last executing test programs:

10.368503895s ago: executing program 3 (id=535):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0xa00, 0x0, 0x2ffffffff}, 0xc)

9.246195727s ago: executing program 3 (id=539):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000f800b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0xf1, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) (fail_nth: 12)

9.163485403s ago: executing program 4 (id=541):
close(0xffffffffffffffff)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
setrlimit(0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x6}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@max_batch_time}, {@data_err_abort}]}, 0xb, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000ac0), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_GET(r4, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000b00)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000b516008fe0005800800010065746800"], 0x20}}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(0x3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random="99f82fadae27"})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

9.112527938s ago: executing program 3 (id=542):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000007b00000000000000000000850000007b00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000080)='netlink_extack\x00', r0}, 0x10)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000040)='./control\x00', 0x5000410)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x4, 0x5}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x2, 0x1, 0x332b3bdc}}, 0x10)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffff7f}]})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
accept(0xffffffffffffffff, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)

8.22046431s ago: executing program 3 (id=544):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffff"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000640)={&(0x7f0000000580), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2c000000030803000000020000000000050000070600c7"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000700)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$9p(0xffffffffffffffff, &(0x7f0000000240)="e3b24a608b56ececa7d4b12cc044c1be6e1a5176b0e5c707eb80eb4569594428dc8559beea809f1dc2fb68b800e76a9fdb8442", 0x33)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r5, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x200087bd, &(0x7f0000000000)={0x2, 0x24e23, @empty}, 0x10)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000040)=0x1b7a, 0x4)
recvmmsg(r5, &(0x7f0000005000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x3161, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000000)=0x7, 0x4)
bind$netlink(r0, &(0x7f0000000040), 0xc)
clock_gettime(0x4, &(0x7f0000000540))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)

8.114654489s ago: executing program 4 (id=546):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="250a00000000000061117c0000000000180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x80)

6.511680119s ago: executing program 3 (id=551):
r0 = syz_usb_connect$hid(0x6, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x15, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x20}}}}}]}}]}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f00000000c0)={0x0, 0x0, 0x5, {0x5, 0x0, "009cf9"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x28de, 0x1142, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
syz_usb_control_io(r2, &(0x7f00000001c0)={0x2c, &(0x7f0000000300)={0x40, 0x11, 0x10, {0x10, 0x22, "b165e1c22194687a2d705af8acf3"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='afs_cb_miss\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(r4, 0x8, &(0x7f00000002c0)=0xffffffffffffffff)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[0x0], 0x1}, 0x58)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x4003, &(0x7f00000000c0)={[{@errors_remount}]}, 0x2, 0x4e6, &(0x7f0000000840)="$eJzs3MtrXNUfAPDvvUnapo9f8qvPPrSjVQyKTZM+Fy6sKHQjCIrUZUzSUpu20kRoS7BRpIILpX+Bj53gX+BKN6LiQnGruBWhSDatLmTkztwbZzozeXWSaZPPB6Y9595z7znn3nuS85ibANatUvZPErE1In6JiL5qtD5Bqfrfzdnp0b9mp0eTKJdf/jOppLsxOz1aJC2O25JHBtKI9L0kdjXJd/LS5TMjExPjF/L44FSah86OnBo/NX5u+OjRgwd6jxwePtSWemZlurHz7fO7dxx/7dqLoyeuvf7dF1l5y/n+2npU9S8xh66GLaUo1V/LGo8v8ex3um014aQ7+zftXGFYtOypzW5XT6X995VzlX198cK7RboNnSwksCKyxr6xYevc77KZcq0kqR4ArBGJJg3rVPGL/sZsNlKdHm0cBzfR3dYuSEddPxaVCmX1vpl/qnu6KyPYUn91bNSzQvnfGxEnZv7+OPtE03kIAID2+upYxOa831F8qnvSuL8m3f/yWaH+iPh/RGyPiHvy/st9EZW0D0TEgzXHJPl60nxKt8Qb+z8/9eaB2u5q22T9v2fyta36/t/c+kV/Vx7bVql/T3Ly9MT4/vyaDETPxiw+1HjquWm1r5//+aNW+Zdq+n/ZJ8u/6Avm5fij+5YJurGRqZHbrXfh+juVC3ulsf5JdCdFKGJHROxcxvmza3b6yc93t9pfV/+sng31/7D1ydswDil/GvFE9f7PxC31j3zdI6msT559c3Dy0uWnT9euTw4dOTx8aHBTTIzvHyyeikbf/3j1pTzYMIxY+P6vrOz+b276/M+tXPYnteu1k0vP4+qv77cc0yz3+d+QvFIJF+tSF0empi4MRWxIZhq3D/937MWR3rr0Wf0H9jZv/9sj/vkkP25XRGQP8UMR8XBE7MnL/khEPBoRe+ep/7fPPfZGqyHknXD/x5Z0/1sFnv0hovmurjPffNmQ8QelRdY/u/8HK6GBfMvYyNSmheo1X0lrA7d9AQEAAOAusCcitkaS7svnOLdGmu7bF7FlbgZlcuqpk+ffOjdWfUegP3rSYqarr2Y+dCifG87i2VHDNfFs/4HKvHG5XC73ZvFs/D6xrbNVh3VvS4v2n/m98ZUWYK1Z0jpaqzfagLvS8tfR2/+FDGB1raHv8wNLpP3D+rXo9r9Sb8EBHdOs/V+JuNmBogCrrFn7f7UD5QBWn/E/rF/aP6xbC75MC6xJi3pJfhmB7cfnSZN0r0ymrQNp1G3JfuLV/RWA/ogicfEFx/lP+Fsa0Z4SdrW1pr119zRtmmZTtCOvSBdM072EP8SwuoH0zihGNbAxIhZ4eucetitF4PJKF6zSCD7r7E8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA2/dvAAAA//+lFtmI")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x11, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x40}, {}, {}, [@map_val={0x18, 0xc16881a433622cd2, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='GPL\x00', 0x3, 0x65, &(0x7f00000004c0)=""/101, 0x40f00, 0x15, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x1, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3}, 0x90)
open(&(0x7f0000000480)='.\x00', 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x18}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

6.510788679s ago: executing program 4 (id=552):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x400}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x48801)
writev(0xffffffffffffffff, &(0x7f00000011c0)=[{&(0x7f0000000100)="0e044fa389d2dd6ff4f2f414b5b963a9b4e79c414f7170e1", 0x18}, {0x0, 0x2}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$inet6(0xa, 0x1, 0xffffffff)
connect$inet6(r6, &(0x7f00000003c0)={0xa, 0x2, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}, 0x1c)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=ANY=[], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="280000005200010007000000001a00000a000000120001000000555b9154891e83b5a77ddc0d29975e6cd37b701756e9d0062fcee9fb56aa6fe1216a2fb2514ba89ab8f329459e3074a9acab6fe51d6f39e45b3e78a4aaf3fd6ef9543bc88b5ff29f38280062917e8f437e265e6aba4feed7eaf430d9f2d3393c712e6652470374de1f368393c893c08b72abdf094c0724206eac0251900c4753ffa5ffe13f6e1eff37860092789a65272ef14a0da6cf21eb5d1d34b2321bee11785214702329db5310ed3481e6efc74d047f3b092fa5c2204c1955e8afd891148f0884e94a93180c7ce23bc9eadc7dcf0e4a01882de3fc6a5d9a5470e3b777092559056f7df25161ba6dc82ca90e0fa6065813c6b45d04563714ca8198aec236c384263bd150a7d26346d74fe1d2d31871c2292be6c6a2aad8c4660faa0ca8a3a23e19c5071567a6660f48e870c7f16bd8a24681a1bcd5a4a9c90a6f08848ac798662dc49eea274e"], 0x28}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r7}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x100000000000000}, 0x0)

6.442947945s ago: executing program 0 (id=555):
ioctl$SIOCGETSGCNT_IN6(0xffffffffffffffff, 0x89e1, &(0x7f00000000c0)={@mcast2, @private0})
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYBLOB="09030000000000fdff072000adce04000280"], 0x18}, 0x1, 0xf000000}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000240), 0x3af4701e)
sendfile(r3, r1, 0x0, 0x10000a007)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x3810744, &(0x7f0000002980)={[{@noauto_da_alloc}, {@user_xattr}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@jqfmt_vfsv0}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@noauto_da_alloc}, {@test_dummy_encryption}], [{@obj_type={'obj_type', 0x3d, '/dev/ptmx\x00'}}]}, 0x1, 0x450, &(0x7f0000002500)="$eJzs289vFFUcAPDvzG4BAWlFREHQKhobf7S0oHLwotHEgyYmesBjbQtBFmpoTYQQrcbg0ZB4Nx5N/As8eTLqycSr3g0J0cYE9OKa2Z1pu9vd0h9btrKfT7Lw3s7bee+bN2/27XudAHrWYPZPErE7In6NiP56trHAYP2/m/OXJ/6evzyRRLX65h9JrdyN+csTRdHic7vyzFAakX6a5JU0mrl46ex4pTJ1Ic+PzJ57b2Tm4qVnzpwbPz11eur82IkTx4+NPv/c2LMdiTNr042DH04fOvDq21dfnzh59Z0fv9kREfsP148vjaNTBrPA/6zWNB97vNOVddm/1cU4k3K3W8NqlSIi666+2vjvj1Isdl5/vPJJVxsHbKrsnr29/eG5KnAHS6LbLQC6o/iiz37/Fq/bNPXYEq6/WP8BlMV9M3/Vj5Qjzcv0bWL9gxFxcu6fL7NXNK1DVFusGwAAbNR32fzn6eXzvyQi9i8pl+R7QwMRcU9E7I2IeyNiX0Tcl5e9PyIeWGP9zVtDy+ef6bV1hrYq2fzvhXxvq3H+V8z+YqCU5+6uxd+XnDpTmToaEXsiYij6tmf50VYnL07x8i+ft6t/6fwve2X1F3PB/CTXyk0LdJPjs+OdmpRe/zjiYLlV/MnCTkDW9wci4uDaTr2nSJx58utD7QrdOv4VdGCfqfpVxBP1/p+LpvgLycr7kyM7ojJ1dKS4Kpb76ecrb7Srf0Pxd0DW/zsbr/+mEv1/JUv3a2fWXseV3z5r+5uyvM7rf1vyVm3Pelv+3gfjs7MXRiO2Ja/V8g3vjy1+tsgX5bP4h460Hv97889k8T8YEdlFfDgiHoqIh/O+eyQiHo2IIyvE/8NLj73b7thW6P/Jlve/het/oLH/154onf3+23b1r+7+d7yWGsrfqd3/bqF9c3bkJdZ7NQMAAMD/TxoRuyNJhxfSaTo8XP97+X2xM61Mz8w+dWr6/fOT9WcEBqIvLVa6+pesh44mc/kZ6/mxfK24OH4sXzf+onRXLT88MV2Z7HLs0Ot2tRn/md9L3W4dsOk8rwW9q3n8p11qB3D7+f6H3mX8Q+8y/qF3tRr/HzXl7QXAncn3P/Qu4x96l/EPvcv4h560kef6NytRXuHpfYmtkoh0SzRDokWi3IHR3eUbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIf8FwAA//+YWPHx")
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
recvmmsg(r5, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./bus\x00', 0x0, &(0x7f0000020000)=ANY=[], 0x1, 0x5511, &(0x7f0000001880)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x165846, 0x0)
pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1400, 0x0, 0x3)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x0)

5.51258987s ago: executing program 4 (id=556):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040), 0x242002, 0x0)
r4 = syz_usb_connect$uac1(0x0, 0x71, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x4, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)
syz_usb_control_io$uac1(r4, &(0x7f0000000a00)={0x14, 0x0, &(0x7f00000009c0)={0x0, 0x3, 0x4, @lang_id={0x4}}}, 0x0)
syz_usb_control_io(r4, &(0x7f0000000fc0)={0x2c, 0x0, &(0x7f0000000e40)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r4, &(0x7f0000006740)={0x18, 0x0, &(0x7f0000006640)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x20}}, 0x0, 0x0, 0x0}, 0x0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x172f, 0x32, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)={0x0, 0x0, 0x5, {0x5, 0xf, "820027"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$KDADDIO(r3, 0x4b34, 0xfffffffffffffffa)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = io_uring_setup(0xad5, &(0x7f0000000100))
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@ipv6_newroute={0x24, 0x18, 0xe19, 0x0, 0x0, {}, [@RTA_PRIORITY={0x8, 0x6, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008004}, 0x0)
close(r8)
clock_nanosleep(0x0, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)

4.883695322s ago: executing program 0 (id=558):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket(0x10, 0x3, 0x0)
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c010004230eb1613e1cab4e3963b58a4a414e3054dee43738b4fc80f6558f7ecbcc58187bbb12448dd1f6efcd84eaa963230d42d729e7a2e498439df5167a82", @ANYRES16=0x0, @ANYBLOB="000129bd7000fddbdf25070000000c000280060002004e22000050000180060002003b0000000800050002000000060002000800000008000900200000000800090019000000060001000a000000080009005300000008000800010000000c000700040000000c00000014000180060004004e22000008000b007369700034000280080009001d0b0000080006000800000008000700100000000800080005000000080008000200000008000800020000004000028008000400b000000008000300030000001400010000000000000000"], 0x11c}, 0x1, 0x0, 0x0, 0x8000000}, 0x80)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2010480, &(0x7f00000001c0), 0x45, 0x76a, &(0x7f0000000fc0)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=")
socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0xb, &(0x7f0000000300), &(0x7f0000000180)=0x3)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4000}, 0x48)
pwritev2(r1, &(0x7f0000000140)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x5405, 0x0, 0x0)
sendfile(r1, r1, 0x0, 0x7a680000)

3.477289907s ago: executing program 1 (id=559):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x68}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)

3.475656737s ago: executing program 0 (id=560):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000200), 0x48)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x46, &(0x7f0000000000), 0x4)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1451c2, 0x0)
ftruncate(r3, 0x2007ffb)
sendfile(r3, r3, 0x0, 0x800000009)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000407b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x10000, 0x9, 0x17, 0x140c, r0, 0x2, '\x00', 0x0, r3, 0x0, 0x2, 0x3, 0x200000000005}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r4}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r7 = dup(r6)
write$FUSE_BMAP(r7, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r7, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000800000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.450204829s ago: executing program 2 (id=561):
ioctl$SIOCGETSGCNT_IN6(0xffffffffffffffff, 0x89e1, &(0x7f00000000c0)={@mcast2, @private0})
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYBLOB="09030000000000fdff072000adce04000280"], 0x18}, 0x1, 0xf000000}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000240), 0x3af4701e)
sendfile(r3, r1, 0x0, 0x10000a007)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x3810744, &(0x7f0000002980)={[{@noauto_da_alloc}, {@user_xattr}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@jqfmt_vfsv0}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@noauto_da_alloc}, {@test_dummy_encryption}], [{@obj_type={'obj_type', 0x3d, '/dev/ptmx\x00'}}]}, 0x1, 0x450, &(0x7f0000002500)="$eJzs289vFFUcAPDvzG4BAWlFREHQKhobf7S0oHLwotHEgyYmesBjbQtBFmpoTYQQrcbg0ZB4Nx5N/As8eTLqycSr3g0J0cYE9OKa2Z1pu9vd0h9btrKfT7Lw3s7bee+bN2/27XudAHrWYPZPErE7In6NiP56trHAYP2/m/OXJ/6evzyRRLX65h9JrdyN+csTRdHic7vyzFAakX6a5JU0mrl46ex4pTJ1Ic+PzJ57b2Tm4qVnzpwbPz11eur82IkTx4+NPv/c2LMdiTNr042DH04fOvDq21dfnzh59Z0fv9kREfsP148vjaNTBrPA/6zWNB97vNOVddm/1cU4k3K3W8NqlSIi666+2vjvj1Isdl5/vPJJVxsHbKrsnr29/eG5KnAHS6LbLQC6o/iiz37/Fq/bNPXYEq6/WP8BlMV9M3/Vj5Qjzcv0bWL9gxFxcu6fL7NXNK1DVFusGwAAbNR32fzn6eXzvyQi9i8pl+R7QwMRcU9E7I2IeyNiX0Tcl5e9PyIeWGP9zVtDy+ef6bV1hrYq2fzvhXxvq3H+V8z+YqCU5+6uxd+XnDpTmToaEXsiYij6tmf50VYnL07x8i+ft6t/6fwve2X1F3PB/CTXyk0LdJPjs+OdmpRe/zjiYLlV/MnCTkDW9wci4uDaTr2nSJx58utD7QrdOv4VdGCfqfpVxBP1/p+LpvgLycr7kyM7ojJ1dKS4Kpb76ecrb7Srf0Pxd0DW/zsbr/+mEv1/JUv3a2fWXseV3z5r+5uyvM7rf1vyVm3Pelv+3gfjs7MXRiO2Ja/V8g3vjy1+tsgX5bP4h460Hv97889k8T8YEdlFfDgiHoqIh/O+eyQiHo2IIyvE/8NLj73b7thW6P/Jlve/het/oLH/154onf3+23b1r+7+d7yWGsrfqd3/bqF9c3bkJdZ7NQMAAMD/TxoRuyNJhxfSaTo8XP97+X2xM61Mz8w+dWr6/fOT9WcEBqIvLVa6+pesh44mc/kZ6/mxfK24OH4sXzf+onRXLT88MV2Z7HLs0Ot2tRn/md9L3W4dsOk8rwW9q3n8p11qB3D7+f6H3mX8Q+8y/qF3tRr/HzXl7QXAncn3P/Qu4x96l/EPvcv4h560kef6NytRXuHpfYmtkoh0SzRDokWi3IHR3eUbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIf8FwAA//+YWPHx")
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
recvmmsg(r5, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./bus\x00', 0x0, &(0x7f0000020000)=ANY=[], 0x1, 0x5511, &(0x7f0000001880)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x165846, 0x0)
pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1400, 0x0, 0x3)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x0)

