ? __cfi_exit_mmap+0x10/0x10
[ 1069.955925][    C1]  ? __cfi_exit_aio+0x10/0x10
[ 1069.960609][    C1]  ? uprobe_clear_state+0x2c1/0x320
[ 1069.965812][    C1]  ? _raw_read_unlock+0x25/0x40
[ 1069.970702][    C1]  __mmput+0x93/0x320
[ 1069.974762][    C1]  ? mmput+0x43/0x150
[ 1069.979018][    C1]  mmput+0x4b/0x150
[ 1069.982881][    C1]  do_exit+0x979/0x2650
[ 1069.987065][    C1]  ? blkcg_maybe_throttle_current+0x1df/0x9f0
[ 1069.993238][    C1]  ? __cfi_do_exit+0x10/0x10
[ 1069.997865][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 1070.003758][    C1]  ? try_to_wake_up+0x613/0x1220
[ 1070.008728][    C1]  ? wake_up_state+0xb/0x10
[ 1070.013237][    C1]  ? zap_other_threads+0x2b7/0x2f0
[ 1070.018355][    C1]  do_group_exit+0x210/0x2d0
[ 1070.022964][    C1]  __x64_sys_exit_group+0x3f/0x40
[ 1070.028082][    C1]  x64_sys_call+0x7b4/0x9a0
[ 1070.032585][    C1]  do_syscall_64+0x4c/0xa0
[ 1070.037095][    C1]  ? clear_bhb_loop+0x15/0x70
[ 1070.041772][    C1]  ? clear_bhb_loop+0x15/0x70
[ 1070.046445][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1070.052398][    C1] RIP: 0033:0x7f3d6278e929
[ 1070.056809][    C1] Code: Unable to access opcode bytes at 0x7f3d6278e8ff.
[ 1070.063823][    C1] RSP: 002b:00007ffe1331aa88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 1070.072276][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3d6278e929
[ 1070.080507][    C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 1070.088564][    C1] RBP: 00007ffe1331aaec R08: 000000051331ab7f R09: 00000000000927c0
[ 1070.096536][    C1] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000514
[ 1070.104516][    C1] R13: 00000000000927c0 R14: 00000000000f36e9 R15: 00007ffe1331ab40
[ 1070.112605][    C1]  </TASK>
[ 1070.115630][    C1] 
[ 1070.117977][    C1] Allocated by task 22953:
[ 1070.122488][    C1]  kasan_set_track+0x4b/0x70
[ 1070.127081][    C1]  kasan_save_alloc_info+0x25/0x30
[ 1070.132484][    C1]  __kasan_kmalloc+0x95/0xb0
[ 1070.137080][    C1]  __kmalloc+0xb1/0x1e0
[ 1070.141252][    C1]  hci_alloc_dev_priv+0x27/0x1bd0
[ 1070.146291][    C1]  hci_uart_tty_ioctl+0x3d6/0xa20
[ 1070.151352][    C1]  tty_ioctl+0x8ef/0xc60
[ 1070.155730][    C1]  __se_sys_ioctl+0x12f/0x1b0
[ 1070.160423][    C1]  __x64_sys_ioctl+0x7b/0x90
[ 1070.165110][    C1]  x64_sys_call+0x58b/0x9a0
[ 1070.169641][    C1]  do_syscall_64+0x4c/0xa0
[ 1070.174115][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1070.180727][    C1] 
[ 1070.183051][    C1] Freed by task 22953:
[ 1070.187120][    C1]  kasan_set_track+0x4b/0x70
[ 1070.191724][    C1]  kasan_save_free_info+0x31/0x50
[ 1070.196864][    C1]  ____kasan_slab_free+0x132/0x180
[ 1070.202070][    C1]  __kasan_slab_free+0x11/0x20
[ 1070.207376][    C1]  slab_free_freelist_hook+0xc2/0x190
[ 1070.212910][    C1]  __kmem_cache_free+0xb7/0x1b0
[ 1070.217779][    C1]  kfree+0x6f/0xf0
[ 1070.221517][    C1]  hci_release_dev+0x13ad/0x1500
[ 1070.226548][    C1]  bt_host_release+0x82/0x90
[ 1070.231763][    C1]  device_release+0xa4/0x1d0
[ 1070.236358][    C1]  kobject_put+0x19d/0x280
[ 1070.240795][    C1]  put_device+0x1f/0x30
[ 1070.245038][    C1]  hci_dev_cmd+0x265/0x720
[ 1070.249662][    C1]  hci_sock_ioctl+0x41e/0x7f0
[ 1070.254428][    C1]  sock_do_ioctl+0x101/0x310
[ 1070.259112][    C1]  sock_ioctl+0x4d8/0x6e0
[ 1070.263599][    C1]  __se_sys_ioctl+0x12f/0x1b0
[ 1070.268296][    C1]  __x64_sys_ioctl+0x7b/0x90
[ 1070.272944][    C1]  x64_sys_call+0x58b/0x9a0
[ 1070.277481][    C1]  do_syscall_64+0x4c/0xa0
[ 1070.281922][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1070.287926][    C1] 
[ 1070.290274][    C1] Last potentially related work creation:
[ 1070.295981][    C1]  kasan_save_stack+0x3a/0x60
[ 1070.300746][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[ 1070.306122][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1070.311955][    C1]  insert_work+0x51/0x300
