last executing test programs:

7.950557358s ago: executing program 4 (id=3286):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x56a, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0xf7, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xb}}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, &(0x7f0000000040)={0x2c, &(0x7f0000000100)={0x20, 0x0, 0x9, {0x9, 0x8, "820027210246b7"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x1, {[@main=@item_012={0x0, 0x0, 0x9}]}}, 0x0}, 0x0)

6.790305305s ago: executing program 1 (id=3298):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x9, 0x1, 0xb3d, 0x4000, 0xffffffffffffffff, 0xb, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x4, 0xb, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x75f, 0xc082)
r3 = memfd_create(&(0x7f0000000e00)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xf0\xbcf\xef\x9e\xfc\xef\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xb92S\x80\xfc\x18m?:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\f\xf9\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaa\x03\x00!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb1\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d<\x81\xa8\x14\xdc\xc5\v\x1d_\x89\xcf\x1d1\xb7\x90\xd9\xc4\xa4\x8a\xfe\xb7\xe2K\xc4\xf5\xd0\x9a-\x85\xe7\"\x05\x11\xc8\x8c\xee\xdd\xa3\x8ds0\xfc\xefF\xd6\x00\xaa\x1b\xae\xb8\xd0\xff\xe3\xb2\x87\xd8\xad5\xda\x13\x1f\x0fCKH9\xba\xbe\xea \x06s\x15O\xb1\x81\xfa\xcdp~\xc7\xe4p\xc0\x1a\xc7\xab\x19\x1cz\x8c+\x15*U\xe5&T\xcd+?\x04l\xd8\x83\xab\x04C\xc1\xaaSo\xd78\x9a]\x8d1\xf9 \xb8\xd2\x88vhe\x9ed,c\xfc\xcd\x7f\xb8hZ\xbd\xd7\\7\x03', 0x3)
pwritev(r3, &(0x7f0000000600)=[{&(0x7f0000000180)="10", 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3)
sendfile(r2, r2, 0x0, 0x24002de8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='consume_skb\x00', r4}, 0x10)
ioctl$LOOP_CLR_FD(r2, 0x4c01)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000180)={[{@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r5 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000500)=ANY=[@ANYBLOB="120100000200000825c1a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0000000000000000000006241a0000f00905810340000000000904010000020d00000904010102020d0000090582020002000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r5, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r5, 0x0, 0x0)
r6 = memfd_create(&(0x7f00000003c0)='/dev/vhost-vsock\x00\x1f\xb4\xe7\xf0v\xce\xa1-\x98\xb3\xea\xfadC[)\n\x96_\xf8\xf8\n\xddK\x1eE\x88pD\xf7I\x06\xf0\x8d\x97\x1bA\xe8\x8d!:\xec\x90i\xed\xa9\xdc\x9b9\xb4\xad\xed1\x19?\xbd\xb6\xd4_\x1f\b_\b\x00\x00\x00\x00\x00\x00\x03\xff\x19\xf0q-kB\xb1\xa7\xbc\x89\xae\xd1\x0e\x93M\x0f\xc6\x9e\xd4Ey\xb8\xec{\x867\x1d\x00\xd8\xd2rJ\xc2k\xce\xaf\x00\xb29/\xd6\xcb,\xbf\xa5\xfcAe.$\t`E\x971\x8d\xe1\x9e8\x94\x9a\xa6\xd3W\xa3/D\x93\x94\x8b5\x93\xa6K.\xce;\xad_\xf0\x89\x8az\x1d\xe1o\xeac\x16\"Ea\x95D\x9e\xefM\xfdt\xaevs%\xe2?\x1f\xf8W\xdf}\x02C\xb7\x01\x1f\x9b\xd6[z\xb8\xcc0\x9b\xc8G\x11N\x7f\xe7\xc1\x05\xb2\v\x06\xd7\xc4*\x00\x00\x00noZ\xedS\\\xd49\xea\x7f\x03', 0x1)
fremovexattr(r6, &(0x7f0000003fc0)=@known='security.selinux\x00')
syz_usb_control_io$cdc_ncm(r5, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r5, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, 0x0, 0x0)
tkill(r1, 0x23)

4.909169108s ago: executing program 4 (id=3305):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000000000000000617474722c616374697665c72c6191138918655f2c6f67733d342c9b756f74082c66b2d1c46f4b2a3d159dce99edb2a4ea6173670000000000dbb374615f666c7573682c70726a6a71756f74613d2d7b2c6a7166748dba745fe3616368652c66611d229b3547dadba6d8f9bfb74f705a8b2786d610d1f2335eb1dbbc87d1b7692ffe82e508d80bdcf88ebdd5523426b8a12703418316731cf8b17ccf39330769e5a4a505efbc7f3c5c2d958ffa4d22b0e082b7d907739b8adf1841440857364bd0ce880b4e382a53b6db010b536c4453c83641a4dbf3d147b6a4cced9500000000000000a9842380695333b8de7b86b28ca33d0553231dae70b0939ae315df79727bd626461089d02408b11aedcbf812b43ce60900"/297], 0x1, 0x54f9, &(0x7f000000ab40)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYogbSQBqiB3FJCBBEeB4WIRJE8thX0fZIZxoIfMwgO80YaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS3fVenFz9fu6bc5u306e2QAAAADnbKv1on4yS/2vzf3vza2fTb+IiDIizq3dR/HpJHPU5FSvvL56MYbbiDrh8BmT5voSEX+a6+FH198CAAAAXK7NcjVPq/X0MBt6QPQpFW3Kb38z5RURUc3uM6WVh7xfmcLq3/c4/mdKqwtY00xhqeQ2zpX2LvXf/Vi1mz5ritSUb78/29wBAIAejU6aflchAAAA9Onf0ANgGEU8bWUetwInqWm29z6f9AAAAIAPqBh6AAAAAEDn6vW/8/8AAADgsqXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjStlovNsvVvG3Obt9OntkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFzP69xVHEAwN/M7GxtVVyj7CEiCh70Yrfb2tqbeFCCB/8EIaTbGrv1R5uDLUXIxZvknIvoUURQ4i3/Q84J5BJvOewhgmdlZmeSyQ9w/dGZTfL5wJv33WGY932zEPKd9xIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNLo3YM4yQ6dcRwX5zb3Hi9k/daRPrO+sj2btSyO6kz6dHi5+iHqNpcIAAAA50dS1vchhJ10bS7r405e/6flNVnN/92z47is54/W/WVf1v5Z+/WX3Rf3B+qMx8luentxOLhyPJXWk5vldHvub69o5U8+f/eS5F9I/MHyC6M0f57RNxsb77Xz8EId2QIA/8blsi+C8vehrO83mRgA50arUniX9X/SaTYnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDqMlsPTZRyFEGZbB3Fma+/xwkn9+sr2bNlurK6uVO+Z3SINIdxeHA6u1DiXaffg4aO788Ph4H79wSshhKZGf6eY/t2PJrg4hEaej+B/CuLiy56WfE5H0OAPJQAAzqS0aFldv5OuzWXnopkQ/vz+cP3/eiUOE9b/ux/f2KyOVa3/+7XNcPr1lu593nvw8NGbi/fm7wzuDD5962r/7f61m9ev3+zl70p63pgAAADw37SLVq3/45nj6/+XKnGYsP7/4tv+V9WxEvX/iQ4W/ZrOBAAA4Hx7/tU/fo9OOB+12+HL+aWl+/3xcf/z1fGxgVT/sQtFq9b/yUzTWQEAAAB1GC1Hh9b/b1XiMOH6/zM/vPRT9Z5JCOFisf5/eeGz4a36pjPV6vhz4qbnCAAAQLMuFq26/p/m+//j/S0PcQjhjdfGcfFvACeq/5P3v/6xOlZ1//+1+qY4leLu+HnkfTeEVrfpjAAAADjLnipaVuz/lq7NffLzpQ/b9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2vAAAA//+END5e")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
inotify_init1(0x80000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000008000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r4}, 0x18)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x20000004, 0x1001, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x8)
syz_clone3(&(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000740)=[0xffffffffffffffff], 0x1}, 0x58)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}})
syz_io_uring_setup(0x46a8, &(0x7f0000000000)={0x0, 0x0, 0x4}, &(0x7f0000000100), &(0x7f0000000140))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0xdc000007, 0x0}, 0x0, 0x8, &(0x7f0000000040))
unshare(0x22020400)
unshare(0x2c060000)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f00000002c0)=@file={0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)

4.003680861s ago: executing program 4 (id=3307):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000480)={0x0, 0x22, 0xa, {[@main=@item_4={0x3, 0x0, 0xc, "f81d36c1"}, @local=@item_4={0x3, 0x2, 0x7}]}}, 0x0}, 0x0)

3.5778548s ago: executing program 1 (id=3311):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
write$selinux_user(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='system_u:object_r:kmsg_device_t:s0 u'], 0x2a)

3.434447683s ago: executing program 1 (id=3315):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x8, &(0x7f00000000c0)={[{@shortname_win95}, {@shortname_win95}, {@fat=@fmask={'fmask', 0x3d, 0xe0}}, {@fat=@codepage={'codepage', 0x3d, '852'}}, {@numtail}, {@uni_xlate}, {@shortname_win95}, {@fat=@nfs}, {@uni_xlate}, {@fat=@discard}]}, 0x1, 0x223, &(0x7f0000000280)="$eJzs3TFrE2EYB/CnttVSkHQQiiJ44uIU2op7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECLtxcbWi43U5Ir9/ZY+9H3/d897CQkXyJs7p+tLC8uNxfX1tRgbG4qRUpRiYygm4kgMR+pJZNgaLGWNAAAH3EarFd9aqbx7AQAGo+v7f+ZNPwDwP+jx/v/6AFsCAPrM5/8AcPjcvHX76my5PHcjScYi6k+blWYl/ZuOzy7G/ahFNaaiEN8jWtvS+vKV8txUsunzRFTqq+38arMyvDM/HYWYyM5PJ6md+dEYb+c/jEc1ZqIQJ7LzM5n5o3H+3C/nL0Yh3t+N5ajFQmxmO/mV6SS5dK28K39sax4AAAAAAAAAAAAAAAAAAAAAAPRDMdmWuX9PsdhtPM33vj/Q7v15RuLUSL5rBwAAAAAAAAAAAAAAAAAAgIOi8ejx0nytVn34p+LBuxdv9prTYzHUPu9+j7P/4vjZT8+6zRn+u+vzb4vXZ/K8LD0Wb9funbzQmLyYWxujEfH7f7o+tb4WIvrUz8tcH4ufq95z8uTz0vyrlY9fej3ywF+KAAAAAAAAAAAAAAAAAADg0Ot86TfvTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP53f/+9fkfcaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgRwAAAP//st+ejg==")
syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), 0xffffffffffffffff)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_aout(r0, &(0x7f00000006c0)=ANY=[], 0x20)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x10012, r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

3.378435139s ago: executing program 1 (id=3318):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x1, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000000000081000040"])

3.211722404s ago: executing program 0 (id=3321):
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x14}, 0x14}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), r0)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000340), 0xc, &(0x7f0000000540)={&(0x7f0000000a00)={0x80, 0x0, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x6c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8}, @TIPC_NLA_NODE_REKEYING={0x8}, @TIPC_NLA_NODE_ID={0x49, 0x3, "21943526416b53b0f293a420b0a9394ff01634cb2c287bc55b1213b394944336119a739711cdcbbb8f24f8b3eb8d39ef40cc88b50f6a4a70bec1128c936bce8746e8719a09"}, @TIPC_NLA_NODE_REKEYING={0x8}]}]}, 0x80}}, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

3.208081605s ago: executing program 1 (id=3322):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f00000004c0)={0x81, 0x0, 0x3})
ioctl$KVM_SET_IRQCHIP(r1, 0x4020aea5, &(0x7f0000000280)={0x0, 0xff00, @ioapic})

3.145588s ago: executing program 1 (id=3323):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x64, 0x2, 0x1, 0x0, 0x10, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x7}, {0x6, 0x24, 0x1a, 0x3}, [@mbim_extended={0x8, 0x24, 0x1c, 0x0, 0x4, 0xdafb}]}, {{0x9, 0x5, 0x81, 0x3, 0x40}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x0, 0x4}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x24, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

3.115620033s ago: executing program 0 (id=3324):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
connect$unix(r0, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)

3.084843416s ago: executing program 0 (id=3325):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000600000000000000008500000007000000c5000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000001c00070c000000000000000007000000", @ANYRES32=r2, @ANYBLOB="020016d50a000200aaaaaaaaaabb00000c000e"], 0x34}}, 0x0)

3.084352766s ago: executing program 0 (id=3326):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b"])

3.064775928s ago: executing program 0 (id=3327):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe5, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000206104724e000000000001090224000100000000090400000103000200092100000001220500090581"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000010000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000500)={0x2c, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)

1.921821083s ago: executing program 4 (id=3328):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0)
memfd_create(&(0x7f0000000080)=']F\x00', 0x4)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r2 = dup(r0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

1.862365149s ago: executing program 4 (id=3329):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)

1.861914628s ago: executing program 4 (id=3330):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000009c0)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00220f00000003a840"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r1, 0x400c4808, &(0x7f0000000000)={0x3, 0xffffffff, 0xffff})

1.287863791s ago: executing program 2 (id=3339):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae091f75cd9701ffa62891f686bfbb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003875c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9e"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='gretap0\x00', 0x10)
r2 = dup(r0)
sendto$packet(r2, 0x0, 0x2, 0x0, 0x0, 0x0)

1.283186261s ago: executing program 3 (id=3340):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xff4d, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syslog(0x2, &(0x7f0000001940)=""/94, 0x5e)

1.256186264s ago: executing program 2 (id=3341):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x4, 0x0, 0x0)

1.255596814s ago: executing program 2 (id=3342):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r1}, 0x10)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

1.197678529s ago: executing program 2 (id=3343):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x3, @empty}, 0x1c)
syz_emit_ethernet(0x47, &(0x7f00000002c0)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x11, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0xe22, 0x11, 0x0, @opaque="a2696f86455958eecf"}}}}}}, 0x0)

