last executing test programs: 6.082192575s ago: executing program 0 (id=827): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a500000008000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) 6.074399825s ago: executing program 0 (id=828): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000c80)=ANY=[@ANYBLOB="12010000000000406d0422c2000000000001090224000100000000090400000103000000092100000001220b0009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00\x00\v\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0) 5.591196795s ago: executing program 1 (id=829): r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) (fail_nth: 5) 5.227855074s ago: executing program 1 (id=832): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000008085000000040000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000019c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) prlimit64(0x0, 0x3, &(0x7f0000000140), 0x0) execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=[&(0x7f0000000340)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\f\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00', &(0x7f0000002300)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cd\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\x120\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00\xd2\x06\x11r+h&\xd3\xc2\xbc\x1ba', &(0x7f0000000c40)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00', &(0x7f00000010c0)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00', &(0x7f0000001540)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00'], &(0x7f0000000180)=[&(0x7f0000001e80)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00', &(0x7f0000002780)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\f\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00']) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r4, 0x0) sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f0000000a00)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000009c0)={&(0x7f00000007c0)={0x1e0, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xf0}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x101}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x10}]}, @TIPC_NLA_BEARER={0x4}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x80}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xc13}, @TIPC_NLA_NET_ID={0x8}]}, @TIPC_NLA_PUBL={0x4}, @TIPC_NLA_SOCK={0x68, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8000}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfff}]}, @TIPC_NLA_LINK={0x98, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x20000010}, 0x90) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001140)={[{@abort}]}, 0x25, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_WANTACK(r5, 0x0, 0x0, &(0x7f0000000240), 0x4) 4.314188098s ago: executing program 1 (id=838): syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x0, 0xfaa3, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x34}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) connect$netlink(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x9, 0x3, 0x9, 0x408, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x9}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() setrlimit(0xf, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prlimit64(r1, 0x2, &(0x7f0000000000)={0x64, 0x6}, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000080)=0x4) 3.644328423s ago: executing program 3 (id=844): r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000540)='./bus/file0\x00', 0x10, &(0x7f0000000400)={[{@data_ordered}]}, 0x1, 0x7b9, &(0x7f00000029c0)="$eJzs3c1rXOUaAPDnTD5v2nuTCxdue1eBCxoonZgaWwUXFRciWCjo2jZMpqFmkimZSWlCIC0iuBG0uBB007UfdefWj63+C+pCRFqqpsWKCxk5k5lm0kySaT4mrfn94Ezed8578pxnzpn3vDPnMCeAfWswfchEHI6It5OI/trzSUR0VUudESeX291dWsilUxKVysu/JNU2d5YWctGwTOpArXIoIr58I+JIsjZuaW5+cqxQyM/U6sPlqQvDpbn5o+enxibyE/np4yOjo8dOPHWiZ+dy/e2b+YM333nh8U9O/vH6f6+/9VUSJ+NgbV5jHjtlMAZrr0lX+hKu8vxOB9tjTTYxj4BMRHQsv8vjcPRHR7XUmtZbAgAPk8WIqAAA+0zi+A8A+0z9e4A7Swu5dKos7u33Ee1267mI6F3Ov35+c3lOZ+2cXW/1PGjfnWTV+Y4kIgZ2IP5gRHzw2asfpVPs0nlIgGYuX4mIswOD9f5/pf9J1lyzsKz1CzKeaKHN4H31WvzvWw4CbNnn6fjn6ZXx38r7P3Nv/BNNxj89Td67WzEY0d1YXzv+ydzYgTDrSsd/z3ZFd6Rjv8piw/gvU28y0FGr/bM65utKzp0v5NO+7V8RMRRdPWl9ZIMYQ7f/vL3qiY6VYuP479err32Yxk//rrTI3Oi8r8sdHyuPbTfvultXIv7XuXJt3901/X9vdazbbPx7usUYLz7z5vvrzUvzT/OtT6vz3/2ryirXIh6L5vnXJRtdn3h8uLo7DNd3iiY+/eG9vvXiN27/dErj1z8LtEO6/fs2zn8gabxes/TgMb6+1v/FevM2z7/5/t+dvFIt1zuPS2Pl8sxIRHfy0trnj60sW6/X26f5D/2/Wf6ZDff/9DPh2Rbz77z588dbz393pfmPP9D2f/DC9buTHevFb237j1ZLQ9XHtNfdvP9rdQW39+oBAAAAAAAAAAAAAAAAAAAAAAAAQGsyEXEwkkz2XjmTyWaX7+H9n+jLFIql8pFzxdnp8ajeK3sgujL1n7rsb/g91JHa7+HX68fuqz8ZEf+OiHd7/lGtZ3PFwvheJw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANQfWuf9/6qeevV47AGDX9G7a4na+LSsCALTN5sd/AODvZqvH/8s7vB4AQPtsfvyvVCqLbVkVAKBNfP8PAPuP4z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC77PSpU+lU+X1pIZfWxy/OzU4WLx4dz5cms1OzuWyuOHMhO1EsThTy2VxxqmHRb5v9v0KxeGE0pmcvDZfzpfJwaW7+zFRxdrp85vzU2ET+TL6rbZkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOtKc/OTY4VCfmZLhWR7iytspVDpX950D8v67H7hx6PfHdqozdVt7sYKTQp73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBr+CgAA//8miyuY") r1 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000001c0)={'team_slave_1\x00', &(0x7f00000000c0)=@ethtool_drvinfo={0x23, "d4b9ecf53baff2954a9bd852c567b6e40a24e61fd5c4c152d589dd9c4198287f", "cf37e66d77260be3cf72b29e66f34694b39987739f509a1ee60640054785ff14", "5e4d2b1cb5512bbc6886dbc5ba606f4e325ab26400ce196f29c83ecc769b1d63", "c945f5a959732c70d0bb6a001f1496c9fca8230d9fe805bbb9454ef5cba3d376", "f95f163f2685cf8423b7fab56b8f388f63ad2f17ded6064bdb0cdce432750ba0", "b130d1198c7e42d05543c737"}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000007fc0)='./bus\x00', 0x60142, 0x0) open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02}, 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, 0x0, &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x90) openat$full(0xffffffffffffff9c, &(0x7f0000001780), 0x20100, 0x0) r5 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r5, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x70, 0x13, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xe80}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x11}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) r6 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r6, 0x0, 0x0) sendmmsg$unix(r4, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000a40)}, {0x0}, {&(0x7f0000000b00)="6455089ab9075e64c4bedb2b941533bc71ec4be38eeb5e2e6c9ecdda0c6ed7bd4706c3fb85575d0034077bb770e214219d50542e7e671050c17a8022b175ce074558fe4e94f15f588cb4a56928bae16bd7f992b843c5011456ed86b60133edc2903c9f6bdf9a3620f7577841abe2e06fef85eb3ee0091a527f0977e3ba534f7fa31caf7465d30df85587b36f219c23d089bbff7e259bffa1157b2393f0a3cd0a5bd97fadc821f659", 0xa8}, {&(0x7f0000000bc0)="148187735e85181ef5b798e0e0df3f67ae40874566271a94a4c5672cb6b12c53f6d38fb1e5b243e0fa875e9e3d66ab33a3f9738fb48c072d1f50e59e4dbc9e920775d2900835f91f3629cd853370b1f5ac1978d3d610b0a8332a25389244c9c5165173bf18e89b7e8be9507774d8824a1a61b29a1b8081c0ea1dd6a0d3d4e8e8a11debfa97f12b69736819fffc7f3b", 0x8f}], 0x5, &(0x7f00000012c0)=ANY=[@ANYBLOB="28000000000000000100000001000000b5376e51ab324160b1445009bfc3f82936bb8364a6e2f1156c4edfa76c8fd8a62c975d37d61c58094e0f4f8a9c48d4e621360d15ca9ab3e8ffa4ab41ed51e8cda603426f09bdeed81216d158e19abc17785c9854077c81c9", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES16, @ANYBLOB="000012001c000000000400fa0000", @ANYRESHEX, @ANYBLOB="00000000280000000100cc8d26e9ce24e5c36be347000001000000", @ANYRESOCT=r2, @ANYRES32=r5, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r6], 0xa8, 0x40040}}], 0x1, 0x4000) openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/fscaps', 0x200, 0x54) r7 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c0000001200010000000000000000000a000000000000000101000004000000000000000000000000000000001d0346a7c0f7fafa62090100000000000080000000", @ANYRES32=0x0, @ANYBLOB="01000000fcffffff0000000000000000"], 0x4c}}, 0x0) ioctl$sock_SIOCSIFBR(r5, 0x8941, &(0x7f0000000680)=@get={0x1, &(0x7f0000000000)=""/12, 0x9}) r8 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x168, 0x10, 0x190, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {}, 0x3a}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@common=@icmp6={{0x28}, {0x0, 'K\r'}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) 3.606720726s ago: executing program 0 (id=846): socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@bloom_filter={0x1e, 0x80, 0x0, 0x6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2}, 0x48) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) nanosleep(&(0x7f0000000080), 0x0) r5 = socket$inet6(0xa, 0x3, 0x2) setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f00000001c0)="0022040000ffffebfffffffeffffff0706000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e", 0x116) setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x8) write$binfmt_aout(r5, 0x0, 0x0) inotify_init1(0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000001a80)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa011eee65624aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006e0400000000000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df745986d96cc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f6"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r6}, 0x10) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@clear_death, @request_death], 0x0, 0x0, 0x0}) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x800090, &(0x7f0000008740)={[{@shortname_winnt}, {@uni_xlate}, {@shortname_win95}, {@numtail}, {@shortname_mixed}, {@utf8no}, {@uni_xlate}, {@fat=@uid}, {@fat=@check_strict}, {@uni_xlate}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@fat=@codepage={'codepage', 0x3d, '869'}}, {@rodir}, {@utf8}, {@fat=@dmask={'dmask', 0x3d, 0x40}}, {@uni_xlateno}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@shortname_lower}, {@nonumtail}, {@shortname_win95}, {@rodir}, {@utf8no}, {@nonumtail}, {@shortname_lower}, {@shortname_mixed}, {@utf8}], [{@appraise}, {@context={'context', 0x3d, 'system_u'}}]}, 0x6, 0x2d3, &(0x7f0000000a40)="$eJzs3b1rJGUYAPBnNrMfarFbWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2ES4Q8QPXq8TOxtK/QBD8Q2zsLAVbwc4IgZGZncl+ZNhsJBvx8vsVyZuZ55n3ed+ZJNPkyQcvTw4fZvH46Re/Ra+XRGvYjThJYhCtqH0VS4bfBgDwf3aS5/FnPtNw+tdv1uT2tlgXALA9F/z+r6TlxwdFxE/XVxsAsB33H7z79t7+/t13sqwX9yZfH4+SiCg+z87vPY6PYhyP4nb04zSifFFoR/m2UAzv5Xk+TbPCIF6bTI9HRebk/Z+r6+/9EVHm70Y/BuWhs7eNMv+t/bu72cxC/rSo4/lq/mGRfyf68eJZ8lL+nYb8GHXi9VcX6r8V/fjlw/g4xvGwLGKe/+Vulr2Zf/fX5+8V5RX5yfR41C3j5vKdevLpNd8jAAAAAAAAAAAAAAAAAAAAAACePbeq3jndKPv3FIeq/js7p8UX7chqg+X+PLP8pL7QvD9QtPI8n+bxfd1f53aWZXkVOM9P46W0aiwIAAAAAAAAAAAAAAAAAAAAN9zRp58dHozHj55cyaDuBpBGxN/3I/7tdYYLR16J9cHdas6D8bhVDZdj0sUjsVPHJBFryygWcUXbctHguXM1V4MffmzMKlZ0lEbTqd7Fk7ab57rk4JP2bB8bY+qn6/Agad7D7lnxveLGxeqN60Tz7O1YOdKp7+dqcP0obracTuOp/qW3pfNCOZiuiYlk3ffFG78vLSeJleBO2XGjMb1dDZp2Y/ZsbPQ8R2+Wfv5nRaJbBwAAAAAAAAAAAAAAAAAAbNX8r38bTj5dm9rKu1srCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu1fz//28ySJeTN8jqxJOj/2ptAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Bz/BAAA//8a6VGq") r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) copy_file_range(r7, 0x0, 0xffffffffffffffff, &(0x7f00000000c0)=0x10000, 0x0, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x1}) creat(&(0x7f0000000300)='./file0\x00', 0x0) 3.525012683s ago: executing program 2 (id=849): bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000680)='./file2\x00', 0x800000, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f757365725f78617474722c666c7573685f6d657267652c6673796e635f6d6f64653d706f7369782c64697361626c655f6578745f6964656e746966792c6261636b67726f756e645f67633d73796e632c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6e6f696e6c696e655f646174612c6e6f626172726965722c71756f74612c6261636b67726f756e645f67633d6f66662c6e6f61636c2c6e6f657874656e745f63616368652c6e6f646973636172642c6163746976655f6c6f67733d342c00e62bc03000c35169ed09803fa1bee488c680f339e530b5e8ad120a2b4f078093a8e0ba2b3d1b5fe99356b80a454c1ec2f8e12392bbffe9fae2fa05e18a6b61f5eded2e484f574d2757a5fe762c770477aa3460313ee54451c6a6159eca600d6c85a8c09cef9996dc851a5f5edf1a4a22576c6dfe6b9e8dade2d3a8e6a8c7710733c1f69aabd8880291"], 0x1, 0x5504, &(0x7f000000c0c0)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qls/QGma2O3vB5Nn5p03zzxvKIVnJiQA59Z8+vOPSbgRroQQZkMI10Mo9pNyK6zH8Fx5buaxLSnHfx+4GEK4GkK4MUoecyblqU9vD2+t/fDGT199c+nCtc++/HZ6qwam7fkQQncn7u93Y8xbMT4sx+vDdhG7q8MyxhPdR+VxHuN+tlVk2K8fzasXcaUV5+c7e/1R3O7UG6PYam8X4zu9eMH+sHWUp3jDw/pucdzMtorY7udFbB3Gug4O4/+2w/4g5mmW+T4o0ofB4CjG8ewgi+vZeVTERm9Qjse8eTM7GMVhGcvLhUbeaRZ1bJ3kk/5/e7Pd2ztIh9luv5330rVq7YVq7U6ltps3s0G2Wql3m3dW04VWZzStMsjq3fVWnrc6WbWRdxfThVajUanV0oW72Va73ktrtepKdamytlju3U5fvf9O2mmmC6P4cru3N2h3+ul2vpvGdyymy9WVFxfTW7X0rY3NdPPBvXsbm2+/d/fd+y9tvP5KOekvZaULy0vLy5XaUmW5tniO1v9RWfQY1w8nkky7AICz57/2/zf1/8AYnF7/v/sghNPv/4P+fyzOVP973vv/U1g/nIj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3Ppu7vPXip35eHytHH+qHHqmPE5CCDMhhF//xmy4eCznbJln7h/mz/2phq+TUGQYXeNSuV0NIayX2y9Pn/anAAAAAE+uLz68+Uns1uPL/LQLYpLiTZuZ6++PKV8SQpib/35M2WZGL8+OKVnx930hHIwpW3ED6/KYksVbbhfGle1fmT0WLj8WkhhmJloOAAAwEcc7gcl2IQAAAEzSx9MugOlIwtGjzKNnwcU37/94IHjl2BEAAABwBiXTLgAAAAA4dUX/7/f/AAAA4MkWf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5j535yUgfiOID/WuiD9y+PvLj3Ku7gGB7BpUvDAbwER8AreAHPgDuPYMDQqUQU3XRKI/l8kjJMQ77MELqY3yQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpsVrO7m7Ob9vmrDft5JkNAAAAcMiqWs7qN5PU/93c/9vc+t/0i4goI+LQ2n0QP/YyB01O9cnnq3djuI+oE7bfMWquXxFx0VzP/7r+FQAAAOB0PcwX07RaTy+TvgfEMaWiTfnnMlNeERHV5ClTWrnNO8sUVv+/h3GdKa0uYI0zhaWS2zBX2kcHouvHfVe1G79pitSUX0dmmzsAAHBEg72mw1UIAAAAPbvqewD0o4jXrczdVuAoNc323s+9HgAAAPANFX0PAAAAAOhcvf53/h8AAACctnT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aVctZNV9M2+asN+3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALywP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/uzs7WVsUYJYeIKHjQi023tbU38aAED/4JQki3NXbrjzYHW4qQizfJuRfRo4igxFv/h55b6KXeesihghcvlTc/kmkMuFo7s20+H3jzvjsZ3vu+GQj5zkwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNr2u7txljZzZdyv9t28d3U19bf29Mn1zduLqaW412bSj4eXmx96C90lAgAAwMGR1fV9RNzJt5ZT358r6v+8PibV/N89W8Z1Pb+37q/7uvZP7ddf7r64M9FcOU8a9OzaZHzs76kMHt0qZ9tz/3jEoDjzxb2XrLgg/Q82XtjOi/PZ++bGjfeGRXiojWwBgP/iaN1XQf33UOpHXSYGwIExaBTedf2fzXWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAbtjfi6TruRcTiYDdObt27urpff33z9mLdTl27ttkcMw2RR8TZtcn4WItrmXWXLl85vzKZjC+2H7wSEV3N/k61/PMfTXFwRCfnR/A/Bf3qYs9KPg8T5NVaHv1cHf1CAgDgiZVXLdX1d/Kt5bSvNx9x//sH6//XG3FMWf/f/fjUzeZczfp/1NoKZ9/S+oXPly5dvvLm2oWVc+Nz40/fOj56e3Ti9MmTp5eKeyVL7pgAAADwcIZVa9b/wz3HpJ8dacQxZf3/xbejr5rjZOr/fe0+9Os6EwAAgIPt+Vf/+L23z/7ecBhfrqyvXxyV253Px8ttB6n+a4eq1qz/s/muswIAAADasL3Re+D9/zONOKZ8/v/MDy/91Bwzi4jD1fP/o6ufTc60t5yZ1sa/Lne9RgAAALp1uGrN5//5fKr/+zuvPPQj4o3Xyrj6GsCp6v/s/a9/bM7VfP//RHtLnEn9hfJ8FP1CxGCh64wAAAB4Uv15P+KpKFsq9n/Lt5Y/+fnIh0Pv/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC07a8AAAD//3npOno=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x800003d, 0x7ff) write$binfmt_script(r0, &(0x7f00000000c0), 0xb) lseek(r0, 0x0, 0x3) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) write$cgroup_int(r6, &(0x7f0000000100), 0x1001) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310000951000000950074000000000031fb0d3a4231020004399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b62ac5ea9fca11027d19e93adb604a7d3deb92de3141e8ed7ac5b8902070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c4f67581c92ef8a7e8ece17d5f5b169391ef409c39c263895739e3d702c128b35d5fc23469240c61e150e2bae385f9ac9b03c22b0f7050c166b835298c5911f1053a723aee89051c24e1900ab97fa52d2e06dce0248a829ed46a520db4c1432080bbf707ad2f8af8118ee7d434a960ed6be4455ba57cb06459b64689e77ce95823a5533f5b11118906fd2fc29b3697c637d3693d4b4aade6f9202e6cfa6d7507f88af38b6109ad8f82b1d600a5447831df835d7000000218b0222004f98a7a0caddc397d8414be912b4e7536fefd951fe23a56fbf9fc643c6604268b5ccc13b996aaed0a6f6470566c8f534e5d486b2141646b35fd4472be8195fd917446a8abb1c2cd5dc09e2d75ec00ede2841e497d5178cf9445c7bb11f3c5cfdcae8c476d3fb75cac727143f92798a44864b49366b6cf228d9bc1d99ab2104e3c2e17ec46fbce102c158ff3748f1eb90b83d8be0dfcefbeed222009b41ad34d8656daf41e23322e58d91811feffc39ec11b11cc611f6fbfd999c3bef10caa2e8692259d40d69ed3d85ec2813b007b8ce6384a28798f445ad7fc451865fe45a06977f7a785f8e97544aad1f844f2a4799944e0daf6d4c3a7d30b7d89781ca607048c50945c45d5a6f2c5145416176fd64c559e6a272b92c92052a9005aaa25d09613aba2e7d429ae40c249e7996e4bc213c24699889ea320c40f32dcdaa19893e17c57d7e8c51d5f320d99e8c2521c339c33bf6c41fde029061c088"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$SIOCSIFHWADDR(r6, 0x4030582b, 0x0) 3.244381916s ago: executing program 1 (id=851): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000001780)={0x2c, 0x0, &(0x7f00000014c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0) 2.765614014s ago: executing program 3 (id=852): openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2a) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='mm_page_alloc\x00', r0}, 0x10) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000002180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000700)=ANY=[@ANYBLOB="3801"], 0x138) mount$9p_fd(0xfeff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) 2.70400802s ago: executing program 3 (id=853): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='leases_conflict\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) close(0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = memfd_create(&(0x7f0000000200)='\f\x8b\x8a\xa9\x16\x11O\xdd\xdfk(F\x99\xdf\x9a\xd5>oJ\x02u\x9b\x94a\xac\xfe6A\xc4\a\x9e\xbd\xa2\xfb\rD\xefq\x1f!\x01\xc3\xa5U\x98\xee\xcd;A\xe8\x00~V\xbf\xd4\x00\xd2,7\xa0\xfd7\xe8\xf9M\x02\xec\f3\xd4\xb8\xc3\x85\xda\xeb\xce7y%S\x1e\xa9\xe9\x92!\x95\xf1Ek\x95\x9bQ\x1d\xa4\xc2\xbb\xfa\x96\x14\x7f\xb9\x90\x9cn\xb5\x10\xd2\x84\xe9\x9e1\x9a\x9e\xa7\x9e\xcd\x1a\x86\x14%\xbaS\x90\xb1j\xf9\x00\xd7@D\x04\xaa\xb55\xd8x?z\xff\x85j3\xbe\axo\x05)\xcc\xcd\x9b\xb3\xe7w\x0e\x9f\xd3\aU\xf0M\xc1\xad\x17t\xeb\x1b\x11m\xec\x00\x00\x00\x00R\xb6v\x88\a\x82\x9e\x00\x00\x00\x10\x00\x00\x00\xa6!