[ 1070.316698][    C1]  __queue_work+0x9b1/0xd30
[ 1070.321217][    C1]  queue_work_on+0xd2/0x140
[ 1070.325860][    C1]  __hci_cmd_sync_sk+0xa3e/0xcf0
[ 1070.331002][    C1]  hci_cmd_sync_status+0x53/0x120
[ 1070.336303][    C1]  hci_dev_cmd+0x628/0x720
[ 1070.340954][    C1]  hci_sock_ioctl+0x41e/0x7f0
[ 1070.345737][    C1]  sock_do_ioctl+0x101/0x310
[ 1070.350345][    C1]  sock_ioctl+0x4d8/0x6e0
[ 1070.354997][    C1]  __se_sys_ioctl+0x12f/0x1b0
[ 1070.359810][    C1]  __x64_sys_ioctl+0x7b/0x90
[ 1070.364413][    C1]  x64_sys_call+0x58b/0x9a0
[ 1070.368967][    C1]  do_syscall_64+0x4c/0xa0
[ 1070.373428][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1070.379512][    C1] 
[ 1070.381842][    C1] Second to last potentially related work creation:
[ 1070.388519][    C1]  kasan_save_stack+0x3a/0x60
[ 1070.393209][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[ 1070.398591][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1070.404483][    C1]  insert_work+0x51/0x300
[ 1070.408844][    C1]  __queue_work+0x9b1/0xd30
[ 1070.413386][    C1]  queue_work_on+0xd2/0x140
[ 1070.417935][    C1]  hci_cmd_timeout+0x191/0x200
[ 1070.423509][    C1]  process_one_work+0x71f/0xc40
[ 1070.428371][    C1]  worker_thread+0xa29/0x11f0
[ 1070.433050][    C1]  kthread+0x281/0x320
[ 1070.437141][    C1]  ret_from_fork+0x1f/0x30
[ 1070.441571][    C1] 
[ 1070.443902][    C1] The buggy address belongs to the object at ffff888116f70000
[ 1070.443902][    C1]  which belongs to the cache kmalloc-8k of size 8192
[ 1070.457961][    C1] The buggy address is located 2560 bytes inside of
[ 1070.457961][    C1]  8192-byte region [ffff888116f70000, ffff888116f72000)
[ 1070.471432][    C1] 
[ 1070.473790][    C1] The buggy address belongs to the physical page:
[ 1070.480293][    C1] page:ffffea00045bdc00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x116f70
[ 1070.490571][    C1] head:ffffea00045bdc00 order:3 compound_mapcount:0 compound_pincount:0
[ 1070.499004][    C1] flags: 0x4000000000010200(slab|head|zone=1)
[ 1070.505094][    C1] raw: 4000000000010200 ffffea0004aae800 dead000000000003 ffff888100043500
[ 1070.513679][    C1] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[ 1070.522259][    C1] page dumped because: kasan: bad access detected
[ 1070.528675][    C1] page_owner tracks the page as allocated
[ 1070.534472][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 21069, tgid 21068 (syz.6.24795), ts 1040351179712, free_ts 1040277108698
[ 1070.557929][    C1]  post_alloc_hook+0x1f5/0x210
[ 1070.562705][    C1]  prep_new_page+0x1c/0x110
[ 1070.567316][    C1]  get_page_from_freelist+0x2c6e/0x2ce0
[ 1070.572894][    C1]  __alloc_pages+0x19e/0x3a0
[ 1070.577497][    C1]  alloc_slab_page+0x6e/0xf0
[ 1070.582102][    C1]  new_slab+0x98/0x3d0
[ 1070.586173][    C1]  ___slab_alloc+0x6f6/0xb50
[ 1070.590771][    C1]  __slab_alloc+0x5e/0xa0
[ 1070.595108][    C1]  __kmem_cache_alloc_node+0x203/0x2c0
[ 1070.600573][    C1]  __kmalloc+0xa1/0x1e0
[ 1070.604820][    C1]  bpf_test_init+0xce/0x160
[ 1070.609332][    C1]  bpf_prog_test_run_xdp+0x359/0xe50
[ 1070.614645][    C1]  bpf_prog_test_run+0x3e3/0x630
[ 1070.619621][    C1]  __sys_bpf+0x56d/0x780
[ 1070.623972][    C1]  __x64_sys_bpf+0x7c/0x90
[ 1070.628394][    C1]  x64_sys_call+0x488/0x9a0
[ 1070.632909][    C1] page last free stack trace:
[ 1070.637596][    C1]  free_unref_page_prepare+0x742/0x750
[ 1070.643079][    C1]  free_unref_page+0x8f/0x530
[ 1070.647759][    C1]  __free_pages+0x67/0x100
[ 1070.652175][    C1]  __free_slab+0xca/0x1a0
[ 1070.656765][    C1]  discard_slab+0x29/0x40
[ 1070.661185][    C1]  __slab_free+0x201/0x280
[ 1070.665695][    C1]  ___cache_free+0xbf/0xd0
[ 1070.670122][    C1]  qlist_free_all+0xc6/0x140
[ 1070.674826][    C1]  kasan_quarantine_reduce+0x14a/0x170
[ 1070.680633][    C1]  __kasan_slab_alloc+0x24/0x80