1.196727339s ago: executing program 2 (id=3344):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x11d, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
getpid()
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000100)='./file1\x00', 0x101880a, &(0x7f0000000640)=ANY=[@ANYBLOB="6a71666d743d7666736f6c642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c6673796e635f6d6f64653d7374726963742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c616c6c6f635f6d6f64653d64656661756c742c657874656e745f63616368652c636f6d70726573735f63686b73756d2c00b2da307445fc488576738ba410ac1c9a87da19d1cc651efd805323f81a90a8406c6dd7f408149424deb0d904cf45e22dafdee453ba2138adbdcefdf526f7bbfad9092cbe1a715c8d3f32fa074e042433009d6c85349a23169e841ea2aed39364ab614997351b"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r5, 0x0, 0x0, 0x20000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1808000000000000000000020000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffe2b)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB="00cf140000000000000000000000000000000000000058df82bcf87e197dab604adb34efc8aa1b21d36e23bb0fb6eb5dd130f005e3f86775210d387f4612bf4fe01c8179f613b155ccfed5ce195aed08b7e317f32d04f5091c610f102b9f1566a836c3f8130420bd2aaed15eaa4c07de77241804f461b031f0c05da68b6081a97cb738786a13f84e91b07ebd66d7c6d008e7b27e80a417227d082d9b09df86613e01bab42e74ed0129ad9f5714e93ffccb60dcbc0f3f6752d79afb7716be4226a0bff03e505dff6fe3eca3eea32df69980d39fc31977aaa7b8d639139e07fdb634f64372d25d2da6856debac20f674dbb83510528e05fbd5536113180168aca11429acdd87da6adefe5a470e7eb2a60dfcb1ecb16ce1e34e661cbdc0fac952bbe641d7cc94fd580ba48928fa7abcf7d58641671c07b0c77de6d8", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.163188162s ago: executing program 3 (id=3345):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000900), 0x3, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000005c0)={r2, r0}, 0xc)

1.144966324s ago: executing program 3 (id=3346):
setfsuid(0xee00)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r2, 0x0, 0x0, 0x0)

1.117043137s ago: executing program 3 (id=3347):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)

1.058071402s ago: executing program 3 (id=3348):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x11d, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
getpid()
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000100)='./file1\x00', 0x101880a, &(0x7f0000000640)=ANY=[@ANYBLOB="6a71666d743d7666736f6c642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c6673796e635f6d6f64653d7374726963742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c616c6c6f635f6d6f64653d64656661756c742c657874656e745f63616368652c636f6d70726573735f63686b73756d2c00b2da307445fc488576738ba410ac1c9a87da19d1cc651efd805323f81a90a8406c6dd7f408149424deb0d904cf45e22dafdee453ba2138adbdcefdf526f7bbfad9092cbe1a715c8d3f32fa074e042433009d6c85349a23169e841ea2aed39364ab614997351b"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r5, 0x0, 0x0, 0x20000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1808000000000000000000020000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffe2b)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB="00cf140000000000000000000000000000000000000058df82bcf87e197dab604adb34efc8aa1b21d36e23bb0fb6eb5dd130f005e3f86775210d387f4612bf4fe01c8179f613b155ccfed5ce195aed08b7e317f32d04f5091c610f102b9f1566a836c3f8130420bd2aaed15eaa4c07de77241804f461b031f0c05da68b6081a97cb738786a13f84e91b07ebd66d7c6d008e7b27e80a417227d082d9b09df86613e01bab42e74ed0129ad9f5714e93ffccb60dcbc0f3f6752d79afb7716be4226a0bff03e505dff6fe3eca3eea32df69980d39fc31977aaa7b8d639139e07fdb634f64372d25d2da6856debac20f674dbb83510528e05fbd5536113180168aca11429acdd87da6adefe5a470e7eb2a60dfcb1ecb16ce1e34e661cbdc0fac952bbe641d7cc94fd580ba48928fa7abcf7d58641671c07b0c77d", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

106.097329ms ago: executing program 2 (id=3349):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x1f, &(0x7f00000005c0)={@broadcast, @dev, @void, {@llc_tr={0x11, {@snap={0xaa, 0x0, 'o', "cf11dd", 0x0, "f581116bd4a13b49e8"}}}}}, 0x0)

78.586242ms ago: executing program 3 (id=3350):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c710016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa73d897e3896d863081b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbd744e517e65ddab19e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f200004304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188541c300f5c1bf56705ba12d198e897186b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710f7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47cbb0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9ea410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be0a33c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06a6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c6062368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c5bed4b0d73dffb17a88aaad5921aee7dae6a2f3009d9cb434898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a64d903b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e7ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000006a728258ca3d846a000e80d5f43109a48ddc54cec5d7f78c80e010ed02ffc0846577cafcd9e0ad83149bfb08ba7b5b431311041deb5e5d65610ad6e8d6ed55e900071b4d37d9fadb17a0407e7251866b63faccfe936980f59ceaa9d6b6863024b482023799a4f30a225b560f320e89ed44130e78f8cf000ac3c743b08d4256f282fc36162ac4b59527a3b67560313914ff6ac4ac43cd0e79d6372da631de3fde6c29de3b43d3046df23019ecadd57f175a2443928b1bcb9be16f54936796c3b928dc07c70771622cef2fafeb239a3ca4"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r1, &(0x7f0000000240)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000040)=""/2, 0x2}}, 0x120)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}, {0x0, 0x4}], 0x2)
write$UHID_DESTROY(r1, &(0x7f0000000200), 0x4)

0s ago: executing program 0 (id=3351):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000001500)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x3)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