\xb3\xa8\xe7[&\x165\x84\xce\xa5\xc4wT\xf2E\tj\x92G\x14\x04\x93\xa4\xba\xcb\xce\"Y\xd68\xeb\x01\xc9/\x19\x85\xc6\x8do\xcb\x17\xb5\xffW\xe6\x8a\xfb\a\xf6', 0x2) r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0) syz_usb_control_io$hid(r8, 0x0, 0x0) syz_usb_control_io$hid(r8, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00220f000000079b4d3948b30577f5d20b6d1fa40d90f253ae9b32baf5fb52b7da4bb97c928a095c48025801c5209c4b657395bdc0ef65f0821b0db516818e4cb498b6635f61a262ea432f24a3318825e7709c8cdc1260290f895c7192c821c61cf12ab1743321e12622ed1ee87ced4a96311543484be194003f851ad47609ac9c4a46d7a9e677f94b39cf932b0ed31a5fc7a7b340a9d3cb5abb6e00005776719733f70a4690e937a928f95f8061c2e85d1b829926b5b3d70583047cfbbe774362d40a0e295d45f5840b48a0e72909d2ec68fca9f280cd2837abd3fa28a165bd28e3c7875f906f0077f1a89003"], 0x0}, 0x0) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xffffffffffffffa3, &(0x7f00000009c0)={&(0x7f0000000a00)={0x38, 0x0, 0x100, 0x70bdaa, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xfffa}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x5}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x1, 0x695}}, @NL80211_ATTR_STA_WME={0x0, 0x81, [@NL80211_STA_WME_MAX_SP={0x0, 0x2, 0x7}, @NL80211_STA_WME_MAX_SP={0x0, 0x2, 0x7f}, @NL80211_STA_WME_MAX_SP={0x0, 0x2, 0x38}, @NL80211_STA_WME_UAPSD_QUEUES={0x0, 0x1, 0x1}, @NL80211_STA_WME_MAX_SP={0x0, 0x2, 0x1f}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4044050}, 0x40010) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000800)=ANY=[@ANYBLOB="980000000b060101000000000000000002000009100008800c000780060005404e24000064ffffffff00028008000900ffffffff06001df9ce40000400000800064000000004060005404e200000eaff1c40000000070900130073797a32000000001400170070696d3672656730000000000000bf20cc76460877ac947b14001700626f6e645f736c6176655f3100000000100007360c00194000000000000000090601dfd7365053a686dd467fd7fc2cc7b22bb7614176b6d64d39463ad9ce6a64a3566e264d3ee9da2d4bef7308190737128b3418805d643f0000000000000000000000b9b753d578057b258a79b7c1b2a3ee0b6c86d78c253f470eca2bad508735696f190601e3b27bc1183eed8c17c0fc1667af00b33a4758d1afcfa01988a9d663dca17cf8b8c99df6fb0463e473d7dad4f05811cda47e"], 0x98}, 0x1, 0x0, 0x0, 0x80}, 0x2) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@getnetconf={0x14, 0x52, 0x0, 0x2, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40000000) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xffffffef, &(0x7f0000000300)={&(0x7f0000001bc0)=ANY=[@ANYBLOB="8400000010001fff000002ee0000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000885203005c0012800b000100697036746e6c00004c00028006000f000000000014000300fc0000000000000000000000000000000400130008000100", @ANYRES32=r9, @ANYBLOB="0400130014000200fe8000000000000000090000200010bb050009002900000008000a00", @ANYRES32=r9, @ANYBLOB], 0x84}}, 0x4000080) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @loopback}, @FOU_ATTR_IFINDEX={0x8, 0xb, r9}]}, 0x24}, 0x1, 0x0, 0x0, 0x40080a1}, 0xc000) write$binfmt_misc(r7, &(0x7f0000000340)=ANY=[@ANYRESDEC=r4, @ANYRESDEC=r6, @ANYRES8=r8, @ANYRES8=r1], 0xff9d) sendfile(r5, r7, &(0x7f0000000100), 0x2) fcntl$addseals(r7, 0x409, 0x8) fchown(r7, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) socket$packet(0x11, 0xa, 0x300) r10 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r10, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r10, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r10, &(0x7f0000007fc0), 0x800001d, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[], 0x0) 2.69549046s ago: executing program 0 (id=854): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) 2.675952992s ago: executing program 2 (id=855): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="060000005ed2b8346a8f450018cee4d3b7f083205199e111b7da", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000300)={&(0x7f0000000400)=@deltclass={0x30, 0x29, 0x10, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x1, 0xa}, {0x6, 0x10}, {0x9, 0xffe0}}, [@tclass_kind_options=@c_skbprio={0xc}]}, 0x30}}, 0x0) r3 = getpid() r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x10, 0x0, 0x2}]}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) r7 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r7, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfb, 0x80000}, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000500)='mm_lru_insertion\x00'}, 0x10) capget(&(0x7f0000000200)={0x20080522}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) 2.659805993s ago: executing program 0 (id=856): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640), 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10) getrusage(0x0, &(0x7f00000006c0)) 2.516220745s ago: executing program 0 (id=857): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000c80)=ANY=[@ANYBLOB="12010000000000406d0422c2000000000001090224000100000000090400000103000000092100000001220b0009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00\x00\v\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0) 2.100277889s ago: executing program 4 (id=861): openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2a) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='mm_page_alloc\x00', r0}, 0x10) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000002180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000700)=ANY=[@ANYBLOB="3801"], 0x138) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 9) 1.799880333s ago: executing program 4 (id=862): r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000540)='./bus/file0\x00', 0x10, &(0x7f0000000400)={[{@data_ordered}]}, 0x1, 0x7b9, &(0x7f00000029c0)="$eJzs3c1rXOUaAPDnTD5v2nuTCxdue1eBCxoonZgaWwUXFRciWCjo2jZMpqFmkimZSWlCIC0iuBG0uBB007UfdefWj63+C+pCRFqqpsWKCxk5k5lm0kySaT4mrfn94Ezed8578pxnzpn3vDPnMCeAfWswfchEHI6It5OI/trzSUR0VUudESeX291dWsilUxKVysu/JNU2d5YWctGwTOpArXIoIr58I+JIsjZuaW5+cqxQyM/U6sPlqQvDpbn5o+enxibyE/np4yOjo8dOPHWiZ+dy/e2b+YM333nh8U9O/vH6f6+/9VUSJ+NgbV5jHjtlMAZrr0lX+hKu8vxOB9tjTTYxj4BMRHQsv8vjcPRHR7XUmtZbAgAPk8WIqAAA+0zi+A8A+0z9e4A7Swu5dKos7u33Ee1267mI6F3Ov35+c3lOZ+2cXW/1PGjfnWTV+Y4kIgZ2IP5gRHzw2asfpVPs0nlIgGYuX4mIswOD9f5/pf9J1lyzsKz1CzKeaKHN4H31WvzvWw4CbNnn6fjn6ZXx38r7P3Nv/BNNxj89Td67WzEY0d1YXzv+ydzYgTDrSsd/z3ZFd6Rjv8piw/gvU28y0FGr/bM65utKzp0v5NO+7V8RMRRdPWl9ZIMYQ7f/vL3qiY6VYuP479err32Yxk//rrTI3Oi8r8sdHyuPbTfvultXIv7XuXJt3901/X9vdazbbPx7usUYLz7z5vvrzUvzT/OtT6vz3/2ryirXIh6L5vnXJRtdn3h8uLo7DNd3iiY+/eG9vvXiN27/dErj1z8LtEO6/fs2zn8gabxes/TgMb6+1v/FevM2z7/5/t+dvFIt1zuPS2Pl8sxIRHfy0trnj60sW6/X26f5D/2/Wf6ZDff/9DPh2Rbz77z588dbz393pfmPP9D2f/DC9buTHevFb237j1ZLQ9XHtNfdvP9rdQW39+oBAAAAAAAAAAAAAAAAAAAAAAAAQGsyEXEwkkz2XjmTyWaX7+H9n+jLFIql8pFzxdnp8ajeK3sgujL1n7rsb/g91JHa7+HX68fuqz8ZEf+OiHd7/lGtZ3PFwvheJw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANQfWuf9/6qeevV47AGDX9G7a4na+LSsCALTN5sd/AODvZqvH/8s7vB4AQPtsfvyvVCqLbVkVAKBNfP8PAPuP4z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC77PSpU+lU+X1pIZfWxy/OzU4WLx4dz5cms1OzuWyuOHMhO1EsThTy2VxxqmHRb5v9v0KxeGE0pmcvDZfzpfJwaW7+zFRxdrp85vzU2ET+TL6rbZkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOtKc/OTY4VCfmZLhWR7iytspVDpX950D8v67H7hx6PfHdqozdVt7sYKTQp73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBr+CgAA//8miyuY") r1 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000001c0)={'team_slave_1\x00', &(0x7f00000000c0)=@ethtool_drvinfo={0x23, "d4b9ecf53baff2954a9bd852c567b6e40a24e61fd5c4c152d589dd9c4198287f", "cf37e66d77260be3cf72b29e66f34694b39987739f509a1ee60640054785ff14", "5e4d2b1cb5512bbc6886dbc5ba606f4e325ab26400ce196f29c83ecc769b1d63", "c945f5a959732c70d0bb6a001f1496c9fca8230d9fe805bbb9454ef5cba3d376", "f95f163f2685cf8423b7fab56b8f388f63ad2f17ded6064bdb0cdce432750ba0", "b130d1198c7e42d05543c737"}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000007fc0)='./bus\x00', 0x60142, 0x0) open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02}, 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, 0x0, &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x90) openat$full(0xffffffffffffff9c, &(0x7f0000001780), 0x20100, 0x0) r5 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r5, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x70, 0x13, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xe80}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x11}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) r6 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r6, 0x0, 0x0) sendmmsg$unix(r4, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000a40)}, {0x0}, {&(0x7f0000000b00)="6455089ab9075e64c4bedb2b941533bc71ec4be38eeb5e2e6c9ecdda0c6ed7bd4706c3fb85575d0034077bb770e214219d50542e7e671050c17a8022b175ce074558fe4e94f15f588cb4a56928bae16bd7f992b843c5011456ed86b60133edc2903c9f6bdf9a3620f7577841abe2e06fef85eb3ee0091a527f0977e3ba534f7fa31caf7465d30df85587b36f219c23d089bbff7e259bffa1157b2393f0a3cd0a5bd97fadc821f659", 0xa8}, {&(0x7f0000000bc0)="148187735e85181ef5b798e0e0df3f67ae40874566271a94a4c5672cb6b12c53f6d38fb1e5b243e0fa875e9e3d66ab33a3f9738fb48c072d1f50e59e4dbc9e920775d2900835f91f3629cd853370b1f5ac1978d3d610b0a8332a25389244c9c5165173bf18e89b7e8be9507774d8824a1a61b29a1b8081c0ea1dd6a0d3d4e8e8a11debfa97f12b69736819fffc7f3b", 0x8f}], 0x5, &(0x7f00000012c0)=ANY=[@ANYBLOB="28000000000000000100000001000000b5376e51ab324160b1445009bfc3f82936bb8364a6e2f1156c4edfa76c8fd8a62c975d37d61c58094e0f4f8a9c48d4e621360d15ca9ab3e8ffa4ab41ed51e8cda603426f09bdeed81216d158e19abc17785c9854077c81c9", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES16, @ANYBLOB="000012001c000000000400fa0000", @ANYRESHEX, @ANYBLOB="00000000280000000100cc8d26e9ce24e5c36be347000001000000", @ANYRESOCT=r2, @ANYRES32=r5, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r6], 0xa8, 0x40040}}], 0x1, 0x4000) openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/fscaps', 0x200, 0x54) r7 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c0000001200010000000000000000000a000000000000000101000004000000000000000000000000000000001d0346a7c0f7fafa62090100000000000080000000", @ANYRES32=0x0, @ANYBLOB="01000000fcffffff0000000000000000"], 0x4c}}, 0x0) ioctl$sock_SIOCSIFBR(r5, 0x8941, &(0x7f0000000680)=@get={0x1, &(0x7f0000000000)=""/12, 0x9}) r8 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x168, 0x10, 0x190, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {}, 0x3a}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@common=@icmp6={{0x28}, {0x0, 'K\r'}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) 1.799039413s ago: executing program 2 (id=863): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) socket$packet(0x11, 0x0, 0x300) socket$packet(0x11, 0xa, 0x300) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[], 0x0) (fail_nth: 3) 1.417018434s ago: executing program 2 (id=864): openat$selinux_checkreqprot(0xffffffffffffff9c, 0x0, 0x80400, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x3804c80, &(0x7f0000000000)={[{@orlov}, {@errors_remount}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00'}, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r3}, 0x10) mkdir(0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000040)='cpuset.cpus\x00', 0x2, 0x0) sendfile(r7, r7, 0x0, 0x9c) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x400, &(0x7f0000000340)=ANY=[@ANYBLOB="4e69643d4807dc4a5330283702c7362626a9f3ef9c714dbbae1ed5c954e97dc2151a795cb1a0897fa292d5b6eff1ad916323b3221fa41f10e0c57ee02729bb67dd64670b0100301363fffba80344250c992cc92ca8ca4e188e5f820a4431c4c87f7d92ac02df2719cf8dc0", @ANYRESHEX=0xee01, @ANYBLOB=',shortname=win9H,uni_xlate=1,showexec,utf8=1,nonumtail=0,rodir,nfs,uni_xlate=1,\x00'], 0x0, 0x23f, &(0x7f0000000f80)="$eJzs3EGLG2UYB/DHbe1ut7TZgwgK4ote9DJ04ycI0oIYUNZG1IMwdScaMiZLJqxExPbm1c9RPHoT1C+wF2/eve1F8NKDGGmSbTc1Iop13Ob3g/A+w5s/PEMm4ZlAcvzOlx/3u1XWzcexsZViI+J23I3YuVctPLFYN2b1hfnB5ny5HS9f+uXH5956973XW+32tb2UrrduvNJMKV15/ttPPvvqhe/Hl97++so3m3G08/7xz82fjp4+eub4txsf9arUq9JgOE55ujkcjvObZZH2e1U/S+nNssirIvUGVTFa2u+Ww4ODScoH+5e3D0ZFVaV8MEn9YpLGwzQeTVL+Yd4bpCzL0uXt4K907uzt5a26u+DRGo1a+bmIuPiHnc6dWhoCAGr1j+f/BfP/WWb+Xwf35v/txft3mfkfAAAAAAAAAAAAAADOgrvTaWM6nTZO1pPHZkRsRcTJcd198mh4/dfbqR/ubUWUXxx2Djvzdb7f6kYvyijiajTi19n1sDCvr7/WvnY1zezEd+WtRf7WYefccn43GrGzOr87z6fl/JOxfTrfjEY8tTrfXJm/EC+9eCqfRSN++CCGUcb+7Lp+kP98N6VX32g/lL84ex4AAAA8DrJ038r79yz7s/15/m98P/DQ/fX5ePZ8vecOAAAA66KafNrPy7IYKRQKxf2i7k8mAADg3/Zg6K+7EwAAAAAAAAAAAAAAAAAAAFhf/8XfidV9jgAAAAAAAAAAAAAAAAAAAAAAAPB/8XsAAAD//+25MAc=") r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r8, &(0x7f0000000300), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r8, 0x0) 1.403310815s ago: executing program 4 (id=865): socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@bloom_filter={0x1e, 0x80, 0x0, 0x6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2}, 0x48) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) nanosleep(&(0x7f0000000080), 0x0) r5 = socket$inet6(0xa, 0x3, 0x2) setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f00000001c0)="0022040000ffffebfffffffeffffff0706000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e", 0x116) setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x8) write$binfmt_aout(r5, 0x0, 0x0) inotify_init1(0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000001a80)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa011eee65624aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006e0400000000000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df745986d96cc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f6"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r6}, 0x10) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@clear_death, @request_death], 0x0, 0x0, 0x0}) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x800090, &(0x7f0000008740)={[{@shortname_winnt}, {@uni_xlate}, {@shortname_win95}, {@numtail}, {@shortname_mixed}, {@utf8no}, {@uni_xlate}, {@fat=@uid}, {@fat=@check_strict}, {@uni_xlate}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@fat=@codepage={'codepage', 0x3d, '869'}}, {@rodir}, {@utf8}, {@fat=@dmask={'dmask', 0x3d, 0x40}}, {@uni_xlateno}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@shortname_lower}, {@nonumtail}, {@shortname_win95}, {@rodir}, {@utf8no}, {@nonumtail}, {@shortname_lower}, {@shortname_mixed}, {@utf8}], [{@appraise}, {@context={'context', 0x3d, 'system_u'}}]}, 0x6, 0x2d3, &(0x7f0000000a40)="$eJzs3b1rJGUYAPBnNrMfarFbWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2ES4Q8QPXq8TOxtK/QBD8Q2zsLAVbwc4IgZGZncl+ZNhsJBvx8vsVyZuZ55n3ed+ZJNPkyQcvTw4fZvH46Re/Ra+XRGvYjThJYhCtqH0VS4bfBgDwf3aS5/FnPtNw+tdv1uT2tlgXALA9F/z+r6TlxwdFxE/XVxsAsB33H7z79t7+/t13sqwX9yZfH4+SiCg+z87vPY6PYhyP4nb04zSifFFoR/m2UAzv5Xk+TbPCIF6bTI9HRebk/Z+r6+/9EVHm70Y/BuWhs7eNMv+t/bu72cxC/rSo4/lq/mGRfyf68eJZ8lL+nYb8GHXi9VcX6r8V/fjlw/g4xvGwLGKe/+Vulr2Zf/fX5+8V5RX5yfR41C3j5vKdevLpNd8jAAAAAAAAAAAAAAAAAAAAAACePbeq3jndKPv3FIeq/js7p8UX7chqg+X+PLP8pL7QvD9QtPI8n+bxfd1f53aWZXkVOM9P46W0aiwIAAAAAAAAAAAAAAAAAAAAN9zRp58dHozHj55cyaDuBpBGxN/3I/7tdYYLR16J9cHdas6D8bhVDZdj0sUjsVPHJBFryygWcUXbctHguXM1V4MffmzMKlZ0lEbTqd7Fk7ab57rk4JP2bB8bY+qn6/Agad7D7lnxveLGxeqN60Tz7O1YOdKp7+dqcP0obracTuOp/qW3pfNCOZiuiYlk3ffFG78vLSeJleBO2XGjMb1dDZp2Y/ZsbPQ8R2+Wfv5nRaJbBwAAAAAAAAAAAAAAAAAAbNX8r38bTj5dm9rKu1srCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu1fz//28ySJeTN8jqxJOj/2ptAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Bz/BAAA//8a6VGq") r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) copy_file_range(r7, 0x0, 0xffffffffffffffff, &(0x7f00000000c0)=0x10000, 0x0, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x1}) creat(&(0x7f0000000300)='./file0\x00', 0x0) 529.719417ms ago: executing program 2 (id=866): bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000680)='./file2\x00', 0x800000, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f757365725f78617474722c666c7573685f6d657267652c6673796e635f6d6f64653d706f7369782c64697361626c655f6578745f6964656e746966792c6261636b67726f756e645f67633d73796e632c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6e6f696e6c696e655f646174612c6e6f626172726965722c71756f74612c6261636b67726f756e645f67633d6f66662c6e6f61636c2c6e6f657874656e745f63616368652c6e6f646973636172642c6163746976655f6c6f67733d342c00e62bc03000c35169ed09803fa1bee488c680f339e530b5e8ad120a2b4f078093a8e0ba2b3d1b5fe99356b80a454c1ec2f8e12392bbffe9fae2fa05e18a6b61f5eded2e484f574d2757a5fe762c770477aa3460313ee54451c6a6159eca600d6c85a8c09cef9996dc851a5f5edf1a4a22576c6dfe6b9e8dade2d3a8e6a8c7710733c1f69aabd8880291"], 0x1, 0x5504, &(0x7f000000c0c0)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qls/QGma2O3vB5Nn5p03zzxvKIVnJiQA59Z8+vOPSbgRroQQZkMI10Mo9pNyK6zH8Fx5buaxLSnHfx+4GEK4GkK4MUoecyblqU9vD2+t/fDGT199c+nCtc++/HZ6qwam7fkQQncn7u93Y8xbMT4sx+vDdhG7q8MyxhPdR+VxHuN+tlVk2K8fzasXcaUV5+c7e/1R3O7UG6PYam8X4zu9eMH+sHWUp3jDw/pucdzMtorY7udFbB3Gug4O4/+2w/4g5mmW+T4o0ofB4CjG8ewgi+vZeVTERm9Qjse8eTM7GMVhGcvLhUbeaRZ1bJ3kk/5/e7Pd2ztIh9luv5330rVq7YVq7U6ltps3s0G2Wql3m3dW04VWZzStMsjq3fVWnrc6WbWRdxfThVajUanV0oW72Va73ktrtepKdamytlju3U5fvf9O2mmmC6P4cru3N2h3+ul2vpvGdyymy9WVFxfTW7X0rY3NdPPBvXsbm2+/d/fd+y9tvP5KOekvZaULy0vLy5XaUmW5tniO1v9RWfQY1w8nkky7AICz57/2/zf1/8AYnF7/v/sghNPv/4P+fyzOVP973vv/U1g/nIj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3Ppu7vPXip35eHytHH+qHHqmPE5CCDMhhF//xmy4eCznbJln7h/mz/2phq+TUGQYXeNSuV0NIayX2y9Pn/anAAAAAE+uLz68+Uns1uPL/LQLYpLiTZuZ6++PKV8SQpib/35M2WZGL8+OKVnx930hHIwpW3ED6/KYksVbbhfGle1fmT0WLj8WkhhmJloOAAAwEcc7gcl2IQAAAEzSx9MugOlIwtGjzKNnwcU37/94IHjl2BEAAABwBiXTLgAAAAA4dUX/7/f/AAAA4MkWf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5j535yUgfiOID/WuiD9y+PvLj3Ku7gGB7BpUvDAbwER8AreAHPgDuPYMDQqUQU3XRKI/l8kjJMQ77MELqY3yQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpsVrO7m7Ob9vmrDft5JkNAAAAcMiqWs7qN5PU/93c/9vc+t/0i4goI+LQ2n0QP/YyB01O9cnnq3djuI+oE7bfMWquXxFx0VzP/7r+FQAAAOB0PcwX07RaTy+TvgfEMaWiTfnnMlNeERHV5ClTWrnNO8sUVv+/h3GdKa0uYI0zhaWS2zBX2kcHouvHfVe1G79pitSUX0dmmzsAAHBEg72mw1UIAAAAPbvqewD0o4jXrczdVuAoNc323s+9HgAAAPANFX0PAAAAAOhcvf53/h8AAACctnT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aVctZNV9M2+asN+3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALywP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/uzs7WVsUYJYeIKHjQi023tbU38aAED/4JQki3NXbrjzYHW4qQizfJuRfRo4igxFv/h55b6KXeesihghcvlTc/kmkMuFo7s20+H3jzvjsZ3vu+GQj5zkwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNr2u7txljZzZdyv9t28d3U19bf29Mn1zduLqaW412bSj4eXmx96C90lAgAAwMGR1fV9RNzJt5ZT358r6v+8PibV/N89W8Z1Pb+37q/7uvZP7ddf7r64M9FcOU8a9OzaZHzs76kMHt0qZ9tz/3jEoDjzxb2XrLgg/Q82XtjOi/PZ++bGjfeGRXiojWwBgP/iaN1XQf33UOpHXSYGwIExaBTedf2fzXWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAbtjfi6TruRcTiYDdObt27urpff33z9mLdTl27ttkcMw2RR8TZtcn4WItrmXWXLl85vzKZjC+2H7wSEV3N/k61/PMfTXFwRCfnR/A/Bf3qYs9KPg8T5NVaHv1cHf1CAgDgiZVXLdX1d/Kt5bSvNx9x//sH6//XG3FMWf/f/fjUzeZczfp/1NoKZ9/S+oXPly5dvvLm2oWVc+Nz40/fOj56e3Ti9MmTp5eKeyVL7pgAAADwcIZVa9b/wz3HpJ8dacQxZf3/xbejr5rjZOr/fe0+9Os6EwAAgIPt+Vf/+L23z/7ecBhfrqyvXxyV253Px8ttB6n+a4eq1qz/s/muswIAAADasL3Re+D9/zONOKZ8/v/MDy/91Bwzi4jD1fP/o6ufTc60t5yZ1sa/Lne9RgAAALp1uGrN5//5fKr/+zuvPPQj4o3Xyrj6GsCp6v/s/a9/bM7VfP//RHtLnEn9hfJ8FP1CxGCh64wAAAB4Uv15P+KpKFsq9n/Lt5Y/+fnIh0Pv/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC07a8AAAD//3npOno=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x800003d, 0x7ff) write$binfmt_script(r0, &(0x7f00000000c0), 0xb) lseek(r0, 0x0, 0x3) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) write$cgroup_int(r6, &(0x7f0000000100), 0x1001) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310000951000000950074000000000031fb0d3a4231020004399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b62ac5ea9fca11027d19e93adb604a7d3deb92de3141e8ed7ac5b8902070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c4f67581c92ef8a7e8ece17d5f5b169391ef409c39c263895739e3d702c128b35d5fc23469240c61e150e2bae385f9ac9b03c22b0f7050c166b835298c5911f1053a723aee89051c24e1900ab97fa52d2e06dce0248a829ed46a520db4c1432080bbf707ad2f8af8118ee7d434a960ed6be4455ba57cb06459b64689e77ce95823a5533f5b11118906fd2fc29b3697c637d3693d4b4aade6f9202e6cfa6d7507f88af38b6109ad8f82b1d600a5447831df835d7000000218b0222004f98a7a0caddc397d8414be912b4e7536fefd951fe23a56fbf9fc643c6604268b5ccc13b996aaed0a6f6470566c8f534e5d486b2141646b35fd4472be8195fd917446a8abb1c2cd5dc09e2d75ec00ede2841e497d5178cf9445c7bb11f3c5cfdcae8c476d3fb75cac727143f92798a44864b49366b6cf228d9bc1d99ab2104e3c2e17ec46fbce102c158ff3748f1eb90b83d8be0dfcefbeed222009b41ad34d8656daf41e23322e58d91811feffc39ec11b11cc611f6fbfd999c3bef10caa2e8692259d40d69ed3d85ec2813b007b8ce6384a28798f445ad7fc451865fe45a06977f7a785f8e97544aad1f844f2a4799944e0daf6d4c3a7d30b7d89781ca607048c50945c45d5a6f2c5145416176fd64c559e6a272b92c92052a9005aaa25d09613aba2e7d429ae40c249e7996e4bc213c24699889ea320c40f32dcdaa19893e17c57d7e8c51d5f320d99e8c2521c339c33bf6c41fde029061c088"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$SIOCSIFHWADDR(r6, 0x4030582b, 0x0) 529.146697ms ago: executing program 4 (id=867): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) 479.445571ms ago: executing program 4 (id=868): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640), 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10) getrusage(0x0, &(0x7f00000006c0)) 360.223631ms ago: executing program 4 (id=869): bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000680)='./file2\x00', 