[ 1070.685490][    C1]  slab_post_alloc_hook+0x4f/0x2d0
[ 1070.690653][    C1]  kmem_cache_alloc+0x16e/0x330
[ 1070.695598][    C1]  getname_flags+0xb9/0x500
[ 1070.700115][    C1]  __x64_sys_mkdirat+0x7c/0xa0
[ 1070.704973][    C1]  x64_sys_call+0x73d/0x9a0
[ 1070.709547][    C1]  do_syscall_64+0x4c/0xa0
[ 1070.713994][    C1] 
[ 1070.716317][    C1] Memory state around the buggy address:
[ 1070.722039][    C1]  ffff888116f70900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1070.730119][    C1]  ffff888116f70980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1070.738232][    C1] >ffff888116f70a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1070.746395][    C1]                    ^
[ 1070.750550][    C1]  ffff888116f70a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1070.758634][    C1]  ffff888116f70b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1070.766802][    C1] ==================================================================
[ 1070.774877][    C1] Disabling lock debugging due to kernel taint
[ 1070.781831][    C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 1070.793690][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 1070.802119][    C1] CPU: 1 PID: 23223 Comm: syz.7.25731 Tainted: G    B   W          6.1.138-syzkaller-00056-g7af56ffc913d #0
[ 1070.813593][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1070.823746][    C1] RIP: 0010:__queue_work+0x575/0xd30
[ 1070.829042][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 f8 d2 28 00 4c 89 ff e8 70 c6 a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 dc 29 6d 00 49 8b 7d 00 e8 53 c2
[ 1070.848794][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[ 1070.854968][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88811543e540
[ 1070.862954][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 1070.871010][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[ 1070.879064][    C1] R10: ffffed1022dee139 R11: 1ffff11022dee139 R12: dffffc0000000000
[ 1070.887085][    C1] R13: 0000000000000000 R14: ffff888116f709c8 R15: 0000000000000008
[ 1070.895244][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1070.904262][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1070.911015][    C1] CR2: 000000110c28b2d6 CR3: 000000013d31c000 CR4: 00000000003526a0
[ 1070.919339][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1070.927524][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1070.936105][    C1] Call Trace:
[ 1070.939389][    C1]  <IRQ>
[ 1070.942260][    C1]  delayed_work_timer_fn+0x61/0x80
[ 1070.947636][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[ 1070.953719][    C1]  call_timer_fn+0x46/0x2a0
[ 1070.958401][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[ 1070.964394][    C1]  __run_timers+0x667/0x9a0
[ 1070.969199][    C1]  ? calc_index+0x200/0x200
[ 1070.973711][    C1]  ? kvm_sched_clock_read+0x18/0x40
[ 1070.979005][    C1]  run_timer_softirq+0x6a/0xf0
[ 1070.983772][    C1]  handle_softirqs+0x1d7/0x600
[ 1070.988674][    C1]  ? irqtime_account_irq+0xc4/0x240
[ 1070.993877][    C1]  __irq_exit_rcu+0x52/0xf0
[ 1070.998379][    C1]  irq_exit_rcu+0x9/0x10
[ 1071.002620][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 1071.008265][    C1]  </IRQ>
[ 1071.011284][    C1]  <TASK>
[ 1071.014214][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1071.020218][    C1] RIP: 0010:__kasan_check_read+0x0/0x20
[ 1071.025771][    C1] Code: 46 86 eb 0a 48 c7 c7 a3 2f 3d 86 48 89 de e8 9f cb 30 03 45 31 ff eb d1 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 f1 16 b4 ef <55> 48 89 e5 89 f6 48 8b 4d 08 31 d2 e8 df e7 ff ff 5d c3 66 2e 0f
[ 1071.045646][    C1] RSP: 0018:ffffc90001b77798 EFLAGS: 00000282
[ 1071.051730][    C1] RAX: ffffffff81a8afe2 RBX: ffffea0004f9b9b0 RCX: ffff88811543e540
[ 1071.059706][    C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea0004f9b9b0
