last executing test programs:

3.924018367s ago: executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xf, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

3.907527439s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
ustat(0x0, 0x0)

3.873626495s ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r4}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)

3.814100164s ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
syz_usb_connect(0x0, 0x24, &(0x7f0000001440)={{0x12, 0x1, 0x0, 0xab, 0xd1, 0xa0, 0x40, 0x77b, 0x2226, 0xca8b, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3a, 0x92, 0xf8}}]}}]}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c000280080004000000000006000600000000000600"], 0x4c}}, 0x0)

2.402153854s ago: executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8923, &(0x7f0000000000)={'vlan0\x00', @local})

2.383330088s ago: executing program 4:
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff39b36732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1ba"], 0x1, 0x5514, &(0x7f0000005d80)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy67aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQPnv0nRMGTR/8GD569iQfFm6BkZqpbP8ClSWPb3w8mz7xv3jzzvGFZeGZKAjiz5pNffirFtbgUEbMRcTUiOy8VR2Y1D89FxPWImHnsKBXzf0ycj4jLEXFtlDzPWSre+vTm8MbKj2/8/PW3F85d+fyr76a3a2Dano+I7lZ+vtvNY9rK48NivjZsZ7G7PCxi/kb3UTFO87jb3Mgy7NYO1tWyeLuVr0+3dvqjuNmp1Uex1d7M5rd6+QX7w9ZBnuwDD2vb2bjR3Mhiu59msbWf17W3n//ftt8f5HkaRb4PsvQxGBzEfL6518z3s/Uoi/XeoJjP86aN5t4oDotYXC7qaaeR1bFxlG/6/+3Ndm9nLxk2t/vttJesVKovVKp3ytXttNEcNJfLtW7jznKy0OqMlpUHzVp3tZWmrU6zUk+7i8lCq14vV6vJwt3mRrvWS6rVyu3KrfLKYnF2M3n1/jtJp5EsjOLL7d7OoN3pJ5vpdpJ/YjFZqtx+cTG5UU3eWltP1h/cu7e2/vZ7d9+9/9La668Ui/5WVrKwdGtpqVy9VV6qLp6h/X9UFD3G/cORlJ5s+YVJ1QFwguj/gWmYXP+//SBi8v1/6P/H4kT1vxPr/z87s/uHI3nC/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPj+7kvXstO5vPxlWL+qWLqmWJcioiZiPjtH8zG+UM5Z4s8c/+yfu4vNXxTiizD6BoXiuNyRKwWx69PT/pbAAAAgNPryw+vf5J36/nL/LQL4jjlN21mrr4/pnyliJib/2FM2WZGL8+OKVn27/tc7I0pW3YD6+KYkuW33M6NK9t/MnsoXHwslPIwc6zlAAAAx+JwJ3C8XQgAAADH6eNpF8B0lOLgUebBs+DsL+//fCB46dAIAAAAOIFK0y4AAAAAmLis//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7lpA1EcgJ8NLvSfiqru26N0B8foEbrssuIAvQRHoFfIBTgD2eUIEUR4HBSiJIrisa2Q75PMMBb8/IzwYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Wa0X//9+/9c2Z7dv54WX/dG2bgAAAHgLttV6Ub+Zpf7H5vzn5tTXpl9ERBkRD43dR/HuJHPU5FSPfL66V8NFRJ1wuMakOT5ExM/muP7S9a8AAAAA52uzXM3TaD29zIYuiD6lSZvy069MeUVEVLOrTGnlIe9bprD6/z2OP5nS6gmsaaawNOU2zpX2LPXjfpy1m95pitSUT38/270DAAA9Gp00/Y5CAAAA6NPvoQtgGEXcLmUelwInqWmW996f9AAAAIBXqBi6AAAAAKBz9fjf/n8AAABw3tL+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRpW60Xm+Vq3jZnt28nz90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9tCoAgEIbBrezrX3j/w8YLeoYIZkB42EVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBH7hnLOLXO2BJPVbVME3vGvaqOrBJnVokrF/p4sPUPfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMvO/bzGUcUBAH8zs7NJq+IaZQ8RseBBLzbd1tbexIMSPPgnCCHd1titP9ocbClCLt4k515EjyKCEm/9H3puoZd662EPFTxX5lcy+XFYhZ3ZZD8fePO+Mwzzvm8WQr77XgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsM/5wL06yQ6+I4/Law2d317P+0YE+c3/78XLWsjhqMunj4Y36SdSvnSw2nwwAAADzIanq+xDCk3RnNevjXl7/p9U9Wc3/00tFXNXzB+v+qq9q/6z9+cfT13YH6hXjZA+9ujEanjucSmd6s5xhz1+e4KZO/ubz716S/AOJP9l6dZzm7zP64cGDj7p5uDD9dAGA/+ds1ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBCFUchhOXOXpx59Ozu+lH9/e3Hy1W7dO/edv2Z2SPSEMLVjdHwXFhscDaz7dbtO9fXRqPhzeaDN0MIbY3+QTn9659NcHMIU0rjTEtvfs6CuPywZyWf4xG0+EMJAIATKS1bVtc/SXdWs2vRUgjPf95f/79di8OE9f/Tzy89rI9Vr/8Hjc1w9q1s3vh65dbtO+9u3Fi7Nrw2/PK984P3BxcuX7x4eSX/rqQ4tp0mAAAAx1i3bPX6P146vP5/uhaHCev/b34cfFcfK1H/H2lv0a/tTAAAAObbK2f++Ts64nrU7YZv1zY3bw6K4+75+eLYQqr/2ULZ6vV/stR2VgAAAEATxlvRvvX/K7U4TLj+/+Ivr/9Wf2YSQjhVrv+fXf9qdKW56cy0qfzx8EL5cDsLAAAAKOvxUwfW/9N8/3+8u+UhDiG881YRl/8GcKL6P/n4+1/rY9X3/19oboozKe4X7yPv+yF0+m1nBAAAwEm2mLdeXv//le6sfvH76U+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA///FdTwZ")
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd9c1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x0, 0x504}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_freezer_state(r6, &(0x7f0000000840), 0x2, 0x0)
close(0xffffffffffffffff)

1.21534286s ago: executing program 4:
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, @dev}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000480)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4}})

1.163273688s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001a80)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='mm_page_alloc\x00', r5}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f00000001c0)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[], [], 0x6b}})
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000280)=@o_path={&(0x7f0000000180)='./file0\x00', r1, 0x4000, r1}, 0x18)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002f1f453850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x78, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_ORIG={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x9}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}]}, 0x78}}, 0x0)