0x800000, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f757365725f78617474722c666c7573685f6d657267652c6673796e635f6d6f64653d706f7369782c64697361626c655f6578745f6964656e746966792c6261636b67726f756e645f67633d73796e632c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6e6f696e6c696e655f646174612c6e6f626172726965722c71756f74612c6261636b67726f756e645f67633d6f66662c6e6f61636c2c6e6f657874656e745f63616368652c6e6f646973636172642c6163746976655f6c6f67733d342c00e62bc03000c35169ed09803fa1bee488c680f339e530b5e8ad120a2b4f078093a8e0ba2b3d1b5fe99356b80a454c1ec2f8e12392bbffe9fae2fa05e18a6b61f5eded2e484f574d2757a5fe762c770477aa3460313ee54451c6a6159eca600d6c85a8c09cef9996dc851a5f5edf1a4a22576c6dfe6b9e8dade2d3a8e6a8c7710733c1f69aabd8880291"], 0x1, 0x5504, &(0x7f000000c0c0)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qls/QGma2O3vB5Nn5p03zzxvKIVnJiQA59Z8+vOPSbgRroQQZkMI10Mo9pNyK6zH8Fx5buaxLSnHfx+4GEK4GkK4MUoecyblqU9vD2+t/fDGT199c+nCtc++/HZ6qwam7fkQQncn7u93Y8xbMT4sx+vDdhG7q8MyxhPdR+VxHuN+tlVk2K8fzasXcaUV5+c7e/1R3O7UG6PYam8X4zu9eMH+sHWUp3jDw/pucdzMtorY7udFbB3Gug4O4/+2w/4g5mmW+T4o0ofB4CjG8ewgi+vZeVTERm9Qjse8eTM7GMVhGcvLhUbeaRZ1bJ3kk/5/e7Pd2ztIh9luv5330rVq7YVq7U6ltps3s0G2Wql3m3dW04VWZzStMsjq3fVWnrc6WbWRdxfThVajUanV0oW72Va73ktrtepKdamytlju3U5fvf9O2mmmC6P4cru3N2h3+ul2vpvGdyymy9WVFxfTW7X0rY3NdPPBvXsbm2+/d/fd+y9tvP5KOekvZaULy0vLy5XaUmW5tniO1v9RWfQY1w8nkky7AICz57/2/zf1/8AYnF7/v/sghNPv/4P+fyzOVP973vv/U1g/nIj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3Ppu7vPXip35eHytHH+qHHqmPE5CCDMhhF//xmy4eCznbJln7h/mz/2phq+TUGQYXeNSuV0NIayX2y9Pn/anAAAAAE+uLz68+Uns1uPL/LQLYpLiTZuZ6++PKV8SQpib/35M2WZGL8+OKVnx930hHIwpW3ED6/KYksVbbhfGle1fmT0WLj8WkhhmJloOAAAwEcc7gcl2IQAAAEzSx9MugOlIwtGjzKNnwcU37/94IHjl2BEAAABwBiXTLgAAAAA4dUX/7/f/AAAA4MkWf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5j535yUgfiOID/WuiD9y+PvLj3Ku7gGB7BpUvDAbwER8AreAHPgDuPYMDQqUQU3XRKI/l8kjJMQ77MELqY3yQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpsVrO7m7Ob9vmrDft5JkNAAAAcMiqWs7qN5PU/93c/9vc+t/0i4goI+LQ2n0QP/YyB01O9cnnq3djuI+oE7bfMWquXxFx0VzP/7r+FQAAAOB0PcwX07RaTy+TvgfEMaWiTfnnMlNeERHV5ClTWrnNO8sUVv+/h3GdKa0uYI0zhaWS2zBX2kcHouvHfVe1G79pitSUX0dmmzsAAHBEg72mw1UIAAAAPbvqewD0o4jXrczdVuAoNc323s+9HgAAAPANFX0PAAAAAOhcvf53/h8AAACctnT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aVctZNV9M2+asN+3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALywP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/uzs7WVsUYJYeIKHjQi023tbU38aAED/4JQki3NXbrjzYHW4qQizfJuRfRo4igxFv/h55b6KXeesihghcvlTc/kmkMuFo7s20+H3jzvjsZ3vu+GQj5zkwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNr2u7txljZzZdyv9t28d3U19bf29Mn1zduLqaW412bSj4eXmx96C90lAgAAwMGR1fV9RNzJt5ZT358r6v+8PibV/N89W8Z1Pb+37q/7uvZP7ddf7r64M9FcOU8a9OzaZHzs76kMHt0qZ9tz/3jEoDjzxb2XrLgg/Q82XtjOi/PZ++bGjfeGRXiojWwBgP/iaN1XQf33UOpHXSYGwIExaBTedf2fzXWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAbtjfi6TruRcTiYDdObt27urpff33z9mLdTl27ttkcMw2RR8TZtcn4WItrmXWXLl85vzKZjC+2H7wSEV3N/k61/PMfTXFwRCfnR/A/Bf3qYs9KPg8T5NVaHv1cHf1CAgDgiZVXLdX1d/Kt5bSvNx9x//sH6//XG3FMWf/f/fjUzeZczfp/1NoKZ9/S+oXPly5dvvLm2oWVc+Nz40/fOj56e3Ti9MmTp5eKeyVL7pgAAADwcIZVa9b/wz3HpJ8dacQxZf3/xbejr5rjZOr/fe0+9Os6EwAAgIPt+Vf/+L23z/7ecBhfrqyvXxyV253Px8ttB6n+a4eq1qz/s/muswIAAADasL3Re+D9/zONOKZ8/v/MDy/91Bwzi4jD1fP/o6ufTc60t5yZ1sa/Lne9RgAAALp1uGrN5//5fKr/+zuvPPQj4o3Xyrj6GsCp6v/s/a9/bM7VfP//RHtLnEn9hfJ8FP1CxGCh64wAAAB4Uv15P+KpKFsq9n/Lt5Y/+fnIh0Pv/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC07a8AAAD//3npOno=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x800003d, 0x7ff) write$binfmt_script(r0, &(0x7f00000000c0), 0xb) lseek(r0, 0x0, 0x3) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) write$cgroup_int(r6, &(0x7f0000000100), 0x1001) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310000951000000950074000000000031fb0d3a4231020004399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b62ac5ea9fca11027d19e93adb604a7d3deb92de3141e8ed7ac5b8902070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c4f67581c92ef8a7e8ece17d5f5b169391ef409c39c263895739e3d702c128b35d5fc23469240c61e150e2bae385f9ac9b03c22b0f7050c166b835298c5911f1053a723aee89051c24e1900ab97fa52d2e06dce0248a829ed46a520db4c1432080bbf707ad2f8af8118ee7d434a960ed6be4455ba57cb06459b64689e77ce95823a5533f5b11118906fd2fc29b3697c637d3693d4b4aade6f9202e6cfa6d7507f88af38b6109ad8f82b1d600a5447831df835d7000000218b0222004f98a7a0caddc397d8414be912b4e7536fefd951fe23a56fbf9fc643c6604268b5ccc13b996aaed0a6f6470566c8f534e5d486b2141646b35fd4472be8195fd917446a8abb1c2cd5dc09e2d75ec00ede2841e497d5178cf9445c7bb11f3c5cfdcae8c476d3fb75cac727143f92798a44864b49366b6cf228d9bc1d99ab2104e3c2e17ec46fbce102c158ff3748f1eb90b83d8be0dfcefbeed222009b41ad34d8656daf41e23322e58d91811feffc39ec11b11cc611f6fbfd999c3bef10caa2e8692259d40d69ed3d85ec2813b007b8ce6384a28798f445ad7fc451865fe45a06977f7a785f8e97544aad1f844f2a4799944e0daf6d4c3a7d30b7d89781ca607048c50945c45d5a6f2c5145416176fd64c559e6a272b92c92052a9005aaa25d09613aba2e7d429ae40c249e7996e4bc213c24699889ea320c40f32dcdaa19893e17c57d7e8c51d5f320d99e8c2521c339c33bf6c41fde029061c088"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$SIOCSIFHWADDR(r6, 0x4030582b, 0x0) 359.900091ms ago: executing program 3 (id=870): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) getrusage(0x0, 0x0) 345.744282ms ago: executing program 3 (id=871): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x90) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10) getrusage(0x0, &(0x7f00000006c0)) 260.090989ms ago: executing program 1 (id=872): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, 0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)}, 0x20) r2 = openat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x41000, 0x1, 0x1}, 0x18) r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xa, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe}, [@exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @jmp={0x5, 0x1, 0xc, 0x5, 0x0, 0x1, 0x1a}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0xb2, &(0x7f0000000380)=""/178, 0x40f00, 0x60, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f00000004c0)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000500)={0x0, 0x6, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000540)=[r0, r0, r0, r0, r3, r0, r0, r0, r0], 0x0, 0x10, 0x7}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) inotify_init1(0x0) 194.081324ms ago: executing program 1 (id=873): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYRESOCT], &(0x7f0000000200)='GPL\x00', 0x100000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f00000000c0)={[{@grpid}, {@grpquota}, {@grpid}, {@errors_remount}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x6, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) fchdir(r6) close(r6) fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r7}, 0x10) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r8}, 0x10) write$cgroup_subtree(r3, &(0x7f00000003c0)=ANY=[], 0x7) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) syz_usb_connect$cdc_ncm(0x0, 0x86, &(0x7f00000006c0)=ANY=[@ANYBLOB="1201100302000010"], 0x0) r9 = syz_open_dev$usbfs(&(0x7f0000000000), 0x71, 0x2081) ioctl$USBDEVFS_CONTROL(r9, 0xc0185500, &(0x7f0000000340)={0x80, 0x6, 0x301, 0x0, 0x0, 0x0, 0x0}) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) 193.761734ms ago: executing program 3 (id=874): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x0, &(0x7f0000000000/0x400000)=nil) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r7}, 0x10) r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r9 = dup(r8) syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='kmem_cache_free\x00', r10}, 0x10) r11 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) writev(r11, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1) write$cgroup_pid(r11, &(0x7f00000031c0), 0x12) ioctl$KVM_RUN(r8, 0xae80, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r13 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r13, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2000f4ff680000040000000000000000000000000700000008000a0000000000"], 0x20}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r12, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) 0s ago: executing program 2 (id=875): r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000540)='./bus/file0\x00', 0x10, &(0x7f0000000400)={[{@data_ordered}]}, 0x1, 0x7b9, &(0x7f00000029c0)="$eJzs3c1rXOUaAPDnTD5v2nuTCxdue1eBCxoonZgaWwUXFRciWCjo2jZMpqFmkimZSWlCIC0iuBG0uBB007UfdefWj63+C+pCRFqqpsWKCxk5k5lm0kySaT4mrfn94Ezed8578pxnzpn3vDPnMCeAfWswfchEHI6It5OI/trzSUR0VUudESeX291dWsilUxKVysu/JNU2d5YWctGwTOpArXIoIr58I+JIsjZuaW5+cqxQyM/U6sPlqQvDpbn5o+enxibyE/np4yOjo8dOPHWiZ+dy/e2b+YM333nh8U9O/vH6f6+/9VUSJ+NgbV5jHjtlMAZrr0lX+hKu8vxOB9tjTTYxj4BMRHQsv8vjcPRHR7XUmtZbAgAPk8WIqAAA+0zi+A8A+0z9e4A7Swu5dKos7u33Ee1267mI6F3Ov35+c3lOZ+2cXW/1PGjfnWTV+Y4kIgZ2IP5gRHzw2asfpVPs0nlIgGYuX4mIswOD9f5/pf9J1lyzsKz1CzKeaKHN4H31WvzvWw4CbNnn6fjn6ZXx38r7P3Nv/BNNxj89Td67WzEY0d1YXzv+ydzYgTDrSsd/z3ZFd6Rjv8piw/gvU28y0FGr/bM65utKzp0v5NO+7V8RMRRdPWl9ZIMYQ7f/vL3qiY6VYuP479err32Yxk//rrTI3Oi8r8sdHyuPbTfvultXIv7XuXJt3901/X9vdazbbPx7usUYLz7z5vvrzUvzT/OtT6vz3/2ryirXIh6L5vnXJRtdn3h8uLo7DNd3iiY+/eG9vvXiN27/dErj1z8LtEO6/fs2zn8gabxes/TgMb6+1v/FevM2z7/5/t+dvFIt1zuPS2Pl8sxIRHfy0trnj60sW6/X26f5D/2/Wf6ZDff/9DPh2Rbz77z588dbz393pfmPP9D2f/DC9buTHevFb237j1ZLQ9XHtNfdvP9rdQW39+oBAAAAAAAAAAAAAAAAAAAAAAAAQGsyEXEwkkz2XjmTyWaX7+H9n+jLFIql8pFzxdnp8ajeK3sgujL1n7rsb/g91JHa7+HX68fuqz8ZEf+OiHd7/lGtZ3PFwvheJw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANQfWuf9/6qeevV47AGDX9G7a4na+LSsCALTN5sd/AODvZqvH/8s7vB4AQPtsfvyvVCqLbVkVAKBNfP8PAPuP4z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC77PSpU+lU+X1pIZfWxy/OzU4WLx4dz5cms1OzuWyuOHMhO1EsThTy2VxxqmHRb5v9v0KxeGE0pmcvDZfzpfJwaW7+zFRxdrp85vzU2ET+TL6rbZkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOtKc/OTY4VCfmZLhWR7iytspVDpX950D8v67H7hx6PfHdqozdVt7sYKTQp73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBr+CgAA//8miyuY") r1 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000001c0)={'team_slave_1\x00', &(0x7f00000000c0)=@ethtool_drvinfo={0x23, "d4b9ecf53baff2954a9bd852c567b6e40a24e61fd5c4c152d589dd9c4198287f", "cf37e66d77260be3cf72b29e66f34694b39987739f509a1ee60640054785ff14", "5e4d2b1cb5512bbc6886dbc5ba606f4e325ab26400ce196f29c83ecc769b1d63", "c945f5a959732c70d0bb6a001f1496c9fca8230d9fe805bbb9454ef5cba3d376", "f95f163f2685cf8423b7fab56b8f388f63ad2f17ded6064bdb0cdce432750ba0", "b130d1198c7e42d05543c737"}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000007fc0)='./bus\x00', 0x60142, 0x0) open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02}, 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, 0x0, &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x90) openat$full(0xffffffffffffff9c, &(0x7f0000001780), 0x20100, 0x0) r5 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r5, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x70, 0x13, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xe80}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x11}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) r6 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r6, 0x0, 0x0) sendmmsg$unix(r4, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000a40)}, {0x0}, {&(0x7f0000000b00)="6455089ab9075e64c4bedb2b941533bc71ec4be38eeb5e2e6c9ecdda0c6ed7bd4706c3fb85575d0034077bb770e214219d50542e7e671050c17a8022b175ce074558fe4e94f15f588cb4a56928bae16bd7f992b843c5011456ed86b60133edc2903c9f6bdf9a3620f7577841abe2e06fef85eb3ee0091a527f0977e3ba534f7fa31caf7465d30df85587b36f219c23d089bbff7e259bffa1157b2393f0a3cd0a5bd97fadc821f659", 0xa8}, {&(0x7f0000000bc0)="148187735e85181ef5b798e0e0df3f67ae40874566271a94a4c5672cb6b12c53f6d38fb1e5b243e0fa875e9e3d66ab33a3f9738fb48c072d1f50e59e4dbc9e920775d2900835f91f3629cd853370b1f5ac1978d3d610b0a8332a25389244c9c5165173bf18e89b7e8be9507774d8824a1a61b29a1b8081c0ea1dd6a0d3d4e8e8a11debfa97f12b69736819fffc7f3b", 0x8f}], 0x5, &(0x7f00000012c0)=ANY=[@ANYBLOB="28000000000000000100000001000000b5376e51ab324160b1445009bfc3f82936bb8364a6e2f1156c4edfa76c8fd8a62c975d37d61c58094e0f4f8a9c48d4e621360d15ca9ab3e8ffa4ab41ed51e8cda603426f09bdeed81216d158e19abc17785c9854077c81c9", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYBLOB="000012001c000000000400fa000000", @ANYRESHEX, @ANYBLOB="00000000280000000100cc8d26e9ce24e5c36be347000001000000", @ANYRESOCT=r2, @ANYRES32=r5, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r6], 0xa8, 0x40040}}], 0x1, 0x4000) openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/fscaps', 0x200, 0x54) r7 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c0000001200010000000000000000000a000000000000000101000004000000000000000000000000000000001d0346a7c0f7fafa62090100000000000080000000", @ANYRES32=0x0, @ANYBLOB="01000000fcffffff0000000000000000"], 0x4c}}, 0x0) ioctl$sock_SIOCSIFBR(r5, 0x8941, &(0x7f0000000680)=@get={0x1, &(0x7f0000000000)=""/12, 0x9}) r8 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x168, 0x10, 0x190, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {}, 0x3a}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@common=@icmp6={{0x28}, {0x0, 'K\r'}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) kernel console output (not intermixed with test programs): ifferent from the descriptor's value: 0 [ 114.064906][ T519] usb 4-1: config 250 has no interface number 0 [ 114.071090][ T519] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 114.082530][ T519] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 114.092774][ T519] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid maxpacket 12592, setting to 1024 [ 114.104241][ T519] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 1024 [ 114.114557][ T519] usb 4-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 114.127847][ T519] usb 4-1: config 250 interface 228 has no altsetting 0 [ 114.295933][ T2115] loop0: detected capacity change from 0 to 128 [ 114.304061][ T2115] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 114.314600][ T519] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 114.314644][ T2115] ext4 filesystem being mounted at /112/mnt supports timestamps until 2038 (0x7fffffff) [ 114.323503][ T519] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 114.342450][ T519] usb 4-1: Product: syz [ 114.346562][ T519] usb 4-1: SerialNumber: syz [ 114.390006][ T519] hub 4-1:250.228: bad descriptor, ignoring hub [ 114.396266][ T519] hub: probe of 4-1:250.228 failed with error -5 [ 114.424253][ T1647] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 114.431912][ T39] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 114.586784][ T2128] loop0: detected capacity change from 0 to 2048 [ 114.600331][ T519] usblp 4-1:250.228: usblp0: USB Bidirectional printer dev 11 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 114.700301][ T2130] loop4: detected capacity change from 0 to 512 [ 114.800670][ T2130] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 114.809258][ T1647] usb 3-1: Using ep0 maxpacket: 8 [ 114.812094][ T2130] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038 (0x7fffffff) [ 114.902223][ T2135] xt_CT: No such helper "pptp" [ 114.929619][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 114.941093][ T1647] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 114.953014][ T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 114.969248][ C1] usblp0: nonzero read bulk status received: -71 [ 114.977032][ T1647] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.987961][ T1647] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 114.996943][ T39] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 115.006980][ T1647] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.014831][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.019308][ T432] usb 4-1: USB disconnect, device number 11 [ 115.029545][ T1647] usb 3-1: config 0 descriptor?? [ 115.034368][ T39] usb 2-1: config 0 descriptor?? [ 115.037014][ T432] usblp0: removed [ 115.406362][ T30] kauditd_printk_skb: 103 callbacks suppressed [ 115.406377][ T30] audit: type=1326 audit(2000000068.489:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 115.436032][ T30] audit: type=1326 audit(2000000068.489:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 115.460331][ T30] audit: type=1326 audit(2000000068.499:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 115.484078][ T30] audit: type=1326 audit(2000000068.499:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 115.520044][ T1647] kone 0003:1E7D:2CED.0015: collection stack underflow [ 115.529786][ T1647] kone 0003:1E7D:2CED.0015: item 0 1 0 12 parsing failed [ 115.533014][ T30] audit: type=1326 audit(2000000068.499:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 115.540086][ T39] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 115.571959][ T1647] kone 0003:1E7D:2CED.0015: parse failed [ 115.587923][ T1647] kone: probe of 0003:1E7D:2CED.0015 failed with error -22 [ 115.598006][ T39] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving [ 115.610517][ T30] audit: type=1326 audit(2000000068.499:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 115.639887][ T39] plantronics 0003:047F:FFFF.0016: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 115.659320][ T30] audit: type=1326 audit(2000000068.499:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 115.694855][ T2148] loop4: detected capacity change from 0 to 512 [ 115.709405][ T30] audit: type=1326 audit(2000000068.499:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 115.740436][ T432] usb 3-1: USB disconnect, device number 16 [ 115.754066][ T30] audit: type=1326 audit(2000000068.499:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 115.786515][ T519] usb 2-1: USB disconnect, device number 14 [ 115.795724][ T2143] loop0: detected capacity change from 0 to 40427 [ 115.803372][ T2148] EXT4-fs (loop4): 1 truncate cleaned up [ 115.803928][ T30] audit: type=1326 audit(2000000068.549:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 115.808922][ T2148] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,. Quota mode: none. [ 115.883178][ T2143] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 115.891203][ T2143] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 115.901617][ T2143] F2FS-fs (loop0): Found nat_bits in checkpoint [ 115.923551][ T2143] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 115.930476][ T2143] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 117.300688][ T2154] EXT4-fs (loop4): shut down requested (0) [ 117.328849][ T289] attempt to access beyond end of device [ 117.328849][ T289] loop0: rw=2049, want=45112, limit=40427 [ 117.474022][ T2164] loop3: detected capacity change from 0 to 512 [ 117.524184][ T2170] loop4: detected capacity change from 0 to 2048 [ 117.554296][ T2164] EXT4-fs (loop3): 1 truncate cleaned up [ 117.561112][ T2164] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 117.981969][ T1647] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 118.013637][ T2175] xt_CT: No such helper "pptp" [ 118.279848][ T1647] usb 2-1: Using ep0 maxpacket: 8 [ 118.451821][ T2192] FAULT_INJECTION: forcing a failure. [ 118.451821][ T2192] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 118.455661][ T1647] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 118.475367][ T2192] CPU: 0 PID: 2192 Comm: syz.0.483 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 118.475561][ T1647] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 118.485344][ T2192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 118.485360][ T2192] Call Trace: [ 118.485366][ T2192] [ 118.485373][ T2192] dump_stack_lvl+0x151/0x1b7 [ 118.485396][ T2192] ? io_uring_drop_tctx_refs+0x190/0x190 [ 118.485413][ T2192] ? kstrtouint_from_user+0x20a/0x2a0 [ 118.485431][ T2192] dump_stack+0x15/0x17 [ 118.485444][ T2192] should_fail+0x3c6/0x510 [ 118.495333][ T1647] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 118.504792][ T2192] should_fail_usercopy+0x1a/0x20 [ 118.504823][ T2192] _copy_to_user+0x20/0x90 [ 118.504835][ T2192] simple_read_from_buffer+0xc7/0x150 [ 118.504850][ T2192] proc_fail_nth_read+0x1a3/0x210 [ 118.504866][ T2192] ? proc_fault_inject_write+0x390/0x390 [ 118.508857][ T1647] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.510770][ T2192] ? fsnotify_perm+0x470/0x5d0 [ 118.510795][ T2192] ? security_file_permission+0x86/0xb0 [ 118.510810][ T2192] ? proc_fault_inject_write+0x390/0x390 [ 118.591236][ T2192] vfs_read+0x27d/0xd40 [ 118.595220][ T2192] ? kernel_read+0x1f0/0x1f0 [ 118.599732][ T2192] ? __kasan_check_write+0x14/0x20 [ 118.604679][ T2192] ? mutex_lock+0xb6/0x1e0 [ 118.608935][ T2192] ? wait_for_completion_killable_timeout+0x10/0x10 [ 118.615354][ T2192] ? __fdget_pos+0x2e7/0x3a0 [ 118.619780][ T2192] ? ksys_read+0x77/0x2c0 [ 118.623950][ T2192] ksys_read+0x199/0x2c0 [ 118.628038][ T2192] ? vfs_write+0x1110/0x1110 [ 118.632468][ T2192] ? debug_smp_processor_id+0x17/0x20 [ 118.637660][ T2192] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 118.643561][ T2192] __x64_sys_read+0x7b/0x90 [ 118.647900][ T2192] do_syscall_64+0x3d/0xb0 [ 118.652153][ T2192] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 118.657918][ T2192] RIP: 0033:0x7f731b6fa43c [ 118.662134][ T2192] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 118.681575][ T2192] RSP: 002b:00007f731a37b040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 118.689829][ T2192] RAX: ffffffffffffffda RBX: 00007f731b889f80 RCX: 00007f731b6fa43c [ 118.697724][ T2192] RDX: 000000000000000f RSI: 00007f731a37b0b0 RDI: 0000000000000004 [ 118.705541][ T2192] RBP: 00007f731a37b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 118.713345][ T2192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 118.721163][ T2192] R13: 000000000000000b R14: 00007f731b889f80 R15: 00007ffd10f5df18 [ 118.728983][ T2192] [ 118.807747][ T1647] usb 2-1: config 0 descriptor?? [ 118.894146][ T2198] loop0: detected capacity change from 0 to 256 [ 119.380146][ T1647] kone 0003:1E7D:2CED.0017: collection stack underflow [ 119.387722][ T1647] kone 0003:1E7D:2CED.0017: item 0 1 0 12 parsing failed [ 119.394919][ T1647] kone 0003:1E7D:2CED.0017: parse failed [ 119.409173][ T1647] kone: probe of 0003:1E7D:2CED.0017 failed with error -22 [ 119.602849][ T2203] loop3: detected capacity change from 0 to 40427 [ 119.728356][ T519] usb 2-1: USB disconnect, device number 15 [ 119.773934][ T2207] loop4: detected capacity change from 0 to 40427 [ 119.793794][ T2214] loop0: detected capacity change from 0 to 512 [ 119.802585][ T2203] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 119.809173][ T2203] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 119.819924][ T2203] F2FS-fs (loop3): Found nat_bits in checkpoint [ 119.827253][ T2207] F2FS-fs (loop4): Small segment_count (9 < 1 * 24) [ 119.833943][ T2207] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 119.860072][ T2207] F2FS-fs (loop4): Found nat_bits in checkpoint [ 119.897354][ T2214] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 119.908031][ T2207] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 119.908938][ T2214] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038 (0x7fffffff) [ 119.919664][ T2203] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 119.936567][ T2207] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 119.944461][ T2203] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 120.744450][ T291] attempt to access beyond end of device [ 120.744450][ T291] loop4: rw=2049, want=45112, limit=40427 [ 120.793148][ T30] kauditd_printk_skb: 48 callbacks suppressed [ 120.793162][ T30] audit: type=1326 audit(2000000073.879:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000 [ 120.908548][ T30] audit: type=1326 audit(2000000073.939:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000 [ 121.009205][ T30] audit: type=1326 audit(2000000073.939:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000 [ 121.105984][ T2239] loop1: detected capacity change from 0 to 512 [ 121.269804][ T30] audit: type=1326 audit(2000000073.939:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000 [ 121.300313][ T2239] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 121.311728][ T2239] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038 (0x7fffffff) [ 121.386351][ T30] audit: type=1326 audit(2000000073.939:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000 [ 121.413314][ T293] attempt to access beyond end of device [ 121.413314][ T293] loop3: rw=2049, want=45112, limit=40427 [ 121.455489][ T2229] loop0: detected capacity change from 0 to 40427 [ 121.463221][ T30] audit: type=1326 audit(2000000073.939:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000 [ 121.486392][ T30] audit: type=1326 audit(2000000073.939:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000 [ 121.509652][ T30] audit: type=1326 audit(2000000073.939:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000 [ 121.536264][ T2229] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 121.543068][ T2229] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 121.551283][ T30] audit: type=1326 audit(2000000073.939:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000 [ 121.574842][ T30] audit: type=1326 audit(2000000073.939:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000 [ 121.604668][ T2243] loop4: detected capacity change from 0 to 8192 [ 121.627397][ T2229] F2FS-fs (loop0): Found nat_bits in checkpoint [ 121.649647][ T2229] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 121.656527][ T2229] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 122.195609][ T289] attempt to access beyond end of device [ 122.195609][ T289] loop0: rw=2049, want=45112, limit=40427 [ 122.552717][ T2256] loop3: detected capacity change from 0 to 40427 [ 122.590327][ T2273] netlink: 4 bytes leftover after parsing attributes in process `syz.4.509'. [ 122.603464][ T2256] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 122.621085][ T2256] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 122.646737][ T2256] F2FS-fs (loop3): Found nat_bits in checkpoint [ 122.691226][ T2283] loop1: detected capacity change from 0 to 512 [ 122.695859][ T2256] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 122.705186][ T2256] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 122.769203][ T297] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 122.811103][ T2283] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 122.822591][ T2283] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038 (0x7fffffff) [ 122.832848][ T2285] loop4: detected capacity change from 0 to 40427 [ 122.952266][ T39] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 122.964610][ T2285] F2FS-fs (loop4): Small segment_count (9 < 1 * 24) [ 123.023235][ T2285] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 123.059873][ T2285] F2FS-fs (loop4): Found nat_bits in checkpoint [ 123.106560][ T293] attempt to access beyond end of device [ 123.106560][ T293] loop3: rw=2049, want=45112, limit=40427 [ 123.109743][ T2285] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 123.134715][ T2285] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 123.152944][ T297] usb 3-1: Using ep0 maxpacket: 8 [ 123.369471][ T39] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 123.380376][ T39] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 123.389622][ T39] usb 1-1: New USB device found, idVendor=056a, idProduct=0319, bcdDevice= 0.00 [ 123.398899][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.429367][ T2302] loop3: detected capacity change from 0 to 256 [ 123.447503][ T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 123.447791][ T39] usb 1-1: config 0 descriptor?? [ 123.458261][ T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 123.472556][ T297] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 123.481398][ T297] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.489933][ T297] usb 3-1: config 0 descriptor?? [ 123.550029][ T291] attempt to access beyond end of device [ 123.550029][ T291] loop4: rw=2049, want=45112, limit=40427 [ 123.824390][ T2313] loop3: detected capacity change from 0 to 512 [ 124.409515][ T2313] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 124.420962][ T2313] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038 (0x7fffffff) [ 124.494069][ T297] kone 0003:1E7D:2CED.0018: collection stack underflow [ 124.502978][ T297] kone 0003:1E7D:2CED.0018: item 0 1 0 12 parsing failed [ 124.510352][ T297] kone 0003:1E7D:2CED.0018: parse failed [ 124.515919][ T297] kone: probe of 0003:1E7D:2CED.0018 failed with error -22 [ 124.804577][ T2325] loop1: detected capacity change from 0 to 256 [ 124.997246][ T297] usb 3-1: USB disconnect, device number 17 [ 125.205514][ T2331] loop3: detected capacity change from 0 to 512 [ 125.381012][ T2331] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 125.383679][ T519] usb 1-1: USB disconnect, device number 15 [ 125.392532][ T2331] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038 (0x7fffffff) [ 125.523557][ T2348] loop4: detected capacity change from 0 to 512 [ 125.581285][ T2348] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 125.590556][ T2352] loop0: detected capacity change from 0 to 40427 [ 125.592735][ T2348] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038 (0x7fffffff) [ 125.630499][ T2352] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 125.641106][ T2352] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 125.666340][ T2352] F2FS-fs (loop0): Found nat_bits in checkpoint [ 125.709951][ T2352] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 125.716873][ T2352] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 126.414454][ T39] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 126.817298][ T289] attempt to access beyond end of device [ 126.817298][ T289] loop0: rw=2049, want=45112, limit=40427 [ 126.869374][ T30] kauditd_printk_skb: 88 callbacks suppressed [ 126.869388][ T30] audit: type=1326 audit(2000000079.959:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 126.908171][ T30] audit: type=1326 audit(2000000079.989:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 126.931791][ T30] audit: type=1326 audit(2000000079.989:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 126.989618][ T39] usb 2-1: Using ep0 maxpacket: 8 [ 126.995386][ T30] audit: type=1326 audit(2000000079.989:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 127.056630][ T2377] loop4: detected capacity change from 0 to 256 [ 127.132774][ T2378] loop3: detected capacity change from 0 to 512 [ 127.303409][ T30] audit: type=1326 audit(2000000079.989:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 127.379999][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.382087][ T30] audit: type=1326 audit(2000000079.989:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 127.407832][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.433712][ T39] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 127.446583][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.456230][ T2378] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 127.466253][ T39] usb 2-1: config 0 descriptor?? [ 127.467666][ T2378] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038 (0x7fffffff) [ 127.496936][ T30] audit: type=1326 audit(2000000079.989:1301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 127.520793][ T30] audit: type=1326 audit(2000000079.989:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 127.544099][ T30] audit: type=1326 audit(2000000079.989:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 127.567768][ T30] audit: type=1326 audit(2000000080.519:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 127.616504][ T2391] loop0: detected capacity change from 0 to 512 [ 127.661984][ T2391] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 127.714600][ T2391] EXT4-fs (loop0): journaled quota format not specified [ 128.083142][ T2408] loop4: detected capacity change from 0 to 512 [ 128.130181][ T39] kone 0003:1E7D:2CED.0019: collection stack underflow [ 128.159244][ T372] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 128.198492][ T39] kone 0003:1E7D:2CED.0019: item 0 1 0 12 parsing failed [ 128.226581][ T2408] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 128.238477][ T2408] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038 (0x7fffffff) [ 128.266528][ T39] kone 0003:1E7D:2CED.0019: parse failed [ 128.272313][ T39] kone: probe of 0003:1E7D:2CED.0019 failed with error -22 [ 128.330778][ T310] usb 2-1: USB disconnect, device number 16 [ 128.333509][ T2403] loop3: detected capacity change from 0 to 40427 [ 128.429558][ T2403] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 128.436085][ T2403] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 128.459319][ T2403] F2FS-fs (loop3): Found nat_bits in checkpoint [ 128.483320][ T2414] loop0: detected capacity change from 0 to 256 [ 128.506624][ T2403] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 128.513640][ T2403] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 129.204209][ T372] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 129.226567][ T372] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 129.236035][ T372] usb 3-1: New USB device found, idVendor=056a, idProduct=0319, bcdDevice= 0.00 [ 129.245170][ T372] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.418274][ T2421] device syzkaller0 entered promiscuous mode [ 129.447407][ T372] usb 3-1: config 0 descriptor?? [ 129.454135][ T293] attempt to access beyond end of device [ 129.454135][ T293] loop3: rw=2049, want=45112, limit=40427 [ 129.676833][ T2447] loop1: detected capacity change from 0 to 512 [ 129.739389][ T2449] loop4: detected capacity change from 0 to 256 [ 129.860555][ T2450] loop0: detected capacity change from 0 to 512 [ 130.014620][ T2447] EXT4-fs (loop1): Test dummy encryption mode enabled [ 130.063534][ T1647] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 130.079183][ T2450] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 130.090618][ T2450] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038 (0x7fffffff) [ 130.093290][ T2447] EXT4-fs error (device loop1): __ext4_iget:4892: inode #11: block 1: comm syz.1.557: invalid block [ 130.111236][ T2447] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.557: couldn't read orphan inode 11 (err -117) [ 130.123664][ T2447] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none. [ 130.171544][ T2447] 9pnet: Insufficient options for proto=fd [ 130.217215][ T2457] loop1: detected capacity change from 0 to 256 [ 130.339241][ T1647] usb 4-1: device descriptor read/64, error -71 [ 130.640228][ T2464] loop0: detected capacity change from 0 to 40427 [ 130.719522][ T2464] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 130.726076][ T2464] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 130.734291][ T1647] usb 4-1: device descriptor read/64, error -71 [ 130.736369][ T2464] F2FS-fs (loop0): Found nat_bits in checkpoint [ 130.740432][ T39] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 130.765958][ T2464] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 130.772894][ T2464] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 131.019218][ T39] usb 5-1: Using ep0 maxpacket: 8 [ 131.029229][ T1647] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 131.179311][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 131.191477][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 131.201346][ T39] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 131.210719][ T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.222545][ T39] usb 5-1: config 0 descriptor?? [ 131.260427][ T2485] loop1: detected capacity change from 0 to 256 [ 131.365706][ T1647] usb 4-1: device descriptor read/64, error -71 [ 131.409003][ T289] attempt to access beyond end of device [ 131.409003][ T289] loop0: rw=2049, want=45112, limit=40427 [ 131.644736][ T297] usb 3-1: USB disconnect, device number 18 [ 131.750230][ T39] kone 0003:1E7D:2CED.001A: collection stack underflow [ 131.756965][ T39] kone 0003:1E7D:2CED.001A: item 0 1 0 12 parsing failed [ 131.763970][ T39] kone 0003:1E7D:2CED.001A: parse failed [ 131.769538][ T39] kone: probe of 0003:1E7D:2CED.001A failed with error -22 [ 131.806795][ T2493] loop0: detected capacity change from 0 to 256 [ 131.819259][ T1647] usb 4-1: device descriptor read/64, error -71 [ 131.939291][ T1647] usb usb4-port1: attempt power cycle [ 131.951891][ T297] usb 5-1: USB disconnect, device number 13 [ 132.312403][ T2497] loop1: detected capacity change from 0 to 512 [ 132.400930][ T2497] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 132.412611][ T2497] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038 (0x7fffffff) [ 132.537651][ T30] kauditd_printk_skb: 155 callbacks suppressed [ 132.537666][ T30] audit: type=1326 audit(2000000085.619:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 132.554614][ T1647] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 132.574469][ T30] audit: type=1326 audit(2000000085.659:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 132.597959][ T30] audit: type=1326 audit(2000000085.659:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 132.621750][ T30] audit: type=1326 audit(2000000085.659:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 132.645526][ T30] audit: type=1326 audit(2000000085.659:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 132.756483][ T30] audit: type=1326 audit(2000000085.659:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 132.780112][ T30] audit: type=1326 audit(2000000085.669:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 132.803970][ T1647] usb 4-1: device descriptor read/8, error -71 [ 132.810234][ T30] audit: type=1326 audit(2000000085.669:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 132.833917][ T30] audit: type=1326 audit(2000000085.759:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 132.857726][ T30] audit: type=1326 audit(2000000085.759:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 132.861958][ T2526] loop3: detected capacity change from 0 to 256 [ 132.984680][ T2529] loop0: detected capacity change from 0 to 512 [ 133.039212][ T1647] usb 4-1: device descriptor read/8, error -71 [ 133.241600][ T2529] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 133.253075][ T2529] ext4 filesystem being mounted at /137/file0 supports timestamps until 2038 (0x7fffffff) [ 133.299249][ T297] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 133.533301][ T2558] loop1: detected capacity change from 0 to 512 [ 133.619193][ T310] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 133.640433][ T2558] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 133.652027][ T2558] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038 (0x7fffffff) [ 133.669233][ T297] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 133.682089][ T297] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 133.691095][ T297] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.728829][ T297] usb 5-1: config 0 descriptor?? [ 133.771257][ T297] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 133.788413][ T2568] loop3: detected capacity change from 0 to 512 [ 133.860753][ T2568] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 133.872188][ T2568] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038 (0x7fffffff) [ 