3.340110938s ago: executing program 1 (id=562):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) (async)
sched_setaffinity(0x0, 0xffffffffffffffc2, &(0x7f0000000280)=0x666) (async)
r0 = getpid() (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae42, &(0x7f0000000140)) (async)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200000a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d68b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e6d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf01860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea"], 0x0}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000340), 0xfe07)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0) (async)
bpf$MAP_CREATE(0xe, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x2008}, 0x48) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095", @ANYRES8], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, &(0x7f00000000c0)=0x6, 0x4) (async)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x48800, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) (async)
sendto$inet(0xffffffffffffffff, &(0x7f00000023c0)="8c", 0x1, 0x0, &(0x7f0000002400)={0x2, 0x0, @multicast2}, 0x10) (async)
syz_open_dev$evdev(&(0x7f0000000000), 0x81, 0x20000) (async)
socket(0x10, 0x803, 0x0) (async)
socket(0x200000100000011, 0x3, 0x0)

3.339821038s ago: executing program 1 (id=563):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="250a00000000000061117c0000000000180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x80)

2.993423626s ago: executing program 2 (id=564):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0x2020)

2.531563134s ago: executing program 0 (id=565):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000006b80)="$eJzs3E1rY9UfB/CTPs7Tf/5FXLibC4PQwiQ0fRh0V3UGH7BD8WHhStMkDZlJckuTprUrFy7Fhe9EFFy59DW4cO1OXCjuhJHccypTH0Bp2tjp5wO333tPTn73nEtpOfeGBODSWsh++akUboarIYTpEMKNEIr9UtoKGzGeCyHcCiFMPbGVUvvvDXMhhGshhJuj4rFmKb302Z3h7fUf3/j562/nZ65//tV3k5s1MGnPhxC6u3H/oBszb8V8mNprw3aR3bVhyvhC91E6zmMeNLeLCge14361IldbsX++u98f5U6nVh9lq71TtO/24gn7w9ZxneIND2t7xXGjuV1ku58X2TqK4zo8in/bjvqDWKeR6n1YlA+DwXHG9uZhM85n91GR9d4gtce6eaN5OMphynS6UM87jWIc26e50v9tb7Z7+4fZsLnXb+e9bL1SfaFSvVuu7uWN5qC5Vq51G3fXssVWZ9StPGjWuhutPG91mpV63l3KFlv1erlazRbvNbfbtV5WrVZWK8vl9aW0dyd79cG7WaeRLY7y5XZvf9Du9LOdfC+L71jKViqrLy5lt6vZ25tb2dZb9+9vbr3z/r33Hry0+forqdOfhpUtriyvrJSry+WV6tLFnf/of/2/mv/HadBjnD+cSmnSAwC4eKz/gUm46Ov/YP0/Ftb/l3b+j5PTXUAuN+t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBL6/vZL14rdhbi8fXU/r/U9Ew6LoUQpkIIj//CdJg7UXM61Zn9m/6zfxjDN6VQVBidYz5t10IIG2n79f9nfRUAAADg6fXlR7c+jav1+GNh0gPiPMWbNlM3PhhTvVIIYXbhhzFUCelmU3j29KOKRr/fM+FwTNWKG1hXxlQs3nKbGVe1f2T6RFx5Ikoxpo57zp3ruAAAgLN0ciVwvqsQAAAAztMnkx4Ak1E8aU2fxU+P+eZjpAeCV08cAQAAABdQadIDAAAAAM5csf73/X8AAADwdIvf/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAbO3eTkzoUBQD4tND3eD9GYpy7FWewDJfg0KFhKywBt+AGWAPOXIIBQ3tRMRhM+hfJ9yXt5TbN4ZTQwTm3KQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG16KhbTh/urUd046009zVwNAAAAcMiqWEzLD+Nq/i8dP0uHLtI8i4g8Ig7V7oP4tRdzkOIUX5xffMrhMaKMsP2O32n7GxHXaXs5b/tXAAAAgNO1nM0nVbVe7cZ9J0SXqqZN/v+moXhZRBTj54ai5dvd5bdO3RzvD23/38O4q59WqWxg1X5kZqdsuQ2binbcIN3ub8Pow5BVQ95dOgAAQFf2K4EOqxAAAAA6dtt3AvQji91S5m4tuHzy/n1B8M/eDAAAAPiBsr4TAAAAAFpX1v/e/wcAAACnrXr/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1aFYvpcjaf1I2z3tTTzNUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvLI/7ygMw2AQBjeJ8uqELuD739Is2K1bNzMg+Pi3EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAlcfx8jzj1ZjJNnqdSd49rySfTo1vp8avc+OfZKy7fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwsz8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXP/vnFTcQDAv2efr7SACAFlCEJUYoCFptfS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/+Hzq3UpWwdMhSJiQFkn528HpU4WtW+Np+P9Py+thy/73OiKF8/5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo7L67H+flZmESZ/Wxm/eurpf9ram+dH379nLZyrjXZtJPhlfTnd5Sd4kAAABwcORNfR8xiGJntQyyhar+L5pzypr/++cncVPPT9f9Td/U/mX77de7L+8NtDAZp7zouY3x6Pi/U+k/xmnOtRf+84x+deerZy959Q3JPth6abeo7mfv2xs33htU4aE2sgUAHsaxpq+D5u+hsh92mRgAB0Y/Kbzv1PV/vtBtTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtGGzFs03ci4jl/n5cunXv6nrVT+1f37693LTT165tp9csL1FExLmN8eh4WxN5Aly6fOXTtfF4dLH94LWI6G70OvhohnMiusxQ8KhBVv+sz/ZVRyOi+5y7Dzr+xQQAwFOnqFtZ198pdlbLY73FiL9/uL/+fyOJI63/p/q0/r/78emb6Vhp/T9sbYbzb2Xzwhcrly5feWvjwtr50fnRZ2+fGL4zPHnm1KkzK9WzkhVPTAAAAHg0g7ql9X+2GLE7tf5/JIljxvr/y++GX6dj5er/B9pf9Os6EwAAgIPtxaN//tF7wPHeYBBfrW1uXhxOtnv7JybbDlL93w7VLa3/88WuswIAAADasLvVu2/9/2wSx4zr/8/9+MrP6TXziDhcr/8fW/98fLa96XTkr5nOauPfiR/7VAEAAJhrh+uWrv8X1fv/2d4rD1lEvPn6JK4/BnCm+j9//5uf0rHS9/9PtjfFuZQtTe5H1S9F9Je6zggAAICn2TN1K4v934ud1U9+OfLhwPv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG37JwAA//9VakSc")
syz_clone(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f00000002c0)='y', 0x1}], 0x1, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[], [], 0x2c})
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000280)='./file0\x00')
getresgid(&(0x7f00000004c0), &(0x7f0000000500), &(0x7f0000000540))
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000006c0)={{{@in=@initdev, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@empty}}, &(0x7f0000000580)=0xe8)
getresuid(&(0x7f0000000600)=<r7=>0x0, &(0x7f0000000840), &(0x7f0000000880))
write$FUSE_DIRENTPLUS(r0, &(0x7f0000002a80)={0x150, 0x0, 0x0, [{{0x4, 0x3, 0xa2b0, 0x7, 0x3, 0xd0d, {0x4, 0x6cc, 0x200, 0x9, 0xb, 0x7, 0x1363, 0x7fffffff, 0x0, 0x4000, 0x3, r6, 0x0, 0xa4, 0x6}}, {0x3, 0xffff, 0x2, 0x5154, ':,'}}, {{0x6, 0x1, 0x5, 0x0, 0x8, 0x4, {0x5, 0x6, 0x1, 0x395, 0x7, 0x3, 0x401, 0x8, 0x800, 0x4000, 0x7, r7, 0xee01, 0x3, 0x8}}, {0x0, 0x7fffffff, 0x1, 0xffffff51, '$'}}]}, 0x150)

2.490823887s ago: executing program 1 (id=566):
listen(0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000002f40)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0)
r4 = gettid()
io_uring_enter(0xffffffffffffffff, 0x0, 0xe257, 0x1, 0x0, 0x0)
rt_sigqueueinfo(r4, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff})
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x4300, 0xc, 0xc, 0x4, [@func_proto]}, {0x0, [0x2e, 0x61]}}, 0x0, 0x28}, 0x20)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={0x0, @private, @loopback}, &(0x7f0000000300)=0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map, r5, 0x7}, 0x10)

2.155534574s ago: executing program 3 (id=567):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000040000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xb, &(0x7f0000000480)=ANY=[@ANYRES64=r2, @ANYBLOB="b58ea43e4a88f2f1f5c8031b689ed2e7f5e5f6d0abb93610de066268881c236bc7", @ANYRES8=r6, @ANYRESOCT=r1, @ANYBLOB="87f6e49e70fbc29cf1c1d3d52657ea04da78660cde523a959d02ecb058a37ad864489d68b7fa7159299898ba7cc0d27aa29eecd0ddcb0fdc032e", @ANYRESOCT=r4, @ANYRES32=r5], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
syz_extract_tcp_res$synack(&(0x7f0000000240), 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
poll(&(0x7f0000000100)=[{0xffffffffffffffff, 0x8011}, {0xffffffffffffffff, 0x9}, {}, {0xffffffffffffffff, 0x401}], 0x4, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r9, 0x400455c8, 0x0)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448ca, 0x0)
close_range(r8, r5, 0x0)
fcntl$dupfd(r2, 0x406, r3)

2.012940996s ago: executing program 2 (id=568):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = eventfd(0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x1, r3, 0x1})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r1, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r6, 0x0, 0x0}, 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.730647759s ago: executing program 2 (id=569):
r0 = gettid()
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8541)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x10)
ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522)
ioctl$USBDEVFS_BULK(r1, 0x5523, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

1.237712049s ago: executing program 1 (id=570):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
clock_gettime(0x7, &(0x7f0000000340))
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2f}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000040420f00b7030000000020008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000002"], 0x98}}, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
sendmsg$inet6(r4, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x24008001)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg2\x00', <r5=>0x0})
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200583c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa000000", @ANYRES8], 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000380)=ANY=[@ANYBLOB="62ec4ad1143466791e780a", @ANYRES16=r7, @ANYBLOB="0100000000000000000009000000180004801300050062726f6164636173742d6c696e6b0000"], 0x2c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f0000000180)={'syztnl1\x00', r5, 0x29, 0x1, 0x8, 0x178f, 0x8, @local, @private0, 0x8000, 0x700, 0x0, 0xff}})
mount_setattr(0xffffffffffffffff, 0x0, 0x900, &(0x7f00000008c0)={0x100084, 0x8}, 0x20)

1.236761689s ago: executing program 4 (id=571):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket(0x10, 0x3, 0x0)
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c010004230eb1613e1cab4e3963b58a4a414e3054dee43738b4fc80f6558f7ecbcc58187bbb12448dd1f6efcd84eaa963230d42d729e7a2e498439df5167a82", @ANYRES16=0x0, @ANYBLOB="000129bd7000fddbdf25070000000c000280060002004e22000050000180060002003b0000000800050002000000060002000800000008000900200000000800090019000000060001000a000000080009005300000008000800010000000c000700040000000c00000014000180060004004e22000008000b007369700034000280080009001d0b0000080006000800000008000700100000000800080005000000080008000200000008000800020000004000028008000400b000000008000300030000001400010000000000000000"], 0x11c}, 0x1, 0x0, 0x0, 0x8000000}, 0x80)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2010480, &(0x7f00000001c0), 0x45, 0x76a, &(0x7f0000000fc0)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=")
socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0xb, &(0x7f0000000300), &(0x7f0000000180)=0x3)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4000}, 0x48)
pwritev2(r1, &(0x7f0000000140)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x5405, 0x0, 0x0)
sendfile(r1, r1, 0x0, 0x7a680000)

1.151568287s ago: executing program 0 (id=572):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000940)=ANY=[@ANYBLOB="1201000074020440fd07010099480102030109021b0001000000000904"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x68}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)

1.150883117s ago: executing program 2 (id=573):
close(0xffffffffffffffff)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
setrlimit(0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x6}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@max_batch_time}, {@data_err_abort}]}, 0xb, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000ac0), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_GET(r4, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000b00)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000b516008fe0005800800010065746800"], 0x20}}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(0x3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random="99f82fadae27"})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

1.138891357s ago: executing program 1 (id=574):
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xb, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@bloom_filter={0x1e, 0x1, 0x81, 0x4, 0x2410, 0xffffffffffffffff, 0xc3, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x5, 0x3}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r5, 0x4068aea3, &(0x7f0000000380))
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000080)="baf80c66b8cf0e978366efbafc0cec2e67660fc7354d0000000f3801983a9cb872008ed8f43e0f38f05786f20f5ef00f01c5ba2000ec0f73f454", 0x3a}], 0x1, 0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)

936.159854ms ago: executing program 0 (id=575):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
syz_read_part_table(0x5fd, &(0x7f0000000d00)="$eJzs2z9olGccB/DvxVzOP9B0cHKpcegkFMXRDFWSU7EQTqUQHLS1iJgpQuCkhwc6tBkUM0jHLlK4ReNkzOBQFIXORRxahAwuBV2kdshbrvc2rfaPR8kNxc9n+T338rvn+/zgWZ/wvzaUarkqar+VDz751/5i9I91O8c6E5MHi6IojiaVHE81Y9++s5hkOK/umh1JRv60z/WvNy9/+fxAtfP4yIv3T9ybH1rbs5Z3k2wZeePRa/1PyaDcGL8/evHSbP1y90e9tbL6cXLz2URj6fD8wuKh6v5T3e8Xkgdlf+9ibMq5NHM+Z3Ny+L+kVl7Jb3fzm+NnHtVbK191nuxa3Vbv3D699+X25St3dydz3Yip1/6XN9+vvqzNX+bPjV2dXmjt23lr67U9zTsPG083/Fz0lJHV9ckFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAwbozfH714abZ+uTl+5lG9tfLF9999dPPZRGPp8PzC4qGR/afKvgdlHS7ruTRzPmdzMjOZyWeZ7T9yuvKP+b9sTp7sWt1W79w+vffl5PKVu7vLvqn1GPZvvD7/3NjV6YXWvp23tl7b07zzsPF0Q69vppZPU+2tawM6CwAAAAAAAAAAAAAAAAAAAG+vicmD26c+bBxNKjm+MclPnw91vxflI/ff3+rvKOsPtWRTkusbk/bzA9XO4yMvRk7cm/+x7G+nlnaSLd8sHUveW8u58JfkyqBHow+/BgAA//8hVpWc")

35.354127ms ago: executing program 2 (id=577):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x0, 0x0, 0x9}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0xb)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000008000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4c8, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0xf, 0x5, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x0, 0x2d}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000340)=ANY=[@ANYRES16=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
openat$rfkill(0xffffffffffffff9c, 0x0, 0x0, 0x0)
inotify_init()
r6 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcda)
sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000300), 0xc, 0x0}, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000000000000380000000000000000191bda0000200001000000000280000000000003"], 0x69)
close(r6)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)