[  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  479.673962][ T9801] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #4: comm syz.4.2756: blocks 32-33 from inode overlap system zone
[  479.682712][  T329] kovaplus: probe of 0003:1E7D:2D50.0036 failed with error -22
[  479.688193][ T9801] EXT4-fs (loop4): failed to initialize system zone (-117)
[  479.695656][  T430] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.702714][ T9801] EXT4-fs (loop4): mount failed
[  479.714447][  T430] bridge0: port 2(bridge_slave_1) entered disabled state
[  479.751275][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  479.759336][  T430] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.766193][  T430] bridge0: port 1(bridge_slave_0) entered forwarding state
[  479.774426][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  479.782442][  T430] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.789298][  T430] bridge0: port 2(bridge_slave_1) entered forwarding state
[  479.796691][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  479.804615][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  479.822902][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  479.856989][ T9788] device veth0_vlan entered promiscuous mode
[  479.868081][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  479.881709][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  479.881722][   T30] audit: type=1404 audit(1728374642.349:999): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  479.904259][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  479.919140][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  479.944872][ T9788] device veth1_macvtap entered promiscuous mode
[  479.951024][   T30] audit: type=1404 audit(1728374642.389:1000): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  479.969184][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  480.009616][  T329] usb 4-1: USB disconnect, device number 49
[  480.036383][   T30] audit: type=1400 audit(1728374642.399:1001): avc:  denied  { read write } for  pid=9734 comm="syz-executor" name="loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  480.061553][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  480.070283][   T30] audit: type=1400 audit(1728374642.399:1002): avc:  denied  { open } for  pid=9734 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  480.070800][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  480.106539][   T30] audit: type=1400 audit(1728374642.399:1003): avc:  denied  { ioctl } for  pid=9734 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  480.132294][   T30] audit: type=1400 audit(1728374642.409:1004): avc:  denied  { create } for  pid=9812 comm="syz.4.2761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  480.153060][   T30] audit: type=1400 audit(1728374642.419:1005): avc:  denied  { module_request } for  pid=9788 comm="syz-executor" kmod="netdev-macvtap0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  480.176596][   T30] audit: type=1400 audit(1728374642.419:1006): avc:  denied  { create } for  pid=9812 comm="syz.4.2761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  480.224381][ T9819] Illegal XDP return value 3470344420, expect packet loss!
[  480.231510][ T9815] loop4: detected capacity change from 0 to 2048
[  480.237640][   T30] audit: type=1400 audit(1728374642.419:1007): avc:  denied  { execmem } for  pid=9812 comm="syz.4.2761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  480.256857][   T30] audit: type=1400 audit(1728374642.629:1008): avc:  denied  { map_create } for  pid=9812 comm="syz.4.2761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  480.361543][ T9815] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  480.658600][ T9843] loop2: detected capacity change from 0 to 256
[  480.659845][ T9844] loop3: detected capacity change from 0 to 512
[  480.696938][ T9844] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  480.701918][ T9849] loop1: detected capacity change from 0 to 512
[  480.707829][ T9844] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038 (0x7fffffff)
[  480.730572][ T9844] EXT4-fs error (device loop3): ext4_do_update_inode:5202: inode #2: comm syz.3.2772: corrupted inode contents
[  480.751620][ T9849] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  480.754975][ T9844] EXT4-fs error (device loop3): ext4_dirty_inode:6035: inode #2: comm syz.3.2772: mark_inode_dirty error
[  480.777484][ T9844] EXT4-fs error (device loop3): ext4_do_update_inode:5202: inode #2: comm syz.3.2772: corrupted inode contents
[  480.790702][  T430] device vlan2 left promiscuous mode
[  480.797300][  T430] bridge0: port 3(vlan2) entered disabled state
[  480.807315][ T9849] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.2773: casefold flag without casefold feature
[  480.826708][  T430] device bridge_slave_1 left promiscuous mode
[  480.832646][  T430] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.857284][ T9844] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz.3.2772: mark_inode_dirty error
[  480.861125][  T430] device bridge_slave_0 left promiscuous mode
[  480.868620][ T9849] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.2773: missing EA_INODE flag
[  480.885832][  T430] bridge0: port 1(bridge_slave_0) entered disabled state
[  480.886009][ T9849] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2773: error while reading EA inode 12 err=-117
[  480.905549][  T430] device veth1_macvtap left promiscuous mode
[  480.907784][ T9849] EXT4-fs (loop1): 1 orphan inode deleted
[  480.911409][  T430] device veth0_vlan left promiscuous mode
[  480.918542][ T9849] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  480.954916][ T9849] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2773: Directory hole found for htree leaf block 0
[  480.968350][ T9849] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2773: Directory hole found for htree leaf block 0
[  480.991334][ T9861] loop2: detected capacity change from 0 to 128
[  481.051899][ T9871] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2773: Directory hole found for htree leaf block 0
[  481.066661][ T9871] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2773: Directory hole found for htree leaf block 0
[  481.080134][ T9871] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2773: Directory hole found for htree leaf block 0
[  481.080265][ T9861] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  481.104120][ T9871] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2773: Directory hole found for htree leaf block 0
[  481.121248][ T9871] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2773: Directory hole found for htree leaf block 0
[  481.154311][ T9861] ext4 filesystem being mounted at /8/mnt supports timestamps until 2038 (0x7fffffff)
[  481.420769][ T9900] loop3: detected capacity change from 0 to 8192
[  481.448830][ T9900] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  481.469738][ T9900] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  481.478296][ T9900] FAT-fs (loop3): Filesystem has been set read-only
[  481.530774][ T9914] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  481.593264][  T636] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  481.679852][ T9932] loop3: detected capacity change from 0 to 2048
[  481.714019][ T9932] Alternate GPT is invalid, using primary GPT.
[  481.720062][ T9932]  loop3: p1 p2 p3
[  481.813824][ T9942] loop3: detected capacity change from 0 to 512
[  481.821351][ T1510] udevd[1510]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  481.821497][ T4962] udevd[4962]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  481.831718][ T9942] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  481.852690][  T636] usb 5-1: Using ep0 maxpacket: 8
[  481.860383][  T528] udevd[528]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  481.873417][ T9942] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.2810: casefold flag without casefold feature
[  481.886085][ T9942] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.2810: missing EA_INODE flag
[  481.898213][ T9942] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2810: error while reading EA inode 12 err=-117
[  481.916197][ T9942] EXT4-fs (loop3): 1 orphan inode deleted
[  481.921823][ T9942] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  481.954718][ T9942] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2810: Directory hole found for htree leaf block 0
[  481.968272][ T9942] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2810: Directory hole found for htree leaf block 0
[  481.982803][  T636] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  481.991762][ T9952] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2815'.
[  482.002286][  T636] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  482.012421][  T636] usb 5-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  482.021502][  T636] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.030325][  T636] usb 5-1: config 0 descriptor??
[  482.032713][  T329] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  482.044091][ T9955] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2810: Directory hole found for htree leaf block 0
[  482.058856][ T9955] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2810: Directory hole found for htree leaf block 0
[  482.072184][ T9955] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2810: Directory hole found for htree leaf block 0
[  482.087160][ T9955] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2810: Directory hole found for htree leaf block 0
[  482.100442][ T9955] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2810: Directory hole found for htree leaf block 0
[  482.332504][ T9959] loop2: detected capacity change from 0 to 40427
[  482.394830][ T9959] F2FS-fs (loop2): invalid crc value
[  482.401521][ T9959] F2FS-fs (loop2): Found nat_bits in checkpoint
[  482.512934][  T329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  482.529433][  T329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  482.541076][  T329] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  482.554917][  T329] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  482.569888][  T329] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.574072][  T636] hid-picolcd 0003:04D8:F002.0037: unknown main item tag 0x0
[  482.579149][ T9959] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  482.588419][  T636] hid-picolcd 0003:04D8:F002.0037: item fetching failed at offset 5/7
[  482.595273][  T329] usb 2-1: config 0 descriptor??
[  482.600902][  T636] hid-picolcd 0003:04D8:F002.0037: device report parse failed
[  482.612721][  T636] hid-picolcd: probe of 0003:04D8:F002.0037 failed with error -22
[  483.014200][ T9971] loop3: detected capacity change from 0 to 2048
[  483.159865][ T9974] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  483.186627][ T9971] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  483.213648][   T60] usb 5-1: USB disconnect, device number 46
[  483.363835][  T329] plantronics 0003:047F:FFFF.0038: No inputs registered, leaving
[  483.374861][  T329] plantronics 0003:047F:FFFF.0038: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  483.634005][  T524] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  483.634428][  T636] usb 2-1: USB disconnect, device number 43
[  483.652773][T10003] device bridge0 entered promiscuous mode
[  483.684959][T10009] loop3: detected capacity change from 0 to 256
[  483.696289][T10009] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  483.712475][T10009] exFAT-fs (loop3): error, failed to bmap (inode : ffff88812b04a350 iblock : 0, err : -5)
[  483.722245][T10009] exFAT-fs (loop3): Filesystem has been set read-only
[  483.879670][  T524] usb 3-1: Using ep0 maxpacket: 16
[  484.008765][T10034] loop3: detected capacity change from 0 to 2048
[  484.033948][  T397] tipc: Subscription rejected, illegal request
[  484.042922][  T524] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  484.055553][  T524] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  484.065274][  T524] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  484.075836][  T524] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.076860][T10034] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  484.099209][  T524] usb 3-1: config 0 descriptor??
[  484.432803][  T636] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  484.573760][  T524] hid-multitouch 0003:1FD2:6007.0039: unknown main item tag 0x0
[  484.581301][  T524] hid-multitouch 0003:1FD2:6007.0039: unknown main item tag 0x0
[  484.588805][  T524] hid-multitouch 0003:1FD2:6007.0039: unknown main item tag 0x0
[  484.596468][  T524] hid-multitouch 0003:1FD2:6007.0039: unknown main item tag 0x0
[  484.603953][  T524] hid-multitouch 0003:1FD2:6007.0039: unknown main item tag 0x0
[  484.612015][  T524] hid-multitouch 0003:1FD2:6007.0039: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0
[  484.673480][  T636] usb 2-1: Using ep0 maxpacket: 16
[  484.777144][  T524] usb 3-1: USB disconnect, device number 30
[  484.792877][  T636] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  484.805373][  T636] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  484.815318][  T636] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  484.828189][  T636] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  484.837422][  T636] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.862794][T10050] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  484.884527][  T636] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[  484.969483][T10062] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  485.038470][T10060] loop3: detected capacity change from 0 to 40427
[  485.054817][   T30] kauditd_printk_skb: 146 callbacks suppressed
[  485.054832][   T30] audit: type=1400 audit(1728374647.529:1155): avc:  denied  { audit_write } for  pid=10067 comm="syz.4.2860" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  485.087044][   T30] audit: type=1107 audit(1728374647.529:1156): pid=10067 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  485.087797][T10060] F2FS-fs (loop3): Found nat_bits in checkpoint
[  485.101092][  T636] cdc_acm 2-1:1.0: ttyACM0: USB ACM device
[  485.121971][  T636] usb 2-1: USB disconnect, device number 44
[  485.161563][T10060] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  485.254588][T10072] loop4: detected capacity change from 0 to 40427
[  485.428837][T10072] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  485.517912][T10072] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  485.520558][   T30] audit: type=1400 audit(1728374647.989:1157): avc:  denied  { execute_no_trans } for  pid=10076 comm="syz.2.2862" path="/13/file0" dev="tmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  485.550121][T10072] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  485.564897][   T30] audit: type=1326 audit(1728374648.039:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.2.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  485.589788][   T30] audit: type=1326 audit(1728374648.039:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.2.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  485.613964][   T30] audit: type=1326 audit(1728374648.039:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.2.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  485.616728][T10072] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  485.643783][   T30] audit: type=1326 audit(1728374648.079:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.2.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  485.667578][T10072] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  485.681509][T10072] handle_bad_sector: 19 callbacks suppressed
[  485.681521][T10072] attempt to access beyond end of device
[  485.681521][T10072] loop4: rw=2049, want=53256, limit=40427
[  485.698766][T10072] attempt to access beyond end of device
[  485.698766][T10072] loop4: rw=2049, want=53264, limit=40427
[  485.710247][T10072] attempt to access beyond end of device
[  485.710247][T10072] loop4: rw=0, want=53264, limit=40427
[  485.724704][ T9734] attempt to access beyond end of device
[  485.724704][ T9734] loop4: rw=2049, want=45104, limit=40427
[  485.765450][ T8585] attempt to access beyond end of device
[  485.765450][ T8585] loop3: rw=2049, want=45104, limit=40427
[  485.854755][T10093] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2869'.
[  485.882933][T10097] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  485.900724][T10099] loop3: detected capacity change from 0 to 512
[  485.917315][T10103] loop1: detected capacity change from 0 to 512
[  485.934845][T10099] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #16: comm syz.3.2866: iget: bad extended attribute block 128
[  485.947701][T10099] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2866: couldn't read orphan inode 16 (err -117)
[  485.961536][T10103] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  485.963439][T10099] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  485.982228][T10099] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038 (0x7fffffff)
[  485.993164][T10103] EXT4-fs (loop1): 1 truncate cleaned up
[  485.998693][T10103] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  486.019717][T10099] EXT4-fs error (device loop3): ext4_lookup:1856: inode #16: comm syz.3.2866: iget: bad extended attribute block 128
[  486.050680][T10115] loop1: detected capacity change from 0 to 512
[  486.068954][   T30] audit: type=1400 audit(1728374648.539:1162): avc:  denied  { read } for  pid=10117 comm="syz.4.2878" name="usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  486.092898][   T30] audit: type=1400 audit(1728374648.539:1163): avc:  denied  { open } for  pid=10117 comm="syz.4.2878" path="/dev/usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  486.122017][   T30] audit: type=1400 audit(1728374648.539:1164): avc:  denied  { ioctl } for  pid=10117 comm="syz.4.2878" path="/dev/usbmon0" dev="devtmpfs" ino=135 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  486.129496][T10116] devtmpfs: Unknown parameter 'di¤ËÊ'
[  486.170224][T10115] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  486.185048][T10115] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038 (0x7fffffff)
[  486.206411][T10115] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2876: Directory hole found for htree leaf block 0
[  486.221260][T10115] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz.1.2876: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  486.243331][T10115] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 12: comm syz.1.2876: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  486.277288][T10115] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 13: comm syz.1.2876: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  486.298577][T10115] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 14: comm syz.1.2876: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  486.319074][T10115] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 15: comm syz.1.2876: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  486.339318][T10115] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 16: comm syz.1.2876: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  486.361322][T10115] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 17: comm syz.1.2876: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  486.382471][T10115] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #2: block 18: comm syz.1.2876: lblock 23 mapped to illegal pblock 18 (length 1)