133.889194][ T310] usb 1-1: Using ep0 maxpacket: 8 [ 134.019252][ T310] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 134.030474][ T310] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 134.040053][ T310] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 134.049152][ T310] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.057694][ T310] usb 1-1: config 0 descriptor?? [ 134.317652][ T2580] bridge: RTM_NEWNEIGH with invalid ether address [ 134.395450][ T2585] loop1: detected capacity change from 0 to 256 [ 134.409905][ T2587] FAULT_INJECTION: forcing a failure. [ 134.409905][ T2587] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 134.423556][ T2587] CPU: 0 PID: 2587 Comm: syz.2.601 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 134.433198][ T2587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 134.443080][ T2587] Call Trace: [ 134.446197][ T2587] [ 134.448980][ T2587] dump_stack_lvl+0x151/0x1b7 [ 134.453491][ T2587] ? io_uring_drop_tctx_refs+0x190/0x190 [ 134.458958][ T2587] dump_stack+0x15/0x17 [ 134.462947][ T2587] should_fail+0x3c6/0x510 [ 134.467199][ T2587] should_fail_alloc_page+0x5a/0x80 [ 134.472235][ T2587] prepare_alloc_pages+0x15c/0x700 [ 134.477178][ T2587] ? __alloc_pages+0x8f0/0x8f0 [ 134.481779][ T2587] ? __alloc_pages_bulk+0xe40/0xe40 [ 134.486827][ T2587] __alloc_pages+0x18c/0x8f0 [ 134.491260][ T2587] ? prep_new_page+0x110/0x110 [ 134.495845][ T2587] ? __kasan_kmalloc+0x9/0x10 [ 134.500354][ T2587] ? __kmalloc_track_caller+0x139/0x260 [ 134.505741][ T2587] ? __kasan_check_write+0x14/0x20 [ 134.510680][ T2587] ? __alloc_skb+0x355/0x550 [ 134.515196][ T2587] alloc_skb_with_frags+0x1fe/0x680 [ 134.520318][ T2587] sock_alloc_send_pskb+0x915/0xa50 [ 134.525355][ T2587] ? sock_kzfree_s+0x60/0x60 [ 134.529951][ T2587] ? iov_iter_advance+0x213/0x390 [ 134.534898][ T2587] tun_get_user+0xf1b/0x3aa0 [ 134.539325][ T2587] ? queue_map_pop_elem+0x1da/0x3b0 [ 134.544357][ T2587] ? _kstrtoull+0x3a0/0x4a0 [ 134.548827][ T2587] ? tun_do_read+0x1ef0/0x1ef0 [ 134.553422][ T2587] ? kstrtouint_from_user+0x20a/0x2a0 [ 134.558719][ T2587] ? kstrtol_from_user+0x310/0x310 [ 134.563663][ T2587] ? bpf_probe_read_compat_str+0x131/0x180 [ 134.569314][ T2587] ? bpf_trace_run3+0x123/0x250 [ 134.573995][ T2587] ? avc_policy_seqno+0x1b/0x70 [ 134.578683][ T2587] ? selinux_file_permission+0x2c4/0x570 [ 134.584151][ T2587] tun_chr_write_iter+0x1e1/0x2e0 [ 134.589119][ T2587] vfs_write+0xd5d/0x1110 [ 134.593291][ T2587] ? kmem_cache_free+0x2c3/0x2e0 [ 134.598055][ T2587] ? file_end_write+0x1c0/0x1c0 [ 134.602738][ T2587] ? __fdget_pos+0x209/0x3a0 [ 134.607164][ T2587] ? ksys_write+0x77/0x2c0 [ 134.611854][ T2587] ksys_write+0x199/0x2c0 [ 134.616019][ T2587] ? __ia32_sys_read+0x90/0x90 [ 134.620630][ T2587] ? debug_smp_processor_id+0x17/0x20 [ 134.625827][ T2587] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 134.631726][ T2587] __x64_sys_write+0x7b/0x90 [ 134.636165][ T2587] do_syscall_64+0x3d/0xb0 [ 134.640405][ T2587] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 134.646133][ T2587] RIP: 0033:0x7f2abaab39f9 [ 134.650387][ T2587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.669919][ T2587] RSP: 002b:00007f2ab9733048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 134.678164][ T2587] RAX: ffffffffffffffda RBX: 00007f2abac41f80 RCX: 00007f2abaab39f9 [ 134.685970][ T2587] RDX: 000000000000ffdd RSI: 00000000200000c0 RDI: 0000000000000008 [ 134.693783][ T2587] RBP: 00007f2ab97330a0 R08: 0000000000000000 R09: 0000000000000000 [ 134.701599][ T2587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 134.709402][ T2587] R13: 000000000000000b R14: 00007f2abac41f80 R15: 00007ffcef0668f8 [ 134.717219][ T2587] [ 134.721573][ T310] kone 0003:1E7D:2CED.001B: collection stack underflow [ 134.728289][ T310] kone 0003:1E7D:2CED.001B: item 0 1 0 12 parsing failed [ 134.735351][ T310] kone 0003:1E7D:2CED.001B: parse failed [ 134.740872][ T310] kone: probe of 0003:1E7D:2CED.001B failed with error -22 [ 134.929256][ T1647] usb 1-1: USB disconnect, device number 16 [ 135.159729][ T310] usb 5-1: USB disconnect, device number 14 [ 135.177934][ T2603] loop4: detected capacity change from 0 to 256 [ 135.721052][ T2613] loop1: detected capacity change from 0 to 512 [ 135.810890][ T2613] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 135.822933][ T2613] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038 (0x7fffffff) [ 136.084749][ T2620] loop0: detected capacity change from 0 to 512 [ 136.235810][ T2620] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 136.247667][ T2620] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038 (0x7fffffff) [ 136.642513][ T2636] loop1: detected capacity change from 0 to 256 [ 137.202667][ T2651] loop4: detected capacity change from 0 to 512 [ 137.219251][ T39] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 137.338395][ T2651] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 137.349981][ T2651] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038 (0x7fffffff) [ 137.365271][ T2655] loop3: detected capacity change from 0 to 256 [ 137.504835][ T2657] loop1: detected capacity change from 0 to 40427 [ 137.519242][ T39] usb 1-1: Using ep0 maxpacket: 8 [ 137.633283][ T2657] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 137.649627][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.724468][ T2657] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 137.741371][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.743917][ T2657] F2FS-fs (loop1): Found nat_bits in checkpoint [ 137.751139][ T39] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 137.767144][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.797438][ T2657] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 137.812278][ T2657] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 137.820983][ T39] usb 1-1: config 0 descriptor?? [ 138.345840][ T1251] attempt to access beyond end of device [ 138.345840][ T1251] loop1: rw=2049, want=45112, limit=40427 [ 138.361694][ T39] kone 0003:1E7D:2CED.001C: collection stack underflow [ 138.371637][ T39] kone 0003:1E7D:2CED.001C: item 0 1 0 12 parsing failed [ 138.386225][ T39] kone 0003:1E7D:2CED.001C: parse failed [ 138.393196][ T39] kone: probe of 0003:1E7D:2CED.001C failed with error -22 [ 138.431024][ T2679] kvm: apic: phys broadcast and lowest prio [ 138.462084][ T2681] loop4: detected capacity change from 0 to 512 [ 138.562651][ T39] usb 1-1: USB disconnect, device number 17 [ 138.589878][ T2681] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 138.621223][ T2681] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038 (0x7fffffff) [ 138.653345][ T2691] loop3: detected capacity change from 0 to 512 [ 138.731114][ T2691] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 138.742891][ T2691] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038 (0x7fffffff) [ 139.101964][ T2703] loop0: detected capacity change from 0 to 256 [ 139.403950][ T2709] loop4: detected capacity change from 0 to 512 [ 139.610342][ T2709] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 139.622183][ T2709] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038 (0x7fffffff) [ 139.929247][ T519] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 139.937244][ T297] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 140.121167][ T2718] loop0: detected capacity change from 0 to 40427 [ 140.156622][ T30] kauditd_printk_skb: 104 callbacks suppressed [ 140.156636][ T30] audit: type=1400 audit(2000000093.239:1574): avc: denied { create } for pid=2727 comm="syz.4.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 140.182450][ T2728] loop4: detected capacity change from 0 to 512 [ 140.183131][ T30] audit: type=1400 audit(2000000093.239:1575): avc: denied { setopt } for pid=2727 comm="syz.4.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 140.189547][ T297] usb 3-1: Using ep0 maxpacket: 16 [ 140.207919][ T30] audit: type=1400 audit(2000000093.239:1576): avc: denied { bind } for pid=2727 comm="syz.4.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 140.207948][ T30] audit: type=1400 audit(2000000093.239:1577): avc: denied { name_bind } for pid=2727 comm="syz.4.641" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 140.212929][ T519] usb 4-1: Using ep0 maxpacket: 16 [ 140.233006][ T30] audit: type=1400 audit(2000000093.239:1578): avc: denied { node_bind } for pid=2727 comm="syz.4.641" saddr=fe80::aa src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 140.280202][ T2718] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 140.286614][ T2718] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 140.297929][ T2718] F2FS-fs (loop0): Found nat_bits in checkpoint [ 140.311578][ T2728] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 140.322711][ T2728] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038 (0x7fffffff) [ 140.335787][ T2728] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz.4.641: corrupted inode contents [ 140.338364][ T2718] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 140.348101][ T2728] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz.4.641: mark_inode_dirty error [ 140.355373][ T2718] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 140.366493][ T2728] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz.4.641: corrupted inode contents [ 140.384592][ T2728] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz.4.641: mark_inode_dirty error [ 140.429319][ T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 140.440270][ T519] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 140.451381][ T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 140.461320][ T519] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 140.470497][ T519] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.801072][ T297] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 140.894042][ T297] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 140.903090][ T297] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.911892][ T519] usb 4-1: config 0 descriptor?? [ 140.916988][ T297] usb 3-1: config 0 descriptor?? [ 140.937144][ T289] attempt to access beyond end of device [ 140.937144][ T289] loop0: rw=2049, want=45112, limit=40427 [ 141.067164][ T30] audit: type=1400 audit(2000000094.149:1579): avc: denied { ioctl } for pid=2740 comm="syz.0.642" path="socket:[23487]" dev="sockfs" ino=23487 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 141.241446][ T2745] loop0: detected capacity change from 0 to 512 [ 141.309225][ T26] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 141.361077][ T2745] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 141.372597][ T2745] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038 (0x7fffffff) [ 141.386274][ T2715] UDC core: couldn't find an available UDC or it's busy: -16 [ 141.393555][ T2715] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 141.411067][ T519] hid (null): unknown global tag 0x83 [ 141.416480][ T519] hid (null): unknown global tag 0xc [ 141.421552][ T519] hid (null): global environment stack underflow [ 141.429002][ T519] hid-generic 0003:0158:0100.001D: unknown main item tag 0x0 [ 141.436276][ T519] hid-generic 0003:0158:0100.001D: unknown main item tag 0x0 [ 141.443456][ T519] hid-generic 0003:0158:0100.001D: unexpected long global item [ 141.451020][ T519] hid-generic: probe of 0003:0158:0100.001D failed with error -22 [ 141.549187][ T26] usb 5-1: Using ep0 maxpacket: 8 [ 141.614721][ T519] usb 4-1: USB disconnect, device number 16 [ 141.629221][ T297] usbhid 3-1:0.0: can't add hid device: -71 [ 141.635047][ T297] usbhid: probe of 3-1:0.0 failed with error -71 [ 141.643253][ T297] usb 3-1: USB disconnect, device number 19 [ 141.689316][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.700112][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 141.709588][ T26] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 141.718588][ T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.731561][ T26] usb 5-1: config 0 descriptor?? [ 141.899914][ T2751] loop1: detected capacity change from 0 to 256 [ 142.190268][ T2754] loop0: detected capacity change from 0 to 40427 [ 142.229967][ T26] kone 0003:1E7D:2CED.001E: collection stack underflow [ 142.236660][ T26] kone 0003:1E7D:2CED.001E: item 0 1 0 12 parsing failed [ 142.243701][ T26] kone 0003:1E7D:2CED.001E: parse failed [ 142.249296][ T26] kone: probe of 0003:1E7D:2CED.001E failed with error -22 [ 142.319982][ T2758] loop3: detected capacity change from 0 to 512 [ 142.362018][ T2754] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 142.368537][ T2754] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 142.461687][ T297] usb 5-1: USB disconnect, device number 15 [ 142.478338][ T2754] F2FS-fs (loop0): Found nat_bits in checkpoint [ 142.487688][ T2758] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 142.499214][ T2758] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038 (0x7fffffff) [ 142.528053][ T2754] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 142.535209][ T2754] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 142.580316][ T30] audit: type=1400 audit(2000000095.669:1580): avc: denied { add_name } for pid=2772 comm="syz.2.652" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 142.611832][ T30] audit: type=1400 audit(2000000095.689:1581): avc: denied { create } for pid=2772 comm="syz.2.652" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 142.647776][ T30] audit: type=1400 audit(2000000095.689:1582): avc: denied { associate } for pid=2772 comm="syz.2.652" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 142.696279][ T30] audit: type=1400 audit(2000000095.779:1583): avc: denied { ioctl } for pid=2776 comm="syz.1.654" path="socket:[23539]" dev="sockfs" ino=23539 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 143.061603][ T289] attempt to access beyond end of device [ 143.061603][ T289] loop0: rw=2049, want=45112, limit=40427 [ 143.187665][ T2795] loop4: detected capacity change from 0 to 512 [ 143.222945][ T2799] 9pnet: Insufficient options for proto=fd [ 143.246856][ T2799] 9pnet: Insufficient options for proto=fd [ 143.298416][ T2799] fuse: Bad value for 'fd' [ 143.490215][ T2795] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 143.529673][ T2795] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038 (0x7fffffff) [ 143.581679][ T2816] FAULT_INJECTION: forcing a failure. [ 143.581679][ T2816] name failslab, interval 1, probability 0, space 0, times 0 [ 143.594942][ T2816] CPU: 1 PID: 2816 Comm: syz.0.658 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 143.604568][ T2816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 143.614461][ T2816] Call Trace: [ 143.617581][ T2816] [ 143.620386][ T2816] dump_stack_lvl+0x151/0x1b7 [ 143.624874][ T2816] ? io_uring_drop_tctx_refs+0x190/0x190 [ 143.631121][ T2816] ? __kasan_check_write+0x14/0x20 [ 143.636068][ T2816] ? mutex_unlock+0xb2/0x260 [ 143.640495][ T2816] dump_stack+0x15/0x17 [ 143.644662][ T2816] should_fail+0x3c6/0x510 [ 143.648911][ T2816] __should_failslab+0xa4/0xe0 [ 143.653512][ T2816] ? getname_flags+0xba/0x520 [ 143.658023][ T2816] should_failslab+0x9/0x20 [ 143.662368][ T2816] slab_pre_alloc_hook+0x37/0xd0 [ 143.667232][ T2816] ? getname_flags+0xba/0x520 [ 143.671738][ T2816] kmem_cache_alloc+0x44/0x200 [ 143.676515][ T2816] getname_flags+0xba/0x520 [ 143.680866][ T2816] __x64_sys_symlinkat+0x7c/0xb0 [ 143.685623][ T2816] do_syscall_64+0x3d/0xb0 [ 143.689965][ T2816] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 143.695694][ T2816] RIP: 0033:0x7f731b6fb9f9 [ 143.699952][ T2816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.719388][ T2816] RSP: 002b:00007f731a37b048 EFLAGS: 00000246 ORIG_RAX: 000000000000010a [ 143.727636][ T2816] RAX: ffffffffffffffda RBX: 00007f731b889f80 RCX: 00007f731b6fb9f9 [ 143.735450][ T2816] RDX: 0000000020000080 RSI: 0000000000000009 RDI: 0000000020000040 [ 143.743255][ T2816] RBP: 00007f731a37b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 143.751065][ T2816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.758963][ T2816] R13: 000000000000000b R14: 00007f731b889f80 R15: 00007ffd10f5df18 [ 143.766987][ T2816] [ 143.959170][ T2829] loop1: detected capacity change from 0 to 512 [ 144.093389][ T297] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 144.096449][ T2829] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 144.100872][ T432] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 144.112216][ T2829] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038 (0x7fffffff) [ 144.269171][ T519] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 144.519477][ T432] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.530384][ T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.540997][ T519] usb 1-1: Using ep0 maxpacket: 8 [ 144.545909][ T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 144.555850][ T432] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 144.565549][ T432] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 144.574377][ T297] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 144.583324][ T432] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.591249][ T297] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.599752][ T432] usb 4-1: config 0 descriptor?? [ 144.604724][ T297] usb 3-1: config 0 descriptor?? [ 144.689233][ T519] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.700059][ T519] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 144.709725][ T519] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 144.718667][ T519] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.730099][ T519] usb 1-1: config 0 descriptor?? [ 145.090271][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.097185][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.105020][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.111952][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.118902][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.125868][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.132823][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.139671][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.146373][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.153221][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.159926][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.166679][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.173521][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.180462][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.187220][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.194058][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.200778][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.207506][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.215241][ T519] kone 0003:1E7D:2CED.0021: collection stack underflow [ 145.222126][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.229022][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.235923][ T519] kone 0003:1E7D:2CED.0021: item 0 1 0 12 parsing failed [ 145.242827][ T519] kone 0003:1E7D:2CED.0021: parse failed [ 145.248264][ T519] kone: probe of 0003:1E7D:2CED.0021 failed with error -22 [ 145.255350][ T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0 [ 145.262109][ T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0 [ 145.270423][ T432] lg-g15 0003:046D:C222.0020: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.3-1/input0 [ 145.281911][ T297] lg-g15 0003:046D:C222.001F: hidraw1: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.2-1/input0 [ 145.294548][ T432] usb 4-1: USB disconnect, device number 17 [ 145.301416][ T297] usb 3-1: USB disconnect, device number 20 [ 145.309800][ T26] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 145.415792][ T20] usb 1-1: USB disconnect, device number 18 [ 145.579245][ T26] usb 5-1: device descriptor read/64, error -71 [ 145.645313][ T2847] loop1: detected capacity change from 0 to 40427 [ 145.739591][ T2847] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 145.746128][ T2847] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 145.756190][ T2847] F2FS-fs (loop1): Found nat_bits in checkpoint [ 145.777882][ T2847] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 145.784832][ T2847] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 145.999295][ T26] usb 5-1: device descriptor read/64, error -71 [ 146.066391][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 146.066414][ T30] audit: type=1326 audit(2000000099.149:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.0.