0s ago: executing program 4 (id=578):
pipe2$9p(&(0x7f0000002180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000700)=ANY=[], 0x138)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

kernel console output (not intermixed with test programs):

rmissive=1
[   92.767192][  T606] I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   92.791660][  T606] Buffer I/O error on dev loop4p4, logical block 1, async page read
[   92.857031][  T431] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   92.880550][  T431] Buffer I/O error on dev loop4p1, logical block 0, async page read
[   92.900021][  T431] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.024122][  T431] Buffer I/O error on dev loop4p1, logical block 0, async page read
[   93.063152][  T431] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.149525][  T431] Buffer I/O error on dev loop4p1, logical block 0, async page read
[   93.179450][  T431] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.188674][  T431] Buffer I/O error on dev loop4p1, logical block 0, async page read
[   93.244847][  T431] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.290660][  T431] Buffer I/O error on dev loop4p1, logical block 0, async page read
[   93.351044][ T1657] EXT4-fs (loop3): unmounting filesystem.
[   93.361695][  T431] udevd[431]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   93.366729][  T606] udevd[606]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   93.390530][ T1789] loop2: detected capacity change from 0 to 1024
[   93.396977][ T1789] EXT4-fs: Ignoring removed orlov option
[   93.434137][ T1789] EXT4-fs (loop2): Test dummy encryption mode enabled
[   93.440851][  T431] udevd[431]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   93.442479][  T606] udevd[606]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   93.465058][ T1789] EXT4-fs (loop2): can't mount with commit=6, fs mounted w/o journal
[   93.483223][  T606] udevd[606]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   93.483256][  T431] udevd[431]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   93.699402][   T19] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   93.705759][ T1792] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   93.715959][ T1792] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   93.788447][ T1804] netlink: 12 bytes leftover after parsing attributes in process `syz.2.304'.
[   94.065074][ T1799] loop0: detected capacity change from 0 to 40427
[   94.079502][ T1799] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   94.093838][ T1799] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   94.108470][ T1799] F2FS-fs (loop0): Unrecognized mount option "" or missing value
[   94.160262][ T1795] syz.3.303 (1795) used greatest stack depth: 20528 bytes left
[   94.280804][ T1810] serio: Serial port pts0
[   94.294882][ T1812] loop4: detected capacity change from 0 to 1024
[   94.301243][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.317377][ T1812] EXT4-fs: Ignoring removed orlov option
[   94.323174][   T19] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   94.332530][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.350115][ T1812] EXT4-fs (loop4): Test dummy encryption mode enabled
[   94.357087][   T19] usb 2-1: config 0 descriptor??
[   94.365954][ T1812] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   94.402621][  T292] EXT4-fs (loop4): unmounting filesystem.
[   94.429077][ T1821] loop4: detected capacity change from 0 to 1024
[   94.438909][ T1821] EXT4-fs: Ignoring removed orlov option
[   94.453458][ T1821] EXT4-fs (loop4): Test dummy encryption mode enabled
[   94.475169][ T1821] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   94.489670][ T1826] loop2: detected capacity change from 0 to 1024
[   94.496346][ T1826] EXT4-fs: Ignoring removed orlov option
[   94.503243][ T1826] EXT4-fs (loop2): Test dummy encryption mode enabled
[   94.510266][ T1826] EXT4-fs (loop2): can't mount with commit=6, fs mounted w/o journal
[   95.470079][   T19] keytouch 0003:0926:3333.0008: fixing up Keytouch IEC report descriptor
[   95.569864][   T19] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0008/input/input6
[   95.606273][ T1836] loop0: detected capacity change from 0 to 4096
[   95.618860][ T1836] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   95.681828][   T19] keytouch 0003:0926:3333.0008: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[   95.698664][ T1847] loop2: detected capacity change from 0 to 1024
[   95.706181][ T1847] EXT4-fs: Ignoring removed orlov option
[   95.732004][ T1847] EXT4-fs (loop2): Test dummy encryption mode enabled
[   95.759071][ T1847] EXT4-fs (loop2): can't mount with commit=6, fs mounted w/o journal
[   95.785976][  T292] EXT4-fs (loop4): unmounting filesystem.
[   95.878323][ T1853] loop4: detected capacity change from 0 to 2048
[   95.938964][ T1853] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   96.136418][ T1832] loop1: detected capacity change from 0 to 256
[   96.179815][ T1832] exfat: Bad value for 'uid'
[   96.205214][ T1853] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   96.219829][ T1853] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[   96.231827][ T1853] EXT4-fs (loop4): This should not happen!! Data will be lost
[   96.231827][ T1853] 
[   96.241467][ T1853] EXT4-fs (loop4): Total free blocks count 0
[   96.247256][ T1853] EXT4-fs (loop4): Free/Dirty block details
[   96.253002][ T1853] EXT4-fs (loop4): free_blocks=2415919104
[   96.258543][ T1853] EXT4-fs (loop4): dirty_blocks=16
[   96.263806][ T1853] EXT4-fs (loop4): Block reservation details
[   96.269677][ T1853] EXT4-fs (loop4): i_reserved_data_blocks=1
[   96.291239][ T1853] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[   96.293535][  T606] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   96.378355][  T448] usb 2-1: USB disconnect, device number 9
[   96.445413][  T291] EXT4-fs (loop0): unmounting filesystem.
[   96.510015][ T1865] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   96.528764][ T1865] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   96.675174][ T1876] loop3: detected capacity change from 0 to 512
[   96.703136][ T1876] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   96.737852][ T1876] EXT4-fs (loop3): 1 orphan inode deleted
[   96.744102][ T1876] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   96.749382][   T19] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   96.761052][ T1876] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038 (0x7fffffff)
[   96.770787][ T1162] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   96.783690][ T1162] EXT4-fs error (device loop3): ext4_release_dquot:6787: comm kworker/u4:6: Failed to release dquot type 1
[   96.797587][ T1657] EXT4-fs (loop3): unmounting filesystem.
[   96.833097][   T28] audit: type=1326 audit(1723549376.439:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf13b799f9 code=0x7ffc0000
[   96.935874][   T28] audit: type=1326 audit(1723549376.459:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf13b799f9 code=0x7ffc0000
[   96.963930][   T28] audit: type=1326 audit(1723549376.459:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcf13b799f9 code=0x7ffc0000
[   96.967946][ T1892] loop1: detected capacity change from 0 to 1024
[   96.987292][   T28] audit: type=1326 audit(1723549376.459:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf13b799f9 code=0x7ffc0000
[   97.170997][ T1892] EXT4-fs: Ignoring removed orlov option
[   97.260064][   T19] usb 1-1: Using ep0 maxpacket: 16
[   97.273617][ T1892] EXT4-fs (loop1): Test dummy encryption mode enabled
[   97.289946][ T1892] EXT4-fs (loop1): can't mount with commit=6, fs mounted w/o journal
[   97.379417][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.390729][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.405804][   T19] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[   97.409375][ T1217] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   97.414784][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.439612][   T19] usb 1-1: config 0 descriptor??
[   97.799794][ T1904] loop4: detected capacity change from 0 to 128
[   97.809359][ T1217] usb 4-1: Using ep0 maxpacket: 16
[   97.922023][   T19] cp2112 0003:10C4:EA90.0009: unexpected long global item
[   97.934454][   T19] cp2112 0003:10C4:EA90.0009: parse failed
[   97.948243][   T19] cp2112: probe of 0003:10C4:EA90.0009 failed with error -22
[   97.959373][ T1217] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   97.975075][ T1217] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   98.007640][ T1217] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   98.029381][ T1217] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.037901][ T1217] usb 4-1: config 0 descriptor??
[   98.079827][ T1217] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[   98.124582][   T19] usb 1-1: USB disconnect, device number 5
[   98.139613][  T570] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   98.389429][  T570] usb 2-1: Using ep0 maxpacket: 16
[   98.509436][  T570] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[   98.520246][  T570] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[   98.529838][  T570] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   98.538715][  T570] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.547288][  T570] usb 2-1: config 0 descriptor??
[   98.801691][ T1908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.818580][ T1908] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.029390][ T1020] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[   99.049845][ T1908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.058295][ T1908] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.066865][ T1908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.075459][ T1908] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.089621][  T570] hid (null): bogus close delimiter
[   99.097824][  T570] hid-generic 0003:0158:0100.000A: unknown main item tag 0x0
[   99.105152][  T570] hid-generic 0003:0158:0100.000A: unknown main item tag 0x0
[   99.112597][  T570] hid-generic 0003:0158:0100.000A: bogus close delimiter
[   99.119534][  T570] hid-generic 0003:0158:0100.000A: item 0 0 2 10 parsing failed
[   99.127147][  T570] hid-generic: probe of 0003:0158:0100.000A failed with error -22
[   99.313357][ T1926] loop4: detected capacity change from 0 to 40427
[   99.320508][ T1926] F2FS-fs (loop4): Invalid SB checksum offset: 0
[   99.326771][ T1926] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[   99.337217][ T1926] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   99.349427][  T570] usb 2-1: USB disconnect, device number 10
[   99.365375][ T1926] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[   99.372311][ T1926] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   99.386652][ T1931] syz.4.335: attempt to access beyond end of device
[   99.386652][ T1931] loop4: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[   99.449419][ T1020] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.460745][ T1020] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   99.474009][ T1020] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   99.486011][ T1020] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.494656][ T1020] usb 3-1: config 0 descriptor??
[   99.576201][ T1933] overlayfs: missing 'lowerdir'
[   99.860068][ T1217] usb 4-1: USB disconnect, device number 6
[   99.934375][ T1936] loop0: detected capacity change from 0 to 40427
[   99.949128][ T1936] F2FS-fs (loop0): Invalid SB checksum offset: 0
[   99.961569][ T1936] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[   99.985372][ T1936] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  100.019137][ T1921] kvm [1920]: vcpu0, guest rIP: 0xfff0 unimplemented MMIO_CONF_BASE wrmsr: 0x85
[  100.027525][ T1941] loop1: detected capacity change from 0 to 512
[  100.036968][ T1936] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  100.045441][ T1020] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  100.054126][ T1936] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  100.070048][ T1941] ext4: Unknown parameter 'obj_type'
[  100.090488][  T292] syz-executor: attempt to access beyond end of device
[  100.090488][  T292] loop4: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  100.091338][ T1020] plantronics 0003:047F:FFFF.000B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  100.199931][ T1949] syz.0.336: attempt to access beyond end of device
[  100.199931][ T1949] loop0: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  100.462530][ T1954] overlayfs: missing 'lowerdir'
[  100.674244][  T291] syz-executor: attempt to access beyond end of device
[  100.674244][  T291] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  100.749431][  T291] syz-executor: attempt to access beyond end of device
[  100.749431][  T291] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  100.884990][ T1949] syz.0.336: attempt to access beyond end of device
[  100.884990][ T1949] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  100.911184][   T28] kauditd_printk_skb: 33 callbacks suppressed
[  100.911198][   T28] audit: type=1400 audit(1723549380.519:285): avc:  denied  { execute } for  pid=1961 comm="syz.3.341" path="/12/blkio.throttle.io_serviced_recursive" dev="tmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  100.962750][ T1940] loop1: detected capacity change from 0 to 40427
[  100.974915][ T1940] F2FS-fs (loop1): invalid crc value
[  101.047317][ T1940] F2FS-fs (loop1): Found nat_bits in checkpoint
[  101.084041][ T1940] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  101.102832][ T1940] syz.1.337: attempt to access beyond end of device
[  101.102832][ T1940] loop1: rw=2049, sector=77824, nr_sectors = 968 limit=40427
[  101.159994][ T1704] syz-executor: attempt to access beyond end of device
[  101.159994][ T1704] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  101.260572][ T1970] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.282158][ T1970] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.315014][ T1970] device bridge_slave_0 entered promiscuous mode
[  101.331868][ T1970] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.350859][ T1970] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.385702][ T1970] device bridge_slave_1 entered promiscuous mode
[  101.541277][  T405] device bridge_slave_1 left promiscuous mode
[  101.548487][  T405] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.558735][  T405] device bridge_slave_0 left promiscuous mode
[  101.565024][  T405] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.573939][  T405] device veth1_macvtap left promiscuous mode
[  101.580014][  T405] device veth0_vlan left promiscuous mode
[  101.686983][ T1970] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.694026][ T1970] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.701326][ T1970] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.708209][ T1970] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.757720][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  101.766086][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.773974][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.789173][  T570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  101.798335][  T570] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.805234][  T570] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.813520][  T570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  101.821875][  T570] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.828769][  T570] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.843996][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.852183][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.867974][  T570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  101.876892][  T570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  101.891181][ T1970] device veth0_vlan entered promiscuous mode
[  101.901301][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  101.909574][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  101.923558][ T1970] device veth1_macvtap entered promiscuous mode
[  101.932225][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  101.937179][ T1989] loop3: detected capacity change from 0 to 2048
[  101.940202][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  101.953105][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  101.961848][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  101.970431][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  101.985131][ T1989] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  102.003435][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  102.012187][ T1989] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  102.012787][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  102.032192][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  102.032195][ T1989] EXT4-fs (loop3): failed to initialize system zone (-117)
[  102.032239][ T1989] EXT4-fs (loop3): mount failed
[  102.040386][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  102.134761][ T1988] netlink: 'syz.3.348': attribute type 27 has an invalid length.
[  102.161666][ T1020] usb 3-1: USB disconnect, device number 11
[  102.183695][ T1989] netlink: 20 bytes leftover after parsing attributes in process `syz.3.348'.
[  102.227022][ T1998] loop2: detected capacity change from 0 to 2048
[  102.301812][ T1998] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  102.498795][ T2009] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  102.513624][ T2009] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  102.525752][ T2009] EXT4-fs (loop2): This should not happen!! Data will be lost
[  102.525752][ T2009] 
[  102.535218][ T2009] EXT4-fs (loop2): Total free blocks count 0
[  102.541042][ T2009] EXT4-fs (loop2): Free/Dirty block details
[  102.546735][ T2009] EXT4-fs (loop2): free_blocks=2415919104
[  102.553280][ T2009] EXT4-fs (loop2): dirty_blocks=16
[  102.558177][ T2009] EXT4-fs (loop2): Block reservation details
[  102.564007][ T2009] EXT4-fs (loop2): i_reserved_data_blocks=1
[  102.574443][ T2009] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  102.608701][ T2004] loop4: detected capacity change from 0 to 512
[  102.614385][ T2003] loop3: detected capacity change from 0 to 40427
[  102.629370][ T2003] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  102.644764][ T2004] ext4: Unknown parameter 'obj_type'
[  102.659468][ T2003] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  102.667626][ T2003] F2FS-fs (loop3): Unrecognized mount option "" or missing value
[  102.862298][ T2012] loop1: detected capacity change from 0 to 40427
[  102.883567][ T2012] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  102.891321][ T2012] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  102.903583][ T2012] F2FS-fs (loop1): Unrecognized mount option "" or missing value
[  103.506511][ T2019] loop0: detected capacity change from 0 to 512
[  103.568646][ T2032] FAULT_INJECTION: forcing a failure.
[  103.568646][ T2032] name failslab, interval 1, probability 0, space 0, times 0
[  103.570431][ T2019] ext4: Unknown parameter 'obj_type'
[  103.620691][ T2032] CPU: 0 PID: 2032 Comm: syz.1.358 Not tainted 6.1.90-syzkaller-00004-g79436849ef1d #0
[  103.630167][ T2032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  103.640076][ T2032] Call Trace:
[  103.643180][ T2032]  <TASK>
[  103.645961][ T2032]  dump_stack_lvl+0x151/0x1b7
[  103.650471][ T2032]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  103.655776][ T2032]  dump_stack+0x15/0x1a
[  103.659760][ T2032]  should_fail_ex+0x3d0/0x520
[  103.664282][ T2032]  ? sk_prot_alloc+0xf9/0x330
[  103.668787][ T2032]  __should_failslab+0xaf/0xf0
[  103.673383][ T2032]  should_failslab+0x9/0x20
[  103.677728][ T2032]  __kmem_cache_alloc_node+0x3d/0x250
[  103.682942][ T2032]  ? sk_prot_alloc+0xf9/0x330
[  103.687447][ T2032]  __kmalloc+0xa3/0x1e0
[  103.691441][ T2032]  sk_prot_alloc+0xf9/0x330
[  103.695782][ T2032]  sk_alloc+0x38/0x440
[  103.699686][ T2032]  ? bpf_test_init+0x169/0x190
[  103.704287][ T2032]  bpf_prog_test_run_skb+0x384/0x13a0
[  103.709502][ T2032]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  103.715223][ T2032]  ? __kasan_check_write+0x14/0x20
[  103.720435][ T2032]  ? fput+0x15b/0x1b0
[  103.720546][ T2010] loop4: detected capacity change from 0 to 40427