1.072723882s ago: executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x5, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
statx(r0, &(0x7f00000008c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x100, 0x400, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresgid(&(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600)=<r6=>0x0)
chown(&(0x7f0000000280)='./file0\x00', r5, r6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x90)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r7 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000040)={@private2, 0x0, 0x0, 0x2, 0x1}, 0x20)
r8 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r9 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r9, &(0x7f0000000740)=[{&(0x7f0000000300)=""/49, 0x31}], 0x1, 0xfffffffe, 0x0)
renameat2(r0, &(0x7f0000000640)='./file0\x00', r0, &(0x7f0000000680)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x7)
socket(0x0, 0x3, 0x0)

979.111397ms ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="b4050000fdff7f006110000000000000c60000000000000095000000000000009f33ef60916e6e911689a9396e7f889b817fd98cd824598949714ffaac8a6f770600dccae0f21f3ca90022d182054d54d53cd2b6db714e4beb5447000001eecd163199e28f7a674d5926000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2fe88afc50027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000fe0000b347abe6352a080f8140e5fd10747b6ecdb34533e1f10f35540546bf636ef897ed9bbe5026450200000000eb9e140000c8f7a187eaf60f3a17f0f046a307a403c17e9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb133e8833fed288a8eb3f591402503c2bbea4e16328dda19ecbc2b2f1065639d52090edcd03fcfe9b8603ef9a4f0855b0df0d9a39f0585d1c6c1c47a01d8eb71132744a2cf9f4db08ff74bcaa80d9f541b364ec4ebcdd11f553dc8a32458907ab99d738b2583203177a778b83f08f0f8c723e86ba548bd408e38db59f3a6e2d26416bb70a05969bd902e98690226ac9ad2dbe5692b58fd1d3f4b9358f988b8de97ed67dc242fba01d1d35ccb45df4a56aa410b3d52a86f653826c2871fe80031f8b63edbbc4553e0bb4de0dc090f5a529c8417ed8df02aa5366ca50a4a7c0fede698e353167bdd9e30a07dc0bdae73d156969722617f419d552f059aa4bf0ad4eefa3e5c7730499dafcf8da73093989565bc5d34f14d577be013c37dc81f67a5e3e53a402b325406011f3cca0b72dc7c2e38"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r2}, &(0x7f00000003c0), &(0x7f0000000400)=r4}, 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x40000, 0x0}, 0x0)

969.708298ms ago: executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00'})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x4c}}, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x1b)
ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f0000000280))

691.615962ms ago: executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x19, 0x0, 0x0)

675.671954ms ago: executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
timer_create(0x0, 0x0, &(0x7f0000000040))
timer_delete(0x0)

657.401667ms ago: executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7a)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000001080)=""/4096, 0x1000)