[  486.412327][T10132] loop2: detected capacity change from 0 to 2048
[  486.422130][T10115] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 19: comm syz.1.2876: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  486.442641][ T7478] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  486.523223][T10132] EXT4-fs (loop2): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  486.881951][T10158] loop1: detected capacity change from 0 to 512
[  486.906450][T10158] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  486.917761][T10158] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038 (0x7fffffff)
[  486.943913][T10158] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2893: Directory hole found for htree leaf block 0
[  487.053220][T10162] loop3: detected capacity change from 0 to 40427
[  487.077416][T10162] F2FS-fs (loop3): invalid crc value
[  487.102830][ T7478] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  487.114057][T10162] F2FS-fs (loop3): Found nat_bits in checkpoint
[  487.122275][T10177] loop2: detected capacity change from 0 to 512
[  487.128809][ T7478] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  487.148971][ T7478] usb 5-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  487.158640][ T7478] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.161873][T10162] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  487.171175][T10182] loop1: detected capacity change from 0 to 512
[  487.180569][ T7478] usb 5-1: config 0 descriptor??
[  487.193430][T10177] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  487.213151][T10177] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.2900: casefold flag without casefold feature
[  487.228731][T10177] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.2900: missing EA_INODE flag
[  487.240359][T10182] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  487.240425][T10177] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2900: error while reading EA inode 12 err=-117
[  487.260221][T10182] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.2902: casefold flag without casefold feature
[  487.264925][T10177] EXT4-fs (loop2): 1 orphan inode deleted
[  487.277237][T10182] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.2902: missing EA_INODE flag
[  488.032960][T10177] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  488.063859][T10182] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2902: error while reading EA inode 12 err=-117
[  488.083304][T10182] EXT4-fs (loop1): 1 orphan inode deleted
[  488.092240][T10177] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2900: Directory hole found for htree leaf block 0
[  488.105032][T10182] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  488.135545][T10177] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2900: Directory hole found for htree leaf block 0
[  488.166738][ T8585] attempt to access beyond end of device
[  488.166738][ T8585] loop3: rw=2049, want=45104, limit=40427
[  488.169817][T10182] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2902: Directory hole found for htree leaf block 0
[  488.200665][T10191] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2900: Directory hole found for htree leaf block 0
[  488.213526][T10182] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2902: Directory hole found for htree leaf block 0
[  488.245805][T10191] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2900: Directory hole found for htree leaf block 0
[  488.260663][T10191] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2900: Directory hole found for htree leaf block 0
[  488.275088][ T7478] hid-led 0003:1D34:000A.003A: unknown main item tag 0x0
[  488.283461][T10191] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2900: Directory hole found for htree leaf block 0
[  488.296635][T10191] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2900: Directory hole found for htree leaf block 0
[  488.309613][T10182] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2902: Directory hole found for htree leaf block 0
[  488.344086][T10182] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2902: Directory hole found for htree leaf block 0
[  488.368461][T10194] loop3: detected capacity change from 0 to 1024
[  488.401847][T10182] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2902: Directory hole found for htree leaf block 0
[  488.415183][T10182] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2902: Directory hole found for htree leaf block 0
[  488.428764][T10182] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2902: Directory hole found for htree leaf block 0
[  488.443905][T10194] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  488.454447][T10194] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038 (0x7fffffff)
[  488.757762][ T7478] hid-led 0003:1D34:000A.003A: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.4-1/input0
[  488.767916][T10200] loop2: detected capacity change from 0 to 2048
[  488.769865][ T7478] hid-led 0003:1D34:000A.003A: Dream Cheeky Webmail Notifier initialized
[  488.795503][ T7478] usb 5-1: USB disconnect, device number 47
[  488.871996][T10213] loop3: detected capacity change from 0 to 128
[  488.882212][T10200] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  488.892613][T10200] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038 (0x7fffffff)
[  488.993371][T10213] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  489.004705][T10213] ext4 filesystem being mounted at /156/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  489.050166][T10215] loop1: detected capacity change from 0 to 2048
[  489.061938][T10222] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2914'.
[  489.073923][T10222] bridge0: port 2(bridge_slave_1) entered disabled state
[  489.082630][T10224] loop2: detected capacity change from 0 to 1024
[  489.114538][T10215] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  489.150173][T10239] loop2: detected capacity change from 0 to 512
[  489.158961][T10239] EXT4-fs (loop2): Ignoring removed oldalloc option
[  489.166909][T10239] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  489.174807][T10239] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  489.201582][T10239] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[  489.226265][T10239] System zones: 1-12
[  489.255476][T10239] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.2920: corrupted in-inode xattr
[  489.267497][T10239] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2920: couldn't read orphan inode 15 (err -117)
[  489.279591][T10239] EXT4-fs (loop2): mounted filesystem without journal. Opts: oldalloc,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,norecovery,debug,,errors=continue. Quota mode: none.
[  489.313259][T10246] loop3: detected capacity change from 0 to 2048
[  489.343041][T10250] loop4: detected capacity change from 0 to 256
[  489.356406][T10250] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  489.390400][T10246] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  489.524438][T10265] loop3: detected capacity change from 0 to 512
[  489.614512][T10265] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  489.630371][T10265] ext4 filesystem being mounted at /164/bus supports timestamps until 2038 (0x7fffffff)
[  489.707867][T10273] input: syz1 as /devices/virtual/input/input45
[  489.841515][T10295] IPv6: NLM_F_CREATE should be specified when creating new route
[  489.849270][T10295] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  489.856286][T10295] IPv6: NLM_F_CREATE should be set when creating new route
[  489.863310][T10295] IPv6: NLM_F_CREATE should be set when creating new route
[  489.975693][T10306] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2948'.
[  490.082717][  T329] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  490.182730][  T293] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  490.317635][   T30] kauditd_printk_skb: 68 callbacks suppressed
[  490.317650][   T30] audit: type=1326 audit(1728374652.789:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10321 comm="syz.4.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fab049ff9 code=0x7ffc0000
[  490.347076][   T30] audit: type=1326 audit(1728374652.799:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10321 comm="syz.4.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fab049ff9 code=0x7ffc0000
[  490.370890][   T30] audit: type=1326 audit(1728374652.799:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10321 comm="syz.4.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f9fab049ff9 code=0x7ffc0000
[  490.394345][   T30] audit: type=1326 audit(1728374652.799:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10321 comm="syz.4.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fab049ff9 code=0x7ffc0000
[  490.395696][  T329] usb 4-1: Using ep0 maxpacket: 32
[  490.435075][T10325] loop2: detected capacity change from 0 to 2048
[  490.493939][T10325] EXT4-fs (loop2): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  490.532778][  T329] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  490.542746][  T293] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  490.543500][  T329] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  490.554237][  T293] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  490.564084][  T329] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  490.573296][  T293] usb 2-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  490.586068][  T329] usb 4-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00
[  490.594717][  T293] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  490.603763][  T329] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  490.612013][  T293] usb 2-1: config 0 descriptor??
[  490.625161][  T329] usb 4-1: config 0 descriptor??
[  490.762707][  T715] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  491.093821][  T329] itetech 0003:048D:8595.003B: unknown main item tag 0x0
[  491.100804][  T329] itetech 0003:048D:8595.003B: unknown main item tag 0x0
[  491.105496][  T293] samsung 0003:0419:0600.003C: unknown main item tag 0x0
[  491.107932][  T329] itetech 0003:048D:8595.003B: unknown main item tag 0x0
[  491.121517][  T329] itetech 0003:048D:8595.003B: unknown main item tag 0x0
[  491.128611][  T329] itetech 0003:048D:8595.003B: unknown main item tag 0x0
[  491.128904][  T293] samsung 0003:0419:0600.003C: unknown main item tag 0x0
[  491.136012][  T715] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  491.154107][  T329] itetech 0003:048D:8595.003B: hidraw0: USB HID v0.00 Device [HID 048d:8595] on usb-dummy_hcd.3-1/input0
[  491.165335][  T715] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  491.175530][  T715] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  491.180300][  T293] samsung 0003:0419:0600.003C: unknown main item tag 0x0
[  491.191423][  T715] usb 5-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  491.197223][  T293] samsung 0003:0419:0600.003C: unknown main item tag 0x0
[  491.210744][  T293] samsung 0003:0419:0600.003C: unknown main item tag 0x0
[  491.218025][  T715] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.228385][  T293] samsung 0003:0419:0600.003C: hidraw1: USB HID v0.00 Device [HID 0419:0600] on usb-dummy_hcd.1-1/input0
[  491.228740][  T715] usb 5-1: config 0 descriptor??
[  491.283707][   T30] audit: type=1400 audit(1728374653.759:1237): avc:  denied  { name_bind } for  pid=10337 comm="syz.2.2961" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  491.325898][   T30] audit: type=1326 audit(1728374653.799:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10339 comm="syz.2.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  491.363643][   T30] audit: type=1326 audit(1728374653.799:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10339 comm="syz.2.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  491.387390][   T30] audit: type=1326 audit(1728374653.799:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10339 comm="syz.2.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  491.410966][  T293] usb 2-1: USB disconnect, device number 45
[  491.417428][   T30] audit: type=1326 audit(1728374653.799:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10339 comm="syz.2.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  491.441978][   T30] audit: type=1326 audit(1728374653.799:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10339 comm="syz.2.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  491.465428][  T329] usb 4-1: USB disconnect, device number 50
[  491.682731][   T20] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  491.743455][  T715] gt683r_led 0003:1770:FF00.003D: item fetching failed at offset 1/5
[  491.751615][  T715] gt683r_led 0003:1770:FF00.003D: hid parsing failed
[  491.758147][  T715] gt683r_led: probe of 0003:1770:FF00.003D failed with error -22
[  491.924350][   T20] usb 3-1: Using ep0 maxpacket: 16
[  492.032892][  T293] usb 5-1: USB disconnect, device number 48
[  492.604554][T10344] loop1: detected capacity change from 0 to 40427
[  493.493537][   T20] usb 3-1: unable to read config index 0 descriptor/all
[  493.504602][   T20] usb 3-1: can't read configurations, error -71
[  493.523608][T10344] F2FS-fs (loop1): invalid crc value
[  493.529976][T10354] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22
[  493.533238][T10344] F2FS-fs (loop1): Found nat_bits in checkpoint
[  493.539682][T10354] SELinux: security_context_str_to_sid(staff_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  493.572990][T10344] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  493.895280][ T9271] attempt to access beyond end of device
[  493.895280][ T9271] loop1: rw=2049, want=45104, limit=40427
[  493.991013][T10375] loop2: detected capacity change from 0 to 128
[  494.024851][T10375] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  494.041592][T10375] ext4 filesystem being mounted at /32/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  494.083325][T10388] SELinux: failed to load policy
[  494.220741][T10399] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[  494.247831][T10399] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  494.281752][T10405] bridge0: port 2(bridge_slave_1) entered disabled state
[  494.288842][T10405] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.313828][T10405] bridge0: port 2(bridge_slave_1) entered forwarding state
[  494.332499][T10409] device batadv_slave_1 entered promiscuous mode
[  494.362337][T10406] device batadv_slave_1 left promiscuous mode
[  494.497011][T10424] loop3: detected capacity change from 0 to 2048
[  494.522957][T10424]  loop3: p3 < > p4 < >
[  494.533042][T10424] loop3: partition table partially beyond EOD, truncated
[  494.549918][T10424] loop3: p3 start 4284289 is beyond EOD, truncated
[  494.558865][T10413] loop2: detected capacity change from 0 to 128
[  494.636637][  T528] udevd[528]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  494.639878][T10413] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  494.712416][T10422] loop1: detected capacity change from 0 to 40427
[  494.937876][T10445] loop4: detected capacity change from 0 to 2048
[  495.091990][T10439] loop3: detected capacity change from 0 to 40427
[  495.100334][T10445] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  495.124284][T10439] F2FS-fs (loop3): invalid crc value
[  495.130233][T10422] F2FS-fs (loop1): Found nat_bits in checkpoint
[  495.153179][T10439] F2FS-fs (loop3): Found nat_bits in checkpoint
[  495.187102][T10422] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  495.209846][T10439] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  495.287586][ T8585] attempt to access beyond end of device
[  495.287586][ T8585] loop3: rw=2049, want=45104, limit=40427
[  495.590676][ T9271] attempt to access beyond end of device
[  495.590676][ T9271] loop1: rw=2049, want=45104, limit=40427
[  498.096151][T10502] loop4: detected capacity change from 0 to 512
[  498.113451][T10502] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  498.128093][T10502] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.3026: casefold flag without casefold feature
[  498.141361][T10502] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.3026: missing EA_INODE flag
[  498.153056][T10502] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.3026: error while reading EA inode 12 err=-117
[  498.165444][T10502] EXT4-fs (loop4): 1 orphan inode deleted
[  498.170986][T10502] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  498.208924][T10502] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3026: Directory hole found for htree leaf block 0
[  498.222360][T10502] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3026: Directory hole found for htree leaf block 0
[  498.282694][  T715] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  498.282875][ T7478] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  498.298541][T10517] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3026: Directory hole found for htree leaf block 0
[  498.312623][T10517] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3026: Directory hole found for htree leaf block 0
[  498.326081][T10517] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3026: Directory hole found for htree leaf block 0
[  498.339702][T10517] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3026: Directory hole found for htree leaf block 0
[  498.352597][  T329] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  498.360519][T10517] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3026: Directory hole found for htree leaf block 0
[  498.384737][   T30] kauditd_printk_skb: 49 callbacks suppressed
[  498.384750][   T30] audit: type=1400 audit(1728374660.859:1292): avc:  denied  { mounton } for  pid=10521 comm="syz.0.3034" path="/564/file0" dev="tmpfs" ino=3005 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  498.413606][   T30] audit: type=1400 audit(1728374660.859:1293): avc:  denied  { mounton } for  pid=10521 comm="syz.0.3034" path="/564/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  498.452260][   T30] audit: type=1400 audit(1728374660.919:1294): avc:  denied  { bind } for  pid=10526 comm="syz.0.3036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  498.472151][   T30] audit: type=1400 audit(1728374660.929:1295): avc:  denied  { listen } for  pid=10526 comm="syz.0.3036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  498.502134][   T30] audit: type=1326 audit(1728374660.969:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10528 comm="syz.0.3037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96017ff9 code=0x7ffc0000
[  498.525830][   T30] audit: type=1326 audit(1728374660.969:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10528 comm="syz.0.3037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96017ff9 code=0x7ffc0000
[  498.549207][  T715] usb 4-1: Using ep0 maxpacket: 8
[  498.555195][   T30] audit: type=1326 audit(1728374660.969:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10528 comm="syz.0.3037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f7b96017ff9 code=0x7ffc0000