[  103.724240][ T2032]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  103.724264][ T2032]  bpf_prog_test_run+0x3b0/0x630
[  103.741001][ T2032]  ? bpf_prog_query+0x260/0x260
[  103.745683][ T2032]  ? selinux_bpf+0xd2/0x100
[  103.750161][ T2032]  ? security_bpf+0x82/0xb0
[  103.754498][ T2032]  __sys_bpf+0x59f/0x7f0
[  103.758578][ T2032]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  103.763834][ T2032]  ? __ia32_sys_read+0x90/0x90
[  103.768648][ T2032]  ? debug_smp_processor_id+0x17/0x20
[  103.773869][ T2032]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  103.779757][ T2032]  __x64_sys_bpf+0x7c/0x90
[  103.784007][ T2032]  x64_sys_call+0x87f/0x9a0
[  103.788347][ T2032]  do_syscall_64+0x3b/0xb0
[  103.792601][ T2032]  ? clear_bhb_loop+0x55/0xb0
[  103.797117][ T2032]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  103.802842][ T2032] RIP: 0033:0x7f286b9799f9
[  103.807096][ T2032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.812773][ T2010] F2FS-fs (loop4): invalid crc value
[  103.826538][ T2032] RSP: 002b:00007f286c6d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  103.826569][ T2032] RAX: ffffffffffffffda RBX: 00007f286bb15f80 RCX: 00007f286b9799f9
[  103.826580][ T2032] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a
[  103.826589][ T2032] RBP: 00007f286c6d4090 R08: 0000000000000000 R09: 0000000000000000
[  103.826597][ T2032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.826605][ T2032] R13: 0000000000000000 R14: 00007f286bb15f80 R15: 00007fff01bb0688
[  103.826622][ T2032]  </TASK>
[  103.940252][ T2010] F2FS-fs (loop4): Found nat_bits in checkpoint
[  104.069379][ T2010] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  104.191192][ T2028] loop0: detected capacity change from 0 to 40427
[  104.221538][ T2028] F2FS-fs (loop0): invalid crc value
[  104.233085][  T292] syz-executor: attempt to access beyond end of device
[  104.233085][  T292] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  104.255882][ T2035] loop3: detected capacity change from 0 to 40427
[  104.270319][ T2028] F2FS-fs (loop0): Found nat_bits in checkpoint
[  104.299653][ T2035] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  104.305830][ T2035] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  104.356605][ T2028] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  104.360101][ T2035] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  104.371995][ T2030] loop2: detected capacity change from 0 to 131072
[  104.396795][ T2017] syz.0.354: attempt to access beyond end of device
[  104.396795][ T2017] loop0: rw=2049, sector=77824, nr_sectors = 968 limit=40427
[  104.411151][ T2030] F2FS-fs (loop2): invalid crc value
[  104.435091][ T2035] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  104.442396][ T2035] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  104.449783][ T2030] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  104.473666][ T2055] syz.3.359: attempt to access beyond end of device
[  104.473666][ T2055] loop3: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  104.492933][ T1970] syz-executor: attempt to access beyond end of device
[  104.492933][ T1970] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  104.579732][  T586] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  104.599657][ T2030] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b
[  104.679749][ T2058] overlayfs: missing 'lowerdir'
[  104.849526][ T1657] syz-executor: attempt to access beyond end of device
[  104.849526][ T1657] loop3: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  104.899826][   T19] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  104.909070][ T2060] cgroup: noprefix used incorrectly
[  105.003710][   T28] audit: type=1400 audit(1723549384.609:286): avc:  denied  { create } for  pid=2064 comm="syz.3.363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  105.058795][ T2069] loop3: detected capacity change from 0 to 2048
[  105.093612][ T2069] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  105.139396][   T19] usb 5-1: Using ep0 maxpacket: 16
[  105.149448][  T586] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  105.278785][ T2075] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  105.293628][ T2075] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  105.305757][ T2075] EXT4-fs (loop3): This should not happen!! Data will be lost
[  105.305757][ T2075] 
[  105.315204][ T2075] EXT4-fs (loop3): Total free blocks count 0
[  105.321000][ T2075] EXT4-fs (loop3): Free/Dirty block details
[  105.326727][ T2075] EXT4-fs (loop3): free_blocks=2415919104
[  105.332298][ T2075] EXT4-fs (loop3): dirty_blocks=16
[  105.337214][ T2075] EXT4-fs (loop3): Block reservation details
[  105.343046][ T2075] EXT4-fs (loop3): i_reserved_data_blocks=1
[  105.354308][ T2075] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  105.399459][   T19] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  105.449419][  T586] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  105.463706][  T586] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.472228][  T586] usb 2-1: Product: syz
[  105.479572][  T586] usb 2-1: Manufacturer: syz
[  105.484058][  T586] usb 2-1: SerialNumber: syz
[  105.489588][   T28] audit: type=1400 audit(1723549385.099:287): avc:  denied  { relabelfrom } for  pid=2077 comm="syz.2.365" name="NETLINK" dev="sockfs" ino=22889 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  105.513722][ T2078] SELinux:  Context system_u:object_r:mqueue_spool_t:s0 is not valid (left unmapped).
[  105.523945][  T586] usb 2-1: config 0 descriptor??
[  105.533951][   T28] audit: type=1400 audit(1723549385.129:288): avc:  denied  { relabelto } for  pid=2077 comm="syz.2.365" name="NETLINK" dev="sockfs" ino=22889 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_generic_socket permissive=1 trawcon="system_u:object_r:mqueue_spool_t:s0"
[  105.599454][   T19] usb 5-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[  105.618616][   T19] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.627273][   T19] usb 5-1: Product: syz
[  105.632117][   T19] usb 5-1: Manufacturer: syz
[  105.637583][   T19] usb 5-1: SerialNumber: syz
[  105.643095][   T28] audit: type=1400 audit(1723549385.249:289): avc:  denied  { unlink } for  pid=84 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  105.672237][   T19] usb 5-1: config 0 descriptor??
[  105.740355][ T2081] loop2: detected capacity change from 0 to 40427
[  105.747142][ T2081] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  105.754947][ T2081] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  105.763064][ T2081] F2FS-fs (loop2): Unrecognized mount option "" or missing value
[  105.800493][  T586] snd-usb-audio: probe of 2-1:0.0 failed with error -2
[  105.807778][  T586] usb 2-1: USB disconnect, device number 11
[  105.813132][  T431] udevd[431]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  106.238575][ T2084] loop0: detected capacity change from 0 to 40427
[  106.245370][ T2084] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  106.253361][ T2084] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  106.261638][ T2084] F2FS-fs (loop0): Unrecognized mount option "" or missing value
[  106.301567][ T2090] FAULT_INJECTION: forcing a failure.
[  106.301567][ T2090] name failslab, interval 1, probability 0, space 0, times 0
[  106.309420][ T1020] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  106.314151][ T2090] CPU: 0 PID: 2090 Comm: syz.1.370 Not tainted 6.1.90-syzkaller-00004-g79436849ef1d #0
[  106.330717][ T2090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  106.340620][ T2090] Call Trace:
[  106.343737][ T2090]  <TASK>
[  106.346876][ T2090]  dump_stack_lvl+0x151/0x1b7
[  106.351374][ T2090]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  106.356672][ T2090]  dump_stack+0x15/0x1a
[  106.360664][ T2090]  should_fail_ex+0x3d0/0x520
[  106.365177][ T2090]  ? alloc_vmap_area+0x1a5/0x1aa0
[  106.370037][ T2090]  __should_failslab+0xaf/0xf0
[  106.374637][ T2090]  should_failslab+0x9/0x20
[  106.379087][ T2090]  kmem_cache_alloc_node+0x3e/0x2d0
[  106.384216][ T2090]  alloc_vmap_area+0x1a5/0x1aa0
[  106.388984][ T2090]  ? vm_map_ram+0x940/0x940
[  106.393501][ T2090]  ? __kasan_kmalloc+0x9c/0xb0
[  106.398093][ T2090]  ? kmalloc_node_trace+0x3d/0xb0
[  106.402954][ T2090]  __get_vm_area_node+0x171/0x370
[  106.407818][ T2090]  __vmalloc_node_range+0x36e/0x1540
[  106.412934][ T2090]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  106.418345][ T2090]  ? avc_denied+0x1b0/0x1b0
[  106.422661][ T2090]  ? selinux_capable+0x2f1/0x430
[  106.427430][ T2090]  ? vmap+0x2b0/0x2b0
[  106.431261][ T2090]  ? selinux_capset+0xf0/0xf0
[  106.435767][ T2090]  ? avc_has_perm_noaudit+0x348/0x430
[  106.440971][ T2090]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  106.446353][ T2090]  __vmalloc+0x7a/0x90
[  106.450256][ T2090]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  106.455645][ T2090]  bpf_prog_alloc_no_stats+0x3e/0x400
[  106.460844][ T2090]  ? security_capable+0x87/0xb0
[  106.465540][ T2090]  bpf_prog_alloc+0x22/0x1c0
[  106.469961][ T2090]  bpf_prog_load+0x84a/0x1bf0
[  106.474474][ T2090]  ? map_freeze+0x3a0/0x3a0
[  106.478900][ T2090]  ? selinux_bpf+0xcb/0x100
[  106.483243][ T2090]  ? security_bpf+0x82/0xb0
[  106.487576][ T2090]  __sys_bpf+0x52c/0x7f0
[  106.491656][ T2090]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  106.496865][ T2090]  ? __ia32_sys_read+0x90/0x90
[  106.501463][ T2090]  ? debug_smp_processor_id+0x17/0x20
[  106.506678][ T2090]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  106.512576][ T2090]  __x64_sys_bpf+0x7c/0x90
[  106.516914][ T2090]  x64_sys_call+0x87f/0x9a0
[  106.521252][ T2090]  do_syscall_64+0x3b/0xb0
[  106.525505][ T2090]  ? clear_bhb_loop+0x55/0xb0
[  106.530020][ T2090]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  106.535747][ T2090] RIP: 0033:0x7f286b9799f9
[  106.540001][ T2090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.559447][ T2090] RSP: 002b:00007f286c6d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  106.567702][ T2090] RAX: ffffffffffffffda RBX: 00007f286bb15f80 RCX: 00007f286b9799f9
[  106.575587][ T2090] RDX: 0000000000000090 RSI: 0000000020000280 RDI: 0000000000000005
[  106.583396][ T2090] RBP: 00007f286c6d4090 R08: 0000000000000000 R09: 0000000000000000
[  106.591208][ T2090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.599018][ T2090] R13: 0000000000000000 R14: 00007f286bb15f80 R15: 00007fff01bb0688
[  106.606838][ T2090]  </TASK>
[  106.637268][ T2090] syz.1.370: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz1,mems_allowed=0
[  106.653406][ T2090] CPU: 0 PID: 2090 Comm: syz.1.370 Not tainted 6.1.90-syzkaller-00004-g79436849ef1d #0
[  106.662865][ T2090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  106.672757][ T2090] Call Trace:
[  106.675879][ T2090]  <TASK>
[  106.678649][ T2090]  dump_stack_lvl+0x151/0x1b7
[  106.683176][ T2090]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  106.688460][ T2090]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  106.694098][ T2090]  dump_stack+0x15/0x1a
[  106.698088][ T2090]  warn_alloc+0x21a/0x3a0
[  106.702256][ T2090]  ? zone_watermark_ok_safe+0x270/0x270
[  106.707637][ T2090]  ? __get_vm_area_node+0x186/0x370
[  106.712676][ T2090]  ? __get_vm_area_node+0x186/0x370
[  106.717704][ T2090]  __vmalloc_node_range+0x392/0x1540
[  106.722837][ T2090]  ? avc_denied+0x1b0/0x1b0
[  106.727176][ T2090]  ? selinux_capable+0x2f1/0x430
[  106.731949][ T2090]  ? vmap+0x2b0/0x2b0
[  106.735755][ T2090]  ? selinux_capset+0xf0/0xf0
[  106.740270][ T2090]  ? avc_has_perm_noaudit+0x348/0x430
[  106.745478][ T2090]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  106.750856][ T2090]  __vmalloc+0x7a/0x90
[  106.754838][ T2090]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  106.760153][ T2090]  bpf_prog_alloc_no_stats+0x3e/0x400
[  106.765550][ T2090]  ? security_capable+0x87/0xb0
[  106.770215][ T2090]  bpf_prog_alloc+0x22/0x1c0
[  106.774653][ T2090]  bpf_prog_load+0x84a/0x1bf0
[  106.779247][ T2090]  ? map_freeze+0x3a0/0x3a0
[  106.783590][ T2090]  ? selinux_bpf+0xcb/0x100
[  106.787926][ T2090]  ? security_bpf+0x82/0xb0
[  106.792278][ T2090]  __sys_bpf+0x52c/0x7f0
[  106.796369][ T2090]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  106.801554][ T2090]  ? __ia32_sys_read+0x90/0x90
[  106.806153][ T2090]  ? debug_smp_processor_id+0x17/0x20
[  106.811361][ T2090]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  106.817261][ T2090]  __x64_sys_bpf+0x7c/0x90
[  106.821538][ T2090]  x64_sys_call+0x87f/0x9a0
[  106.825861][ T2090]  do_syscall_64+0x3b/0xb0
[  106.830109][ T2090]  ? clear_bhb_loop+0x55/0xb0
[  106.834717][ T2090]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  106.840434][ T2090] RIP: 0033:0x7f286b9799f9
[  106.844689][ T2090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.864136][ T2090] RSP: 002b:00007f286c6d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  106.872375][ T2090] RAX: ffffffffffffffda RBX: 00007f286bb15f80 RCX: 00007f286b9799f9
[  106.880186][ T2090] RDX: 0000000000000090 RSI: 0000000020000280 RDI: 0000000000000005
[  106.888173][ T2090] RBP: 00007f286c6d4090 R08: 0000000000000000 R09: 0000000000000000
[  106.895983][ T2090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.903794][ T2090] R13: 0000000000000000 R14: 00007f286bb15f80 R15: 00007fff01bb0688
[  106.911612][ T2090]  </TASK>
[  106.914966][ T2090] Mem-Info:
[  106.918491][ T2090] active_anon:15557 inactive_anon:0 isolated_anon:0
[  106.918491][ T2090]  active_file:15247 inactive_file:1915 isolated_file:0
[  106.918491][ T2090]  unevictable:0 dirty:449 writeback:0
[  106.918491][ T2090]  slab_reclaimable:8172 slab_unreclaimable:72740
[  106.918491][ T2090]  mapped:24517 shmem:3031 pagetables:600
[  106.918491][ T2090]  sec_pagetables:0 bounce:0
[  106.918491][ T2090]  kernel_misc_reclaimable:0
[  106.918491][ T2090]  free:1514000 free_pcp:17752 free_cma:0
[  106.964069][ T2090] Node 0 active_anon:70328kB inactive_anon:0kB active_file:60988kB inactive_file:7660kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:106268kB dirty:1796kB writeback:0kB shmem:20324kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4492kB pagetables:2400kB sec_pagetables:0kB all_unreclaimable? no
[  106.996273][ T2090] DMA32 free:2968532kB boost:0kB min:62576kB low:78220kB high:93864kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2973644kB mlocked:0kB bounce:0kB free_pcp:5112kB local_pcp:5112kB free_cma:0kB
[  107.009416][ T1020] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  107.043776][ T2090] lowmem_reserve[]: 0 3932 3932 3932
[  107.049161][ T2090] Normal free:3124864kB boost:0kB min:84876kB low:106092kB high:127308kB reserved_highatomic:0KB active_anon:73628kB inactive_anon:0kB active_file:60988kB inactive_file:7660kB unevictable:0kB writepending:1796kB present:5242880kB managed:4026656kB mlocked:0kB bounce:0kB free_pcp:16696kB local_pcp:13412kB free_cma:0kB
[  107.082614][ T2090] lowmem_reserve[]: 0 0 0 0
[  107.087313][ T2090] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 2*2048kB (UM) 722*4096kB (M) = 2968532kB
[  107.106049][ T2090] Normal: 1924*4kB (UME) 848*8kB (UE) 293*16kB (UME) 409*32kB (UM) 488*64kB (UME) 305*128kB (UME) 108*256kB (UME) 35*512kB (M) 11*1024kB (UME) 4*2048kB (M) 722*4096kB (UME) = 3124864kB
[  107.126830][ T2090] 23041 total pagecache pages
[  107.132411][ T2090] 0 pages in swap cache
[  107.138677][ T2090] Free swap  = 124632kB
[  107.159446][ T2090] Total swap = 124996kB
[  107.163434][ T2090] 2097051 pages RAM
[  107.167077][ T2090] 0 pages HighMem/MovableOnly
[  107.171671][ T2090] 346976 pages reserved
[  107.175651][ T2090] 0 pages cma reserved
[  107.279417][ T1020] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  107.288339][ T1020] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.305513][ T1020] usb 4-1: Product: syz
[  107.314575][ T1020] usb 4-1: Manufacturer: syz
[  107.319231][ T1020] usb 4-1: SerialNumber: syz
[  107.379565][ T1020] usb 4-1: config 0 descriptor??
[  107.554300][  T544] usb 5-1: USB disconnect, device number 5
[  107.587117][ T2105] loop4: detected capacity change from 0 to 1024
[  107.609813][ T2105] EXT4-fs: Ignoring removed orlov option
[  107.616002][ T2105] EXT4-fs (loop4): Test dummy encryption mode enabled
[  107.635638][ T2105] EXT4-fs (loop4): can't mount with commit=6, fs mounted w/o journal
[  107.662846][ T2102] loop1: detected capacity change from 0 to 40427
[  107.663725][ T1020] snd-usb-audio: probe of 4-1:0.0 failed with error -2
[  107.669731][ T2102] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  107.686716][ T2102] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  107.689137][  T431] udevd[431]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  107.765047][ T1020] usb 4-1: USB disconnect, device number 7
[  107.774067][ T2102] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  107.819924][ T2102] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  107.827130][ T2102] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  107.922171][ T2116] syz.1.373: attempt to access beyond end of device
[  107.922171][ T2116] loop1: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  107.990887][ T2119] overlayfs: missing 'lowerdir'
[  108.024193][ T1704] syz-executor: attempt to access beyond end of device
[  108.024193][ T1704] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  108.048757][ T1704] syz-executor: attempt to access beyond end of device
[  108.048757][ T1704] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  108.186259][ T2116] syz.1.373: attempt to access beyond end of device
[  108.186259][ T2116] loop1: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  108.519399][   T28] audit: type=1400 audit(1723549388.129:290): avc:  denied  { read } for  pid=2133 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  108.557622][   T28] audit: type=1400 audit(1723549388.129:291): avc:  denied  { open } for  pid=2133 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  108.623839][ T2133] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.647912][ T2133] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.673817][ T2133] device bridge_slave_0 entered promiscuous mode
[  108.696699][ T2133] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.715884][ T2133] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.748383][ T2133] device bridge_slave_1 entered promiscuous mode
[  108.784350][  T327] device bridge_slave_1 left promiscuous mode
[  108.792865][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.800580][  T327] device bridge_slave_0 left promiscuous mode
[  108.806551][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.814718][  T327] device veth1_macvtap left promiscuous mode
[  108.829219][  T327] device veth0_vlan left promiscuous mode
[  109.087234][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  109.095681][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  109.101819][ T2141] loop2: detected capacity change from 0 to 40427
[  109.119203][ T2141] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  109.127525][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.141504][ T2141] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  109.146076][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.152208][ T2141] F2FS-fs (loop2): Unrecognized mount option "" or missing value
[  109.166843][ T1217] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.173736][ T1217] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.189437][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.194190][ T2144] loop4: detected capacity change from 0 to 40427
[  109.197675][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.211977][ T2144] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  109.221956][ T1217] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.225771][ T2144] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  109.228811][ T1217] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.236957][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  109.274170][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  109.281715][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  109.288362][ T2151] loop3: detected capacity change from 0 to 2048
[  109.295406][ T2133] device veth0_vlan entered promiscuous mode
[  109.302001][ T2144] F2FS-fs (loop4): Unrecognized mount option "" or missing value