649.402499ms ago: executing program 0:
creat(&(0x7f0000000180)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000006380)="f7709f77945ec10b4eecea480cce6641402373da5e6d7f24014f7acee96be0135b59ce90b463223252169e036a4daf3dae250a1e6de526211d43d9512ae526730f553268794994fd54868ec480d09862b687b463a8fc5058903593b9bb4d50879635cbf67a9e7d1110fa0e8ef89dbd2abdae33183737b8c0b907f5cc74ad6ab0383f8240e091417d2816317f40abb64224f616136f93d932f2223ef42fa3c3155d53075d3eb1db73beb32bc364e3fc246d3dcaca2dc91a634815412bae915cdb1a6da7884559403b545235541ddac97d7b1ea8135539ebcfac1edfa2fee8cf78bb46da7644a8f9e42ae06ca7a188b83fa537b0962a10411b67fc4d7dfe9e95cce2aef82e75f4680b8ff9976b6569523b72a86bd3a8c96f30e85812fe33a610c2be0a3c1063e2ee864c6e8bbf331f2768accfea78700a7321e4af2db46fd162457e439369da2217992b77502b9b958df27bc086369963793854d7f8b00c537de3216898b8f2c1dd925049eef1ab57bb6f63b2d88850b49b3c54d71f545afafa16bd2d06ae501344987623890fdf9ac04b179d2131070a34cf143697b6642bf5da67437aaf5e78e7e6be85e44ad7b265d78d2baf92ee5ccb0a452eb32fb3fdd1a41abf3a68086acd20458af55c086f77c30bbbce4c19542f92ab1e68393ffa58b140586b49761aacdf6aeb7682561f01e0869f503c4a161fd405046d3e6523bd4071c09b7516e4e784f4d11706f1c2eb170e735e563c43317a5a9afad28511163cdb63660beb699f7b8a7eaf57d48517974ffa766fe8deab0cfb11562b9c281bce2493d08c40a259e0325c52124e303064c6fbae2826355e531543863030fef484621a381a945b6ec7253e20047e7294bd069442f72672e6dfe1ca17d75d8c6b16c931438cec72e6ee53f3db89a10a38a93cc84c7393773461db5074b4f5060dd0a04a069a7a9b078856a3fa1786fc8dab621ba622acafd0781b523ea097283afb0c59222a316c6ddc0554bcaccc70288e524ed7719fc02a86283b57690a7320af028efbaedd5bd158a9dc9ea8e4f53c7da7566cdbdd4f4d9f01a9dfa6251a355e338efc8eee258add8731c7d22161482b7e3c8bc83f30482f9935fcc5974d9d0685b5fba3b07d7f85cc8fef18ac4e8e915b8476bb44d7384c996921ae40a4fdd2dd2a70ba17e1c2d6ec67b8f7b45568c105d52afa9c82bdc1dc7fd951b1e4fc1212bf29231d8e41ed4dacafec9a823a672dceeee0e4048b5620373c53ab8f3553c842a5a6d914f8334d6d8a4af785f418e6b4aab3965f94ca9d80a74a5a034fb6edd0322696aa1060d82c7b104983f8889026819ffdf3d45c604e53066b03dfae13fad499e3894120c10944eaf752989daee4e172decca9c2b324a817a7c787e6bc59fc2884e358a1a9b14b3704cabe374d23c002b8112be68f409302d3dad0a4c02105cb54c4350c24e6f3b7588bf1c28ae321eaebb930cf0c3b607acff20663eab8a593320c518eba8f9205350f11a9c1530115f7e00f2aa335c92e1305ffcfeac7cdecd6f1b6a33710ec77ce428484712d66bad137b6c8da5aa51d1b7196d981a14a40df8406b292f385cb149cfc0a86701566674e089b88487f34fdb0bf16ca94d9da4a837f15d5cf8f11d9c226844d3eb18d848420f344a3992772125319abb641ea56f03fc626f092f67a8b6716b29cf8585cf5fe25a35f5dab0e3e075ba3c84116fb6cbbf99a8153d179ffc1e64356f1fa0bca6823ebd8e1a176636962cff271cee5c5bafcb68fad4921e070c4ae08cd8fa0b94534f11e66403d129a5e8253bd3a9dc09a8189895819ff618532bf6743b17a243d515e63868bdf9287fd1bad0d525759953624c8e82debf88159b2c22945535d9379c911f89c7856be1438bd02df70c939b80741ddad245082a72556a2ab3c2390b84c17b6119103a0b8126dbc55e05b153ef9a12cc67f649c14160c698a7127b39fe88fb91d19b2a381c08114c6e3e6d3d42b77602c838c421a9a414f1eb182d0197ff67dcfb5d79404afbdf9c96f475a0d5afc9a4d7cdad458eed6b1de6c13b11c46004243db779e7ad6dbbf15e69ee34bd2524cf72e49a5352992a9251a86c3dc30d7d5fe61ae538928e8fdca0e04fdb5917523d8266b7b4f1679a5082e798f587c5ed9084c70965e94e12f643ab0191e606c2eb0c3359a2b8504f3bb2e721cfbcfdd90c31cde10992c9400273bbc45fe5ba34d7ede773036e2fd1fec1f001c495accdf8ff572de3eb2aeebad29acfe3d2b1448fd67368d0c37f8bfbbf09bafc8f99a44b187f4f443c82b21f66f722fb59f40ce0f9d83c52b9b3358a80e102b21795a1cfcb986c787ccbb9f9c96c2b66d2f7a94ef2c2a5b65d5c2970ba6f3107609f4a67432835c2ce1682d260f6826072a6b6d4b113a5b06311677ca01260f3567ff1ab6be13b455f93916906273c5430fcccb57e0d78224ebec422763ee3a6b94528749a7ee5f70c9036cf3a99a9c98abc0e8aec18733a0c7da76814f2ff741582a9d96eb798426065764fcf86e40b6490f545494b48749fa8d398c5938d6bc7dbe183deecb913ef4c61aef27ea6bb77c23af09c3dec453f01d8e0cf1a3df30d73d44c4e147d9ff2853cb05b1d9fcd2d80815016f65368c477f3e8b676ee1ef5b9154850f02951060f5335d7b8b1c395151b443130d27b4aa0cdd9c1badc38e1825cbaea22480e1d8a986b001a4464fea618707f43bdf7949f500f3f9293b7f7f28170d45eb3e9422d7a107d5dfab18b8e7a2cbc4b42a818384136a49a021721fe07dff4fb2f26e74ee6b5725166409d794c69a1a5b27cb6263c387b81612add3c9e9e509845843a6ffb2250d37