[  498.578817][   T30] audit: type=1326 audit(1728374660.969:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10528 comm="syz.0.3037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96017ff9 code=0x7ffc0000
[  498.602620][   T30] audit: type=1326 audit(1728374660.969:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10528 comm="syz.0.3037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96017ff9 code=0x7ffc0000
[  498.653372][   T30] audit: type=1326 audit(1728374661.129:1301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10534 comm="syz.0.3040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96017ff9 code=0x7ffc0000
[  498.682850][  T715] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  498.694513][  T715] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  498.704155][  T715] usb 4-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  498.713419][  T715] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.724801][  T715] usb 4-1: config 0 descriptor??
[  498.742770][ T7478] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  498.753516][  T329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  498.753660][ T7478] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  498.777168][  T329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  498.777733][ T7478] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  498.795616][  T329] usb 2-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  498.795639][  T329] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.796224][  T329] usb 2-1: config 0 descriptor??
[  498.805113][ T7478] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.826262][ T7478] usb 3-1: config 0 descriptor??
[  498.882441][T10549] serio: Serial port ptm0
[  499.206131][T10562] loop4: detected capacity change from 0 to 2048
[  499.267557][  T715] hid-picolcd 0003:04D8:F002.003E: item fetching failed at offset 5/7
[  499.285933][T10562] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  499.298312][  T715] hid-picolcd 0003:04D8:F002.003E: device report parse failed
[  499.308115][  T329] elo 0003:04E7:0030.003F: item fetching failed at offset 5/7
[  499.313497][ T7478] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0
[  499.315463][  T715] hid-picolcd: probe of 0003:04D8:F002.003E failed with error -22
[  499.324453][ T7478] plantronics 0003:047F:FFFF.0040: No inputs registered, leaving
[  499.330607][  T329] elo 0003:04E7:0030.003F: parse failed
[  499.343331][  T329] elo: probe of 0003:04E7:0030.003F failed with error -22
[  499.345372][ T7478] plantronics 0003:047F:FFFF.0040: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  499.472550][ T7478] usb 4-1: USB disconnect, device number 51
[  499.525470][  T293] usb 2-1: USB disconnect, device number 46
[  499.622933][   T20] usb 3-1: USB disconnect, device number 33
[  499.953319][T10573] netem: change failed
[  499.979964][T10577] loop4: detected capacity change from 0 to 128
[  500.000918][T10581] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.009657][T10577] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none.
[  500.017282][T10581] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3059'.
[  500.023835][T10577] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038 (0x7fffffff)
[  500.054323][T10581] device bridge_slave_1 left promiscuous mode
[  500.060222][T10581] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.148357][T10599] loop4: detected capacity change from 0 to 16
[  500.156108][   T45] tipc: Subscription rejected, illegal request
[  500.186423][T10603] loop2: detected capacity change from 0 to 1024
[  500.197037][T10599] erofs: (device loop4): mounted with root inode @ nid 36.
[  500.217021][ T9734] erofs: (device loop4): erofs_fill_dentries: bogus dirent @ nid 46
[  500.227193][ T9734] erofs: (device loop4): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  500.235849][T10606] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  500.245824][ T9734] erofs: (device loop4): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  500.296140][T10603] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  500.339121][T10628] loop1: detected capacity change from 0 to 128
[  500.363959][T10630] netlink: 'syz.2.3081': attribute type 25 has an invalid length.
[  500.380750][T10630] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3081'.
[  500.538353][  T323] Bluetooth: hci0: Frame reassembly failed (-84)
[  500.548001][  T323] Bluetooth: hci0: Frame reassembly failed (-84)
[  500.622709][  T329] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  500.649120][T10640] loop2: detected capacity change from 0 to 2048
[  500.655696][T10638] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  500.666228][T10638] SELinux: failed to load policy
[  500.684095][T10640] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,norecovery,data_err=abort,noblock_validity,,errors=continue. Quota mode: writeback.
[  500.703438][T10640] EXT4-fs error (device loop2): ext4_find_extent:929: inode #2: comm syz.2.3085: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  500.775670][T10648] loop2: detected capacity change from 0 to 2048
[  500.813747][T10648] EXT4-fs (loop2): bad geometry: first data block 0 is beyond end of filesystem (0)
[  500.892759][  T329] usb 5-1: Using ep0 maxpacket: 8
[  500.902892][T10648] syz.2.3088[10648] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  500.903003][T10648] syz.2.3088[10648] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  500.972742][  T715] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  501.062759][  T329] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  501.070886][  T329] usb 5-1: config 179 has no interface number 0
[  501.077177][  T329] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  501.088151][  T329] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  501.099203][  T329] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11
[  501.112073][  T329] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024
[  501.123466][  T329] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  501.136512][  T329] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  501.145348][  T329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.172774][T10627] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  501.179628][T10627] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  501.193782][  T329] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input46
[  501.242825][  T715] usb 2-1: Using ep0 maxpacket: 16
[  501.312688][  T524] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  501.362776][  T715] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  501.373450][  T715] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  501.383021][  T715] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  501.395599][  T715] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  501.404479][  T715] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.418061][   T20] usb 5-1: USB disconnect, device number 49
[  501.420254][  T715] usb 2-1: config 0 descriptor??
[  501.432873][   T20] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  501.702752][  T524] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  501.713502][  T524] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  501.723008][  T524] usb 3-1: New USB device found, idVendor=056a, idProduct=0309, bcdDevice= 0.00
[  501.733283][  T524] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.741673][  T524] usb 3-1: config 0 descriptor??
[  501.893578][  T715] microsoft 0003:045E:07DA.0041: No inputs registered, leaving
[  501.901445][  T715] microsoft 0003:045E:07DA.0041: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  501.912704][  T715] microsoft 0003:045E:07DA.0041: no inputs found
[  501.918791][  T715] microsoft 0003:045E:07DA.0041: could not initialize ff, continuing anyway
[  501.943244][T10656] loop4: detected capacity change from 0 to 512
[  502.013128][T10656] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  502.026037][T10656] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.3091: casefold flag without casefold feature
[  502.038782][T10656] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.3091: missing EA_INODE flag
[  502.053281][T10656] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.3091: error while reading EA inode 12 err=-117
[  502.065991][T10656] EXT4-fs (loop4): 1 orphan inode deleted
[  502.071528][T10656] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  502.109592][T10656] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3091: Directory hole found for htree leaf block 0
[  502.122562][   T20] usb 2-1: USB disconnect, device number 47
[  502.124158][T10656] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3091: Directory hole found for htree leaf block 0
[  502.193920][T10667] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3091: Directory hole found for htree leaf block 0
[  502.207911][T10667] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3091: Directory hole found for htree leaf block 0
[  502.221133][T10667] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3091: Directory hole found for htree leaf block 0
[  502.234667][T10667] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3091: Directory hole found for htree leaf block 0
[  502.248533][T10667] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3091: Directory hole found for htree leaf block 0
[  502.270334][  T524] wacom 0003:056A:0309.0042: hidraw0: USB HID v0.00 Device [HID 056a:0309] on usb-dummy_hcd.2-1/input0
[  502.463158][  T524] usb 3-1: USB disconnect, device number 34
[  502.602696][  T715] Bluetooth: hci0: command 0x1003 tx timeout
[  502.608583][   T47] Bluetooth: hci0: sending frame failed (-49)
[  502.644966][T10673] loop1: detected capacity change from 0 to 256
[  502.665885][T10673] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  502.744384][T10678] input: syz1 as /devices/virtual/input/input51
[  502.831358][T10688] loop1: detected capacity change from 0 to 128
[  502.858497][T10690] loop4: detected capacity change from 0 to 256
[  502.882981][T10690] exfat: Deprecated parameter 'utf8'
[  502.915198][T10690] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xcc9b7de9, utbl_chksum : 0xe619d30d)
[  502.962321][T10694] loop1: detected capacity change from 0 to 512
[  502.984061][T10700] 9pnet: p9_errstr2errno: server reported unknown error Ý@íÎhQI¸¥ŠteœkKzEËxÐBAšÁbà¹lpΆ²vxÝé*óÍDŽ‘àò}‘©Ù’ñ;5ÏÇ–3OŲ"
[  503.016760][T10703] mmap: syz.2.3110 (10703) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  503.034153][T10694] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=continue,,errors=continue. Quota mode: writeback.
[  503.081272][T10694] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038 (0x7fffffff)
[  503.124074][T10709] loop4: detected capacity change from 0 to 1024
[  503.150638][T10711] loop2: detected capacity change from 0 to 512
[  503.184296][T10709] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  503.197989][T10709] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  503.217403][T10711] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  503.234506][T10709] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  503.254958][T10709] EXT4-fs (loop4): This should not happen!! Data will be lost
[  503.254958][T10709] 
[  503.255527][T10711] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.3114: casefold flag without casefold feature
[  503.264853][T10709] EXT4-fs (loop4): Total free blocks count 0
[  503.282760][T10709] EXT4-fs (loop4): Free/Dirty block details
[  503.288744][T10709] EXT4-fs (loop4): free_blocks=68451041280
[  503.294468][T10709] EXT4-fs (loop4): dirty_blocks=64
[  503.299359][T10709] EXT4-fs (loop4): Block reservation details
[  503.305212][T10709] EXT4-fs (loop4): i_reserved_data_blocks=4
[  503.311233][T10711] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.3114: missing EA_INODE flag
[  503.314713][T10708] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 60 with error 28
[  503.331160][T10711] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.3114: error while reading EA inode 12 err=-117
[  503.334661][T10708] EXT4-fs (loop4): This should not happen!! Data will be lost
[  503.334661][T10708] 
[  503.355580][T10713] loop1: detected capacity change from 0 to 40427
[  503.361493][T10711] EXT4-fs (loop2): 1 orphan inode deleted
[  503.368270][T10711] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  503.400920][T10711] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3114: Directory hole found for htree leaf block 0
[  503.406345][T10713] F2FS-fs (loop1): Found nat_bits in checkpoint
[  503.414200][T10711] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3114: Directory hole found for htree leaf block 0
[  503.448316][T10713] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  503.492731][T10725] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3114: Directory hole found for htree leaf block 0
[  503.506068][T10725] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3114: Directory hole found for htree leaf block 0
[  503.519194][T10725] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3114: Directory hole found for htree leaf block 0
[  503.532245][T10725] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3114: Directory hole found for htree leaf block 0
[  503.545508][T10725] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3114: Directory hole found for htree leaf block 0
[  503.812705][  T293] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  504.022371][ T9271] attempt to access beyond end of device
[  504.022371][ T9271] loop1: rw=2049, want=45104, limit=40427
[  504.118688][T10734] loop1: detected capacity change from 0 to 256
[  504.182786][  T293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  504.193857][  T293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  504.205070][  T293] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  504.214013][  T293] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.222408][  T293] usb 5-1: config 0 descriptor??
[  504.302727][  T524] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  504.572713][  T524] usb 3-1: Using ep0 maxpacket: 16
[  504.607644][T10744] loop1: detected capacity change from 0 to 2048
[  504.673048][  T715] Bluetooth: hci0: command 0x1001 tx timeout
[  504.678904][   T47] Bluetooth: hci0: sending frame failed (-49)
[  504.685578][  T293] hid-thrustmaster 0003:044F:B65D.0043: unknown main item tag 0x0
[  504.693793][  T293] hid-thrustmaster 0003:044F:B65D.0043: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.4-1/input0
[  504.702987][  T524] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  504.705769][  T293] hid-thrustmaster 0003:044F:B65D.0043: Wrong number of endpoints?
[  504.716522][  T524] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  504.733715][  T524] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  504.746383][  T524] usb 3-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[  504.755348][  T524] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.764167][  T524] usb 3-1: config 0 descriptor??
[  504.774319][T10744] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  504.953141][  T636] usb 5-1: USB disconnect, device number 50
[  504.962690][    C0] hid-thrustmaster 0003:044F:B65D.0043: URB to get model id failed with error -2
[  505.244734][  T524] wacom 0003:056A:00F0.0044: hidraw0: USB HID v0.00 Device [HID 056a:00f0] on usb-dummy_hcd.2-1/input0
[  505.400876][   T30] kauditd_printk_skb: 24 callbacks suppressed
[  505.400891][   T30] audit: type=1326 audit(1728374667.869:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  505.430468][   T30] audit: type=1326 audit(1728374667.869:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  505.455220][   T30] audit: type=1326 audit(1728374667.869:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  505.471162][  T636] usb 3-1: USB disconnect, device number 35
[  505.484251][   T30] audit: type=1326 audit(1728374667.869:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  505.509711][   T30] audit: type=1326 audit(1728374667.869:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  505.546236][   T30] audit: type=1326 audit(1728374667.869:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  505.570345][   T30] audit: type=1326 audit(1728374667.869:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  505.594620][   T30] audit: type=1326 audit(1728374667.869:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  505.618062][   T30] audit: type=1326 audit(1728374667.869:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  505.641650][   T30] audit: type=1326 audit(1728374667.869:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.1.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  505.694894][T10764] syz.1.3128[10764] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  505.694971][T10764] syz.1.3128[10764] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  505.873240][T10779] loop4: detected capacity change from 0 to 128
[  505.895539][T10779] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  505.906003][T10779] ext4 filesystem being mounted at /90/mnt supports timestamps until 2038 (0x7fffffff)
[  505.919362][T10779] syz.4.3135 (pid 10779) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  505.931474][T10779] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)"
[  506.038018][T10786] loop2: detected capacity change from 0 to 128
[  506.072720][  T636] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  506.083787][T10786] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3137'.
[  506.130303][T10792] incfs: iterate_incfs_dir / -22
[  506.140262][T10792] incfs: iterate_incfs_dir / -22
[  506.147200][T10792] incfs: iterate_incfs_dir / -22
[  506.282717][  T524] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  506.312703][  T636] usb 2-1: Using ep0 maxpacket: 16
[  506.432815][  T636] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  506.443855][  T636] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  506.453556][  T636] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  506.466320][  T636] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  506.467516][  T329] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  506.477885][  T636] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.491132][  T636] usb 2-1: config 0 descriptor??
[  506.652962][  T524] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  506.664156][  T524] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  506.673786][  T524] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  506.686904][  T524] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  506.695821][  T524] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.708061][  T524] usb 5-1: config 0 descriptor??
[  506.762728][  T800] Bluetooth: hci0: command 0x1009 tx timeout
[  506.902747][  T329] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  506.973631][  T636] koneplus 0003:1E7D:2E22.0045: item fetching failed at offset 0/2
[  506.982412][  T636] koneplus 0003:1E7D:2E22.0045: parse failed
[  506.988259][  T636] koneplus: probe of 0003:1E7D:2E22.0045 failed with error -22
[  507.122739][  T329] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  507.131763][  T329] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.141230][  T329] usb 3-1: Product: syz