[  109.310402][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  109.318258][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  109.358572][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  109.366300][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  109.374490][ T2151]  loop3: p1 < > p4
[  109.379532][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  109.394814][ T2133] device veth1_macvtap entered promiscuous mode
[  109.401574][ T2151] loop3: p4 size 8388608 extends beyond EOD, truncated
[  109.635393][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  109.653110][ T1217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  110.116679][ T2162] loop4: detected capacity change from 0 to 1024
[  110.129856][ T2162] EXT4-fs: Ignoring removed orlov option
[  110.139130][ T2164] loop3: detected capacity change from 0 to 512
[  110.164728][ T2162] EXT4-fs (loop4): Test dummy encryption mode enabled
[  110.185338][ T2162] EXT4-fs (loop4): can't mount with commit=6, fs mounted w/o journal
[  110.220559][ T2164] EXT4-fs (loop3): 1 orphan inode deleted
[  110.226123][ T2164] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  110.236643][ T2157] loop2: detected capacity change from 0 to 40427
[  110.246713][ T2164] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038 (0x7fffffff)
[  110.246863][ T2157] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  110.291531][ T2157] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  110.362124][ T2167] loop0: detected capacity change from 0 to 512
[  110.377349][ T2167] ext4: Unknown parameter 'obj_type'
[  110.475978][ T2174] netlink: 12 bytes leftover after parsing attributes in process `syz.4.390'.
[  110.744472][ T2176] syz.3.387[2176] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.744549][ T2176] syz.3.387[2176] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.835741][  T431] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  111.021857][ T2157] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  111.068496][ T1657] EXT4-fs (loop3): unmounting filesystem.
[  111.143599][ T2171] loop1: detected capacity change from 0 to 512
[  111.150109][ T2157] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  111.156952][ T2157] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  111.197890][ T2171] ext4: Unknown parameter 'obj_type'
[  111.211815][ T2190] syz.2.388: attempt to access beyond end of device
[  111.211815][ T2190] loop2: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  111.428223][ T2193] overlayfs: missing 'lowerdir'
[  111.618969][ T1698] syz-executor: attempt to access beyond end of device
[  111.618969][ T1698] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  111.672376][ T1698] syz-executor: attempt to access beyond end of device
[  111.672376][ T1698] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  111.811090][ T2190] syz.2.388: attempt to access beyond end of device
[  111.811090][ T2190] loop2: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  112.182062][ T2181] loop0: detected capacity change from 0 to 40427
[  112.223266][ T2181] F2FS-fs (loop0): invalid crc value
[  112.242350][ T2171] loop1: detected capacity change from 0 to 40427
[  112.253601][ T2199] loop4: detected capacity change from 0 to 1024
[  112.259025][ T2171] F2FS-fs (loop1): invalid crc value
[  112.282253][ T2199] EXT4-fs: Ignoring removed orlov option
[  112.287874][ T2171] F2FS-fs (loop1): Found nat_bits in checkpoint
[  112.295329][  T327] device bridge_slave_1 left promiscuous mode
[  112.304495][ T2181] F2FS-fs (loop0): Found nat_bits in checkpoint
[  112.309462][ T2199] EXT4-fs (loop4): Test dummy encryption mode enabled
[  112.317473][ T2199] EXT4-fs (loop4): can't mount with commit=6, fs mounted w/o journal
[  112.325664][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.341050][  T327] device bridge_slave_0 left promiscuous mode
[  112.347006][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.384590][  T327] device veth1_macvtap left promiscuous mode
[  112.389420][ T2171] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  112.417863][ T2181] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  112.445482][ T2195] loop3: detected capacity change from 0 to 40427
[  112.488437][ T2160] syz.0.389: attempt to access beyond end of device
[  112.488437][ T2160] loop0: rw=2049, sector=77824, nr_sectors = 968 limit=40427
[  112.512764][ T2195] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  112.520350][ T2195] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  112.535547][ T2166] syz.1.391: attempt to access beyond end of device
[  112.535547][ T2166] loop1: rw=2049, sector=77824, nr_sectors = 968 limit=40427
[  112.549425][ T2195] F2FS-fs (loop3): Unrecognized mount option "" or missing value
[  112.635056][ T2210] netlink: 12 bytes leftover after parsing attributes in process `syz.4.399'.
[  112.845477][ T2133] syz-executor: attempt to access beyond end of device
[  112.845477][ T2133] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  112.859749][ T1970] syz-executor: attempt to access beyond end of device
[  112.859749][ T1970] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  112.945825][ T2206] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.952760][ T2206] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.960333][ T2206] device bridge_slave_0 entered promiscuous mode
[  112.967252][ T2206] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.974319][ T2206] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.981847][ T2206] device bridge_slave_1 entered promiscuous mode
[  113.631032][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  113.638364][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  113.951818][ T2206] device veth0_vlan entered promiscuous mode
[  113.962560][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  113.970854][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  113.978804][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.985657][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.992865][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  114.001109][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  114.009124][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.016001][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.023188][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  114.031186][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  114.039012][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  114.047836][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  114.055760][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  114.064217][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  114.072466][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  114.080260][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  114.096079][ T2206] device veth1_macvtap entered promiscuous mode
[  114.105303][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  114.113086][  T586] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  114.120916][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  114.128381][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  114.135796][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  114.150682][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  114.165148][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  114.186792][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  114.197066][ T2234] loop1: detected capacity change from 0 to 1024
[  114.211266][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  114.221234][ T2234] EXT4-fs: Ignoring removed orlov option
[  114.235305][ T2234] EXT4-fs (loop1): Test dummy encryption mode enabled
[  114.245075][ T2234] EXT4-fs (loop1): can't mount with commit=6, fs mounted w/o journal
[  114.406608][  T586] usb 1-1: Using ep0 maxpacket: 16
[  114.471875][ T2243] netlink: 12 bytes leftover after parsing attributes in process `syz.1.404'.
[  114.804342][ T2240] loop2: detected capacity change from 0 to 40427
[  114.819868][ T2240] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  114.826380][ T2240] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  114.839451][  T586] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.850714][  T586] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.860296][  T586] usb 1-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  114.872921][  T586] usb 1-1: config 0 interface 0 has no altsetting 0
[  114.879598][  T586] usb 1-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  114.887079][ T2240] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  114.888575][  T586] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.907892][  T586] usb 1-1: config 0 descriptor??
[  114.938733][ T2252] loop3: detected capacity change from 0 to 2048
[  114.939551][ T2240] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  114.959359][ T2240] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  114.973445][ T2254] syz.2.405: attempt to access beyond end of device
[  114.973445][ T2254] loop2: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  115.039738][ T2252]  loop3: p1 < > p4
[  115.047868][ T2252] loop3: p4 size 8388608 extends beyond EOD, truncated
[  115.078351][  T102]  loop3: p1 < > p4
[  115.276501][ T2257] overlayfs: missing 'lowerdir'
[  115.323042][  T102] loop3: p4 size 8388608 extends beyond EOD, truncated
[  115.355146][ T2222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  115.460684][   T28] audit: type=1400 audit(1723549395.069:292): avc:  denied  { mount } for  pid=2258 comm="syz.1.408" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  115.483075][ T2222] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  115.515500][ T2206] syz-executor: attempt to access beyond end of device
[  115.515500][ T2206] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  115.759370][ T1020] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  115.767658][   T28] audit: type=1400 audit(1723549395.369:293): avc:  denied  { ioctl } for  pid=2221 comm="syz.0.401" path="socket:[23245]" dev="sockfs" ino=23245 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  115.849371][  T586] usbhid 1-1:0.0: can't add hid device: -71
[  115.855155][  T586] usbhid: probe of 1-1:0.0 failed with error -71
[  115.880758][  T586] usb 1-1: USB disconnect, device number 6
[  115.918595][ T2264] loop4: detected capacity change from 0 to 40427
[  115.934391][ T2264] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  115.949367][ T2264] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  115.967740][ T2264] F2FS-fs (loop4): Unrecognized mount option "" or missing value
[  116.083271][ T2268] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.094711][ T2268] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.110268][ T2268] device bridge_slave_0 entered promiscuous mode
[  116.120279][ T2268] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.137337][ T2268] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.147901][ T2268] device bridge_slave_1 entered promiscuous mode
[  116.199408][ T1020] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  116.213828][ T1020] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  116.237578][ T1020] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  116.262954][ T1020] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  116.298552][ T1162] device bridge_slave_1 left promiscuous mode
[  116.309130][ T1162] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.346789][ T1162] device bridge_slave_0 left promiscuous mode
[  116.376681][ T1162] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.423715][   T28] audit: type=1400 audit(1723549396.029:294): avc:  denied  { setopt } for  pid=2274 comm="syz.0.413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  116.443662][ T1020] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  116.456468][ T1162] device veth1_macvtap left promiscuous mode
[  116.464263][ T1020] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  116.475457][ T1162] device veth0_vlan left promiscuous mode
[  116.481063][ T1020] usb 2-1: Manufacturer: syz
[  116.489346][   T28] audit: type=1326 audit(1723549396.059:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2274 comm="syz.0.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  116.513428][ T1020] usb 2-1: config 0 descriptor??
[  116.527998][   T28] audit: type=1326 audit(1723549396.059:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2274 comm="syz.0.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  116.588290][   T28] audit: type=1326 audit(1723549396.069:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2274 comm="syz.0.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  116.611896][   T28] audit: type=1326 audit(1723549396.069:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2274 comm="syz.0.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  116.635291][ T2278] loop4: detected capacity change from 0 to 1024
[  116.641428][   T28] audit: type=1326 audit(1723549396.069:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2274 comm="syz.0.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  116.641453][   T28] audit: type=1326 audit(1723549396.069:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2274 comm="syz.0.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  116.641470][   T28] audit: type=1326 audit(1723549396.069:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2274 comm="syz.0.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  116.711786][ T2278] EXT4-fs: Ignoring removed orlov option
[  116.720930][ T2278] EXT4-fs (loop4): Test dummy encryption mode enabled
[  116.727664][ T2278] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  116.737462][ T2278] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  116.785808][ T2268] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.792709][ T2268] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.838268][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.846215][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  116.853564][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  116.870588][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  116.878904][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  117.474059][ T1020] appleir 0003:05AC:8243.000C: unknown main item tag 0x0
[  117.491745][ T1020] appleir 0003:05AC:8243.000C: No inputs registered, leaving
[  117.551112][ T1020] appleir 0003:05AC:8243.000C: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  117.703535][    T6] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.703557][    T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.703718][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  117.703877][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.703888][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.703998][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  117.716700][ T2268] device veth0_vlan entered promiscuous mode
[  117.719978][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  117.720263][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  117.720568][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  117.720756][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  117.720954][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  117.726108][ T2268] device veth1_macvtap entered promiscuous mode
[  117.730393][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  117.730891][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  117.731119][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  117.792188][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  117.792484][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  117.794319][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  117.794547][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  117.894820][ T2293] loop4: detected capacity change from 0 to 2048
[  117.970063][ T2293]  loop4: p1 < > p4
[  117.970891][ T2293] loop4: p4 size 8388608 extends beyond EOD, truncated
[  118.525080][ T2306] loop3: detected capacity change from 0 to 1024
[  118.559694][ T2304] loop4: detected capacity change from 0 to 40427
[  118.566853][ T2304] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  118.570471][ T2306] EXT4-fs: Ignoring removed orlov option
[  118.573415][ T2304] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  118.589787][ T2306] EXT4-fs (loop3): Test dummy encryption mode enabled
[  118.605757][ T2306] EXT4-fs (loop3): can't mount with commit=6, fs mounted w/o journal
[  118.618873][ T2304] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  118.651584][ T2304] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  118.658543][ T2304] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  118.746085][ T2312] bio_check_eod: 2 callbacks suppressed
[  118.746104][ T2312] syz.4.419: attempt to access beyond end of device
[  118.746104][ T2312] loop4: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  118.878416][ T2316] netlink: 12 bytes leftover after parsing attributes in process `syz.3.420'.
[  118.949819][ T2314] loop2: detected capacity change from 0 to 2048
[  119.047744][ T2314] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  119.125435][ T2318] overlayfs: missing 'lowerdir'
[  119.252923][ T2326] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  119.267781][ T2326] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  119.279925][ T2326] EXT4-fs (loop2): This should not happen!! Data will be lost
[  119.279925][ T2326] 
[  119.289484][ T2326] EXT4-fs (loop2): Total free blocks count 0
[  119.295245][ T2326] EXT4-fs (loop2): Free/Dirty block details
[  119.301009][ T2326] EXT4-fs (loop2): free_blocks=2415919104
[  119.306549][ T2326] EXT4-fs (loop2): dirty_blocks=16
[  119.311488][ T2326] EXT4-fs (loop2): Block reservation details
[  119.317289][ T2326] EXT4-fs (loop2): i_reserved_data_blocks=1
[  119.335629][ T2326] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  119.499885][  T586] usb 2-1: reset high-speed USB device number 12 using dummy_hcd
[  119.561425][  T292] syz-executor: attempt to access beyond end of device
[  119.561425][  T292] loop4: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  119.917813][ T2328] loop0: detected capacity change from 0 to 40427
[  119.938634][ T2328] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  119.957812][ T2328] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  119.974220][ T2328] F2FS-fs (loop0): Unrecognized mount option "" or missing value
[  119.989848][ T2339] loop2: detected capacity change from 0 to 2048
[  120.049845][ T2339]  loop2: p1 < > p4
[  120.056560][ T2339] loop2: p4 size 8388608 extends beyond EOD, truncated
[  120.112865][  T102]  loop2: p1 < > p4
[  120.117342][  T102] loop2: p4 size 8388608 extends beyond EOD, truncated
[  120.621485][   T28] kauditd_printk_skb: 82 callbacks suppressed
[  120.623096][   T28] audit: type=1326 audit(1723549400.199:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2348 comm="syz.1.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  120.653506][   T28] audit: type=1326 audit(1723549400.199:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2348 comm="syz.1.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  120.713901][   T28] audit: type=1326 audit(1723549400.199:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2348 comm="syz.1.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  121.024909][   T28] audit: type=1326 audit(1723549400.199:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2348 comm="syz.1.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  121.139434][   T28] audit: type=1326 audit(1723549400.199:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2348 comm="syz.1.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  121.163836][   T28] audit: type=1326 audit(1723549400.209:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2348 comm="syz.1.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  121.187123][   T28] audit: type=1326 audit(1723549400.209:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2348 comm="syz.1.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  121.217588][   T28] audit: type=1326 audit(1723549400.209:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2348 comm="syz.1.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  121.241665][   T28] audit: type=1326 audit(1723549400.209:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2348 comm="syz.1.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  121.264825][   T28] audit: type=1326 audit(1723549400.209:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2348 comm="syz.1.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  121.309346][  T586] usb 2-1: device descriptor read/64, error -71