c365e3f57f0ad6e908fab119211e7679b41c8e298f9e85558be25ec0a4e6c9aa3d523ef3771971bfd272fcb736d10fa98a87b78c532fcc322f5e24baa21f2a3c84a90ec9b546869400bad19dec3575ebc69c8e512210b81667ed3cede89d10ee5871a6fb166b2f5c96f079cd5bf97f41327930b210627106c4cb6d77e3793b808c425b8a4118bbaa2d1a1454b162cf9886ec17e215d12223a65348ab33185861ab1f3166a4a925d25a63def895a5b01deea11bcaf17c79d27a922834a32aa0f8676793c7257e44d3f7768de19292a385a7a4b3fc992abfb9f8f3ada57b83dc7955c0b2edef1a8214dd8ea2cc9679685137dd63f3918020e2e2f38602005a4a6e84422867b9160f65e92e053d0b58191eadcd5a8a69b18e3216ea63df3f31869c81de88fc75a1d9e15cbdf8d68ba50cd8dfa55259aa362c2615ccab13489844d5ed995383e334074f561a4a67e1060e64a818fc96135d34e604cabe3d9195cf1283725c7700e397ecb72fc8b36f38cd0830b19b439101e4b3839c48ddc95367bff87b888407a517f94fbe58a7033db1123c0a0074c730e34ce821e12f43d84d3b4f0310c6ecd8afe7779671d7b825bb3892825c762b86f0ffd182b6aafd477fadf0c7a931cb61e2b05fc11267bf0a9882e7c2f8e84d3480d9e4576cc03f0e1dbfbef9f66840ad37e76da3ff8a419730a0076de67e9b913f03f5b637287d981eafa1223feafb86bcff5b2ce987f6fa8386ee036a3f75fe014ef90b05a744e038c43766b5fd552e66b9b4996f774988d2a70fa0bf05fbc453cc4fd0ab642db1bc71e1b63919f3c49254f177306f9b00af5782c0633d68ecb85f93fc1afd8dee3dd1ca8b0d7ba0ea463de0b6e3e05c080f832e129cec16853923cf15f06d9a38e20a5a6fa5125d03c1b72680547eafd9fdf246af08dcb4d4d746577478fbc72d7a36bb4bd3b5ba4dc5e407babfcd64b8c413d7dd5433d6a4ee17d5b4835a74c81414a9397d73e15ae387f04a5012a37c88b226207aba933d68a67bcd38f5e0fb8b24c4434c3a0109deaef4f9ab1d230ea6a4acd6db0c3962d0de3bb64e33a29af8dcbf39d48a27c1649a66d4aecdce2db60c50bcec31677559369184608db197f2ebed81ca8fbeb9d2f8c486ec9839e765df69ea634f2815e75eac613febfa26012767c28eae207ed9315bf19c42de9602f44f45a9cb9913a67548787a30c9e56f3399ab281c537751a28d98392655a60ceb9f2515772d2f1d5d2843952312e2a59061b60f128def6795e0c8eb7b12a710c1afacc84f498a29d683d1949c17f3aeeb8b9a32eb10bb242d61a2db5902d592224fb8e1e713ef33caaec6f8516333ca4886345555166e91a6469d67f39241d144c6457c0f74c60e662439281a660b3c802eafa5825fab36b764d4753b33920dc72ec4b7136be556c7d0d528eef67049f5a7bd9cc7e4e94a4874ad8d06595ed38a5f1cafff1018c1351d1d7eab144edba6d4f9eeb7924a25b9f7a3eb20984919d9ade66a18c33f92b65031472ca657a724d86053a3fc60fc5502acec81822bc609954e402a406081cfe7931a1adbfc45a3168e30a451561302a131ff702b4d6c5d3603ea9d1b54c64aad93407e078d6b435154236ba594e8d2f798bbdface489b43120bc0bd7e1bcb6658c2c192ccf18f278e9c5bb14dbdf1a4eb3412f9dc64a31abefd79bd7c91bb7297c9f694840a75cae5d3482d15a2d148092a6545972b7f95a23206bda509260bb370a012b744c2bb46b57da12367d35e778b7d7f463fd8230368b5a5636f28e2cddd03c69adc9c913027a726130c95d818fa38ca7ba8421d3fcf0736cd3001ffcf80701cf6d737cc3dd8f905af39fb2806d2f22289d0001c74eb482f4faf0a1863099cc1b236edd1cfa206b21a2ed86affb4e6a3a4dfb54fab46c8c06cd3e370b50e08e1b7a08864269d867eba5fae8a49560e9479209966002c09719ab8ca58702bfb0071d3859df0193a956ed4d8ad19a2c79656c6dd42eb5a44b808df394333683b605ad0cf176bfcfdc89b01317a802cf0ab02fc3673822b55fcfba512792c9e40a150cfae4dcd40b2b12296ba95063a2f50f552b4682c4d461b1efb7555816b5b836ff0319af6935ae5b41e67329a7b21da93c36fcd87cbba1653c0d00077b14cfcba24f891d62219c157b6354300837d211fbcf1881f5e98d6195fb782479e106c072020b56285107e2fd7947bc64ec9a43a0b239c140ec0456685ac3eba988952e641d2eb16cd0132d2bb25576fc6bcd5e29eb9da2d40e8b50776abe5cd7ea45da8442a311977c51755015b3e4995739edef0567a3f169e980addb1705224175372339de904eb952e13f648449722258fa21f7e53f4a1956e8e9a39dbb18c6d2d10d9146358158a0ab7ce3f54120b705e1ccb7a13fb7e9103d0b80faaac31cab07f6d2d9f668c707b5e3bdf259923a1057816a31e8c771267fd974193d90e1a9837a987d9ba52f7af599c1aeed13f6619cc0b334396b750c9017f84cff56c0dfecc12faee59e37cf7d44575bb448abb19616d4fa79f4fdf96631328dd0d0717f12b9587d76b577bbe78eaa7b0acace3b79776b5d2e77942c57745e347ec766170e90cc66a5191bff3ad49d423ba2817cf92be74e653cc6274a20bade324638d57a27f2fea01d4670bc1ad5ec4d006492ff5fa616a0010be824766f12acec9b26a7606cc8453382c3dd1f5f5c85354569123824002c44d0ae4cd2e1ebb4e33e3d7b69fe14e05fb53af9d66f53990a830120cd618cfaa10e5f6deab4ef4522afd380ea52f90b181fd5b538f424900aac643d118c33dbb6ffe0b2428844f51943412d8fda4a327b71c814cd6345b3690a4716f04fc7323ff1af08e82ef5e571c9fb0fa9b22af40948febda32ea14ecf61700eb02967d09bfd078ace6cea259952c0be90fab1ce841f1022