[  507.163058][  T329] usb 3-1: Manufacturer: syz
[  507.167467][  T329] usb 3-1: SerialNumber: syz
[  507.175969][  T715] usb 2-1: USB disconnect, device number 48
[  507.214411][  T524] plantronics 0003:047F:FFFF.0046: ignoring exceeding usage max
[  507.225484][  T524] plantronics 0003:047F:FFFF.0046: No inputs registered, leaving
[  507.239665][  T524] plantronics 0003:047F:FFFF.0046: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  507.755771][T10838] syz.1.3158[10838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  507.755844][T10838] syz.1.3158[10838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  507.778146][T10840] loop1: detected capacity change from 0 to 256
[  508.302818][  T636] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  508.312880][  T329] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  508.319214][  T329] cdc_ncm 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  508.326495][  T329] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  508.532743][  T329] cdc_ncm 3-1:1.0: setting tx_max = 36
[  508.539175][  T329] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM, 42:42:42:42:42:42
[  508.542702][  T636] usb 2-1: Using ep0 maxpacket: 16
[  508.551509][  T329] usb 3-1: USB disconnect, device number 36
[  508.561710][  T329] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM
[  508.672786][  T636] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  508.683505][  T636] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  508.696097][  T636] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  508.704897][  T636] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.713735][  T636] usb 2-1: config 0 descriptor??
[  509.123083][T10874] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  509.132528][T10874] SELinux: failed to load policy
[  509.195046][  T636] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0047/input/input55
[  509.273914][  T636] microsoft 0003:045E:07DA.0047: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  509.362753][  T800] usb 5-1: reset high-speed USB device number 51 using dummy_hcd
[  509.412709][  T525] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  509.601475][  T636] usb 2-1: USB disconnect, device number 49
[  509.662742][  T800] usb 5-1: device firmware changed
[  509.667831][   T20] usb 5-1: USB disconnect, device number 51
[  509.772735][  T525] usb 3-1: config 0 has no interfaces?
[  509.778035][  T525] usb 3-1: New USB device found, idVendor=056a, idProduct=00ec, bcdDevice= 0.00
[  509.786901][  T525] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.795509][  T525] usb 3-1: config 0 descriptor??
[  509.822720][   T20] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  510.035106][  T800] usb 3-1: USB disconnect, device number 37
[  510.114727][T10897] loop1: detected capacity change from 0 to 512
[  510.180245][T10897] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  510.182756][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  510.202862][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  510.207860][T10897] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.3184: casefold flag without casefold feature
[  510.212412][   T20] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  510.237845][T10897] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.3184: missing EA_INODE flag
[  510.238063][   T20] usb 5-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  510.249858][T10897] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3184: error while reading EA inode 12 err=-117
[  510.258321][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.270328][T10897] EXT4-fs (loop1): 1 orphan inode deleted
[  510.278771][   T20] usb 5-1: config 0 descriptor??
[  510.283720][T10897] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  510.318900][T10897] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.3184: Directory hole found for htree leaf block 0
[  510.331983][T10897] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.3184: Directory hole found for htree leaf block 0
[  510.393758][T10907] bridge0: port 1(bridge_slave_0) entered blocking state
[  510.400594][T10907] bridge0: port 1(bridge_slave_0) entered disabled state
[  510.400835][T10912] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.3184: Directory hole found for htree leaf block 0
[  510.408079][T10907] device bridge_slave_0 entered promiscuous mode
[  510.422904][T10912] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.3184: Directory hole found for htree leaf block 0
[  510.426975][T10907] bridge0: port 2(bridge_slave_1) entered blocking state
[  510.440380][T10912] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.3184: Directory hole found for htree leaf block 0
[  510.446109][T10907] bridge0: port 2(bridge_slave_1) entered disabled state
[  510.460491][T10912] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.3184: Directory hole found for htree leaf block 0
[  510.478627][T10907] device bridge_slave_1 entered promiscuous mode
[  510.480091][T10912] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.3184: Directory hole found for htree leaf block 0
[  510.531585][T10907] bridge0: port 2(bridge_slave_1) entered blocking state
[  510.538443][T10907] bridge0: port 2(bridge_slave_1) entered forwarding state
[  510.545537][T10907] bridge0: port 1(bridge_slave_0) entered blocking state
[  510.552311][T10907] bridge0: port 1(bridge_slave_0) entered forwarding state
[  510.581024][  T323] bridge0: port 1(bridge_slave_0) entered disabled state
[  510.589026][  T323] bridge0: port 2(bridge_slave_1) entered disabled state
[  510.597295][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  510.604753][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  510.624559][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  510.632604][  T323] bridge0: port 1(bridge_slave_0) entered blocking state
[  510.639458][  T323] bridge0: port 1(bridge_slave_0) entered forwarding state
[  510.646859][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  510.655793][  T323] bridge0: port 2(bridge_slave_1) entered blocking state
[  510.662625][  T323] bridge0: port 2(bridge_slave_1) entered forwarding state
[  510.670326][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  510.678498][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  510.728286][T10914] loop2: detected capacity change from 0 to 40427
[  510.729517][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  510.745684][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  510.753650][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  510.761221][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  510.772960][T10907] device veth0_vlan entered promiscuous mode
[  510.780438][T10914] F2FS-fs (loop2): invalid crc value
[  510.793922][  T397] tipc: Left network mode
[  510.798188][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  510.803143][T10914] F2FS-fs (loop2): Found nat_bits in checkpoint
[  510.813880][T10907] device veth1_macvtap entered promiscuous mode
[  510.824091][   T20] prodikeys 0003:041E:2801.0048: unknown main item tag 0x0
[  510.832289][   T20] prodikeys 0003:041E:2801.0048: unknown main item tag 0x0
[  510.833068][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  510.839806][   T20] prodikeys 0003:041E:2801.0048: unknown main item tag 0x0
[  510.855120][   T20] prodikeys 0003:041E:2801.0048: unknown main item tag 0x0
[  510.862472][   T20] prodikeys 0003:041E:2801.0048: unknown main item tag 0x0
[  510.870769][T10914] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  510.875627][   T20] prodikeys 0003:041E:2801.0048: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.4-1/input0
[  510.925827][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  510.944139][   T30] kauditd_printk_skb: 42 callbacks suppressed
[  510.944154][   T30] audit: type=1400 audit(1728374673.419:1378): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  510.978031][   T30] audit: type=1400 audit(1728374673.419:1379): avc:  denied  { remove_name } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=12 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  511.001548][   T30] audit: type=1400 audit(1728374673.419:1380): avc:  denied  { rename } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=12 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  511.024905][   T30] audit: type=1400 audit(1728374673.419:1381): avc:  denied  { add_name } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  511.048801][   T30] audit: type=1400 audit(1728374673.419:1382): avc:  denied  { unlink } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  511.133037][   T30] audit: type=1400 audit(1728374673.419:1383): avc:  denied  { create } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  511.216381][ T7478] usb 5-1: USB disconnect, device number 52
[  511.397525][T10927] loop3: detected capacity change from 0 to 40427
[  511.420274][T10927] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  511.428877][T10927] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  511.429014][ T9788] attempt to access beyond end of device
[  511.429014][ T9788] loop2: rw=2049, want=45104, limit=40427
[  511.429918][T10939] loop1: detected capacity change from 0 to 256
[  511.458933][T10927] F2FS-fs (loop3): Found nat_bits in checkpoint
[  511.490115][  T397] device bridge_slave_0 left promiscuous mode
[  511.496492][  T397] bridge0: port 1(bridge_slave_0) entered disabled state
[  511.504678][  T397] device veth1_macvtap left promiscuous mode
[  511.510492][  T397] device veth0_vlan left promiscuous mode
[  511.512868][T10927] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  511.530185][T10927] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  511.575302][T10927] F2FS-fs (loop3): skip recovering inline_dots inode (ino:3, pino:3) in readonly mountpoint
[  511.730653][T10963] loop1: detected capacity change from 0 to 512
[  511.763085][T10963] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  511.772823][T10963] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  511.797986][T10963] EXT4-fs (loop1): 1 truncate cleaned up
[  511.799492][T10970] loop4: detected capacity change from 0 to 512
[  511.803519][T10963] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none.
[  511.866916][T10974] loop3: detected capacity change from 0 to 512
[  511.879463][T10970] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  511.902697][T10974] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.3211: bad orphan inode 17
[  511.906279][T10970] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.3208: casefold flag without casefold feature
[  511.912756][T10974] ext4_test_bit(bit=16, block=4) = 1
[  511.925576][T10970] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.3208: missing EA_INODE flag
[  511.930143][T10974] is_bad_inode(inode)=0
[  511.941803][T10970] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.3208: error while reading EA inode 12 err=-117
[  511.957464][T10974] NEXT_ORPHAN(inode)=0
[  511.957474][T10974] max_ino=32
[  511.957480][T10974] i_nlink=1
[  511.957512][T10974] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  511.979591][T10970] EXT4-fs (loop4): 1 orphan inode deleted
[  511.985199][T10970] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  512.018787][T10970] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3208: Directory hole found for htree leaf block 0
[  512.033116][T10970] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3208: Directory hole found for htree leaf block 0
[  512.035684][T10974] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.3211: bg 0: block 7: invalid block bitmap
[  512.097936][T10979] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3208: Directory hole found for htree leaf block 0
[  512.111047][T10979] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3208: Directory hole found for htree leaf block 0
[  512.123735][ T7478] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  512.132159][T10979] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3208: Directory hole found for htree leaf block 0
[  512.140696][T10981] loop3: detected capacity change from 0 to 1024
[  512.145381][T10979] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3208: Directory hole found for htree leaf block 0
[  512.163902][  T800] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  512.169200][T10979] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.3208: Directory hole found for htree leaf block 0
[  512.185562][T10981] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000008,barrier=0x0000000000000004,norecovery,debug_want_extra_isize=0x0000000000000080,nodiscard,nodelalloc,acl,dioread_lock,,errors=continue. Quota mode: none.
[  512.261684][T10985] loop3: detected capacity change from 0 to 1024
[  512.333210][T10985] EXT4-fs (loop3): Test dummy encryption mode enabled
[  512.419488][   T30] audit: type=1400 audit(1728374674.889:1384): avc:  denied  { unmount } for  pid=10907 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  512.482723][ T7478] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  512.490630][ T7478] usb 3-1: config 0 has no interface number 0
[  512.530248][T10987] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.537408][T10987] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.544765][T10987] device bridge_slave_0 entered promiscuous mode
[  512.552978][T10987] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.559837][T10987] bridge0: port 2(bridge_slave_1) entered disabled state
[  512.567044][T10987] device bridge_slave_1 entered promiscuous mode
[  512.592848][  T800] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  512.603682][  T800] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  512.613312][  T800] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  512.625838][  T800] usb 2-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00
[  512.635120][  T800] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.645212][  T800] usb 2-1: config 0 descriptor??
[  512.652806][ T7478] usb 3-1: New USB device found, idVendor=15ba, idProduct=0003, bcdDevice=9b.0a
[  512.661726][ T7478] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.669608][ T7478] usb 3-1: Product: syz
[  512.680328][ T7478] usb 3-1: Manufacturer: syz
[  512.685045][ T7478] usb 3-1: SerialNumber: syz
[  512.699605][T10987] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.706455][T10987] bridge0: port 2(bridge_slave_1) entered forwarding state
[  512.713573][T10987] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.720321][T10987] bridge0: port 1(bridge_slave_0) entered forwarding state
[  512.727589][ T7478] usb 3-1: config 0 descriptor??
[  512.743583][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  512.751059][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.761917][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  512.763256][ T7478] ftdi_sio 3-1:0.1: FTDI USB Serial Device converter detected
[  512.776902][ T7478] usb 3-1: Detected FT-X
[  512.787904][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  512.798704][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.805567][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  512.815216][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  512.823474][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.830303][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  512.840035][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  512.851212][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  512.864670][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  512.875508][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  512.883365][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  512.890611][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  512.901129][T10987] device veth0_vlan entered promiscuous mode
[  512.911209][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  512.920101][T10987] device veth1_macvtap entered promiscuous mode
[  512.929393][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  512.941012][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  513.003302][  T397] device bridge_slave_1 left promiscuous mode
[  513.009221][  T397] bridge0: port 2(bridge_slave_1) entered disabled state
[  513.016851][  T397] device bridge_slave_0 left promiscuous mode
[  513.022817][  T397] bridge0: port 1(bridge_slave_0) entered disabled state
[  513.030450][  T397] device veth1_macvtap left promiscuous mode
[  513.036349][  T397] device veth0_vlan left promiscuous mode
[  513.165315][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  513.283727][  T800] wacom 0003:056A:0094.0049: unknown main item tag 0x0
[  513.309729][   T20] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  513.317199][ T7478] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  513.318823][  T800] wacom 0003:056A:0094.0049: unknown main item tag 0x0
[  513.342832][ T7478] ftdi_sio 3-1:0.1: GPIO initialisation failed: -71
[  513.347279][  T800] wacom 0003:056A:0094.0049: unknown main item tag 0x0
[  513.356197][ T7478] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  513.360441][  T800] wacom 0003:056A:0094.0049: unknown main item tag 0x0
[  513.372055][ T7478] usb 3-1: USB disconnect, device number 38
[  513.378414][ T7478] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  513.388552][ T7478] ftdi_sio 3-1:0.1: device disconnected
[  513.417350][  T800] wacom 0003:056A:0094.0049: unknown main item tag 0x0
[  513.424256][  T800] wacom 0003:056A:0094.0049: unknown main item tag 0x0
[  513.430908][  T800] wacom 0003:056A:0094.0049: unknown main item tag 0x0
[  513.437745][  T800] wacom 0003:056A:0094.0049: Using device in hidraw-only mode
[  513.446446][  T800] wacom 0003:056A:0094.0049: hidraw0: USB HID v0.00 Device [HID 056a:0094] on usb-dummy_hcd.1-1/input0
[  513.681830][  T800] usb 2-1: USB disconnect, device number 50
[  513.802735][   T20] usb 5-1: Using ep0 maxpacket: 32
[  513.922748][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  513.933660][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  513.943207][   T20] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  513.952026][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  513.960623][   T20] usb 5-1: config 0 descriptor??
[  513.977215][T11017] loop2: detected capacity change from 0 to 512
[  514.003120][   T20] hub 5-1:0.0: USB hub found
[  514.063073][T11017] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  514.076291][T11017] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.3225: invalid indirect mapped block 4294967295 (level 1)
[  514.090375][T11017] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.3225: invalid indirect mapped block 4294967295 (level 1)
[  514.104595][T11017] EXT4-fs (loop2): 2 truncates cleaned up
[  514.110113][T11017] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000006,dioread_nolock,,errors=continue. Quota mode: writeback.
[  514.132458][   T30] audit: type=1400 audit(1728374676.599:1385): avc:  denied  { remount } for  pid=11016 comm="syz.2.3225" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  514.151986][T11017] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  514.163795][T11017] EXT4-fs error (device loop2): ext4_remount:5845: comm syz.2.3225: Abort forced by user