[  121.679609][  T586] usb 2-1: device reset changed ep0 maxpacket size!
[  121.686380][    T6] usb 2-1: USB disconnect, device number 12
[  121.839381][    T6] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  121.892316][ T2378] loop4: detected capacity change from 0 to 1024
[  121.902516][ T2378] EXT4-fs: Ignoring removed orlov option
[  121.908561][ T2378] EXT4-fs (loop4): Test dummy encryption mode enabled
[  121.915506][ T2378] EXT4-fs (loop4): can't mount with commit=6, fs mounted w/o journal
[  123.134257][ T2390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.438'.
[  123.149752][    T6] usb 2-1: Using ep0 maxpacket: 16
[  123.270094][    T6] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  123.488008][    T6] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  123.501078][    T6] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  123.510180][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.521313][    T6] usb 2-1: config 0 descriptor??
[  123.559883][    T6] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  123.621069][  T448] usb 2-1: USB disconnect, device number 13
[  123.631975][ T2394] loop2: detected capacity change from 0 to 40427
[  123.640660][ T2394] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  123.648225][ T2394] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  123.653983][ T2396] loop0: detected capacity change from 0 to 40427
[  123.656426][ T2394] F2FS-fs (loop2): Unrecognized mount option "" or missing value
[  123.679421][  T300] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  123.687748][ T2396] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  123.695559][ T2396] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  123.704599][ T2396] F2FS-fs (loop0): Unrecognized mount option "" or missing value
[  124.159370][  T300] usb 5-1: Using ep0 maxpacket: 16
[  125.219434][  T300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.242612][  T300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.289479][  T300] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[  125.328348][  T300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.380205][  T300] usb 5-1: config 0 descriptor??
[  125.397432][ T2404] syz.3.443 (2404) used greatest stack depth: 20456 bytes left
[  125.528200][ T2414] loop2: detected capacity change from 0 to 512
[  125.558962][ T2414] ext4: Unknown parameter 'obj_type'
[  125.711810][ T2430] loop3: detected capacity change from 0 to 512
[  125.718551][ T2430] ext4: Unknown parameter 'obj_type'
[  125.840289][  T300] cp2112 0003:10C4:EA90.000D: unexpected long global item
[  125.850058][  T300] cp2112 0003:10C4:EA90.000D: parse failed
[  125.864452][  T300] cp2112: probe of 0003:10C4:EA90.000D failed with error -22
[  125.963431][ T2433] loop1: detected capacity change from 0 to 2048
[  126.020044][ T2433]  loop1: p1 < > p4
[  126.030277][ T2433] loop1: p4 size 8388608 extends beyond EOD, truncated
[  126.043366][  T300] usb 5-1: USB disconnect, device number 6
[  126.132672][ T2440] loop2: detected capacity change from 0 to 1024
[  126.143544][ T2440] EXT4-fs: Ignoring removed orlov option
[  126.163090][ T2440] EXT4-fs (loop2): Test dummy encryption mode enabled
[  126.173280][ T2440] EXT4-fs (loop2): can't mount with commit=6, fs mounted w/o journal
[  126.521294][ T2430] loop3: detected capacity change from 0 to 40427
[  126.530603][ T2430] F2FS-fs (loop3): invalid crc value
[  126.773761][ T2430] F2FS-fs (loop3): Found nat_bits in checkpoint
[  126.876811][ T2430] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  126.956749][ T2454] loop4: detected capacity change from 0 to 40427
[  126.969223][ T2454] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  126.977527][ T2454] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  126.985857][ T2454] F2FS-fs (loop4): Unrecognized mount option "" or missing value
[  127.043786][ T2429] syz.3.447: attempt to access beyond end of device
[  127.043786][ T2429] loop3: rw=2049, sector=77824, nr_sectors = 968 limit=40427
[  127.521544][ T1657] syz-executor: attempt to access beyond end of device
[  127.521544][ T1657] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  127.720199][ T2469] loop1: detected capacity change from 0 to 4096
[  127.771091][ T2469] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  127.774557][ T2473] loop4: detected capacity change from 0 to 2048
[  127.796543][ T2459] loop2: detected capacity change from 0 to 512
[  127.842242][ T2459] ext4: Unknown parameter 'obj_type'
[  127.898666][ T2473] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  128.113255][ T2473] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  128.128084][ T2473] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  128.140167][ T2473] EXT4-fs (loop4): This should not happen!! Data will be lost
[  128.140167][ T2473] 
[  128.149624][ T2473] EXT4-fs (loop4): Total free blocks count 0
[  128.155419][ T2473] EXT4-fs (loop4): Free/Dirty block details
[  128.161167][ T2473] EXT4-fs (loop4): free_blocks=2415919104
[  128.166703][ T2473] EXT4-fs (loop4): dirty_blocks=16
[  128.171725][ T2473] EXT4-fs (loop4): Block reservation details
[  128.177464][ T2473] EXT4-fs (loop4): i_reserved_data_blocks=1
[  128.183962][ T2473] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  128.498940][ T2489] loop4: detected capacity change from 0 to 512
[  128.542346][ T2489] ext4: Unknown parameter 'obj_type'
[  128.895191][ T2498] loop0: detected capacity change from 0 to 512
[  128.966407][ T2498] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  129.008066][ T2498] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038 (0x7fffffff)
[  129.057660][ T2504] loop3: detected capacity change from 0 to 2048
[  129.230871][ T2504]  loop3: p1 < > p4
[  129.235223][ T2504] loop3: p4 size 8388608 extends beyond EOD, truncated
[  129.372229][  T431] udevd[431]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  129.384249][  T606] udevd[606]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  129.640250][ T2514] loop3: detected capacity change from 0 to 1024
[  129.646755][ T2514] EXT4-fs: Ignoring removed orlov option
[  129.682692][ T2514] EXT4-fs (loop3): Test dummy encryption mode enabled
[  129.713304][ T1970] EXT4-fs (loop0): unmounting filesystem.
[  129.723364][ T2514] EXT4-fs (loop3): can't mount with commit=6, fs mounted w/o journal
[  129.752191][   T28] kauditd_printk_skb: 29 callbacks suppressed
[  129.752208][   T28] audit: type=1326 audit(1723549409.359:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2515 comm="syz.0.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  129.839381][   T28] audit: type=1326 audit(1723549409.399:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2515 comm="syz.0.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  129.878683][ T2489] loop4: detected capacity change from 0 to 40427
[  129.919360][   T28] audit: type=1326 audit(1723549409.399:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2515 comm="syz.0.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  129.973549][ T2489] F2FS-fs (loop4): invalid crc value
[  129.983623][   T28] audit: type=1326 audit(1723549409.399:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2515 comm="syz.0.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  130.137917][   T28] audit: type=1326 audit(1723549409.399:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2515 comm="syz.0.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  130.201637][   T28] audit: type=1326 audit(1723549409.399:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2515 comm="syz.0.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  130.285796][   T28] audit: type=1326 audit(1723549409.399:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2515 comm="syz.0.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  130.369798][ T2489] F2FS-fs (loop4): Found nat_bits in checkpoint
[  130.432383][   T28] audit: type=1326 audit(1723549409.399:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2515 comm="syz.0.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  130.504961][ T2489] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  130.506477][   T28] audit: type=1326 audit(1723549409.399:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2515 comm="syz.0.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  130.545618][ T2489] syz.4.460: attempt to access beyond end of device
[  130.545618][ T2489] loop4: rw=2049, sector=77824, nr_sectors = 968 limit=40427
[  130.609781][   T28] audit: type=1326 audit(1723549409.399:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2515 comm="syz.0.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  130.710388][ T2133] EXT4-fs (loop1): unmounting filesystem.
[  130.710394][  T292] syz-executor: attempt to access beyond end of device
[  130.710394][  T292] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  131.389474][ T1020] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  131.669389][ T1020] usb 1-1: Using ep0 maxpacket: 16
[  131.749261][ T2548] loop3: detected capacity change from 0 to 2048
[  131.789513][ T1020] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  131.809379][    T6] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  131.809610][ T1020] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  131.829970][ T2548]  loop3: p1 < > p4
[  131.840141][ T2548] loop3: p4 size 8388608 extends beyond EOD, truncated
[  131.841731][ T2543] loop1: detected capacity change from 0 to 40427
[  131.870247][ T1020] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  131.875964][ T2543] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  131.884030][ T2545] loop4: detected capacity change from 0 to 40427
[  131.894027][ T2543] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  131.894122][ T1020] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.908222][ T2543] F2FS-fs (loop1): Unrecognized mount option "" or missing value
[  131.917219][ T1020] usb 1-1: config 0 descriptor??
[  131.922529][ T2545] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  131.930150][ T2545] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  131.979920][ T2545] F2FS-fs (loop4): Unrecognized mount option "" or missing value
[  132.002188][ T2551] loop3: detected capacity change from 0 to 2048
[  132.021337][ T2551] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  132.030033][ T1020] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  132.216379][    T6] usb 3-1: Using ep0 maxpacket: 16
[  132.271207][  T300] usb 1-1: USB disconnect, device number 7
[  132.363569][ T2557] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  132.378534][ T2557] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  132.390830][ T2557] EXT4-fs (loop3): This should not happen!! Data will be lost
[  132.390830][ T2557] 
[  132.400381][ T2557] EXT4-fs (loop3): Total free blocks count 0
[  132.406182][ T2557] EXT4-fs (loop3): Free/Dirty block details
[  132.412002][ T2557] EXT4-fs (loop3): free_blocks=2415919104
[  133.135813][ T2557] EXT4-fs (loop3): dirty_blocks=16
[  133.155198][ T2557] EXT4-fs (loop3): Block reservation details
[  133.161153][ T2557] EXT4-fs (loop3): i_reserved_data_blocks=1
[  133.169889][ T2557] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  133.399409][    T6] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  133.410096][    T6] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  133.443770][    T6] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  133.459476][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.487820][    T6] usb 3-1: config 0 descriptor??
[  133.530447][    T6] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  133.554971][ T2566] kvm: emulating exchange as write
[  133.606003][ T2576] 9pnet_fd: Insufficient options for proto=fd
[  133.614803][ T2577] loop4: detected capacity change from 0 to 512
[  133.652650][ T2577] ext4: Unknown parameter 'obj_type'
[  133.685206][ T2572] loop1: detected capacity change from 0 to 40427
[  133.709117][ T2572] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  133.727013][ T2572] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  133.735930][ T2572] F2FS-fs (loop1): Unrecognized mount option "" or missing value
[  134.538760][ T2577] loop4: detected capacity change from 0 to 40427
[  134.558958][ T2577] F2FS-fs (loop4): invalid crc value
[  134.581529][ T2577] F2FS-fs (loop4): Found nat_bits in checkpoint
[  134.626078][ T2584] loop1: detected capacity change from 0 to 40427
[  134.650445][ T2584] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  134.658332][ T2584] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  134.670041][ T2584] F2FS-fs (loop1): Unrecognized mount option "" or missing value
[  134.679137][ T2577] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  134.695170][ T2575] syz.4.480: attempt to access beyond end of device
[  134.695170][ T2575] loop4: rw=2049, sector=77824, nr_sectors = 968 limit=40427
[  134.748415][  T292] syz-executor: attempt to access beyond end of device
[  134.748415][  T292] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  134.776348][ T1020] usb 3-1: USB disconnect, device number 12
[  134.839490][    T6] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  134.908471][ T2598] loop4: detected capacity change from 0 to 256
[  134.931700][ T2598] exfat: Deprecated parameter 'utf8'
[  134.937288][ T2598] exfat: Deprecated parameter 'namecase'
[  134.945021][ T2598] exfat: Deprecated parameter 'namecase'
[  134.951398][ T2598] exfat: Deprecated parameter 'utf8'
[  134.981197][ T2598] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x822ffc2e, utbl_chksum : 0xe619d30d)
[  135.059277][   T28] kauditd_printk_skb: 127 callbacks suppressed
[  135.072030][   T28] audit: type=1400 audit(1723549414.659:560): avc:  denied  { setattr } for  pid=2597 comm="syz.4.484" name="file1" dev="loop4" ino=1048631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  135.110321][   T28] audit: type=1400 audit(1723549414.719:561): avc:  denied  { remove_name } for  pid=2601 comm="syz.4.486" name="file0" dev="incremental-fs" ino=590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  135.134119][   T28] audit: type=1400 audit(1723549414.719:562): avc:  denied  { unlink } for  pid=2601 comm="syz.4.486" name="file0" dev="incremental-fs" ino=590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  135.199386][ T1020] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  135.375423][ T2609] loop1: detected capacity change from 0 to 40427
[  135.382519][ T2609] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  135.392066][ T2609] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  135.401053][ T2609] F2FS-fs (loop1): Unrecognized mount option "" or missing value
[  135.429452][    T6] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  135.434647][ T2611] loop4: detected capacity change from 0 to 40427
[  135.449080][ T2611] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  135.456936][ T2611] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  135.465286][ T2611] F2FS-fs (loop4): Unrecognized mount option "ÿÿ" or missing value
[  135.578536][ T1020] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.609414][    T6] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  135.618571][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.629755][    T6] usb 4-1: Product: syz
[  135.634152][    T6] usb 4-1: Manufacturer: syz
[  135.638574][    T6] usb 4-1: SerialNumber: syz
[  135.639358][ T1020] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.646764][    T6] usb 4-1: config 0 descriptor??
[  135.658900][ T1020] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  136.699331][ T1020] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.705655][   T28] audit: type=1326 audit(1723549416.309:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2622 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  136.717886][ T1020] usb 3-1: config 0 descriptor??
[  136.741412][   T28] audit: type=1326 audit(1723549416.319:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2622 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  136.765418][   T28] audit: type=1326 audit(1723549416.339:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2622 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  136.840854][   T28] audit: type=1326 audit(1723549416.339:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2622 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  136.865418][   T28] audit: type=1326 audit(1723549416.339:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2622 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  137.240277][   T28] audit: type=1326 audit(1723549416.339:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2622 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  137.274425][   T28] audit: type=1326 audit(1723549416.339:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2622 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  137.449412][   T39] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  137.473029][ T2596] loop2: detected capacity change from 0 to 512
[  137.491144][ T2596] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  137.500043][ T2596] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038 (0x7fffffff)
[  137.530338][ T2641] loop0: detected capacity change from 0 to 1024
[  137.540849][ T2641] EXT4-fs: Ignoring removed orlov option
[  137.547655][ T2641] EXT4-fs (loop0): Test dummy encryption mode enabled
[  137.554564][ T2641] EXT4-fs (loop0): can't mount with commit=6, fs mounted w/o journal
[  137.606353][ T2644] loop4: detected capacity change from 0 to 4096
[  137.622185][ T2644] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  137.729359][   T39] usb 2-1: Using ep0 maxpacket: 16
[  137.849406][   T39] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  137.879355][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  137.909367][   T39] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  137.918458][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.939967][   T39] usb 2-1: config 0 descriptor??
[  137.979819][   T39] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  138.262216][    T6] snd-usb-audio: probe of 4-1:0.0 failed with error -2
[  138.300481][    T6] usb 4-1: USB disconnect, device number 8
[  138.301391][  T431] udevd[431]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  138.331228][ T2657] loop3: detected capacity change from 0 to 4096
[  138.345396][ T2657] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  138.743473][ T2268] EXT4-fs (loop2): unmounting filesystem.
[  138.844107][ T1020] usbhid 3-1:0.0: can't add hid device: -71
[  138.854170][ T1020] usbhid: probe of 3-1:0.0 failed with error -71
[  138.870811][ T1020] usb 3-1: USB disconnect, device number 13
[  139.330342][ T2674] loop0: detected capacity change from 0 to 1024
[  139.369721][ T2674] EXT4-fs: Ignoring removed orlov option
[  139.403064][ T2674] EXT4-fs (loop0): Test dummy encryption mode enabled
[  139.427250][ T2674] EXT4-fs (loop0): can't mount with commit=6, fs mounted w/o journal
[  139.807412][ T1217] usb 2-1: USB disconnect, device number 14
[  139.910865][ T2683] loop0: detected capacity change from 0 to 512
[  139.991046][ T2683] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.504: invalid block
[  140.019848][ T2683] EXT4-fs (loop0): Remounting filesystem read-only
[  140.029545][ T2683] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.504: invalid indirect mapped block 4294967295 (level 1)
[  140.129573][ T2683] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.504: invalid indirect mapped block 4294967295 (level 1)
[  140.176094][ T2683] EXT4-fs (loop0): 2 truncates cleaned up
[  140.196082][ T2683] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  140.248416][ T1970] EXT4-fs (loop0): unmounting filesystem.
[  140.459079][ T2679] loop2: detected capacity change from 0 to 40427
[  140.497205][ T2679] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  140.519689][ T2681] loop1: detected capacity change from 0 to 40427