d2da82f173c580d43effdb424b1729aa9fe40292c082043a7c901bc76426ef6e3de788db31e50f54458ca4e360bb803b48d5a4be50724c1f48b504b086d9dca3ae74eae76a1849d14a4074f389aba805b793f9662f072405026afc3ef108ede69dbd2c769886dfc75a9a2e093137d92b38e34a050eca73cd3067d56dfd58fedaff2857e720b09d676607a1e8eeeb06b26494cc2b844f5e856271732477f384af839e98889d5c9cc28651f6eb74029f839150f947d180e48776ef1c829509e12016c6d1b717713e6325751a944cd259b1b86b1f5e793cdb55a73784498be09c2cebdd70159c77abc7c64af2e2de1a860a3e9dd8646b7a6866e1891fcf97a2b3ea47c0c57c5fa9a94129c2e27940ab9fe996eb1813d21d48fb6dbc9b8071c50dc26b4ed21588211fc5edb1ca873c70b606678ae7de9c10d2d083f372421a3038c592a38aec69020862f4432ef9ae7f400ed53b44bb58e92b022ac8b62a6b459337af339dc3346a809b715f9974d21e606244d23cf4dcb0956f93c14047243172adc97a1fed868bc49fb57ecc123425a21e94dd5b9d1ff52bc45965a7be2f5ea8218750e2cc8f174fbd2c7811742f5f17fa1f954b8423c403fd2e4e96296e37e0bfe2edd52e8c3b921dac771c61524455b401017ab5f655eca76139557a4a87cc30210b052ae17a5ca8b634322657ea4d87e0da2392c470f8951ac0560a01b4d0befe632ee311d0b87af31465d6cf7854f5738cb5debfa1d7381c74f45eea08c06d4ddc9e811d1a33394a35efdb7121cdf5f1603343df8431c87718a5d4cf3b2e593508d8b63f0d1e82f9ebc40d4022ba06327cc8233f29c0995da512b318bfa212e9582cb880d9bd6a02050a014294ef321bb2c65e4638a4fd2c8c27fd9ac28c9e49cdae6dd9eb05dafb38a4a003a56dba826e386f5fd3ab0d54b92f53ec11c850927fc4c5b669c67505ce59306ad86460b480b711d4b31c512829b7037d1c45b5b84c0be40a038b5e975c57c860476318a22df2e4f90009c38481e519b9511e54dc59e89a6593bc53ae03224466513930c5ed3689793f00be192a58a919db9ad1267962c0ee60327ee710accb0da037610ef8aaff63f6582f691096fbdfb1996abc4443cd4ffe04fcad3608413044b978d86d3a18bdf86fdb70cf7e7bbb0e4db9d36176d0ba8a4cf81369fa84ee55466df70e6d4431a873000c19bb5caff30c01c7f7f928cde86bea5c401e525fb8a938fd016bffd5c9d52b279e867bc64f575b80eec74e7f66fe92aef613636e50c8f32831ab4b7eabbc89ce6d7bbfd03b6b005e0c5ba27268369f5083b2ded32c1f9e8cd73a1daee26cf03dbbf9c476fd0f14935244eb7b544f8db1c19d8a21de7e8a88f540e8949f721f20d7a47cfad3f52d93c11a796fbe9fbe415194193e5c70b33237f70790905816b856c252a30e72c081a8bac6a1c9fd2c372b9f870831d6ba6671fd8684f25e60cc7e3a1a02ed5f1a4fe426373bf61404a68571e93f35659b6c37f939233ca6663603b053c8fc74da84dd971b9319a1260fa2f5d66609962e93f7f33a40b22066b86a74fb38bf1444d025f27f14e922661471ef8ad503e97f8e7dd6b9c9a420885e519e085a1f26f7149b82881908021f601679f79c944549bcb431a7d2b12f75aa54cae39f9caafefc01e7eb589d2eb574937abbe18b419d7d27309acb330293456337cb9d753e08f7b890bbf76c4d6ef548bc3b5965302bc65ab08a2420527c1ad8be374cae7cc858376219d39a7a6d58c478a721678e789bcc317a4d1acbf47870a4802a07ac0332f7fdad7156065de511862c2a076e264138b98e7abd1a2555ef2e1ca44ee68f06725508891051f6bd24479a616606024841c8203744b999868b9f2b3b5e8a42f454d25fcddf8f5569594716a4022c3ac8ba67115b93d8bb50684b0fb100dabca7f6b7e29b723007776435829c6f21223d7a2556766d198c76ab6cce3b6e6da5c4d14a26b7cda1cebe6792ce4c1498fe644fb4408189e472efde923506ea4d18aa3284ec311fa942dfa5d8b939e509a10c69461993cc9d3ace2fef29afee8d0894764ffd82371d5ed363b5968447ad3c0962b86584cc97740d7bc3838ab1c1b0198ea830f122b200722d3c2c8815a2a5f90382e1c58f2348dbd38449e28c67ed85f66ea3e383b91c782a4e77ad4aa538db6d15ab90dd464318ded6fd293a1b0279852335e3c94bcce6f37950fb23d96f84465aeaa8fc2f71ce61a1416e579399c363bb37ded602fbea1ba5de87ab12bc7aeb5c62f026f648ab2babea2517c3ade2828109da58c010e6efef544088ba412ea57d3cd4fad3fd85b17e386ffc8a700664b2604c8a71c011e894ac03a109d9ddbe0b6d625d33d7d16fba5bcbc1ee1cdcfc6a475a23aff414e5b4f83e9d18e10f9e6dc49e518561ad53a110794d2ad9c7fee95a03b632b2acbebac42c996e1b856b2f18a2a3bf7cb0726c10b6aa3ec2d78bebd26e86ecf78b87736017cffa7d654b357be120985c553d11dbc932139ea6e1efdb7ef34598db568e66d42429e414b5903ad6e616ff7faff6ecedec529cf16b280c18dd4c3c8cd5192f625965e15c29104855364565a4a52ac5ff78eb31a6e7602e84226a87364708c2a9fdcf2f66f5dd0951aacb7b6c8f9bd0e534ae44b47799cdb8f683db5a3258d6f1943e04e59b11fbc6f57d16ff150c94a22717c1b483ad064c25f09022cc4ce09e76fed2b2ce84e9a50623f84cb013d00b8ee3fd2eaf1ed84df2b29d3119865f5df8fbb6d7440ec6da33deff5c60f466f91959c0d7c7800937cf59fdc6e2d53e809a6f6754ed545fc71c42a95d198df6329a3f32ecd091e7e643727ee34241b9244ea9a2118ccc6d5b52f8dbd61dbc7a4b65e8a4b0e937669a8a6377022df74ac0d2d42008edfa83a71c2e14c8cb7f3e54612cbe5b64b31371