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 146.104613][ T30] audit: type=1326 audit(2000000099.189:1623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.0.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 146.229192][ T432] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 146.458485][ T2871] loop0: detected capacity change from 0 to 512 [ 146.683264][ T1251] attempt to access beyond end of device [ 146.683264][ T1251] loop1: rw=2049, want=45112, limit=40427 [ 146.694443][ T26] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 146.718317][ T2871] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 146.730038][ T2871] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038 (0x7fffffff) [ 146.909247][ T432] usb 4-1: Using ep0 maxpacket: 16 [ 146.989956][ T26] usb 5-1: device descriptor read/64, error -71 [ 147.005645][ T2881] loop1: detected capacity change from 0 to 512 [ 147.044824][ T2881] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 147.069318][ T432] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 147.089167][ T432] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 147.091390][ T2881] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038 (0x7fffffff) [ 147.098874][ T432] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 147.121118][ T432] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 147.130253][ T432] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.138888][ T432] usb 4-1: config 0 descriptor?? [ 147.249905][ T30] audit: type=1326 audit(2000000100.339:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 147.273215][ T30] audit: type=1326 audit(2000000100.339:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 147.296716][ T30] audit: type=1326 audit(2000000100.339:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 147.320136][ T30] audit: type=1326 audit(2000000100.339:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 147.343324][ T30] audit: type=1326 audit(2000000100.339:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000 [ 147.366655][ T30] audit: type=1326 audit(2000000100.339:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2abaab2390 code=0x7ffc0000 [ 147.390036][ T39] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 147.390103][ T30] audit: type=1326 audit(2000000100.339:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2abaab35fb code=0x7ffc0000 [ 147.420532][ T30] audit: type=1326 audit(2000000100.339:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2abaab35fb code=0x7ffc0000 [ 147.475780][ T26] usb 5-1: device descriptor read/64, error -71 [ 147.559353][ T372] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 147.599367][ T26] usb usb5-port1: attempt power cycle [ 147.726436][ T2900] loop1: detected capacity change from 0 to 512 [ 147.799593][ T2900] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 147.810915][ T2900] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 147.825467][ T2900] EXT4-fs (loop1): 1 truncate cleaned up [ 147.829233][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 147.831310][ T2900] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodelalloc,block_validity,sysvgroups,,errors=continue. Quota mode: writeback. [ 147.842178][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 147.900307][ T39] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 147.909289][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.917727][ T39] usb 1-1: config 0 descriptor?? [ 147.979452][ T372] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 147.991718][ T372] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 148.000967][ T372] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.016089][ T26] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 148.117846][ T372] usb 3-1: config 0 descriptor?? [ 148.209242][ T26] usb 5-1: device descriptor read/8, error -71 [ 148.390330][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.397264][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.404121][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.410913][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.417720][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.424597][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.431374][ T26] usb 5-1: device descriptor read/8, error -71 [ 148.437333][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.444099][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.450891][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.457631][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.464402][ T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0 [ 148.471601][ T39] lg-g15 0003:046D:C222.0022: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0 [ 148.578658][ T1251] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 148.597070][ T1251] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 148.599906][ T372] keytouch 0003:0926:3333.0023: fixing up Keytouch IEC report descriptor [ 148.625006][ T372] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0023/input/input12 [ 148.629532][ T20] usb 1-1: USB disconnect, device number 19 [ 148.701930][ T372] keytouch 0003:0926:3333.0023: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 148.785772][ T2909] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.792784][ T2909] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.800203][ T2909] device bridge_slave_0 entered promiscuous mode [ 148.808708][ T2909] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.816036][ T2909] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.824504][ T2909] device bridge_slave_1 entered promiscuous mode [ 148.870114][ T2909] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.877066][ T2909] bridge0: port 2(bridge_slave_1) entered forwarding state [ 148.884204][ T2909] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.890971][ T2909] bridge0: port 1(bridge_slave_0) entered forwarding state [ 148.919515][ T26] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 148.932935][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 148.941051][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.951902][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.970572][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 148.979091][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.985976][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 148.995384][ T432] usbhid 4-1:0.0: can't add hid device: -71 [ 149.001747][ T432] usbhid: probe of 4-1:0.0 failed with error -71 [ 149.010614][ T432] usb 4-1: USB disconnect, device number 18 [ 149.017302][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 149.027034][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.033900][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 149.058208][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 149.071745][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 149.145461][ T2916] loop3: detected capacity change from 0 to 512 [ 149.169511][ T26] usb 5-1: Using ep0 maxpacket: 8 [ 149.187033][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 149.248883][ T2916] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 149.260635][ T2916] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038 (0x7fffffff) [ 149.270631][ T2909] device veth0_vlan entered promiscuous mode [ 149.288583][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 149.297331][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 149.306821][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 149.314437][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 149.326751][ T2909] device veth1_macvtap entered promiscuous mode [ 149.343210][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 149.351954][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 149.360424][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 149.405048][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 149.431453][ T26] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 149.440532][ T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.449908][ T26] usb 5-1: config 0 descriptor?? [ 149.460531][ T10] device bridge_slave_1 left promiscuous mode [ 149.466587][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.474099][ T10] device bridge_slave_0 left promiscuous mode [ 149.495397][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.544239][ T2932] loop0: detected capacity change from 0 to 256 [ 149.572969][ T10] device veth1_macvtap left promiscuous mode [ 149.579056][ T10] device veth0_vlan left promiscuous mode [ 149.860745][ T20] usb 3-1: USB disconnect, device number 21 [ 149.923857][ T2936] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=2936 comm=syz.3.699 [ 150.023435][ T2943] loop1: detected capacity change from 0 to 256 [ 150.298171][ T2951] loop1: detected capacity change from 0 to 256 [ 150.314210][ T26] kone 0003:1E7D:2CED.0024: collection stack underflow [ 150.347546][ T26] kone 0003:1E7D:2CED.0024: item 0 1 0 12 parsing failed [ 150.373143][ T26] kone 0003:1E7D:2CED.0024: parse failed [ 150.379115][ T26] kone: probe of 0003:1E7D:2CED.0024 failed with error -22 [ 150.514206][ T432] usb 5-1: USB disconnect, device number 19 [ 150.599184][ T26] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 150.759206][ T39] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 150.963408][ T2962] loop3: detected capacity change from 0 to 512 [ 151.119817][ T30] kauditd_printk_skb: 90 callbacks suppressed [ 151.119832][ T30] audit: type=1326 audit(2000000104.189:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 151.153415][ T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 151.162540][ T30] audit: type=1326 audit(2000000104.189:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 151.164334][ T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 151.187926][ T30] audit: type=1326 audit(2000000104.189:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 151.197125][ T26] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 151.229779][ T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.236958][ T30] audit: type=1326 audit(2000000104.189:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 151.250713][ T2962] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 151.261272][ T30] audit: type=1326 audit(2000000104.189:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 151.272334][ T2962] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038 (0x7fffffff) [ 151.296379][ T30] audit: type=1326 audit(2000000104.189:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 151.305716][ T26] usb 1-1: config 0 descriptor?? [ 151.333916][ T30] audit: type=1326 audit(2000000104.189:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 151.357239][ T30] audit: type=1326 audit(2000000104.189:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 151.384704][ T30] audit: type=1326 audit(2000000104.189:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 151.409451][ T30] audit: type=1326 audit(2000000104.199:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000 [ 151.432743][ T39] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 151.439548][ T2977] loop1: detected capacity change from 0 to 2048 [ 151.444136][ T39] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 151.461246][ T39] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 151.470167][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.489229][ T2958] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 151.689737][ T2980] xt_CT: No such helper "pptp" [ 151.815142][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.867032][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.874662][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.881413][ T2984] loop3: detected capacity change from 0 to 256 [ 151.888343][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.896447][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.903655][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.910806][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.917711][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.924663][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.933575][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.940622][ T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0 [ 151.948994][ T26] lg-g15 0003:046D:C222.0025: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0 [ 151.999253][ T39] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 152.024765][ T20] usb 1-1: USB disconnect, device number 20 [ 152.058337][ T39] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input13 [ 152.080369][ T39] usb 3-1: USB disconnect, device number 22 [ 152.181994][ T2990] loop3: detected capacity change from 0 to 256 [ 152.220818][ T2990] exfat: Deprecated parameter 'utf8' [ 152.372187][ T2990] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 152.401450][ T2986] loop4: detected capacity change from 0 to 40427 [ 152.444727][ T2986] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 152.453241][ T2986] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 152.463223][ T2986] F2FS-fs (loop4): invalid crc value [ 152.469915][ T2986] F2FS-fs (loop4): Found nat_bits in checkpoint [ 152.500909][ T2986] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 152.507853][ T2986] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 152.522732][ T2986] netlink: 36 bytes leftover after parsing attributes in process `syz.4.716'. [ 152.535729][ T291] attempt to access beyond end of device [ 152.535729][ T291] loop4: rw=2049, want=45112, limit=40427 [ 152.854310][ T3014] loop0: detected capacity change from 0 to 512 [ 152.978735][ T20] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 153.034835][ T3014] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 153.046582][ T3014] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038 (0x7fffffff) [ 153.063156][ T3019] loop4: detected capacity change from 0 to 512 [ 153.080398][ T3021] loop3: detected capacity change from 0 to 256 [ 153.157404][ T3019] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 153.168895][ T3019] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038 (0x7fffffff) [ 153.218159][ T3030] loop3: detected capacity change from 0 to 2048 [ 153.229193][ T20] usb 3-1: Using ep0 maxpacket: 8 [ 153.349277][ T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.370381][ T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.382966][ T20] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 153.392006][ T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.408709][ T20] usb 3-1: config 0 descriptor?? [ 153.518299][ T3050] xt_CT: No such helper "pptp" [ 153.752967][ T3054] loop0: detected capacity change from 0 to 256 [ 153.780146][ T3054] FAT-fs (loop0): Unrecognized mount option "ioclarset=iso8859-2" or missing value [ 153.787414][ T3056] loop4: detected capacity change from 0 to 256 [ 153.869194][ T432] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 153.879998][ T20] kone 0003:1E7D:2CED.0026: collection stack underflow [ 153.890880][ T20] kone 0003:1E7D:2CED.0026: item 0 1 0 12 parsing failed [ 153.899846][ T20] kone 0003:1E7D:2CED.0026: parse failed [ 153.905424][ T20] kone: probe of 0003:1E7D:2CED.0026 failed with error -22 [ 154.083511][ T3066] loop0: detected capacity change from 0 to 512 [ 154.222711][ T39] usb 3-1: USB disconnect, device number 23 [ 154.235009][ T3066] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 154.246579][ T3066] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038 (0x7fffffff) [ 154.329229][ T432] usb 2-1: Using ep0 maxpacket: 32 [ 154.407343][ T3072] loop3: detected capacity change from 0 to 512 [ 154.527957][ T3072] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 154.539374][ T3072] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038 (0x7fffffff) [ 154.599241][ T432] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 154.610273][ T432] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 154.621315][ T432] usb 2-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00 [ 154.630137][ T432] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.638479][ T432] usb 2-1: config 0 descriptor?? [ 154.659326][ T3047] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 155.090235][ T3094] loop4: detected capacity change from 0 to 512 [ 155.157422][ T3099] loop0: detected capacity change from 0 to 2048 [ 155.175434][ T3101] loop3: detected capacity change from 0 to 512 [ 155.191939][ T3047] loop1: detected capacity change from 0 to 256 [ 155.203627][ T3101] EXT4-fs (loop3): Test dummy encryption mode enabled [ 155.215517][ T3101] EXT4-fs error (device loop3): __ext4_iget:4892: inode #11: block 1: comm syz.3.749: invalid block [ 155.226981][ T3101] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.749: couldn't read orphan inode 11 (err -117) [ 155.240127][ T3101] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none. [ 155.244555][ T3094] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 155.280018][ T3094] ext4 filesystem being mounted at /138/file0 supports timestamps until 2038 (0x7fffffff) [ 155.314297][ T3047] attempt to access beyond end of device [ 155.314297][ T3047] loop1: rw=2049, want=260, limit=256 [ 155.325292][ T3101] overlayfs: failed to resolve './file2/file0': -2 [ 155.360132][ T432] hid-led 0003:1294:1320.0027: unbalanced delimiter at end of report description [ 155.369841][ T432] hid-led: probe of 0003:1294:1320.0027 failed with error -22 [ 155.462005][ T3108] xt_CT: No such helper "pptp" [ 155.682513][ T432] usb 2-1: USB disconnect, device number 17 [ 155.813430][ T3107] loop3: detected capacity change from 0 to 40427 [ 155.901174][ T3107] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 155.907867][ T3107] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 155.918011][ T3107] F2FS-fs (loop3): Found nat_bits in checkpoint [ 155.940442][ T3107] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 155.947665][ T3107] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 156.101223][ T372] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 157.660076][ T293] attempt to access beyond end of device [ 157.660076][ T293] loop3: rw=2049, want=45112, limit=40427 [ 159.075145][ T3134] loop1: detected capacity change from 0 to 512 [ 159.123246][ T3139] netlink: 'syz.2.762': attribute type 4 has an invalid length. [ 159.130958][ T372] usb 5-1: Using ep0 maxpacket: 8 [ 159.160852][ T3134] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 159.172393][ T3134] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038 (0x7fffffff) [ 159.351259][ T3150] loop0: detected capacity change from 0 to 512 [ 159.382900][ T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 159.519288][ T3150] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 159.530769][ T3150] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038 (0x7fffffff) [ 159.532891][ T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 159.571986][ T372] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 159.584898][ T30] kauditd_printk_skb: 36 callbacks suppressed [ 159.584912][ T30] audit: type=1326 audit(2000000112.669:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3155 comm="syz.3.