[  140.537588][ T2679] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  140.549417][ T2681] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  140.556975][ T2681] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  140.557834][ T2679] F2FS-fs (loop2): Unrecognized mount option "ÿÿ" or missing value
[  140.605820][ T2681] F2FS-fs (loop1): Unrecognized mount option "" or missing value
[  140.660408][  T292] EXT4-fs (loop4): unmounting filesystem.
[  140.804675][ T2686] loop0: detected capacity change from 0 to 40427
[  140.841858][ T2686] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  140.848049][ T2686] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  140.927819][ T2686] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  141.175427][ T2697] loop2: detected capacity change from 0 to 1024
[  141.227847][ T2697] EXT4-fs: Ignoring removed orlov option
[  141.247879][ T2686] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  141.258006][ T2697] EXT4-fs (loop2): Test dummy encryption mode enabled
[  141.266014][ T2686] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  141.274446][ T2697] EXT4-fs (loop2): can't mount with commit=6, fs mounted w/o journal
[  141.292560][ T1657] EXT4-fs (loop3): unmounting filesystem.
[  141.301958][ T2701] syz.0.505: attempt to access beyond end of device
[  141.301958][ T2701] loop0: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  141.350825][ T2688] loop4: detected capacity change from 0 to 40427
[  141.357928][ T2688] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  141.375915][ T2688] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  141.397473][ T2688] F2FS-fs (loop4): Unrecognized mount option "" or missing value
[  141.459737][ T1020] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  141.498730][ T2705] overlayfs: missing 'lowerdir'
[  141.528569][ T2703] loop3: detected capacity change from 0 to 2048
[  141.694990][ T1970] syz-executor: attempt to access beyond end of device
[  141.694990][ T1970] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  141.710327][ T1020] usb 2-1: Using ep0 maxpacket: 16
[  141.719277][ T2703] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  141.859480][ T1970] syz-executor: attempt to access beyond end of device
[  141.859480][ T1970] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  141.874427][ T1020] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.890122][ T1020] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.962670][ T1020] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[  141.971674][ T1020] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.985409][ T2713] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  142.000245][ T2713] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  142.012870][ T2713] EXT4-fs (loop3): This should not happen!! Data will be lost
[  142.012870][ T2713] 
[  142.022468][ T2713] EXT4-fs (loop3): Total free blocks count 0
[  142.028386][ T2713] EXT4-fs (loop3): Free/Dirty block details
[  142.034104][ T2713] EXT4-fs (loop3): free_blocks=2415919104
[  142.039798][ T2713] EXT4-fs (loop3): dirty_blocks=16
[  142.044787][ T2713] EXT4-fs (loop3): Block reservation details
[  142.050610][ T2713] EXT4-fs (loop3): i_reserved_data_blocks=1
[  142.132994][ T2713] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  142.429637][ T1970] syz-executor: attempt to access beyond end of device
[  142.429637][ T1970] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  142.449009][ T1020] usb 2-1: config 0 descriptor??
[  142.819597][   T28] kauditd_printk_skb: 29 callbacks suppressed
[  142.819633][   T28] audit: type=1326 audit(1723549422.419:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30f7799f9 code=0x7ffc0000
[  142.909466][   T28] audit: type=1326 audit(1723549422.459:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30f7799f9 code=0x7ffc0000
[  142.936438][   T28] audit: type=1326 audit(1723549422.479:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff30f7799f9 code=0x7ffc0000
[  142.960680][   T28] audit: type=1326 audit(1723549422.479:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30f7799f9 code=0x7ffc0000
[  142.984433][   T28] audit: type=1326 audit(1723549422.479:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff30f7799f9 code=0x7ffc0000
[  143.007888][   T28] audit: type=1326 audit(1723549422.479:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30f7799f9 code=0x7ffc0000
[  143.115306][   T28] audit: type=1326 audit(1723549422.479:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7ff30f7799f9 code=0x7ffc0000
[  143.175013][ T1020] cp2112 0003:10C4:EA90.000E: unexpected long global item
[  143.201832][ T1020] cp2112 0003:10C4:EA90.000E: parse failed
[  143.229443][   T28] audit: type=1326 audit(1723549422.479:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30f7799f9 code=0x7ffc0000
[  143.231428][ T1020] cp2112: probe of 0003:10C4:EA90.000E failed with error -22
[  143.252986][   T28] audit: type=1326 audit(1723549422.479:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff30f7799f9 code=0x7ffc0000
[  143.264331][ T2726] loop0: detected capacity change from 0 to 40427
[  143.297362][   T28] audit: type=1326 audit(1723549422.479:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30f7799f9 code=0x7ffc0000
[  143.327296][ T2726] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  143.334301][ T2730] loop4: detected capacity change from 0 to 1024
[  143.335774][ T2726] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  143.341988][ T2730] EXT4-fs: Ignoring removed orlov option
[  143.356304][ T2726] F2FS-fs (loop0): Unrecognized mount option "" or missing value
[  143.360263][ T2730] EXT4-fs (loop4): Test dummy encryption mode enabled
[  143.371854][ T2730] EXT4-fs (loop4): can't mount with commit=6, fs mounted w/o journal
[  143.374491][ T1217] usb 2-1: USB disconnect, device number 15
[  143.489384][ T1020] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  143.606127][ T2737] netlink: 12 bytes leftover after parsing attributes in process `syz.4.514'.
[  143.735359][ T2741] loop4: detected capacity change from 0 to 1024
[  143.742057][ T2741] EXT4-fs: Ignoring removed orlov option
[  143.747985][ T2741] EXT4-fs (loop4): Test dummy encryption mode enabled
[  143.755040][ T2741] EXT4-fs (loop4): can't mount with commit=6, fs mounted w/o journal
[  143.855624][ T1020] usb 3-1: Using ep0 maxpacket: 16
[  143.980020][ T1020] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  144.052321][ T1020] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  144.065501][ T1020] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  144.075147][ T1020] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.084122][ T1020] usb 3-1: config 0 descriptor??
[  144.128653][ T1020] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  144.385073][ T2745] loop1: detected capacity change from 0 to 40427
[  144.408154][ T2745] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  144.419444][ T2745] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  144.427895][ T2745] F2FS-fs (loop1): Unrecognized mount option "" or missing value
[  144.614927][ T2749] loop3: detected capacity change from 0 to 40427
[  144.653163][ T2749] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  144.681868][ T2749] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  144.700454][ T2749] F2FS-fs (loop3): Unrecognized mount option "" or missing value
[  144.726299][ T2751] loop0: detected capacity change from 0 to 40427
[  144.733336][ T2751] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  144.739947][ T2751] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  144.743899][ T2756] loop4: detected capacity change from 0 to 2048
[  144.756160][ T2751] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  144.788499][ T2751] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  144.795854][ T2756]  loop4: p1 < > p4
[  144.799711][ T2751] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  144.809719][ T2756] loop4: p4 size 8388608 extends beyond EOD, truncated
[  144.821312][ T2761] syz.0.520: attempt to access beyond end of device
[  144.821312][ T2761] loop0: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  145.129149][ T2765] overlayfs: missing 'lowerdir'
[  145.680273][ T1970] syz-executor: attempt to access beyond end of device
[  145.680273][ T1970] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  145.735776][ T1970] syz-executor: attempt to access beyond end of device
[  145.735776][ T1970] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  145.744769][ T2775] loop4: detected capacity change from 0 to 1024
[  145.771926][ T2775] EXT4-fs: Ignoring removed orlov option
[  145.778050][ T2775] EXT4-fs (loop4): Test dummy encryption mode enabled
[  145.785432][ T1970] syz-executor: attempt to access beyond end of device
[  145.785432][ T1970] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  145.787100][ T2775] EXT4-fs (loop4): can't mount with commit=6, fs mounted w/o journal
[  145.837812][ T2562] usb 3-1: USB disconnect, device number 14
[  145.998604][ T2779] loop2: detected capacity change from 0 to 2048
[  146.069860][ T2779]  loop2: p1 < > p4
[  146.075914][ T2779] loop2: p4 size 8388608 extends beyond EOD, truncated
[  146.102382][ T2784] loop0: detected capacity change from 0 to 256
[  146.125333][ T2786] loop1: detected capacity change from 0 to 1024
[  146.135011][ T2784] exfat: Deprecated parameter 'utf8'
[  146.137029][ T2773] loop3: detected capacity change from 0 to 40427
[  146.148296][ T2786] EXT4-fs: Ignoring removed orlov option
[  146.161160][ T2773] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  146.170084][ T2786] EXT4-fs (loop1): Test dummy encryption mode enabled
[  146.175182][ T2784] exfat: Deprecated parameter 'namecase'
[  146.176958][ T2773] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  146.191120][ T2786] EXT4-fs (loop1): can't mount with commit=6, fs mounted w/o journal
[  146.199688][ T2773] F2FS-fs (loop3): Unrecognized mount option "" or missing value
[  146.204398][ T2784] exfat: Deprecated parameter 'namecase'
[  146.219042][ T2784] exfat: Deprecated parameter 'utf8'
[  146.232163][ T2784] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x822ffc2e, utbl_chksum : 0xe619d30d)
[  146.755471][ T2790] netlink: 12 bytes leftover after parsing attributes in process `syz.1.527'.
[  148.279587][   T28] kauditd_printk_skb: 52 callbacks suppressed
[  148.279633][   T28] audit: type=1326 audit(1723549427.469:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2796 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  148.806617][ T2793] loop2: detected capacity change from 0 to 512
[  148.839711][ T2793] ext4: Unknown parameter 'obj_type'
[  148.855778][   T28] audit: type=1326 audit(1723549427.469:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2796 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  148.879152][   T28] audit: type=1326 audit(1723549427.839:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2796 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  148.903482][   T28] audit: type=1326 audit(1723549427.839:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2796 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  148.936890][   T28] audit: type=1326 audit(1723549427.839:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2796 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  148.981887][   T28] audit: type=1326 audit(1723549427.849:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2796 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  149.011743][   T28] audit: type=1326 audit(1723549427.849:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2796 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  149.029403][   T39] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  149.044022][   T28] audit: type=1326 audit(1723549427.849:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2796 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  149.064200][ T2809] binder: 2801:2809 ioctl 4018620d 0 returned -22
[  149.107341][ T2809] process 'syz.1.531' launched '/dev/fd/-1/./file0' with NULL argv: empty string added
[  149.114639][   T28] audit: type=1326 audit(1723549427.849:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2796 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f37261799f9 code=0x7ffc0000
[  149.149385][ T2809] loop1: detected capacity change from 0 to 512
[  149.173096][ T2809] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  149.189369][   T28] audit: type=1400 audit(1723549428.379:670): avc:  denied  { read } for  pid=2801 comm="syz.1.531" name="msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  149.233456][ T2809] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.531: casefold flag without casefold feature
[  149.259817][ T2809] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.531: missing EA_INODE flag
[  149.279360][ T2809] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.531: error while reading EA inode 12 err=-117
[  149.291686][   T39] usb 1-1: Using ep0 maxpacket: 16
[  149.303939][ T2809] EXT4-fs (loop1): 1 orphan inode deleted
[  149.313171][ T2809] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  149.409392][   T39] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  149.419484][ T2813] loop4: detected capacity change from 0 to 40427
[  149.423823][   T39] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  149.450236][ T2813] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  149.457811][ T2813] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  149.465798][   T39] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  149.476774][ T2813] F2FS-fs (loop4): Unrecognized mount option "" or missing value
[  149.495741][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.523717][   T39] usb 1-1: config 0 descriptor??
[  149.569912][   T39] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  149.678305][ T2793] loop2: detected capacity change from 0 to 40427
[  149.715934][ T2793] F2FS-fs (loop2): invalid crc value
[  149.724137][ T2133] EXT4-fs (loop1): unmounting filesystem.
[  149.724188][ T2793] F2FS-fs (loop2): Found nat_bits in checkpoint
[  149.767345][ T2793] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  149.828585][ T2828] loop3: detected capacity change from 0 to 128
[  149.839681][ T2789] syz.2.528: attempt to access beyond end of device
[  149.839681][ T2789] loop2: rw=2049, sector=77824, nr_sectors = 968 limit=40427
[  149.894659][ T2824] loop1: detected capacity change from 0 to 40427
[  149.901541][ T2824] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  149.907751][ T2824] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  149.936099][ T2824] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  149.948943][ T2268] syz-executor: attempt to access beyond end of device
[  149.948943][ T2268] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  149.989653][ T2824] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  149.996522][ T2824] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  150.045151][ T2836] syz.1.534: attempt to access beyond end of device
[  150.045151][ T2836] loop1: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  150.225553][ T2839] overlayfs: missing 'lowerdir'
[  150.481638][ T2830] loop4: detected capacity change from 0 to 40427
[  150.496655][ T2830] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  150.513136][ T2830] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  150.522719][ T2830] F2FS-fs (loop4): Unrecognized mount option "" or missing value
[  150.623775][ T2133] syz-executor: attempt to access beyond end of device
[  150.623775][ T2133] loop1: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  150.745066][ T2847] device pim6reg1 entered promiscuous mode
[  150.981719][  T312] usb 1-1: USB disconnect, device number 8
[  151.024057][ T2854] loop4: detected capacity change from 0 to 1024
[  151.040969][ T2854] EXT4-fs: Ignoring removed orlov option
[  151.047412][ T2854] EXT4-fs (loop4): Test dummy encryption mode enabled
[  151.054797][ T2854] EXT4-fs (loop4): can't mount with commit=6, fs mounted w/o journal
[  151.218969][ T2862] loop0: detected capacity change from 0 to 2048
[  151.693405][ T2867] loop1: detected capacity change from 0 to 128
[  151.712065][ T2866] netlink: 12 bytes leftover after parsing attributes in process `syz.4.541'.
[  151.754831][ T2867] EXT4-fs (loop1): Test dummy encryption mode enabled
[  151.778504][ T2862]  loop0: p1 < > p4
[  151.813118][ T2862] loop0: p4 size 8388608 extends beyond EOD, truncated
[  151.848583][ T2867] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  151.924058][ T2867] ext4 filesystem being mounted at /25/mnt supports timestamps until 2038 (0x7fffffff)
[  152.375590][  T606] udevd[606]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  152.377673][  T431] udevd[431]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  152.493709][ T2133] EXT4-fs (loop1): unmounting filesystem.
[  152.506387][ T2886] loop2: detected capacity change from 0 to 40427
[  152.513944][ T2886] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  152.520427][ T2886] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  152.532515][ T2886] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  152.534627][ T2888] Invalid ELF header type: 0 != 1
[  152.562907][ T2886] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  152.569956][ T2886] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  152.595360][ T2893] syz.2.548: attempt to access beyond end of device
[  152.595360][ T2893] loop2: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  153.219475][ T2897] overlayfs: missing 'lowerdir'
[  153.419187][   T28] kauditd_printk_skb: 39 callbacks suppressed
[  153.419275][   T28] audit: type=1326 audit(1723549432.869:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2895 comm="syz.1.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  153.702228][ T2268] syz-executor: attempt to access beyond end of device
[  153.702228][ T2268] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  153.727407][   T28] audit: type=1326 audit(1723549432.869:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2895 comm="syz.1.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  153.747173][ T2268] syz-executor: attempt to access beyond end of device
[  153.747173][ T2268] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  153.764251][   T28] audit: type=1326 audit(1723549432.869:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2895 comm="syz.1.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  153.787700][   T28] audit: type=1326 audit(1723549432.879:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2895 comm="syz.1.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  153.787787][ T2268] syz-executor: attempt to access beyond end of device
[  153.787787][ T2268] loop2: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  153.817003][   T28] audit: type=1326 audit(1723549432.879:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2895 comm="syz.1.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  153.901507][ T2912] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  154.019719][   T60] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  154.103040][   T28] audit: type=1326 audit(1723549432.879:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2895 comm="syz.1.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  154.149680][   T28] audit: type=1326 audit(1723549432.879:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2895 comm="syz.1.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f41851799f9 code=0x7ffc0000
[  154.172847][  T586] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  154.233735][ T2911] loop0: detected capacity change from 0 to 512
[  154.255599][ T2911] ext4: Unknown parameter 'obj_type'
[  154.266302][ T2914] loop2: detected capacity change from 0 to 2048
[  154.289469][   T60] usb 2-1: Using ep0 maxpacket: 16
[  154.305022][ T2914] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  154.449484][   T60] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  154.466835][   T60] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  154.496556][ T2920] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  154.511884][ T2920] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  154.524257][ T2920] EXT4-fs (loop2): This should not happen!! Data will be lost
[  154.524257][ T2920] 
[  154.533863][ T2920] EXT4-fs (loop2): Total free blocks count 0
[  154.539765][ T2920] EXT4-fs (loop2): Free/Dirty block details