f445ea6235467b339b285bffaad0acd9af5159b84f58a3e0230a7e6f055a016a0737b893e0d1b2dba11de53529c825bea86a455bba90eb4f10ea5425d498c18c0bc643a5bb07491a8b6d89b1c92329aaff3a9cb9302f81100d97b78a09d1f5c512c26409796608b77c969c070f6e55037c97bef2c30ebb373110c2356e0663c0a7010d13f18f9b7b1d4a5de88b110efe433a5dc9dd03ac7621a6de39584de91e9b43c5ef4cb435eeb45b8865540355030acddeaf451a453a0b0a76cb064ea1e939dc5491f2c591973c741cf1f73ef4451a1b43ed9d9e0c7b126b869e7cd326900a470dc08a15fb176346f7431dadd6b820ec10cba33d7097ebac9c1ff147fe39d9cedad2828facd8c37cb22a8b7d55b63170f55ccf45fc25715d00e7eb7c3f32c5a7dce02bb07073daa170caa4813b2102648cf6a5bc9ae5ef3fc4c6240447190340469cea21650f79f5ff0ab60e6fa8a30a45f29ca7f4356c275ef4dad63b07f73cc672d26091db75eff3e19b51272b0b786609333f6580a3ad3c83673df3776d04cd05fa86b7b8066076b71377580d8b226d9daec174cf2a62ffd48259ca04821e949021b3f540b5268c794a5314de9cb143dafce0575c06750f0c125b507bf39bf0abfc25b9bc39ddbc4450f0f3a70c312905a5c2d11f7b39a3cb0fd08be6f8b74c5d74fdfb0477c942caac42ae596e0aa36db5f10e1571231ebfc327e5a6111eb2f2a0e1be0b0752018973500f1b7c832cf36078c24717f66983bb72649829af53389e89694bce146f8cb358d7922ba07dfa9da6fbd65b7f5159010b1bc6847967b9eeef7c6db90f48b1c1a7ab63481809111b2876c73c375064bdca8064ee8d6d7b3817db8f5dc82709c586afea5850f415ca7641b5e6f45ff93b9dbc2f62c40c47dbe61a069d88e3664c8dfc9be2b35f8896e6d5c8a35b864b50d50364d3cec828a4f7dcff3cb314c9f7ab03c93e1fd8c5bfa2c303d76cb0954b401927a000babc400497d3f3a37c1f7a685ecc12b28db4b9b75debccfb132a4bb3b19ba91a441a94403eef6ad8222edd1dcecf215580296020731cab55029a189561499d34faef21eadfc370f98872c2192aef73f0cdf80de61cc9157d1e08d7153a49f7d1151fb9f110febc34e760c1afb87eb36c9df1d6aa047cb655b3ec5fdae8e2d93861070f98bd5f1c53c26f07d7c43cb295440af75e87671a552e39f9bfe1853222eb8ba0c8013944ee61dbe21281b1d4e3ea3dc0353d4ded5db0128504b97491353120c63bea1c5656be047a77bebe93efbab10375cb0946624e076a93a6ffdc284f4aa9fcf54ebda3653d5abf7da76f19c165d0982d48279ba8ee9f33b2fb060491aa26517e39f2cb4d4ce7726b249f070aeefca6843a813026e45c6ddfccd1e0b8883a7170644c43b227a2a3c03cbd17b8f3dc0910685169ada487a72251eeb6e6a1dd5661294337cf4cee2d74fdfbe00ff6d07847e63880059bcd12951e8b649cca1dc6a355a7d2c26ef8cabd467b21d6bbe28b108b385ffff7304d96b03500c912efd2af7c45f81f5f2f0e3357ec7da616f81ead2f823a128696ec7dd65a6587e5ecb56a8fba1bdea28909da5e085e164b046310182fad711d4e46abaa61281c88c729810c615ce9636b5c96e4150e2fcec6c111469ba8b0c010963d4338fba8a8a080e384198e1410af15f7ee18e5396b721fc331860e072207da236b35dd94fa7dab288a114ea46e754f1d0b4bfa1a5b216706652e52c489e9a3a1cee8ab4fe5d416ac22c2649673715909c27f31684f6e103913bfd28e02fca507940b86405cebb8084d1c6532a5508b716070c67ba544a1593895f4cc1a8d075415feb69d50fb674c3a89b59f80032cdfa8d1181856817bb16f50bafd0e21aa656661bf3b6bfc207a7a645a8edc15ff1cb706b6292a3263ef5ad1479338f59058d08ce76dc801d8e11e280badd5a0c0dcf1c6285d95cc087e7f0dd823b6b7c353d22f1e7ed03c1461cc4c170e33cd06c45f17fe1af233cca638611449493d533f701d77163f6784202d995e17b797d4d2f0d87d05a00728e8fdda47c70ecf919a2a110371da3474580720e8eae934888cf84f1f1a5530baf815e7c16129732ec4af417c1be0970b845dbced563f00a86135bda35c525aa020f285116b00071858e6eacf7b124b635ff7b62410e8c27a4c76adcdec10f5180130e8c554d2d8038677650171a2f6c3da4c04e340b48df92cf41d08a499f680a2cd6ab099fcede2f8b1888aa052c7f2dffdb203e19fb1e2e6237e19b218740c89cce311ff168437500a6eec570780938c3291a19482656a8d53b19bde3d4148bf1a9f2ea67ae835df675662f27b5b6f5e2652d0471c81740acef306d9605b4ca09a2c4c0f3f8063b6fa5fe01109c5e348eb318074785771ab2cedc48d0f5e15b3a368ace5aea415aa2d566063f25571b7a218b9e95117aaf0a389284e763e448c88b49205392fe032ed206ca8e27fb1c65a72d125cc860913dabe714be1a2a85120066cad66d53dec9a30664bfdd33e25398199211b15fe0770cb243bee320e95e506be4617c3e5e6825342c769bc1da3127f8d34c922f60ed2727f5d9209fc28099ec86c29572fc7159f6ced79b0a2a2653100230a55f7a578e2f1d90f6301069ed04106de45b976f2aabe769ed17d59a53116b74fa2f598c0d1e9919ca8d9cc21265ebc218ab9808b094eebd9a48d8349cf3faeaaa7c8ddb07f6eb874f70cdfafe050de69c6e7da6c8d2f71d581d6c604f4bb29243e9d1bbcb0890b436cb43d1a33c4b96a08af4137135a8c8fe74034dcaf1581856f800771", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x78}, 0x0, 0x0, 0x0, 0x0, 0x0})
preadv(r3, &(0x7f0000000000)=[{&(0x7f0000000600)=""/194, 0xc2}], 0x1, 0x0, 0x0)