[  514.173656][T11017] EXT4-fs (loop2): Remounting filesystem read-only
[  514.209410][T11020] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  514.222826][   T20] hub 5-1:0.0: 1 port detected
[  514.482780][   T20] hub 5-1:0.0: hub_hub_status failed (err = -71)
[  514.488959][   T20] hub 5-1:0.0: config failed, can't get hub status (err -71)
[  514.502721][  T329] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  514.572721][  T800] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  514.592759][   T20] usbhid 5-1:0.0: can't add hid device: -71
[  514.598499][   T20] usbhid: probe of 5-1:0.0 failed with error -71
[  514.632926][   T20] usb 5-1: USB disconnect, device number 53
[  514.842988][  T800] usb 2-1: Using ep0 maxpacket: 8
[  514.902808][  T329] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  514.913540][  T329] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  514.923167][  T329] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  514.931996][  T329] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.940699][  T329] usb 3-1: config 0 descriptor??
[  514.972774][  T800] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  515.043463][T11039] input: syz1 as /devices/virtual/input/input56
[  515.073295][  T800] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  515.082185][  T800] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  515.090159][  T800] usb 2-1: SerialNumber: syz
[  515.095466][  T800] usb 2-1: config 0 descriptor??
[  515.133259][  T800] usb 2-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  515.139960][  T800] uvcvideo 2-1:0.0: Entity type for entity Output 255 was not initialized!
[  515.148394][  T800] usb 2-1: Failed to create links for entity 255
[  515.154519][  T800] usb 2-1: Failed to register entities (-22).
[  515.232734][  T800] Bluetooth: hci0: command 0x1003 tx timeout
[  515.238596][   T47] Bluetooth: hci0: sending frame failed (-49)
[  515.332693][  T715] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  515.340686][   T20] usb 2-1: USB disconnect, device number 51
[  515.424700][  T329] isku 0003:1E7D:319C.004A: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.2-1/input0
[  515.582684][  T715] usb 5-1: Using ep0 maxpacket: 16
[  515.632762][  T329] isku 0003:1E7D:319C.004A: couldn't init struct isku_device
[  515.639970][  T329] isku 0003:1E7D:319C.004A: couldn't install keyboard
[  515.647502][  T329] isku: probe of 0003:1E7D:319C.004A failed with error -5
[  515.702792][  T715] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  515.713471][  T715] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  515.726066][  T715] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  515.734904][  T715] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.743558][  T715] usb 5-1: config 0 descriptor??
[  515.836168][   T20] usb 3-1: USB disconnect, device number 39
[  515.857105][   T30] audit: type=1326 audit(1728374678.329:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11045 comm="syz.1.3237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  515.880492][   T30] audit: type=1326 audit(1728374678.329:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11045 comm="syz.1.3237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  516.207154][  T715] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.004B/input/input57
[  516.222894][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  516.222904][   T30] audit: type=1326 audit(1728374678.699:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11051 comm="syz.1.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  516.252538][   T30] audit: type=1326 audit(1728374678.699:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11051 comm="syz.1.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0ffb8ff9 code=0x7ffc0000
[  516.297137][  T715] microsoft 0003:045E:07DA.004B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  516.352971][T11058] loop1: detected capacity change from 0 to 16
[  516.413049][T11058] erofs: (device loop1): mounted with root inode @ nid 36.
[  516.421931][T11058] erofs: (device loop1): z_erofs_readahead: readahead error at page 3599 @ nid 36
[  516.431258][T11058] erofs: (device loop1): z_erofs_pcluster_readmore: readmore error at page 3599 @ nid 36
[  516.442922][T11058] erofs: (device loop1): z_erofs_pcluster_readmore: readmore error at page 3598 @ nid 36
[  516.452570][T11058] erofs: (device loop1): z_erofs_pcluster_readmore: readmore error at page 3597 @ nid 36
[  516.462516][T11058] erofs: (device loop1): z_erofs_pcluster_readmore: readmore error at page 3596 @ nid 36
[  516.472405][T11058] attempt to access beyond end of device
[  516.472405][T11058] loop1: rw=524288, want=40, limit=16
[  516.483529][T11058] attempt to access beyond end of device
[  516.483529][T11058] loop1: rw=524288, want=48, limit=16
[  516.555546][T11065] loop2: detected capacity change from 0 to 40427
[  516.623107][  T329] usb 5-1: USB disconnect, device number 54
[  516.639115][T11065] F2FS-fs (loop2): invalid crc value
[  516.654821][T11065] F2FS-fs (loop2): Found nat_bits in checkpoint
[  516.691178][T11065] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  516.725038][T11078] loop1: detected capacity change from 0 to 1024
[  516.755957][T11078] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,resgid=0x0000000000000000,nodiscard,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  517.245381][T11096] loop4: detected capacity change from 0 to 256
[  517.251826][T11096] exfat: Deprecated parameter 'utf8'
[  517.252254][ T9788] attempt to access beyond end of device
[  517.252254][ T9788] loop2: rw=2049, want=45104, limit=40427
[  517.322682][  T329] Bluetooth: hci0: command 0x1001 tx timeout
[  517.330422][T11096] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  517.342694][   T20] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  517.344303][   T47] Bluetooth: hci0: sending frame failed (-49)
[  517.364335][   T30] audit: type=1400 audit(1728374679.839:1412): avc:  denied  { mounton } for  pid=11095 comm="syz.4.3256" path="/103/file0/file0" dev="loop4" ino=1049046 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  517.394222][T11103] loop2: detected capacity change from 0 to 512
[  517.403739][   T30] audit: type=1400 audit(1728374679.879:1413): avc:  denied  { remove_name } for  pid=9734 comm="syz-executor" name=".index" dev="loop4" ino=1049047 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  517.427706][   T30] audit: type=1400 audit(1728374679.879:1414): avc:  denied  { rmdir } for  pid=9734 comm="syz-executor" name=".index" dev="loop4" ino=1049047 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  517.450482][T11103] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  517.463009][   T30] audit: type=1400 audit(1728374679.879:1415): avc:  denied  { unlink } for  pid=9734 comm="syz-executor" name="file0" dev="loop4" ino=1049049 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  517.464501][T11103] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.3259: casefold flag without casefold feature
[  517.498306][T11103] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.3259: missing EA_INODE flag
[  517.510046][T11103] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.3259: error while reading EA inode 12 err=-117
[  517.522361][T11103] EXT4-fs (loop2): 1 orphan inode deleted
[  517.527918][T11103] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  517.558798][T11103] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3259: Directory hole found for htree leaf block 0
[  517.571879][T11103] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3259: Directory hole found for htree leaf block 0
[  517.582682][   T20] usb 2-1: Using ep0 maxpacket: 16
[  517.639274][T11106] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3259: Directory hole found for htree leaf block 0
[  517.653195][T11106] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3259: Directory hole found for htree leaf block 0
[  517.666371][T11106] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3259: Directory hole found for htree leaf block 0
[  517.679701][T11106] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3259: Directory hole found for htree leaf block 0
[  517.693559][T11106] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.3259: Directory hole found for htree leaf block 0
[  517.718844][T11108] bridge0: port 1(bridge_slave_0) entered blocking state
[  517.725826][T11108] bridge0: port 1(bridge_slave_0) entered disabled state
[  517.733034][T11108] device bridge_slave_0 entered promiscuous mode
[  517.739658][T11108] bridge0: port 2(bridge_slave_1) entered blocking state
[  517.746606][T11108] bridge0: port 2(bridge_slave_1) entered disabled state
[  517.753855][T11108] device bridge_slave_1 entered promiscuous mode
[  517.797042][T11108] bridge0: port 2(bridge_slave_1) entered blocking state
[  517.803881][T11108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  517.810952][T11108] bridge0: port 1(bridge_slave_0) entered blocking state
[  517.817783][T11108] bridge0: port 1(bridge_slave_0) entered forwarding state
[  517.838731][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  517.846142][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  517.853498][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  517.862363][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  517.870498][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  517.877343][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  517.885246][   T20] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=d8.08
[  517.894211][   T20] usb 2-1: New USB device strings: Mfr=40, Product=98, SerialNumber=3
[  517.902189][   T20] usb 2-1: Product: syz
[  517.906225][   T20] usb 2-1: Manufacturer: syz
[  517.910600][   T20] usb 2-1: SerialNumber: syz
[  517.915547][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  517.923911][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  517.926958][   T20] usb 2-1: config 0 descriptor??
[  517.930759][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  517.943177][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  517.960564][T11108] device veth0_vlan entered promiscuous mode
[  517.966947][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  517.975448][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  517.975716][   T20] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  517.983474][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  517.993041][   T20] usb 2-1: Detected FT-X
[  517.998256][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  518.008555][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  518.020646][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  518.029550][T11108] device veth1_macvtap entered promiscuous mode
[  518.039810][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  518.049736][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  518.073566][   T30] audit: type=1400 audit(1728374680.549:1416): avc:  denied  { bind } for  pid=11112 comm="syz.4.3262" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  518.094322][   T30] audit: type=1400 audit(1728374680.549:1417): avc:  denied  { node_bind } for  pid=11112 comm="syz.4.3262" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  518.132561][   T30] audit: type=1326 audit(1728374680.599:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11114 comm="syz.4.3263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb89dd6ff9 code=0x7ffc0000
[  518.174597][   T30] audit: type=1326 audit(1728374680.599:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11114 comm="syz.4.3263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb89dd6ff9 code=0x7ffc0000
[  518.212763][   T20] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  518.472784][   T20] ftdi_sio 2-1:0.0: GPIO initialisation failed: -5
[  518.485813][   T20] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  518.497931][T11127] loop4: detected capacity change from 0 to 40427
[  518.517420][T11127] F2FS-fs (loop4): fault_injection options not supported
[  518.530009][T11127] F2FS-fs (loop4): fault_type options not supported
[  518.532426][T11129] loop2: detected capacity change from 0 to 40427
[  518.537509][T11127] F2FS-fs (loop4): invalid crc value
[  518.550776][T11127] F2FS-fs (loop4): Found nat_bits in checkpoint
[  518.573106][T11129] F2FS-fs (loop2): invalid crc value
[  518.588665][T11127] F2FS-fs (loop4): Start checkpoint disabled!
[  518.595694][T11129] F2FS-fs (loop2): Found nat_bits in checkpoint
[  518.612710][T11127] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  518.633960][T11127] attempt to access beyond end of device
[  518.633960][T11127] loop4: rw=2049, want=45104, limit=40427
[  518.660261][T11129] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  518.688392][  T397] attempt to access beyond end of device
[  518.688392][  T397] loop4: rw=2049, want=40992, limit=40427
[  518.713984][   T20] usb 2-1: USB disconnect, device number 52
[  518.730884][   T20] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  518.752497][   T20] ftdi_sio 2-1:0.0: device disconnected
[  519.146707][ T9788] attempt to access beyond end of device
[  519.146707][ T9788] loop2: rw=2049, want=45104, limit=40427
[  519.416480][  T800] Bluetooth: hci0: command 0x1009 tx timeout
[  519.426505][T11153] xt_bpf: check failed: parse error
[  519.444675][T11156] loop1: detected capacity change from 0 to 256
[  519.448188][T11158] input: syz1 as /devices/virtual/input/input58
[  519.477355][T11162] serio: Serial port ptm1
[  519.779369][T11183] loop1: detected capacity change from 0 to 40427
[  519.832700][   T20] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  519.860066][T11183] F2FS-fs (loop1): Found nat_bits in checkpoint
[  519.890053][T11183] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  520.222807][   T20] usb 5-1: Using ep0 maxpacket: 32
[  520.342718][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  520.353781][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  520.363581][   T20] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  520.377442][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  520.386484][   T20] usb 5-1: config 0 descriptor??
[  520.423162][   T20] hub 5-1:0.0: USB hub found
[  520.475824][ T9271] attempt to access beyond end of device
[  520.475824][ T9271] loop1: rw=2049, want=45104, limit=40427
[  520.683149][   T20] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  520.698205][T11208] netem: incorrect ge model size
[  520.703538][T11208] netem: change failed
[  520.735691][T11212] loop7: detected capacity change from 0 to 16384
[  520.792801][   T20] usbhid 5-1:0.0: can't add hid device: -71
[  520.799619][   T20] usbhid: probe of 5-1:0.0 failed with error -71
[  520.853031][   T54] blk_update_request: I/O error, dev loop7, sector 6912 op 0x1:(WRITE) flags 0x8800 phys_seg 16 prio class 0
[  520.867582][T11217] loop1: detected capacity change from 0 to 512
[  520.976113][T11217] EXT4-fs (loop1): mounted filesystem without journal. Opts: user_xattr,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  520.992233][T11217] ext4 filesystem being mounted at /186/bus supports timestamps until 2038 (0x7fffffff)
[  521.022889][   T20] usb 5-1: reset high-speed USB device number 55 using dummy_hcd
[  521.282692][ T7478] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  521.522699][ T7478] usb 2-1: Using ep0 maxpacket: 8
[  521.642745][ T7478] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  521.772767][   T20] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  521.812806][ T7478] usb 2-1: New USB device found, idVendor=c125, idProduct=a4a1, bcdDevice= 0.40
[  521.821638][ T7478] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.829587][ T7478] usb 2-1: Product: syz
[  521.833564][ T7478] usb 2-1: Manufacturer: syz
[  521.837971][ T7478] usb 2-1: SerialNumber: syz
[  522.152780][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  522.163493][   T20] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  522.176177][   T20] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  522.184980][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.193789][   T20] usb 3-1: config 0 descriptor??
[  522.552752][ T7478] cdc_ncm 2-1:1.0: failed GET_NTB_PARAMETERS
[  522.558584][ T7478] cdc_ncm 2-1:1.0: bind() failure
[  522.564199][ T7478] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  522.570774][ T7478] cdc_ncm 2-1:1.1: bind() failure
[  522.663918][   T20] plantronics 0003:047F:FFFF.004C: No inputs registered, leaving
[  522.680292][   T20] plantronics 0003:047F:FFFF.004C: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  522.707083][T11234] loop4: detected capacity change from 0 to 40427
[  522.713464][ T7478] usb 5-1: USB disconnect, device number 55
[  522.796667][T11234] F2FS-fs (loop4): Found nat_bits in checkpoint
[  522.818143][T11234] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  523.342927][  T329] usb 3-1: USB disconnect, device number 40
[  523.410181][T11243] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.417030][T11243] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.424330][T11243] device bridge_slave_0 entered promiscuous mode
[  523.430935][T11243] bridge0: port 2(bridge_slave_1) entered blocking state
[  523.437954][T11243] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.446081][T11243] device bridge_slave_1 entered promiscuous mode
[  523.507762][T11108] attempt to access beyond end of device
[  523.507762][T11108] loop4: rw=2049, want=45104, limit=40427
[  523.529095][T11243] bridge0: port 2(bridge_slave_1) entered blocking state
[  523.535968][T11243] bridge0: port 2(bridge_slave_1) entered forwarding state
[  523.543076][T11243] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.549837][T11243] bridge0: port 1(bridge_slave_0) entered forwarding state
[  523.590639][  T430] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.598061][  T430] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.605966][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  523.613503][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  523.629315][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  523.637427][  T430] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.644268][  T430] bridge0: port 1(bridge_slave_0) entered forwarding state
[  523.653925][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  523.661853][  T430] bridge0: port 2(bridge_slave_1) entered blocking state
[  523.668685][  T430] bridge0: port 2(bridge_slave_1) entered forwarding state
[  523.680815][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  523.689835][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  523.702883][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  523.716341][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  523.724166][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  523.731348][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  523.739642][T11243] device veth0_vlan entered promiscuous mode
[  523.750966][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  523.759773][T11243] device veth1_macvtap entered promiscuous mode