[  154.545509][ T2920] EXT4-fs (loop2): free_blocks=2415919104
[  154.551197][ T2920] EXT4-fs (loop2): dirty_blocks=16
[  154.556184][ T2920] EXT4-fs (loop2): Block reservation details
[  154.562072][ T2920] EXT4-fs (loop2): i_reserved_data_blocks=1
[  154.621108][ T2920] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  154.654192][   T60] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  154.667289][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.685005][   T60] usb 2-1: config 0 descriptor??
[  154.799538][  T586] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.823879][  T586] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.852956][  T586] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  154.878722][  T586] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.951504][  T586] usb 4-1: config 0 descriptor??
[  154.951904][   T60] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  155.069444][    T6] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  155.078825][ T2911] loop0: detected capacity change from 0 to 40427
[  155.116471][ T2911] F2FS-fs (loop0): invalid crc value
[  155.133479][ T2911] F2FS-fs (loop0): Found nat_bits in checkpoint
[  155.134544][ T2929] loop2: detected capacity change from 0 to 1024
[  155.150869][ T2929] EXT4-fs: Ignoring removed orlov option
[  155.159019][ T2929] EXT4-fs (loop2): Test dummy encryption mode enabled
[  155.166369][ T2929] EXT4-fs (loop2): can't mount with commit=6, fs mounted w/o journal
[  155.172279][ T2911] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  155.206392][ T2910] syz.0.555: attempt to access beyond end of device
[  155.206392][ T2910] loop0: rw=2049, sector=77824, nr_sectors = 968 limit=40427
[  155.276362][ T1970] syz-executor: attempt to access beyond end of device
[  155.276362][ T1970] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  155.374891][ T2933] netlink: 12 bytes leftover after parsing attributes in process `syz.2.557'.
[  155.495682][    T6] usb 5-1: Using ep0 maxpacket: 8
[  155.501772][  T586] hid-steam 0003:28DE:1142.000F: unknown main item tag 0x1
[  155.508891][  T586] hid-steam 0003:28DE:1142.000F: unknown main item tag 0x2
[  155.515935][  T586] hid-steam 0003:28DE:1142.000F: item fetching failed at offset 4/5
[  155.524128][  T586] hid-steam 0003:28DE:1142.000F: steam_probe:parse of hid interface failed
[  155.532611][  T586] hid-steam: probe of 0003:28DE:1142.000F failed with error -22
[  155.599840][ T2935] loop0: detected capacity change from 0 to 2048
[  155.620735][ T2935] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  155.639454][    T6] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  155.649351][    T6] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  155.659821][    T6] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  156.179973][ T2941] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  156.194816][ T2941] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  156.207426][ T2941] EXT4-fs (loop0): This should not happen!! Data will be lost
[  156.207426][ T2941] 
[  156.217084][ T2941] EXT4-fs (loop0): Total free blocks count 0
[  156.223046][ T2941] EXT4-fs (loop0): Free/Dirty block details
[  156.228868][ T2941] EXT4-fs (loop0): free_blocks=2415919104
[  156.234434][ T2941] EXT4-fs (loop0): dirty_blocks=16
[  156.239460][ T2941] EXT4-fs (loop0): Block reservation details
[  156.245285][ T2941] EXT4-fs (loop0): i_reserved_data_blocks=1
[  156.331914][ T2942] loop3: detected capacity change from 0 to 512
[  156.380536][ T2941] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  156.675139][ T2942] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  156.692777][   T60] usb 2-1: USB disconnect, device number 16
[  156.710703][ T2942] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e02c, mo2=0002]
[  156.718479][ T2942] System zones: 1-12
[  156.732078][ T2942] EXT4-fs (loop3): orphan cleanup on readonly fs
[  156.738282][ T2942] EXT4-fs error (device loop3): ext4_read_inode_bitmap:168: comm syz.3.551: Inode bitmap for bg 0 marked uninitialized
[  156.750895][ T2942] EXT4-fs (loop3): Remounting filesystem read-only
[  156.757238][ T2942] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  156.770709][    T6] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  156.802166][    T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.819628][    T6] usb 5-1: Product: syz
[  156.824985][    T6] usb 5-1: Manufacturer: syz
[  156.830315][    T6] usb 5-1: SerialNumber: syz
[  156.892033][ T2949] loop2: detected capacity change from 0 to 512
[  156.898522][ T2949] ext4: Unknown parameter 'obj_type'
[  157.084354][ T2948] loop2: detected capacity change from 0 to 40427
[  157.093080][ T2948] F2FS-fs (loop2): invalid crc value
[  157.099977][ T2948] F2FS-fs (loop2): Found nat_bits in checkpoint
[  157.125127][ T2948] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  157.144632][ T2948] syz.2.561: attempt to access beyond end of device
[  157.144632][ T2948] loop2: rw=2049, sector=77824, nr_sectors = 968 limit=40427
[  157.181101][ T2268] syz-executor: attempt to access beyond end of device
[  157.181101][ T2268] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  157.529519][    T6] usb 5-1: 0:2 : does not exist
[  157.694556][ T2971] loop1: detected capacity change from 0 to 128
[  157.730532][ T2924] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.738867][ T2924] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.807516][ T2850] usb 4-1: USB disconnect, device number 9
[  157.807681][ T1657] EXT4-fs (loop3): unmounting filesystem.
[  157.822606][ T2969] loop0: detected capacity change from 0 to 40427
[  158.084954][ T2969] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  158.131987][ T2969] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  158.186015][  T405] Bluetooth: hci0: Frame reassembly failed (-84)
[  158.195253][  T405] Bluetooth: hci0: Frame reassembly failed (-84)
[  158.319945][ T2969] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  158.350116][ T2969] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  158.357135][ T2969] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  158.372846][ T2990] syz.0.565: attempt to access beyond end of device
[  158.372846][ T2990] loop0: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  158.448293][   T28] audit: type=1400 audit(1723549438.049:717): avc:  denied  { append } for  pid=2992 comm="syz.2.569" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  158.789992][ T2994] overlayfs: missing 'lowerdir'
[  158.935078][  T312] usb 5-1: USB disconnect, device number 7
[  158.973150][ T1970] syz-executor: attempt to access beyond end of device
[  158.973150][ T1970] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  158.987286][ T1970] syz-executor: attempt to access beyond end of device
[  158.987286][ T1970] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  159.006101][ T3000] loop4: detected capacity change from 0 to 2048
[  159.028003][ T3002] loop2: detected capacity change from 0 to 1024
[  159.045400][ T3002] EXT4-fs: Ignoring removed orlov option
[  159.052519][ T3002] EXT4-fs (loop2): Test dummy encryption mode enabled
[  159.059339][ T3002] EXT4-fs (loop2): can't mount with commit=6, fs mounted w/o journal
[  159.060653][ T3000] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  159.082142][ T2990] syz.0.565: attempt to access beyond end of device
[  159.082142][ T2990] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  159.348109][ T3011] netlink: 12 bytes leftover after parsing attributes in process `syz.2.573'.
[  159.883511][ T3012] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  159.898203][ T3012] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  159.910369][ T3012] EXT4-fs (loop4): This should not happen!! Data will be lost
[  159.910369][ T3012] 
[  159.919775][ T3012] EXT4-fs (loop4): Total free blocks count 0
[  159.925645][ T3012] EXT4-fs (loop4): Free/Dirty block details
[  159.931407][ T3012] EXT4-fs (loop4): free_blocks=2415919104
[  159.936965][ T3012] EXT4-fs (loop4): dirty_blocks=16
[  159.941993][ T3012] EXT4-fs (loop4): Block reservation details
[  159.947836][ T3012] EXT4-fs (loop4): i_reserved_data_blocks=1
[  159.955108][ T3012] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  160.175718][    T6] ==================================================================
[  160.183616][    T6] BUG: KASAN: use-after-free in kernfs_get+0x21/0x90
[  160.190209][    T6] Read of size 4 at addr ffff888113de74b0 by task kworker/0:0/6
[  160.197928][    T6] 
[  160.200108][    T6] CPU: 0 PID: 6 Comm: kworker/0:0 Not tainted 6.1.90-syzkaller-00004-g79436849ef1d #0
[  160.209468][    T6] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  160.219365][    T6] Workqueue: events flush_stashed_error_work
[  160.225188][    T6] Call Trace:
[  160.228391][    T6]  <TASK>
[  160.231172][    T6]  dump_stack_lvl+0x151/0x1b7
[  160.235681][    T6]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  160.240974][    T6]  ? _printk+0xd1/0x111
[  160.244980][    T6]  ? __virt_addr_valid+0x242/0x2f0
[  160.249917][    T6]  print_report+0x158/0x4e0
[  160.254265][    T6]  ? __virt_addr_valid+0x242/0x2f0
[  160.259208][    T6]  ? kasan_complete_mode_report_info+0x90/0x1b0
[  160.265283][    T6]  ? kernfs_get+0x21/0x90
[  160.269447][    T6]  kasan_report+0x13c/0x170
[  160.273796][    T6]  ? kernfs_get+0x21/0x90
[  160.277952][    T6]  kasan_check_range+0x294/0x2a0
[  160.282726][    T6]  __kasan_check_read+0x11/0x20
[  160.287496][    T6]  kernfs_get+0x21/0x90
[  160.291490][    T6]  sysfs_notify+0x9a/0xd0
[  160.295660][    T6]  ext4_notify_error_sysfs+0x25/0x30
[  160.300777][    T6]  flush_stashed_error_work+0x2fe/0x320
[  160.306156][    T6]  ? pwq_dec_nr_in_flight+0x191/0x3d0
[  160.311376][    T6]  process_one_work+0x73d/0xcb0
[  160.316067][    T6]  worker_thread+0xa60/0x1260
[  160.320576][    T6]  kthread+0x26d/0x300
[  160.324484][    T6]  ? worker_clr_flags+0x1a0/0x1a0
[  160.329334][    T6]  ? kthread_blkcg+0xd0/0xd0
[  160.333758][    T6]  ret_from_fork+0x1f/0x30
[  160.338011][    T6]  </TASK>
[  160.340878][    T6] 
[  160.343054][    T6] Allocated by task 3000:
[  160.347217][    T6]  kasan_set_track+0x4b/0x70
[  160.351638][    T6]  kasan_save_alloc_info+0x1f/0x30
[  160.356586][    T6]  __kasan_slab_alloc+0x6c/0x80
[  160.361280][    T6]  slab_post_alloc_hook+0x53/0x2c0
[  160.366309][    T6]  kmem_cache_alloc+0x175/0x2c0
[  160.370992][    T6]  __kernfs_new_node+0xdb/0x700
[  160.375685][    T6]  kernfs_new_node+0x130/0x230
[  160.380279][    T6]  kernfs_create_dir_ns+0x44/0x130
[  160.385229][    T6]  sysfs_create_dir_ns+0x185/0x390
[  160.390172][    T6]  kobject_add_internal+0x635/0xbf0
[  160.395206][    T6]  kobject_init_and_add+0x120/0x190
[  160.400327][    T6]  ext4_register_sysfs+0xbf/0x2c0
[  160.405189][    T6]  ext4_fill_super+0x7930/0x8460
[  160.409976][    T6]  get_tree_bdev+0x440/0x680
[  160.414563][    T6]  ext4_get_tree+0x1c/0x20
[  160.418900][    T6]  vfs_get_tree+0x88/0x290
[  160.423156][    T6]  do_new_mount+0x2ba/0xb30
[  160.427495][    T6]  path_mount+0x671/0x1070
[  160.431748][    T6]  __se_sys_mount+0x2c4/0x3b0
[  160.436261][    T6]  __x64_sys_mount+0xbf/0xd0
[  160.440688][    T6]  x64_sys_call+0x49d/0x9a0
[  160.445029][    T6]  do_syscall_64+0x3b/0xb0
[  160.449280][    T6]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  160.455009][    T6] 
[  160.457178][    T6] Freed by task 292:
[  160.460911][    T6]  kasan_set_track+0x4b/0x70
[  160.465337][    T6]  kasan_save_free_info+0x2b/0x40
[  160.470198][    T6]  ____kasan_slab_free+0x131/0x180
[  160.475183][    T6]  __kasan_slab_free+0x11/0x20
[  160.479743][    T6]  kmem_cache_free+0x291/0x510
[  160.484345][    T6]  kernfs_put+0x392/0x520
[  160.488516][    T6]  __kobject_del+0x10f/0x300
[  160.492937][    T6]  kobject_del+0x45/0x60
[  160.497015][    T6]  ext4_unregister_sysfs+0x91/0xa0
[  160.501965][    T6]  ext4_put_super+0x7d/0xd60
[  160.506391][    T6]  generic_shutdown_super+0x14f/0x370
[  160.511603][    T6]  kill_block_super+0x7e/0xe0
[  160.516141][    T6]  deactivate_locked_super+0xad/0x110
[  160.521330][    T6]  deactivate_super+0xbe/0xf0
[  160.525833][    T6]  cleanup_mnt+0x485/0x510
[  160.530176][    T6]  __cleanup_mnt+0x19/0x20
[  160.534427][    T6]  task_work_run+0x24d/0x2e0
[  160.538860][    T6]  exit_to_user_mode_loop+0x94/0xa0
[  160.543885][    T6]  exit_to_user_mode_prepare+0x5a/0xa0
[  160.549177][    T6]  syscall_exit_to_user_mode+0x26/0x130
[  160.554649][    T6]  do_syscall_64+0x47/0xb0
[  160.558901][    T6]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  160.564628][    T6] 
[  160.566981][    T6] The buggy address belongs to the object at ffff888113de74b0
[  160.566981][    T6]  which belongs to the cache kernfs_node_cache of size 136
[  160.581483][    T6] The buggy address is located 0 bytes inside of
[  160.581483][    T6]  136-byte region [ffff888113de74b0, ffff888113de7538)
[  160.594425][    T6] 
[  160.596579][    T6] The buggy address belongs to the physical page:
[  160.602831][    T6] page:ffffea00044f79c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x113de7
[  160.612902][    T6] flags: 0x4000000000000200(slab|zone=1)
[  160.618377][    T6] raw: 4000000000000200 ffffea0004d98180 dead00000000000a ffff8881002b2180
[  160.626789][    T6] raw: 0000000000000000 0000000000140014 00000001ffffffff 0000000000000000
[  160.635299][    T6] page dumped because: kasan: bad access detected
[  160.641546][    T6] page_owner tracks the page as allocated
[  160.647179][    T6] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 1836, tgid 1835 (syz.0.313), ts 95686600868, free_ts 95640417471
[  160.665177][    T6]  post_alloc_hook+0x213/0x220
[  160.669778][    T6]  prep_new_page+0x1b/0x110
[  160.674134][    T6]  get_page_from_freelist+0x27ea/0x2870
[  160.679504][    T6]  __alloc_pages+0x3a1/0x780
[  160.683922][    T6]  alloc_slab_page+0x6c/0xf0
[  160.688351][    T6]  new_slab+0x90/0x3e0
[  160.692261][    T6]  ___slab_alloc+0x6f9/0xb80
[  160.696681][    T6]  __slab_alloc+0x5d/0xa0
[  160.700848][    T6]  kmem_cache_alloc+0x1b9/0x2c0
[  160.705552][    T6]  __kernfs_new_node+0xdb/0x700
[  160.710324][    T6]  kernfs_new_node+0x130/0x230
[  160.714909][    T6]  kernfs_create_dir_ns+0x44/0x130
[  160.719871][    T6]  sysfs_create_dir_ns+0x185/0x390
[  160.724891][    T6]  kobject_add_internal+0x635/0xbf0
[  160.729926][    T6]  kset_create_and_add+0x214/0x2b0
[  160.734960][    T6]  netdev_register_kobject+0x1a6/0x320
[  160.740254][    T6] page last free stack trace:
[  160.744765][    T6]  free_unref_page_prepare+0x83d/0x850
[  160.750061][    T6]  free_unref_page_list+0xf1/0x7b0
[  160.755014][    T6]  release_pages+0xf7f/0xfe0
[  160.759440][    T6]  free_pages_and_swap_cache+0x8a/0xa0
[  160.764816][    T6]  tlb_finish_mmu+0x1e0/0x3f0
[  160.769416][    T6]  exit_mmap+0x421/0x940
[  160.773502][    T6]  __mmput+0x95/0x310
[  160.777402][    T6]  mmput+0x56/0x170
[  160.781053][    T6]  do_exit+0xb29/0x2b80
[  160.785127][    T6]  do_group_exit+0x21a/0x2d0
[  160.789554][    T6]  get_signal+0x169d/0x1820
[  160.793986][    T6]  arch_do_signal_or_restart+0xb0/0x16f0
[  160.799447][    T6]  exit_to_user_mode_loop+0x74/0xa0
[  160.804480][    T6]  exit_to_user_mode_prepare+0x5a/0xa0
[  160.809786][    T6]  syscall_exit_to_user_mode+0x26/0x130
[  160.815156][    T6]  do_syscall_64+0x47/0xb0
[  160.819424][    T6] 
[  160.821643][    T6] Memory state around the buggy address:
[  160.827068][    T6]  ffff888113de7380: fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb
[  160.835039][    T6]  ffff888113de7400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[  160.843020][    T6] >ffff888113de7480: fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb
[  160.850913][    T6]                                      ^
[  160.856613][    T6]  ffff888113de7500: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fa
[  160.864457][    T6]  ffff888113de7580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  160.872353][    T6] ==================================================================
[  160.880296][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  160.880987][ T2982] Bluetooth: hci0: command 0x1003 tx timeout
[  160.921956][    T6] Disabling lock debugging due to kernel taint
[  160.939470][    T6] general protection fault, probably for non-canonical address 0xe08e5c2d6000002e: 0000 [#1] PREEMPT SMP KASAN
[  160.951015][    T6] KASAN: maybe wild-memory-access in range [0x0473016b00000170-0x0473016b00000177]
[  160.960211][    T6] CPU: 0 PID: 6 Comm: kworker/0:0 Tainted: G    B              6.1.90-syzkaller-00004-g79436849ef1d #0
[  160.971066][    T6] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  160.980959][    T6] Workqueue: events flush_stashed_error_work
[  160.986782][    T6] RIP: 0010:kernfs_find_and_get_ns+0x52/0x110
[  160.992680][    T6] Code: 08 48 89 f8 48 c1 e8 03 42 80 3c 30 00 74 05 e8 54 01 d4 ff 49 8b 5d 08 48 85 db 49 0f 44 dd 48 83 c3 50 48 89 d8 48 c1 e8 03 <42> 80 3c 30 00 74 08 48 89 df e8 2f 01 d4 ff 4c 8b 33 49 83 c6 60
[  161.012202][    T6] RSP: 0018:ffffc90000067c68 EFLAGS: 00010207
[  161.018193][    T6] RAX: 008e602d6000002e RBX: 0473016b00000174 RCX: ffffffff81e8bf3c
[  161.026261][    T6] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff888113de74b8
[  161.034074][    T6] RBP: ffffc90000067c90 R08: dffffc0000000000 R09: 0000000000000003
[  161.041886][    T6] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffffffff85b4b860
[  161.049697][    T6] R13: ffff888113de74b0 R14: dffffc0000000000 R15: 0000000000000000
[  161.057512][    T6] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  161.066274][    T6] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  161.072696][    T6] CR2: 00007f4185ec1d58 CR3: 0000000006e0f000 CR4: 00000000003526b0
[  161.080504][    T6] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  161.088313][    T6] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  161.096124][    T6] Call Trace:
[  161.099251][    T6]  <TASK>
[  161.102029][    T6]  ? __die_body+0x62/0xb0
[  161.106205][    T6]  ? die_addr+0x9f/0xd0
[  161.110203][    T6]  ? exc_general_protection+0x317/0x4c0
[  161.115570][    T6]  ? asm_exc_general_protection+0x27/0x30
[  161.121123][    T6]  ? kernfs_find_and_get_ns+0x3c/0x110
[  161.126415][    T6]  ? kernfs_find_and_get_ns+0x52/0x110
[  161.131722][    T6]  ? kernfs_find_and_get_ns+0x3c/0x110
[  161.137092][    T6]  sysfs_notify+0x73/0xd0
[  161.141258][    T6]  ext4_notify_error_sysfs+0x25/0x30
[  161.146379][    T6]  flush_stashed_error_work+0x2fe/0x320
[  161.151846][    T6]  ? pwq_dec_nr_in_flight+0x191/0x3d0
[  161.157335][    T6]  process_one_work+0x73d/0xcb0
[  161.162072][    T6]  worker_thread+0xa60/0x1260
[  161.166520][    T6]  kthread+0x26d/0x300
[  161.170420][    T6]  ? worker_clr_flags+0x1a0/0x1a0
[  161.175281][    T6]  ? kthread_blkcg+0xd0/0xd0
[  161.179734][    T6]  ret_from_fork+0x1f/0x30
[  161.183965][    T6]  </TASK>
[  161.186835][    T6] Modules linked in:
[  161.209352][    T6] ---[ end trace 0000000000000000 ]---
[  161.214657][    T6] RIP: 0010:kernfs_find_and_get_ns+0x52/0x110
[  161.239332][    T6] Code: 08 48 89 f8 48 c1 e8 03 42 80 3c 30 00 74 05 e8 54 01 d4 ff 49 8b 5d 08 48 85 db 49 0f 44 dd 48 83 c3 50 48 89 d8 48 c1 e8 03 <42> 80 3c 30 00 74 08 48 89 df e8 2f 01 d4 ff 4c 8b 33 49 83 c6 60
[  161.275638][    T6] RSP: 0018:ffffc90000067c68 EFLAGS: 00010207
[  161.286485][    T6] RAX: 008e602d6000002e RBX: 0473016b00000174 RCX: ffffffff81e8bf3c
[  161.294539][    T6] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff888113de74b8
[  161.303112][    T6] RBP: ffffc90000067c90 R08: dffffc0000000000 R09: 0000000000000003
[  161.311975][    T6] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffffffff85b4b860
[  161.321579][    T6] R13: ffff888113de74b0 R14: dffffc0000000000 R15: 0000000000000000
[  161.329496][    T6] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  161.338230][    T6] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  161.344804][    T6] CR2: 000056289fb2e0c8 CR3: 000000010f9e7000 CR4: 00000000003526b0
[  161.352810][    T6] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  161.361252][    T6] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  161.369463][    T6] Kernel panic - not syncing: Fatal exception
[  161.375616][    T6] Kernel Offset: disabled
[  161.379738][    T6] Rebooting in 86400 seconds..