276.101367ms ago: executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001860000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180000000000e52e000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_INIT(r3, &(0x7f0000000380)={0x50}, 0x50)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f00000002c0)='./file0/file0\x00', 0x0)

257.13401ms ago: executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000080)={0x18}, 0x18)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000022d900060000000077f2ab26850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x2c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4}, 0x10)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f0000000400)={0x30}, 0x30)
mount$9p_fd(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

186.671431ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000000), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='ext4_es_find_extent_range_enter\x00', r1}, 0x10)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)

183.124041ms ago: executing program 4:
socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="12013f00000000407f04ffff00000000000109022d000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r2, 0xc018480b, &(0x7f00000000c0)={0x2, 0xffffffff, 0x0, 0x0, 0x400000})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='ext4_ext_rm_leaf\x00'}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})

172.786833ms ago: executing program 3:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
timer_create(0x0, 0x0, &(0x7f0000000040))
timer_delete(0x0)

160.145665ms ago: executing program 0:
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000001540)=ANY=[@ANYBLOB="6261636b67726f756e645f67633d73796e632c6163746976655f6c6f67733d322c6e6f71756f74612c6e6f71756f74612c6e6f696e6c696e655f78617474722c64697361626c655f6578745f6964656e746966792c6a71666d743d76667376312c6673796e635f6d6f64653d7374726963742c6772706a71756f74613d272c6a71666d743d76667376302c696e6c696e655f78617474722c00a3d783e0bf6d79bc2fa16e7f"], 0x1, 0x551a, &(0x7f0000005a40)="$eJzs3M9rI+UbAPAn7XZ/f/dbxIO3HViEFjZh0x+L3qru4g/sUlY9eNI0SUN2k0xp0rT25MGjePA/EQVPHv0bPHj2Jh4Ub0IlM1PdqgtC08RtPx+YPPO+efPM84Zl4ZkpCeDcmk9+/bkUN+JKRMxGxPWI7LxUHJm1PLwQETcjYuaJo1TM/zFxMSKuRsSNUfI8Z6l46/Pbw1urP731yzffXbpw7Yuvv5/eroFpezEiutv5+V43j2krj4+K+dqwncXuyrCI+Rvdx8U4zeNeczPLsFc7WlfL4nIrX59u7/ZHcatTq49iq72VzW/38gv2h62jPNkHHtV2snGjuZnFdj/NYusgr2v/IP+/7aA/yPM0inwfZeljMDiK+Xxzv5nvZ/txFuu9QTGf500bzf1RHBaxuFzU004jq2PzJN/0f9vb7d7ufjJs7vTbaS9ZrVRfqlTvlqs7aaM5aK6Ua93G3ZVkodUZLSsPmrXuWitNW51mpZ52F5OFVr1erlaThXvNzXatl1SrleXKnfLqYnF2O3n9wXtJp5EsjOKr7d7uoN3pJ1vpTpJ/YjFZqiy/vJjcqibvrG8kGw/v31/feDfuvf/glfU3XysW/a2sZGHpztJSuXqnvFRdPIP7/+Ap+/+kKHqM+4cTKU27AIBnj/4fmIbT6/93HsbhYTZ/mv1/6P/HYlz97+Ek+t/z3v+fwv7hRPT/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1g9zX76Rnczn42vF/P+KqeeKcSkiZiLi8B/MxsVjOWeLPHNPWT/3lxq+LUWWYXSNS8VxNSLWiuO3/5/2twAAAABn11cf3/ws79bzl/lpF8Qk5TdtZq5/OKZ8pYiYm/9xTNlmRi/PjylZ9u/7QuyPKVt2A+vymJLlt9wujCvbvzJ7LFx+IpTyMDPRcgAAgIk43glMtgsBAABgkj6ddgFMRymOHmUePQvO/vL+zweCV46NAAAAgGdQadoFAAAAAKcu6//9/h8AAACcbfnv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/M7O/dyoDURxAH62cSD/FBTlnla4QRkpIcccIwpIE5RAWkgD1EBuKSGCFR4vWlbsaiWP7d3V90kwjAU/ZhA+zBtpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjT33q7+v3z66+uOYdjN3lmAwAAAFyzr7er5sU89d+31z+2lz63/SIiyoi4tnav4s1FZtXm1A+8v743hj8RTcLpO6bt411ELKqIRUT8/9T3rwAAAACv1269WabVenqajz0ghpSKNuWHb5nyioio5/8ypZWnvC+Zwpr/9yR+ZEprClizTGGp5DbJlfYkze1+rtrN7jRFasrHP59t7gAAwICqi2bYVQgAAABD+j72ABhHEbdbmeetwGlq2u29txc9AAAA4AUqxh4AAAAA0Ltm/f+sz/8L5/8BAABAV+n8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPq0r7er3Xqz7JpzOHaTZzYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3LA/7ygQAmEQBnvXdyZz/8NKg6amJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb373l/8TU+NMMvfaWHoeSdZOja1TY+/cOPrD+Po1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAX/e6X/xNT40wyd9pYOh5J1q4aW1eNvQeNowfj7d8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxc4dvMZRhQEAfzOzs7FVMUbZQ0QUPOjFptva2pt4UIIH/wQhpNsauyrWHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU8eFp5szPJNC04VpzZZn8/ePu+HV7mfW82hHzzJgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMrk3YM4iy/Lszgtj926f20z9rcP9dGN3TurscU4aTPpJ8PL9TfJoLtEAAAAWBxZVd+HEO7me+uxT5eL+j+vxsSa//tnZ3FVzx+u+6u+qv1j++3Xey/uT7Q8myee9MLWeHTy4VR6/98q59tz/ziiV1z54t5LVnwg6Qc7L0zy4nom3968+V6/CJfayBYAeBwnqr4Mqt+HYj/sMjEAFkavVnhX9X+23G1OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG2Y7ISnqzgJIaz2DuLo9v1rm4/qb+zeWa3a2evXd+vnjKfIQwgXtsajky2uZd59eeXqpY3xeHS5/eCVEEJXs79TLv/SRw0Gh9DJ9REcCpJeCI/z5Wn5Yc/HKjoN+vF7vtngDn8oAQBwJOVli3X93XxvPR5LVkKY/vBg/f96LQ4N6/97H5+9VZ+rXv8PW1thh5aaDVvb/ms6nV65+ubWpxsXRxdHn711avj28PS5M2fOrRX3StbcMQEAAOC/6ZetXv+nKw/v/x+vxaFh/f/Fd8Ov63Nli1b/N3Sw6dd1JgAAAIvt+Vf//CN5xPGk3w9fbWxvXx7OXvffn5q9dpDqv7ZUtnr9n610nRUAAADQhslO8sD+//laHBru/z/z40s/18+ZhRCOlfv/JzY/H59vbzlzrY2/Pe56jQAAAHTrWNnq+/958fx/uv/IQxpCeOO1WVz+G8BG9X/2/jc/1eeqP/9/ur0lzqV0MLseRT8IoTfoOiMAAACOsqfKFov93/O99U9+Of5h3/P/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG37OwAA//9HAD8Z")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000002900)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})
ftruncate(r1, 0x0)

143.953117ms ago: executing program 3:
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=@framed={{}, [@map_idx_val, @tail_call, @printk={@ld}, @initr0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10)
timer_create(0xfffffffffffffffc, &(0x7f0000000040)={0x0, 0x12}, &(0x7f0000001400))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)

92.145815ms ago: executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000040)=0x20800)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000180)=0xe7e)

86.092146ms ago: executing program 3:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f0000000040)='syzkaller\x00', 0x5, 0xc0, &(0x7f00000020c0)=""/192}, 0x80)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth0\x00', <r2=>0x0})
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, r2, 0x25, 0x4, @val=@tcx={@prog_fd}}, 0x40)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000000000000000000000000001800000008000000000000006e14000095"], &(0x7f0000000040)='syzkaller\x00', 0x5, 0xc0, &(0x7f00000020c0)=""/192}, 0x80)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r3, r4}, 0x5)

75.935238ms ago: executing program 2:
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = dup(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000002240)='9p_client_req\x00', r6}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})

61.18097ms ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000080850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
munlock(&(0x7f0000fde000/0x1000)=nil, 0x1000)