[  523.769100][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  523.778623][  T430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  523.807297][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  523.807310][   T30] audit: type=1400 audit(1728374686.279:1435): avc:  denied  { write } for  pid=11250 comm="syz.3.3306" name="001" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  523.809153][T11251] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  523.854043][T11253] loop3: detected capacity change from 0 to 256
[  523.885341][   T30] audit: type=1326 audit(1728374686.359:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.2.3309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  523.912758][  T329] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  523.913551][ T7478] usb 2-1: USB disconnect, device number 53
[  523.924355][   T30] audit: type=1326 audit(1728374686.359:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.2.3309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  523.951844][   T30] audit: type=1326 audit(1728374686.359:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.2.3309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  523.976739][T11253] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  523.989109][   T30] audit: type=1326 audit(1728374686.359:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.2.3309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  524.017417][   T30] audit: type=1326 audit(1728374686.359:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.2.3309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3a303ff9 code=0x7ffc0000
[  524.070213][T11267] loop1: detected capacity change from 0 to 256
[  524.114895][  T397] device bridge_slave_1 left promiscuous mode
[  524.120988][  T397] bridge0: port 2(bridge_slave_1) entered disabled state
[  524.128637][  T397] device bridge_slave_0 left promiscuous mode
[  524.135220][  T397] bridge0: port 1(bridge_slave_0) entered disabled state
[  524.143211][  T397] device veth1_macvtap left promiscuous mode
[  524.150417][  T397] device veth0_vlan left promiscuous mode
[  524.174472][   T30] audit: type=1326 audit(1728374686.649:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11276 comm="syz.0.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96017ff9 code=0x7ffc0000
[  524.212360][   T30] audit: type=1326 audit(1728374686.669:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11276 comm="syz.0.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96017ff9 code=0x7ffc0000
[  524.236546][   T30] audit: type=1326 audit(1728374686.669:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11276 comm="syz.0.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f7b96017ff9 code=0x7ffc0000
[  524.261042][   T30] audit: type=1326 audit(1728374686.669:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11276 comm="syz.0.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96017ff9 code=0x7ffc0000
[  524.304638][   T20] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  524.332779][  T329] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  524.343832][   T60] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  524.351416][  T329] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  524.370750][  T329] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  524.379768][  T329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.389670][  T329] usb 5-1: config 0 descriptor??
[  524.682683][  T636] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  524.692764][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  524.702723][   T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  524.703522][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  524.714449][   T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  524.723844][   T20] usb 3-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  524.733468][   T60] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice= 0.00
[  524.742086][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.751158][   T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.759948][   T20] usb 3-1: config 0 descriptor??
[  524.772609][   T60] usb 4-1: config 0 descriptor??
[  524.873573][  T329] arvo 0003:1E7D:30D4.004D: collection stack underflow
[  524.880296][  T329] arvo 0003:1E7D:30D4.004D: item 0 4 0 12 parsing failed
[  524.887292][  T329] arvo 0003:1E7D:30D4.004D: parse failed
[  524.892791][  T329] arvo: probe of 0003:1E7D:30D4.004D failed with error -22
[  524.942690][  T636] usb 2-1: Using ep0 maxpacket: 8
[  525.076031][  T329] usb 5-1: USB disconnect, device number 56
[  525.083956][  T636] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  525.253632][   T20] elo 0003:04E7:0030.004F: item fetching failed at offset 5/7
[  525.253644][   T60] appleir 0003:05AC:8243.004E: report_id 0 is invalid
[  525.253662][   T60] appleir 0003:05AC:8243.004E: item 0 0 1 8 parsing failed
[  525.261080][  T636] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  525.271042][   T60] appleir 0003:05AC:8243.004E: parse failed
[  525.274906][   T20] elo 0003:04E7:0030.004F: parse failed
[  525.283799][   T60] appleir: probe of 0003:05AC:8243.004E failed with error -22
[  525.289279][  T636] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.309722][   T20] elo: probe of 0003:04E7:0030.004F failed with error -22
[  525.317157][  T636] usb 2-1: Product: syz
[  525.323119][  T636] usb 2-1: Manufacturer: syz
[  525.327515][  T636] usb 2-1: SerialNumber: syz
[  525.496412][   T20] usb 4-1: USB disconnect, device number 52
[  525.533313][   T60] usb 3-1: USB disconnect, device number 41
[  525.594130][  T329] kernel write not supported for file /stat (pid: 329 comm: kworker/1:3)
[  525.902690][ T7478] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  526.057310][T11309] loop2: detected capacity change from 0 to 2048
[  526.071246][T11311] loop3: detected capacity change from 0 to 2048
[  526.104487][T11311] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  526.124480][T11309] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  526.179839][T11318] kvm: apic: phys broadcast and lowest prio
[  526.272779][ T7478] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  526.288837][ T7478] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  526.300079][ T7478] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  526.313133][ T7478] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  526.322172][ T7478] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.333654][ T7478] usb 5-1: config 0 descriptor??
[  526.352782][T11305] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  526.452763][  T636] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  526.462780][  T636] cdc_ncm 2-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  526.480103][  T636] cdc_ncm 2-1:1.0: setting rx_max = 2048
[  526.509064][T11339] loop2: detected capacity change from 0 to 40427
[  526.554635][T11339] F2FS-fs (loop2): invalid crc value
[  526.561245][T11339] F2FS-fs (loop2): Found nat_bits in checkpoint
[  526.576465][T11347] loop3: detected capacity change from 0 to 40427
[  526.590022][T11339] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  526.618625][T11347] F2FS-fs (loop3): invalid crc value
[  526.642836][T11347] F2FS-fs (loop3): Found nat_bits in checkpoint
[  526.662750][  T636] cdc_ncm 2-1:1.0: setting tx_max = 184
[  526.666304][T11347] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  526.670078][  T636] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM, 42:42:42:42:42:42
[  527.405113][ T9788] attempt to access beyond end of device
[  527.405113][ T9788] loop2: rw=2049, want=45104, limit=40427
[  527.432245][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.432450][T11243] attempt to access beyond end of device
[  527.432450][T11243] loop3: rw=2049, want=45104, limit=40427
[  527.439679][  T636] usb 2-1: USB disconnect, device number 54
[  527.456491][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.463944][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.471577][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.479163][  T636] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM
[  527.487361][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.495506][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.503232][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.510679][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.518032][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.528136][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.535359][ T7478] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0
[  527.546299][ T7478] plantronics 0003:047F:FFFF.0050: No inputs registered, leaving
[  527.554716][   T20] ==================================================================
[  527.562576][   T20] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x120
[  527.570212][   T20] Read of size 8 at addr ffff88811257ec70 by task kworker/0:1/20
[  527.577764][   T20] 
[  527.579934][   T20] CPU: 0 PID: 20 Comm: kworker/0:1 Tainted: G        W         5.15.165-syzkaller-01568-g80dd36dca275 #0
[  527.590957][   T20] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  527.600852][   T20] Workqueue: events_long br_fdb_cleanup
[  527.606232][   T20] Call Trace:
[  527.609357][   T20]  <TASK>
[  527.612134][   T20]  dump_stack_lvl+0x151/0x1c0
[  527.616649][   T20]  ? io_uring_drop_tctx_refs+0x190/0x190
[  527.622114][   T20]  ? panic+0x760/0x760
[  527.626023][   T20]  print_address_description+0x87/0x3b0
[  527.631401][   T20]  ? _raw_spin_unlock+0x4d/0x70
[  527.636089][   T20]  kasan_report+0x179/0x1c0
[  527.640429][   T20]  ? __list_del_entry_valid+0xa6/0x120
[  527.645723][   T20]  ? __list_del_entry_valid+0xa6/0x120
[  527.651017][   T20]  __asan_report_load8_noabort+0x14/0x20
[  527.656488][   T20]  __list_del_entry_valid+0xa6/0x120
[  527.661607][   T20]  process_one_work+0x458/0xc10
[  527.666295][   T20]  worker_thread+0xad5/0x12a0
[  527.670821][   T20]  kthread+0x421/0x510
[  527.674712][   T20]  ? worker_clr_flags+0x180/0x180
[  527.679573][   T20]  ? kthread_blkcg+0xd0/0xd0
[  527.684001][   T20]  ret_from_fork+0x1f/0x30
[  527.688253][   T20]  </TASK>
[  527.691122][   T20] 
[  527.693315][   T20] Allocated by task 636:
[  527.697366][   T20]  ____kasan_kmalloc+0xdb/0x110
[  527.702051][   T20]  __kasan_kmalloc+0x9/0x10
[  527.706391][   T20]  __kmalloc+0x13a/0x270
[  527.710470][   T20]  kvmalloc_node+0x1f0/0x4d0
[  527.714898][   T20]  alloc_netdev_mqs+0x8c/0xc90
[  527.719498][   T20]  alloc_etherdev_mqs+0x33/0x40
[  527.724184][   T20]  usbnet_probe+0x1ff/0x2830
[  527.728609][   T20]  usb_probe_interface+0x5b6/0xa90
[  527.733559][   T20]  really_probe+0x28d/0x970
[  527.737897][   T20]  __driver_probe_device+0x1a0/0x310
[  527.743019][   T20]  driver_probe_device+0x54/0x3d0
[  527.747879][   T20]  __device_attach_driver+0x2c5/0x470
[  527.753086][   T20]  bus_for_each_drv+0x183/0x200
[  527.757774][   T20]  __device_attach+0x312/0x510
[  527.762375][   T20]  device_initial_probe+0x1a/0x20
[  527.767234][   T20]  bus_probe_device+0xbe/0x1e0
[  527.771834][   T20]  device_add+0xb60/0xf10
[  527.775999][   T20]  usb_set_configuration+0x190f/0x1e80
[  527.781294][   T20]  usb_generic_driver_probe+0x8b/0x150
[  527.786589][   T20]  usb_probe_device+0x144/0x260
[  527.791275][   T20]  really_probe+0x28d/0x970
[  527.795634][   T20]  __driver_probe_device+0x1a0/0x310
[  527.800741][   T20]  driver_probe_device+0x54/0x3d0
[  527.805599][   T20]  __device_attach_driver+0x2c5/0x470
[  527.810806][   T20]  bus_for_each_drv+0x183/0x200
[  527.815492][   T20]  __device_attach+0x312/0x510
[  527.820093][   T20]  device_initial_probe+0x1a/0x20
[  527.824955][   T20]  bus_probe_device+0xbe/0x1e0
[  527.829554][   T20]  device_add+0xb60/0xf10
[  527.833720][   T20]  usb_new_device+0x1038/0x1c00
[  527.838405][   T20]  hub_event+0x2def/0x4770
[  527.842659][   T20]  process_one_work+0x6bb/0xc10
[  527.847348][   T20]  worker_thread+0xad5/0x12a0
[  527.851860][   T20]  kthread+0x421/0x510
[  527.855766][   T20]  ret_from_fork+0x1f/0x30
[  527.860205][   T20] 
[  527.862366][   T20] Freed by task 636:
[  527.866108][   T20]  kasan_set_track+0x4b/0x70
[  527.870530][   T20]  kasan_set_free_info+0x23/0x40
[  527.875299][   T20]  ____kasan_slab_free+0x126/0x160
[  527.880246][   T20]  __kasan_slab_free+0x11/0x20
[  527.884851][   T20]  slab_free_freelist_hook+0xbd/0x190
[  527.890058][   T20]  kfree+0xc8/0x220
[  527.893701][   T20]  kvfree+0x35/0x40
[  527.897343][   T20]  netdev_freemem+0x3f/0x60
[  527.901683][   T20]  netdev_release+0x7f/0xb0
[  527.906024][   T20]  device_release+0x95/0x1c0
[  527.910452][   T20]  kobject_put+0x178/0x260
[  527.914702][   T20]  put_device+0x1f/0x30
[  527.918695][   T20]  free_netdev+0x34f/0x440
[  527.922947][   T20]  usbnet_disconnect+0x245/0x390
[  527.927722][   T20]  usb_unbind_interface+0x1fa/0x8c0
[  527.932756][   T20]  device_release_driver_internal+0x50b/0x7d0
[  527.938657][   T20]  device_release_driver+0x19/0x20
[  527.943607][   T20]  bus_remove_device+0x2f8/0x360
[  527.948377][   T20]  device_del+0x663/0xe90
[  527.952546][   T20]  usb_disable_device+0x380/0x720
[  527.957411][   T20]  usb_disconnect+0x32a/0x890
[  527.961917][   T20]  hub_event+0x1d42/0x4770
[  527.966171][   T20]  process_one_work+0x6bb/0xc10
[  527.970857][   T20]  worker_thread+0xe02/0x12a0
[  527.975371][   T20]  kthread+0x421/0x510
[  527.979276][   T20]  ret_from_fork+0x1f/0x30
[  527.983537][   T20] 
[  527.985702][   T20] Last potentially related work creation:
[  527.991255][   T20]  kasan_save_stack+0x3b/0x60
[  527.995769][   T20]  __kasan_record_aux_stack+0xd3/0xf0
[  528.000974][   T20]  kasan_record_aux_stack_noalloc+0xb/0x10
[  528.006618][   T20]  insert_work+0x56/0x320
[  528.010782][   T20]  __queue_work+0x92a/0xcd0
[  528.015124][   T20]  queue_work_on+0x105/0x170
[  528.019549][   T20]  usbnet_link_change+0xeb/0x100
[  528.024325][   T20]  usbnet_probe+0x1dd3/0x2830
[  528.028836][   T20]  usb_probe_interface+0x5b6/0xa90
[  528.033783][   T20]  really_probe+0x28d/0x970
[  528.038124][   T20]  __driver_probe_device+0x1a0/0x310
[  528.043245][   T20]  driver_probe_device+0x54/0x3d0
[  528.048106][   T20]  __device_attach_driver+0x2c5/0x470
[  528.053313][   T20]  bus_for_each_drv+0x183/0x200
[  528.057999][   T20]  __device_attach+0x312/0x510
[  528.062599][   T20]  device_initial_probe+0x1a/0x20
[  528.067461][   T20]  bus_probe_device+0xbe/0x1e0
[  528.072060][   T20]  device_add+0xb60/0xf10
[  528.076227][   T20]  usb_set_configuration+0x190f/0x1e80
[  528.081608][   T20]  usb_generic_driver_probe+0x8b/0x150
[  528.086903][   T20]  usb_probe_device+0x144/0x260
[  528.091599][   T20]  really_probe+0x28d/0x970
[  528.095929][   T20]  __driver_probe_device+0x1a0/0x310
[  528.101049][   T20]  driver_probe_device+0x54/0x3d0
[  528.105910][   T20]  __device_attach_driver+0x2c5/0x470
[  528.111117][   T20]  bus_for_each_drv+0x183/0x200
[  528.115804][   T20]  __device_attach+0x312/0x510
[  528.120404][   T20]  device_initial_probe+0x1a/0x20
[  528.125266][   T20]  bus_probe_device+0xbe/0x1e0
[  528.129866][   T20]  device_add+0xb60/0xf10
[  528.134033][   T20]  usb_new_device+0x1038/0x1c00
[  528.138718][   T20]  hub_event+0x2def/0x4770
[  528.142970][   T20]  process_one_work+0x6bb/0xc10
[  528.147657][   T20]  worker_thread+0xad5/0x12a0
[  528.152170][   T20]  kthread+0x421/0x510
[  528.156076][   T20]  ret_from_fork+0x1f/0x30
[  528.160330][   T20] 
[  528.162499][   T20] The buggy address belongs to the object at ffff88811257e000
[  528.162499][   T20]  which belongs to the cache kmalloc-4k of size 4096
[  528.176387][   T20] The buggy address is located 3184 bytes inside of
[  528.176387][   T20]  4096-byte region [ffff88811257e000, ffff88811257f000)
[  528.189666][   T20] The buggy address belongs to the page:
[  528.195145][   T20] page:ffffea0004495e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112578
[  528.205202][   T20] head:ffffea0004495e00 order:3 compound_mapcount:0 compound_pincount:0
[  528.213447][   T20] flags: 0x4000000000010200(slab|head|zone=1)
[  528.219356][   T20] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043380
[  528.227775][   T20] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[  528.236188][   T20] page dumped because: kasan: bad access detected
[  528.242448][   T20] page_owner tracks the page as allocated
[  528.247992][   T20] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 9788, ts 479541907370, free_ts 478224710978
[  528.268476][   T20]  post_alloc_hook+0x1a3/0x1b0
[  528.273075][   T20]  prep_new_page+0x1b/0x110
[  528.277414][   T20]  get_page_from_freelist+0x3550/0x35d0
[  528.282799][   T20]  __alloc_pages+0x27e/0x8f0
[  528.287222][   T20]  new_slab+0x9a/0x4e0
[  528.291126][   T20]  ___slab_alloc+0x39e/0x830
[  528.295553][   T20]  __slab_alloc+0x4a/0x90
[  528.299720][   T20]  kmem_cache_alloc_trace+0x142/0x210
[  528.304929][   T20]  kobject_uevent_env+0x269/0x700
[  528.309789][   T20]  kobject_uevent+0x1f/0x30
[  528.314128][   T20]  netdev_queue_update_kobjects+0x1c0/0x400
[  528.319855][   T20]  netdev_register_kobject+0x270/0x320
[  528.325151][   T20]  register_netdevice+0xde9/0x1390
[  528.330096][   T20]  veth_newlink+0x94f/0xe20
[  528.334437][   T20]  rtnl_newlink+0x14c7/0x2050
[  528.338952][   T20]  rtnetlink_rcv_msg+0x951/0xc40
[  528.343727][   T20] page last free stack trace:
[  528.348238][   T20]  free_unref_page_prepare+0x7c8/0x7d0
[  528.353533][   T20]  free_unref_page+0xe8/0x750
[  528.358045][   T20]  __free_pages+0x61/0xf0
[  528.362212][   T20]  __free_slab+0xec/0x1d0
[  528.366378][   T20]  __unfreeze_partials+0x165/0x1a0
[  528.371324][   T20]  put_cpu_partial+0xc4/0x120
[  528.375837][   T20]  __slab_free+0x1c8/0x290
[  528.380090][   T20]  ___cache_free+0x109/0x120
[  528.384518][   T20]  qlink_free+0x4d/0x90
[  528.388510][   T20]  qlist_free_all+0x44/0xb0
[  528.392850][   T20]  kasan_quarantine_reduce+0x15a/0x180
[  528.398143][   T20]  __kasan_slab_alloc+0x2f/0xe0
[  528.402830][   T20]  slab_post_alloc_hook+0x53/0x2c0
[  528.407777][   T20]  kmem_cache_alloc+0xf5/0x200
[  528.412378][   T20]  security_inode_alloc+0x29/0x120
[  528.417413][   T20]  inode_init_always+0x76d/0x9d0
[  528.422188][   T20] 
[  528.424356][   T20] Memory state around the buggy address:
[  528.429827][   T20]  ffff88811257eb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  528.437724][   T20]  ffff88811257eb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  528.445622][   T20] >ffff88811257ec00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  528.453518][   T20]                                                              ^
[  528.461244][   T20]  ffff88811257ec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  528.469143][   T20]  ffff88811257ed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  528.477043][   T20] ==================================================================
[  528.484940][   T20] Disabling lock debugging due to kernel taint
[  528.520302][ T7478] plantronics 0003:047F:FFFF.0050: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  528.554150][ T7478] usb 5-1: USB disconnect, device number 57
[  528.645606][  T636] hid-generic 0000:0000:0000.0051: unknown main item tag 0x0
[  528.653795][  T636] hid-generic 0000:0000:0000.0051: unknown main item tag 0x0
[  528.662148][  T636] hid-generic 0000:0000:0000.0051: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1