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 159.585423][ T372] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.613946][ T30] audit: type=1326 audit(2000000112.679:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3155 comm="syz.3.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 159.613973][ T30] audit: type=1326 audit(2000000112.679:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3155 comm="syz.3.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 159.622787][ T372] usb 5-1: config 0 descriptor?? [ 159.676865][ T30] audit: type=1326 audit(2000000112.739:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3155 comm="syz.3.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 159.750703][ T3166] loop1: detected capacity change from 0 to 2048 [ 159.950219][ T3173] xt_CT: No such helper "pptp" [ 160.359498][ T372] usbhid 5-1:0.0: can't add hid device: -71 [ 160.365509][ T372] usbhid: probe of 5-1:0.0 failed with error -71 [ 160.518001][ T372] usb 5-1: USB disconnect, device number 20 [ 160.557380][ T30] audit: type=1326 audit(2000000113.639:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 160.625431][ T3180] loop1: detected capacity change from 0 to 128 [ 160.638323][ T30] audit: type=1326 audit(2000000113.699:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 160.678776][ T30] audit: type=1326 audit(2000000113.729:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 160.719834][ T30] audit: type=1326 audit(2000000113.729:1775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 160.754309][ T30] audit: type=1326 audit(2000000113.729:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 160.777941][ T30] audit: type=1326 audit(2000000113.729:1777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 160.802403][ T3180] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 160.813207][ T3180] ext4 filesystem being mounted at /16/mnt supports timestamps until 2038 (0x7fffffff) [ 160.835961][ T3198] netlink: 24 bytes leftover after parsing attributes in process `syz.2.782'. [ 161.042193][ T3202] loop0: detected capacity change from 0 to 512 [ 161.286597][ T3204] loop4: detected capacity change from 0 to 512 [ 161.377569][ T3198] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=3198 comm=syz.2.782 [ 161.477385][ T3204] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 161.489265][ T3204] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038 (0x7fffffff) [ 161.505794][ T3202] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 161.513168][ T3211] loop1: detected capacity change from 0 to 2048 [ 161.517857][ T3202] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038 (0x7fffffff) [ 161.748923][ T3217] xt_CT: No such helper "pptp" [ 161.774274][ T3218] loop3: detected capacity change from 0 to 512 [ 161.871861][ T3218] EXT4-fs (loop3): Unrecognized mount option "." or missing value [ 161.966154][ T3210] loop3: detected capacity change from 0 to 16 [ 161.986698][ T3228] loop4: detected capacity change from 0 to 1024 [ 161.993619][ T3210] erofs: (device loop3): mounted with root inode @ nid 36. [ 162.019445][ T3228] EXT4-fs (loop4): Ignoring removed oldalloc option [ 162.029216][ T3228] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 162.052696][ T3228] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none. [ 162.087216][ T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /143/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 162.119760][ T291] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 162.139730][ T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 162.152038][ T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /143/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 162.174379][ T291] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 162.181596][ T3233] loop0: detected capacity change from 0 to 512 [ 162.193596][ T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 162.211139][ T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /143/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 162.233336][ T291] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 162.252771][ T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 162.269350][ T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /143/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 162.296623][ T291] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 162.319003][ T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 162.333263][ T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /143/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 162.357963][ T3233] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 162.369824][ T291] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 162.389591][ T3233] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038 (0x7fffffff) [ 162.414278][ T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 162.426171][ T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 162.438245][ T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 162.450242][ T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 162.463051][ T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 162.475116][ T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 162.689220][ T26] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 162.708437][ T3244] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.715345][ T3244] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.722548][ T3244] device bridge_slave_0 entered promiscuous mode [ 162.729679][ T3244] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.736525][ T3244] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.743883][ T3244] device bridge_slave_1 entered promiscuous mode [ 162.790087][ T3244] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.797038][ T3244] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.804189][ T3244] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.811048][ T3244] bridge0: port 1(bridge_slave_0) entered forwarding state [ 162.855095][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 162.862986][ T297] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.870432][ T297] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.905350][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 162.915012][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 162.923083][ T372] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.930016][ T372] bridge0: port 1(bridge_slave_0) entered forwarding state [ 162.937208][ T26] usb 2-1: Using ep0 maxpacket: 8 [ 162.943162][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 162.951629][ T372] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.958471][ T372] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.966365][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 162.974981][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 163.096864][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 163.105075][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 163.111565][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 163.115603][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 163.130338][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 163.132315][ T3244] device veth0_vlan entered promiscuous mode [ 163.140654][ T26] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 163.152294][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 163.155696][ T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.164925][ T3244] device veth1_macvtap entered promiscuous mode [ 163.174638][ T26] usb 2-1: config 0 descriptor?? [ 163.186782][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 163.196654][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 163.385538][ T3259] loop4: detected capacity change from 0 to 512 [ 163.471471][ T8] device bridge_slave_1 left promiscuous mode [ 163.496402][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.504213][ T8] device bridge_slave_0 left promiscuous mode [ 163.505632][ T3259] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 163.510265][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.521721][ T3259] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038 (0x7fffffff) [ 163.544560][ T8] device veth1_macvtap left promiscuous mode [ 163.550477][ T8] device veth0_vlan left promiscuous mode [ 163.691019][ T26] kone 0003:1E7D:2CED.0028: collection stack underflow [ 163.697816][ T26] kone 0003:1E7D:2CED.0028: item 0 1 0 12 parsing failed [ 163.706058][ T26] kone 0003:1E7D:2CED.0028: parse failed [ 163.711576][ T26] kone: probe of 0003:1E7D:2CED.0028 failed with error -22 [ 164.006669][ T432] usb 2-1: USB disconnect, device number 18 [ 164.060068][ T3272] loop0: detected capacity change from 0 to 2048 [ 164.279191][ T3282] xt_CT: No such helper "pptp" [ 164.446973][ T3285] loop4: detected capacity change from 0 to 512 [ 164.457243][ T3285] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 164.470468][ T3285] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 164.481577][ T3285] EXT4-fs (loop4): 1 truncate cleaned up [ 164.487058][ T3285] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 164.505996][ T3285] binder: 3284:3285 ioctl 40087708 200007c0 returned -22 [ 164.554932][ T3293] FAULT_INJECTION: forcing a failure. [ 164.554932][ T3293] name failslab, interval 1, probability 0, space 0, times 0 [ 164.569306][ T3293] CPU: 1 PID: 3293 Comm: syz.4.809 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 164.578939][ T3293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 164.588918][ T3293] Call Trace: [ 164.592043][ T3293] [ 164.594820][ T3293] dump_stack_lvl+0x151/0x1b7 [ 164.599334][ T3293] ? io_uring_drop_tctx_refs+0x190/0x190 [ 164.604889][ T3293] dump_stack+0x15/0x17 [ 164.608877][ T3293] should_fail+0x3c6/0x510 [ 164.613150][ T3293] __should_failslab+0xa4/0xe0 [ 164.617821][ T3293] ? security_inode_alloc+0x29/0x120 [ 164.622940][ T3293] should_failslab+0x9/0x20 [ 164.627280][ T3293] slab_pre_alloc_hook+0x37/0xd0 [ 164.632058][ T3293] ? security_inode_alloc+0x29/0x120 [ 164.637189][ T3293] kmem_cache_alloc+0x44/0x200 [ 164.641775][ T3293] security_inode_alloc+0x29/0x120 [ 164.646807][ T3293] inode_init_always+0x76d/0x9d0 [ 164.651668][ T3293] ? shmem_match+0x180/0x180 [ 164.656093][ T3293] new_inode_pseudo+0x93/0x220 [ 164.660694][ T3293] new_inode+0x28/0x1c0 [ 164.664687][ T3293] ? _raw_spin_lock+0xa4/0x1b0 [ 164.669290][ T3293] shmem_get_inode+0x328/0x9e0 [ 164.674000][ T3293] ? _raw_spin_unlock+0x4d/0x70 [ 164.678863][ T3293] __shmem_file_setup+0x111/0x2a0 [ 164.683722][ T3293] shmem_file_setup+0x2f/0x40 [ 164.688232][ T3293] __se_sys_memfd_create+0x1e1/0x3e0 [ 164.693527][ T3293] __x64_sys_memfd_create+0x5b/0x70 [ 164.698676][ T3293] do_syscall_64+0x3d/0xb0 [ 164.702938][ T3293] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 164.708656][ T3293] RIP: 0033:0x7f6e1f3589f9 [ 164.712912][ T3293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.732352][ T3293] RSP: 002b:00007f6e1dfd7e28 EFLAGS: 00000206 ORIG_RAX: 000000000000013f [ 164.740596][ T3293] RAX: ffffffffffffffda RBX: 0000000000000517 RCX: 00007f6e1f3589f9 [ 164.748414][ T3293] RDX: 00007f6e1dfd7f00 RSI: 0000000000000000 RDI: 00007f6e1f3c70b3 [ 164.756230][ T3293] RBP: 0000000020000e00 R08: 00007f6e1dfd7bc7 R09: 00007f6e1dfd7e50 [ 164.764029][ T3293] R10: 000000000000000a R11: 0000000000000206 R12: 0000000020000300 [ 164.771927][ T3293] R13: 00007f6e1dfd7f00 R14: 00007f6e1dfd7ec0 R15: 0000000020000080 [ 164.780105][ T3293] [ 164.884090][ T3298] loop4: detected capacity change from 0 to 512 [ 164.980888][ T3298] EXT4-fs (loop4): inodes count not valid: 204800 vs 64 [ 165.663873][ T3311] loop1: detected capacity change from 0 to 512 [ 165.672935][ T3313] loop3: detected capacity change from 0 to 512 [ 165.745473][ T30] kauditd_printk_skb: 107 callbacks suppressed [ 165.745489][ T30] audit: type=1326 audit(2000000118.829:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 165.787355][ T3311] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 165.799267][ T3311] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038 (0x7fffffff) [ 165.807611][ T3322] loop4: detected capacity change from 0 to 2048 [ 165.819091][ T3313] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 165.830327][ T30] audit: type=1326 audit(2000000118.829:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 165.831349][ T3313] ext4 filesystem being mounted at /142/file0 supports timestamps until 2038 (0x7fffffff) [ 165.870406][ T30] audit: type=1326 audit(2000000118.829:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 165.904956][ T30] audit: type=1326 audit(2000000118.829:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 165.965174][ T30] audit: type=1326 audit(2000000118.829:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 166.160520][ T30] audit: type=1326 audit(2000000118.829:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 166.197861][ T3322] EXT4-fs (loop4): mounted filesystem without journal. Opts: stripe=0x0000000000000401,errors=remount-ro,. Quota mode: none. [ 166.242831][ T30] audit: type=1326 audit(2000000118.869:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 166.266153][ T30] audit: type=1326 audit(2000000118.869:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 166.289377][ T30] audit: type=1326 audit(2000000118.869:1893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 166.312517][ T30] audit: type=1326 audit(2000000118.869:1894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000 [ 166.395408][ T3334] FAULT_INJECTION: forcing a failure. [ 166.395408][ T3334] name failslab, interval 1, probability 0, space 0, times 0 [ 166.408167][ T3334] CPU: 0 PID: 3334 Comm: syz.3.823 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 166.417796][ T3334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 166.427687][ T3334] Call Trace: [ 166.430813][ T3334] [ 166.433586][ T3334] dump_stack_lvl+0x151/0x1b7 [ 166.438278][ T3334] ? io_uring_drop_tctx_refs+0x190/0x190 [ 166.444178][ T3334] ? __kasan_check_write+0x14/0x20 [ 166.449130][ T3334] ? mutex_unlock+0xb2/0x260 [ 166.453551][ T3334] dump_stack+0x15/0x17 [ 166.456412][ T3336] loop1: detected capacity change from 0 to 512 [ 166.457540][ T3334] should_fail+0x3c6/0x510 [ 166.467969][ T3334] __should_failslab+0xa4/0xe0 [ 166.472555][ T3334] should_failslab+0x9/0x20 [ 166.476892][ T3334] slab_pre_alloc_hook+0x37/0xd0 [ 166.481665][ T3334] __kmalloc+0x6d/0x270 [ 166.485657][ T3334] ? __se_sys_memfd_create+0xf2/0x3e0 [ 166.490866][ T3334] __se_sys_memfd_create+0xf2/0x3e0 [ 166.495899][ T3334] __x64_sys_memfd_create+0x5b/0x70 [ 166.500935][ T3334] do_syscall_64+0x3d/0xb0 [ 166.505192][ T3334] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 166.510999][ T3334] RIP: 0033:0x7f810c6d89f9 [ 166.515253][ T3334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.534704][ T3334] RSP: 002b:00007f810b357e28 EFLAGS: 00000206 ORIG_RAX: 000000000000013f [ 166.542940][ T3334] RAX: ffffffffffffffda RBX: 0000000000000784 RCX: 00007f810c6d89f9 [ 166.550753][ T3334] RDX: 00007f810b357f00 RSI: 0000000000000000 RDI: 00007f810c7470b3 [ 166.558563][ T3334] RBP: 00000000200007c0 R08: 00007f810b357bc7 R09: 00007f810b357e50 [ 166.566374][ T3334] R10: 000000000000000a R11: 0000000000000206 R12: 0000000020000240 [ 166.574193][ T3334] R13: 00007f810b357f00 R14: 00007f810b357ec0 R15: 0000000020000040 [ 166.582001][ T3334] [ 166.631250][ T3336] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 166.642898][ T3336] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038 (0x7fffffff) [ 166.690470][ T3347] loop4: detected capacity change from 0 to 2048 [ 166.902621][ T3354] xt_CT: No such helper "pptp" [ 167.004605][ T432] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 167.019234][ T26] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 167.248637][ T3360] FAULT_INJECTION: forcing a failure. [ 167.248637][ T3360] name failslab, interval 1, probability 0, space 0, times 0 [ 167.249177][ T432] usb 3-1: Using ep0 maxpacket: 8 [ 167.261652][ T3360] CPU: 1 PID: 3360 Comm: syz.1.829 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 167.275648][ T3360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 167.285545][ T3360] Call Trace: [ 167.288655][ T3360] [ 167.291433][ T3360] dump_stack_lvl+0x151/0x1b7 [ 167.296049][ T3360] ? io_uring_drop_tctx_refs+0x190/0x190 [ 167.301499][ T3360] ? avc_denied+0x1b0/0x1b0 [ 167.305857][ T3360] ? __kasan_slab_alloc+0xc3/0xe0 [ 167.310706][ T3360] dump_stack+0x15/0x17 [ 167.314689][ T3360] should_fail+0x3c6/0x510 [ 167.319291][ T3360] __should_failslab+0xa4/0xe0 [ 167.323892][ T3360] ? __d_alloc+0x2d/0x6c0 [ 167.328067][ T3360] should_failslab+0x9/0x20 [ 167.332398][ T3360] slab_pre_alloc_hook+0x37/0xd0 [ 167.337169][ T3360] ? __d_alloc+0x2d/0x6c0 [ 167.341338][ T3360] kmem_cache_alloc+0x44/0x200 [ 167.345937][ T3360] __d_alloc+0x2d/0x6c0 [ 167.349929][ T3360] d_alloc_parallel+0xe6/0x12e0 [ 167.354615][ T3360] ? inode_permission+0xf8/0x460 [ 167.359400][ T3360] ? link_path_walk+0xb29/0xd90 [ 167.364078][ T3360] ? d_hash_and_lookup+0x1e0/0x1e0 [ 167.369022][ T3360] ? rwsem_mark_wake+0x770/0x770 [ 167.373797][ T3360] ? __mnt_want_write+0x1f6/0x270 [ 167.378670][ T3360] path_openat+0xa02/0x2f40 [ 167.383177][ T3360] ? stack_trace_snprint+0xf0/0xf0 [ 167.388121][ T3360] ? kmem_cache_free+0x116/0x2e0 [ 167.392918][ T3360] ? __kasan_slab_alloc+0xb1/0xe0 [ 167.397746][ T3360] ? kmem_cache_alloc+0xf5/0x200 [ 167.402521][ T3360] ? do_filp_open+0x460/0x460 [ 167.407036][ T3360] do_filp_open+0x21c/0x460 [ 167.411375][ T3360] ? vfs_tmpfile+0x2c0/0x2c0 [ 167.415814][ T3360] do_sys_openat2+0x13f/0x830 [ 167.420319][ T3360] ? __kasan_check_write+0x14/0x20 [ 167.425269][ T3360] ? mutex_unlock+0xb2/0x260 [ 167.429686][ T3360] ? wait_for_completion_killable_timeout+0x10/0x10 [ 167.436110][ T3360] ? do_sys_open+0x220/0x220 [ 167.440536][ T3360] ? __kasan_check_write+0x14/0x20 [ 167.445493][ T3360] ? fput_many+0x160/0x1b0 [ 167.449746][ T3360] ? fput+0x1a/0x20 [ 167.453380][ T3360] __x64_sys_openat+0x243/0x290 [ 167.458068][ T3360] ? __ia32_sys_open+0x270/0x270 [ 167.462941][ T3360] ? debug_smp_processor_id+0x17/0x20 [ 167.468139][ T3360] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 167.474066][ T3360] ? exit_to_user_mode_prepare+0x39/0xa0 [ 167.479520][ T3360] do_syscall_64+0x3d/0xb0 [ 167.483763][ T3360] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 167.490005][ T3360] RIP: 0033:0x7f69928919f9 [ 167.494271][ T3360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.513715][ T3360] RSP: 002b:00007f6991511048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 167.522051][ T3360] RAX: ffffffffffffffda RBX: 00007f6992a1ff80 RCX: 00007f69928919f9 [ 167.530031][ T3360] RDX: 000000000000275a RSI: 0000000020000040 RDI: ffffffffffffff9c [ 167.537849][ T3360] RBP: 00007f69915110a0 R08: 0000000000000000 R09: 0000000000000000 [ 167.545664][ T3360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 167.553800][ T3360] R13: 000000000000000b R14: 00007f6992a1ff80 R15: 00007ffe593c37d8 [ 167.561642][ T3360] [ 167.649273][ T432] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 167.669862][ T432] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 167.689299][ T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 167.689707][ T432] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 167.709165][ T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 167.730513][ T26] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 167.784180][ T3371] loop1: detected capacity change from 0 to 512 [ 167.797001][ T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.852117][ T26] usb 1-1: config 0 descriptor?? [ 167.923461][ T432] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.938965][ T3371] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback. [ 167.950825][ T3371] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038 (0x7fffffff) [ 167.960018][ T432] usb 3-1: config 0 descriptor?? [ 168.000878][ T3368] loop3: detected capacity change from 0 to 40427 [ 168.041464][ T3368] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 168.057230][ T3368] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 168.067977][ T3368] F2FS-fs (loop3): Found nat_bits in checkpoint [ 168.102008][ T3377] loop4: detected capacity change from 0 to 40427 [ 168.102445][ T3368] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 168.115196][ T3368] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 168.180076][ T3377] F2FS-fs (loop4): Small segment_count (9 < 1 * 24) [ 168.186526][ T3377] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 168.196966][ T3377] F2FS-fs (loop4): Found nat_bits in checkpoint [ 168.219177][ T3377] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 168.226041][ T3377] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 168.345202][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.352497][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.360786][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.367822][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.376165][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.404851][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.412661][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.419871][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.485402][ T293] attempt to access beyond end of device [ 168.485402][ T293] loop3: rw=2049, want=45112, limit=40427 [ 168.496862][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.505348][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.512375][ T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0 [ 168.522621][ T26] lg-g15 0003:046D:C222.0029: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0 [ 168.559979][ T432] usbhid 3-1:0.0: can't add hid device: -71 [ 168.565849][ T432] usbhid: probe of 3-1:0.0 failed with error -71 [ 168.583562][ T432] usb 3-1: USB disconnect, device number 24 [ 168.608436][ T297] usb 1-1: USB disconnect, device number 21 [ 168.646025][ T3389] netlink: 64 bytes leftover after parsing attributes in process `syz.3.839'. [ 168.655043][ T3389] netlink: 24 bytes leftover after parsing attributes in process `syz.3.839'. [ 168.666330][ T3389] loop3: detected capacity change from 0 to 512 [ 168.713193][ T3389] EXT4-fs (loop3): Journaled quota options ignored when QUOTA feature is enabled [ 168.729035][ T3389] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 168.740127][ T3389] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 168.751069][ T3389] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 168.764649][ T3389] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 168.773708][ T3389] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e118, mo2=0000] [ 168.781786][ T3389] EXT4-fs (loop3): failed to initialize system zone (-117) [ 168.789404][ T3389] EXT4-fs (loop3): mount failed [ 168.886041][ T3244] attempt to access beyond end of device [ 168.886041][ T3244] loop4: rw=2049, want=45112, limit=40427 [ 168.979678][ T3394] loop3: detected capacity change from 0 to 2048 [ 169.030874][ T3394] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 169.174763][ T3407] loop3: detected capacity change from 0 to 2048 [ 169.383793][ T3421] loop0: detected capacity change from 0 to 256 [ 169.743515][ T3425] xt_CT: No such helper "pptp" [ 169.794658][ T3420] loop4: detected capacity change from 0 to 40427 [ 169.829238][ T63] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 169.869802][ T3420] F2FS-fs (loop4): Small segment_count (9 < 1 * 24) [ 169.908012][ T3420] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 169.919354][ T3420] F2FS-fs (loop4): Found nat_bits in checkpoint [ 169.962084][ T3420] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 169.969027][ T3420] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 170.508168][ T3244] attempt to access beyond end of device [ 170.508168][ T3244] loop4: rw=2049, want=45112, limit=40427 [ 170.529386][ T63] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.540695][ T63] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.550592][ T63] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 170.559773][ T63] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.572426][ T63] usb 2-1: config 0 descriptor?? [ 170.649210][ T20] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 170.715337][ T3453] FAULT_INJECTION: forcing a failure. [ 170.715337][ T3453] name failslab, interval 1, probability 0, space 0, times 0 [ 170.727932][ T3453] CPU: 1 PID: 3453 Comm: syz.4.861 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 170.737470][ T3453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 170.747415][ T3453] Call Trace: [ 170.750480][ T3453] [ 170.753475][ T3453] dump_stack_lvl+0x151/0x1b7 [ 170.757939][ T3453] ? io_uring_drop_tctx_refs+0x190/0x190 [ 170.763409][ T3453] dump_stack+0x15/0x17 [ 170.767410][ T3453] should_fail+0x3c6/0x510 [ 170.771657][ T3453] __should_failslab+0xa4/0xe0 [ 170.776261][ T3453] should_failslab+0x9/0x20 [ 170.780686][ T3453] slab_pre_alloc_hook+0x37/0xd0 [ 170.785452][ T3453] kmem_cache_alloc_trace+0x48/0x210 [ 170.790583][ T3453] ? v9fs_mount+0x5f/0x7f0 [ 170.794826][ T3453] v9fs_mount+0x5f/0x7f0 [ 170.798912][ T3453] legacy_get_tree+0xf1/0x190 [ 170.803419][ T3453] ? incfs_get_verity_signature+0x420/0x420 [ 170.809150][ T3453] vfs_get_tree+0x88/0x290 [ 170.813401][ T3453] do_new_mount+0x2ba/0xb30 [ 170.817740][ T3453] ? do_move_mount_old+0x160/0x160 [ 170.822687][ T3453] ? security_capable+0x87/0xb0 [ 170.827372][ T3453] ? ns_capable+0x89/0xe0 [ 170.831538][ T3453] path_mount+0x671/0x1070 [ 170.835794][ T3453] __se_sys_mount+0x2c4/0x3b0 [ 170.840311][ T3453] ? fput+0x1a/0x20 [ 170.843960][ T3453] ? __x64_sys_mount+0xd0/0xd0 [ 170.848550][ T3453] ? debug_smp_processor_id+0x17/0x20 [ 170.853760][ T3453] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 170.859665][ T3453] __x64_sys_mount+0xbf/0xd0 [ 170.864086][ T3453] do_syscall_64+0x3d/0xb0 [ 170.868338][ T3453] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 170.874067][ T3453] RIP: 0033:0x7f6e1f3589f9 [ 170.878332][ T3453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.897778][ T3453] RSP: 002b:00007f6e1dfd8048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 170.906006][ T3453] RAX: ffffffffffffffda RBX: 00007f6e1f4e6f80 RCX: 00007f6e1f3589f9 [ 170.913816][ T3453] RDX: 0000000020000280 RSI: 00000000200002c0 RDI: 0000000000000000 [ 170.921627][ T3453] RBP: 00007f6e1dfd80a0 R08: 0000000020000440 R09: 0000000000000000 [ 170.929438][ T3453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 170.937340][ T3453] R13: 000000000000000b R14: 00007f6e1f4e6f80 R15: 00007ffc0655e728 [ 170.945159][ T3453] [ 170.949400][ T26] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 170.976058][ T3456] loop4: detected capacity change from 0 to 2048 [ 171.045579][ T3458] FAULT_INJECTION: forcing a failure. [ 171.045579][ T3458] name failslab, interval 1, probability 0, space 0, times 0 [ 171.058155][ T3458] CPU: 1 PID: 3458 Comm: syz.2.863 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 171.061431][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 171.067782][ T3458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 171.079835][ T20] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 171.088358][ T3458] Call Trace: [ 171.104331][ T3458] [ 171.107107][ T3458] dump_stack_lvl+0x151/0x1b7 [ 171.111626][ T3458] ? io_uring_drop_tctx_refs+0x190/0x190 [ 171.117092][ T3458] dump_stack+0x15/0x17 [ 171.121079][ T3458] should_fail+0x3c6/0x510 [ 171.125333][ T3458] __should_failslab+0xa4/0xe0 [ 171.129933][ T3458] ? __build_skb+0x2a/0x300 [ 171.134272][ T3458] should_failslab+0x9/0x20 [ 171.138612][ T3458] slab_pre_alloc_hook+0x37/0xd0 [ 171.143384][ T3458] ? __build_skb+0x2a/0x300 [ 171.147724][ T3458] kmem_cache_alloc+0x44/0x200 [ 171.152326][ T3458] __build_skb+0x2a/0x300 [ 171.156506][ T3458] build_skb+0x25/0x1f0 [ 171.160502][ T3458] tun_get_user+0x1c7e/0x3aa0 [ 171.164997][ T3458] ? kasan_set_track+0x4b/0x70 [ 171.169593][ T3458] ? kasan_set_free_info+0x23/0x40 [ 171.174557][ T3458] ? tun_do_read+0x1ef0/0x1ef0 [ 171.179240][ T3458] ? kstrtouint_from_user+0x20a/0x2a0 [ 171.184447][ T3458] ? kstrtol_from_user+0x310/0x310 [ 171.189398][ T3458] ? avc_policy_seqno+0x1b/0x70 [ 171.194085][ T3458] ? selinux_file_permission+0x2c4/0x570 [ 171.199638][ T3458] tun_chr_write_iter+0x1e1/0x2e0 [ 171.204496][ T3458] vfs_write+0xd5d/0x1110 [ 171.208661][ T3458] ? kmem_cache_free+0x2c3/0x2e0 [ 171.213439][ T3458] ? file_end_write+0x1c0/0x1c0 [ 171.218128][ T3458] ? __fdget_pos+0x209/0x3a0 [ 171.222552][ T3458] ? ksys_write+0x77/0x2c0 [ 171.226821][ T3458] ksys_write+0x199/0x2c0 [ 171.230969][ T3458] ? __ia32_sys_read+0x90/0x90 [ 171.235568][ T3458] ? debug_smp_processor_id+0x17/0x20 [ 171.240776][ T3458] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 171.246852][ T3458] __x64_sys_write+0x7b/0x90 [ 171.251278][ T3458] do_syscall_64+0x3d/0xb0 [ 171.255530][ T3458] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 171.261259][ T3458] RIP: 0033:0x7f2abaab24df [ 171.265517][ T3458] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48 [ 171.284958][ T3458] RSP: 002b:00007f2ab9733010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 171.293206][ T3458] RAX: ffffffffffffffda RBX: 00007f2abac41f80 RCX: 00007f2abaab24df [ 171.301009][ T3458] RDX: 0000000000000036 RSI: 0000000020000080 RDI: 00000000000000c8 [ 171.308820][ T3458] RBP: 00007f2ab97330a0 R08: 0000000000000000 R09: 0000000000000000 [ 171.316640][ T3458] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001 [ 171.324452][ T3458] R13: 000000000000000b R14: 00007f2abac41f80 R15: 00007ffcef0668f8 [ 171.332267][ T3458] [ 171.335741][ T20] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 171.346856][ T3456] xt_CT: No such helper "pptp" [ 171.347346][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.351990][ T63] hid (null): bogus close delimiter [ 171.363056][ T20] usb 4-1: config 0 descriptor?? [ 171.596571][ T3468] loop4: detected capacity change from 0 to 256 [ 171.689430][ T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 171.738769][ T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 171.768184][ T26] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 171.779822][ T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.812885][ T26] usb 1-1: config 0 descriptor?? [ 171.980195][ T20] plantronics 0003:047F:FFFF.002B: No inputs registered, leaving [ 171.989017][ T20] plantronics 0003:047F:FFFF.002B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 172.029271][ T63] uclogic 0003:256C:006D.002A: failed retrieving Huion firmware version: -71 [ 172.037911][ T63] uclogic 0003:256C:006D.002A: failed probing parameters: -71 [ 172.045399][ T63] uclogic: probe of 0003:256C:006D.002A failed with error -71 [ 172.056510][ T63] usb 2-1: USB disconnect, device number 19 [ 172.290480][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.309577][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.326659][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.339234][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.356174][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.369256][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.386303][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.394133][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.405705][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.433028][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.443110][ T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0 [ 172.464430][ T63] usb 4-1: USB disconnect, device number 19 [ 172.473349][ T26] lg-g15 0003:046D:C222.002C: hidraw1: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0 [ 172.492846][ T30] kauditd_printk_skb: 196 callbacks suppressed [ 172.492861][ T30] audit: type=1326 audit(2000000125.579:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 172.500022][ T26] usb 1-1: USB disconnect, device number 22 [ 172.525045][ T30] audit: type=1326 audit(2000000125.579:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 172.597853][ T3488] loop1: detected capacity change from 0 to 512 [ 172.612034][ T30] audit: type=1326 audit(2000000125.619:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 172.649552][ T30] audit: type=1326 audit(2000000125.619:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 172.672943][ T30] audit: type=1326 audit(2000000125.619:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 172.696199][ T30] audit: type=1326 audit(2000000125.649:2096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 172.767908][ T30] audit: type=1326 audit(2000000125.649:2097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 172.771784][ T3490] syz.3.874[3490] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 172.797311][ T30] audit: type=1326 audit(2000000125.649:2098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 172.802161][ T3480] loop4: detected capacity change from 0 to 40427 [ 172.813151][ T30] audit: type=1326 audit(2000000125.649:2099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 172.839888][ T3490] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 172.862142][ T30] audit: type=1326 audit(2000000125.649:2100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000 [ 172.872686][ T3490] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 172.872702][ T3490] CPU: 1 PID: 3490 Comm: syz.3.874 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 172.872719][ T3490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 172.872730][ T3490] RIP: 0010:bpf_check+0x9514/0x12bf0 [ 172.897616][ T3488] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,grpquota,grpid,errors=remount-ro,. Quota mode: writeback. [ 172.904206][ T3490] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 a6 af 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 7e af 30 00 48 8b 1b 48 85 db 0f 84 [ 172.904229][ T3490] RSP: 0018:ffffc90000cc7500 EFLAGS: 00010246 [ 172.904245][ T3490] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 172.904257][ T3490] RDX: ffffc90003729000 RSI: 000000000003ffff RDI: 0000000000040000 [ 172.904268][ T3490] RBP: ffffc90000cc7bd0 R08: ffffffff817c09ad R09: ffffc90000cc6de8 [ 172.904281][ T3490] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000125813 [ 172.904292][ T3490] R13: ffff888121684008 R14: ffffffff817bc3d0 R15: ffffc9000092c09c [ 172.904306][ T3490] FS: 00007f810b3586c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 173.015155][ T3490] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.015176][ T3490] CR2: 0000000020002800 CR3: 000000010f00c000 CR4: 00000000003526a0 [ 173.015191][ T3490] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 173.015201][ T3490] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 173.015212][ T3490] Call Trace: [ 173.015218][ T3490] [ 173.015226][ T3490] ? __die_body+0x62/0xb0 [ 173.015249][ T3490] ? die_addr+0x9f/0xd0 [ 173.015266][ T3490] ? exc_general_protection+0x311/0x4b0 [ 173.015291][ T3490] ? asm_exc_general_protection+0x27/0x30 [ 173.015311][ T3490] ? tracing_prog_func_proto+0x300/0x300 [ 173.015336][ T3490] ? bpf_tracing_func_proto+0x15d/0x4a0 [ 173.015355][ T3490] ? bpf_check+0x9514/0x12bf0 [ 173.015383][ T3490] ? bpf_get_btf_vmlinux+0x60/0x60 [ 173.015399][ T3490] ? arch_stack_walk+0xf3/0x140 [ 173.015419][ T3490] ? stack_trace_save+0x113/0x1c0 [ 173.015436][ T3490] ? stack_trace_snprint+0xf0/0xf0 [ 173.015455][ T3490] ? ____kasan_kmalloc+0xed/0x110 [ 173.015471][ T3490] ? ____kasan_kmalloc+0xdb/0x110 [ 173.015485][ T3490] ? __kasan_kmalloc+0x9/0x10 [ 173.015499][ T3490] ? kmem_cache_alloc_trace+0x115/0x210 [ 173.015517][ T3490] ? selinux_bpf_prog_alloc+0x51/0x140 [ 173.015534][ T3490] ? security_bpf_prog_alloc+0x62/0x90 [ 173.015550][ T3490] ? bpf_prog_load+0x9ee/0x1b50 [ 173.015565][ T3490] ? __sys_bpf+0x4bc/0x760 [ 173.015580][ T3490] ? __x64_sys_bpf+0x7c/0x90 [ 173.015593][ T3490] ? do_syscall_64+0x3d/0xb0 [ 173.015610][ T3490] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 173.015637][ T3490] ? __kasan_kmalloc+0x9/0x10 [ 173.015652][ T3490] ? memset+0x35/0x40 [ 173.015667][ T3490] ? bpf_obj_name_cpy+0x196/0x1e0 [ 173.015683][ T3490] bpf_prog_load+0x12ac/0x1b50 [ 173.015701][ T3490] ? map_freeze+0x370/0x370 [ 173.015719][ T3490] ? selinux_bpf+0xcb/0x100 [ 173.015734][ T3490] ? security_bpf+0x82/0xb0 [ 173.015749][ T3490] __sys_bpf+0x4bc/0x760 [ 173.015764][ T3490] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 173.015782][ T3490] ? __kasan_check_read+0x11/0x20 [ 173.015799][ T3490] __x64_sys_bpf+0x7c/0x90 [ 173.015814][ T3490] do_syscall_64+0x3d/0xb0 [ 173.015831][ T3490] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 173.015849][ T3490] RIP: 0033:0x7f810c6d89f9 [ 173.015864][ T3490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.015877][ T3490] RSP: 002b:00007f810b358048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 173.015895][ T3490] RAX: ffffffffffffffda RBX: 00007f810c866f80 RCX: 00007f810c6d89f9 [ 173.015907][ T3490] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 173.015917][ T3490] RBP: 00007f810c7468ee R08: 0000000000000000 R09: 0000000000000000 [ 173.015927][ T3490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.015937][ T3490] R13: 000000000000000b R14: 00007f810c866f80 R15: 00007ffe6d683628 [ 173.015951][ T3490] [ 173.015956][ T3490] Modules linked in: [ 173.016855][ T3490] ---[ end trace b9ff0646d423f987 ]--- [ 173.016879][ T3490] RIP: 0010:bpf_check+0x9514/0x12bf0 [ 173.016903][ T3490] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 a6 af 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 7e af 30 00 48 8b 1b 48 85 db 0f 84 [ 173.016917][ T3490] RSP: 0018:ffffc90000cc7500 EFLAGS: 00010246 [ 173.016933][ T3490] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 173.016944][ T3490] RDX: ffffc90003729000 RSI: 000000000003ffff RDI: 0000000000040000 [ 173.016957][ T3490] RBP: ffffc90000cc7bd0 R08: ffffffff817c09ad R09: ffffc90000cc6de8 [ 173.016969][ T3490] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000125813 [ 173.016981][ T3490] R13: ffff888121684008 R14: ffffffff817bc3d0 R15: ffffc9000092c09c [ 173.016994][ T3490] FS: 00007f810b3586c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 173.017011][ T3490] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.017023][ T3490] CR2: 0000000020007fc2 CR3: 000000010f00c000 CR4: 00000000003526b0 [ 173.017039][ T3490] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 173.017049][ T3490] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 173.017067][ T3490] Kernel panic - not syncing: Fatal exception [ 173.017284][ T3490] Kernel Offset: disabled [ 173.423171][ T3490] Rebooting in 86400 seconds..