[ 1071.067857][    C1] RBP: ffffc90001b77970 R08: dffffc0000000000 R09: fffff940009f3731
[ 1071.075924][    C1] R10: fffff940009f3731 R11: 1ffffd40009f3730 R12: ffffea0004f9b988
[ 1071.084014][    C1] R13: 00007f3d61000000 R14: ffffea0004f9b980 R15: dffffc0000000000
[ 1071.092093][    C1]  ? unmap_page_range+0x1282/0x2310
[ 1071.097410][    C1]  ? unmap_page_range+0x1296/0x2310
[ 1071.102702][    C1]  ? __cfi_unmap_page_range+0x10/0x10
[ 1071.108089][    C1]  ? mas_find+0x155/0x370
[ 1071.112423][    C1]  unmap_vmas+0x31c/0x430
[ 1071.116768][    C1]  ? __cfi_unmap_vmas+0x10/0x10
[ 1071.121910][    C1]  ? __cfi_lru_add_drain_cpu+0x10/0x10
[ 1071.127867][    C1]  ? __kasan_check_write+0x14/0x20
[ 1071.133086][    C1]  exit_mmap+0x263/0xa40
[ 1071.137344][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 1071.143505][    C1]  ? __cfi_exit_mmap+0x10/0x10
[ 1071.148449][    C1]  ? __cfi_exit_aio+0x10/0x10
[ 1071.153135][    C1]  ? uprobe_clear_state+0x2c1/0x320
[ 1071.158422][    C1]  ? _raw_read_unlock+0x25/0x40
[ 1071.163292][    C1]  __mmput+0x93/0x320
[ 1071.167447][    C1]  ? mmput+0x43/0x150
[ 1071.171692][    C1]  mmput+0x4b/0x150
[ 1071.175609][    C1]  do_exit+0x979/0x2650
[ 1071.179780][    C1]  ? blkcg_maybe_throttle_current+0x1df/0x9f0
[ 1071.186105][    C1]  ? __cfi_do_exit+0x10/0x10
[ 1071.190793][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 1071.196916][    C1]  ? try_to_wake_up+0x613/0x1220
[ 1071.201897][    C1]  ? wake_up_state+0xb/0x10
[ 1071.206953][    C1]  ? zap_other_threads+0x2b7/0x2f0
[ 1071.212087][    C1]  do_group_exit+0x210/0x2d0
[ 1071.216725][    C1]  __x64_sys_exit_group+0x3f/0x40
[ 1071.221944][    C1]  x64_sys_call+0x7b4/0x9a0
[ 1071.226457][    C1]  do_syscall_64+0x4c/0xa0
[ 1071.230893][    C1]  ? clear_bhb_loop+0x15/0x70
[ 1071.235584][    C1]  ? clear_bhb_loop+0x15/0x70
[ 1071.240262][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1071.246164][    C1] RIP: 0033:0x7f3d6278e929
[ 1071.250676][    C1] Code: Unable to access opcode bytes at 0x7f3d6278e8ff.
[ 1071.257695][    C1] RSP: 002b:00007ffe1331aa88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 1071.266401][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3d6278e929
[ 1071.274598][    C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 1071.282684][    C1] RBP: 00007ffe1331aaec R08: 000000051331ab7f R09: 00000000000927c0
[ 1071.290761][    C1] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000514
[ 1071.298860][    C1] R13: 00000000000927c0 R14: 00000000000f36e9 R15: 00007ffe1331ab40
[ 1071.306860][    C1]  </TASK>
[ 1071.310140][    C1] Modules linked in:
[ 1071.314040][    C1] ---[ end trace 0000000000000000 ]---
[ 1071.319715][    C1] RIP: 0010:__queue_work+0x575/0xd30
[ 1071.325008][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 f8 d2 28 00 4c 89 ff e8 70 c6 a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 dc 29 6d 00 49 8b 7d 00 e8 53 c2
[ 1071.344866][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[ 1071.350991][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88811543e540
[ 1071.359072][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 1071.367063][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[ 1071.375343][    C1] R10: ffffed1022dee139 R11: 1ffff11022dee139 R12: dffffc0000000000
[ 1071.383517][    C1] R13: 0000000000000000 R14: ffff888116f709c8 R15: 0000000000000008
[ 1071.391671][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1071.400688][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1071.407442][    C1] CR2: 000000110c28b2d6 CR3: 000000013d31c000 CR4: 00000000003526a0
[ 1071.415419][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1071.423943][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1071.432018][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 1071.439829][    C1] Kernel Offset: disabled
[ 1071.444325][    C1] Rebooting in 86400 seconds..