47.018043ms ago: executing program 3:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x204092, &(0x7f0000000000), 0x6, 0x50d, &(0x7f00000006c0)="$eJzs3U1vI3cZAPBnHLubbQNOWw6lEtvQF2URrJM0fYk4lEbi5VQJUe7ZkDhRFCdeJU67iVaQfgIQqgCJC5y4IPEBkFA/AkKqBDcOnEAVZOmBCzIae9xNHDs4Wsezm/x+0mT+8//Hfp7HiSfzFk8AV9ZURLwdEWMR8UpElLP+QjbFYXtKv+/+0b2VdEqi2Xz3n0kkWV/3cz6VPSz1ve9E/CA5HXd3/2BzuVar7pzsPri1sbW8Xl2vbs/Pz72x8ObC6wuzA1aSFM8afToi3vrmpz/78W++/dYfvvb+35b+cfOHaVq3s/FedQxDu/RSjJ9YvjzS35tiq0IAAB4Hz0bEMxHxYkR8JcoxFmduRgMAAACPoeY3Jq51mgAAAMDlVIiIiUgKlex634koFCqV9jW8X4gnC7X6buOra/W97dV0LGIySoW1jVp1NrtWeDJKSbo812o/WH61a3k+uwb3w/L1dLk1BgAAAIzGYtf+/6fl9v4/AAAAcMn0Phk/NvI8AAAAgIvjYnwAAAC4/Oz/AwAAwKX23XfeSafm/aN7rfsArL63v7dZf+/WanV3s7K1t1JZqe/cqazX6+u1amWA/wio1et3XovtvbszjeJuY2Z3/2Bpq7633Vhq3dd7qfrMCGoCAAAATnr6hY/+kkTE4devt6bUE9lYKdfMgEdIUuzquP3lnDIBhuLcH/IztXcxiQAj1/03Hbg67OMDSXdH14bBeL9NhT92d9z4v7FscwAAQD6mv+j8P1xVhbwTAHLzk7wTAHIz8LH4qYvNAxi9ktv8wZV36vx/l/F+A6fO//fTbJ4rIQAAYOgm2rPDyM4FTkShUKl8dlowWduoVWcj4vMR8edy6Vq6PJdjvgAAAAAAAAAAAAAAAAAAAAAAAADwOGo2k2gCAAAAl1pE4e9Jdv+v6fLLE93HB55I/lNuzSPi/V+++/O7y43Gzlza/6/P+hu/yPpfzeMIBgAAAFxFpTNHO/vpnf14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABim+0f3VjrTKON+shjXY7JX/GKMt+bjUYqIJ/+dRPHY45KIGBtC/MMPIuK5XvGTNK2YzLLojl+IiOs5x39qCPHhKvtoMSLe7vX+K8RUa977/VfMpof1yWLrTd4zfmf9N9Zn/fe5AWM8//HvZvrG/yDi+WLv9U8nftIn/ksDxr/9/YODfmPNX0dM9/z7k7RnhewbG1t3Znb3D25tbC2vV9er2/Pzc28svLnw+sLszNpGrZp97Rnjp1/6/eGHfetvBzgev1PnZDvDH/Wr/+UB6//vx3ePnm03S6fjR9x8qffP/7nWvPfrn/5OvJK9POn4dKd92G4fd+O3f7rRL7c0/mqf17/98y83H8Qvnqj/5mDlH6/5V4M9BAC4SLv7B5vLtVp1ZwSNF18b3hMmrUa6FTSi5PNudA52PCr5jOcT/VrkW/u3Hvp5OpvDD/M8fx1aXek+Q++hHFdKAADAhXiw0Z93JgAAAAAAAAAAAAAAAAAAAHB1tf7/f+ycHwT4wvk+aaw75mE+pQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnOl/AQAA//9DhsFC")
mount(0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000001080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x21408, 0x0, 0x3, 0x0, &(0x7f0000006380))
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
symlinkat(&(0x7f00000001c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file6\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)

35.425594ms ago: executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10)
r2 = dup(r0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@ipv4_newrule={0x1c, 0x20, 0x4}, 0x1c}}, 0x0)

16.421138ms ago: executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001860000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180000000000e52e000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_INIT(r3, &(0x7f0000000380)={0x50}, 0x50)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f00000002c0)='./file0/file0\x00', 0x0)

0s ago: executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x5, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
statx(r0, &(0x7f00000008c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x100, 0x400, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresgid(&(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600)=<r6=>0x0)
chown(&(0x7f0000000280)='./file0\x00', r5, r6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x90)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r7 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000040)={@private2, 0x0, 0x0, 0x2, 0x1}, 0x20)
r8 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r9 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r9, &(0x7f0000000740)=[{&(0x7f0000000300)=""/49, 0x31}], 0x1, 0xfffffffe, 0x0)
renameat2(r0, &(0x7f0000000640)='./file0\x00', r0, &(0x7f0000000680)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x7)
socket(0x0, 0x3, 0x0)

kernel console output (not intermixed with test programs):

ONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  951.150332][T28018] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  951.171325][ T5363] syz-executor.0[5363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  951.173690][T28018] usb 4-1: USB disconnect, device number 72
[  951.290420][  T314] usbhid 1-1:0.0: can't add hid device: -71
[  951.296533][  T314] usbhid: probe of 1-1:0.0 failed with error -71
[  951.304679][  T314] usb 1-1: USB disconnect, device number 73
[  951.824670][T32206] device bridge_slave_1 left promiscuous mode
[  951.864517][T32206] bridge0: port 2(bridge_slave_1) entered disabled state
[  951.949394][T32206] device bridge_slave_0 left promiscuous mode
[  951.955600][T32206] bridge0: port 1(bridge_slave_0) entered disabled state
[  952.182079][ T5427] loop0: detected capacity change from 0 to 512
[  952.231597][ T5427] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  952.243859][ T5427] EXT4-fs (loop0): 1 orphan inode deleted
[  952.249692][ T5427] EXT4-fs (loop0): 1 truncate cleaned up
[  952.255319][ T5427] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[  952.380256][   T20] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  952.770441][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  952.781833][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  952.791441][   T20] usb 4-1: New USB device found, idVendor=0458, idProduct=5019, bcdDevice= 0.00
[  952.800357][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  952.802807][ T5453] loop0: detected capacity change from 0 to 256
[  952.810605][   T20] usb 4-1: config 0 descriptor??
[  952.841634][ T5453] exfat: Deprecated parameter 'utf8'
[  952.846987][ T5453] exfat: Deprecated parameter 'utf8'
[  952.855288][ T5453] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  952.890336][  T314] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  953.140702][  T314] usb 3-1: Using ep0 maxpacket: 8
[  953.196756][ T5456] bridge0: port 1(bridge_slave_0) entered blocking state
[  953.203883][ T5456] bridge0: port 1(bridge_slave_0) entered disabled state
[  953.211542][ T5456] device bridge_slave_0 entered promiscuous mode
[  953.220446][ T5456] bridge0: port 2(bridge_slave_1) entered blocking state
[  953.227387][ T5456] bridge0: port 2(bridge_slave_1) entered disabled state
[  953.234712][ T5456] device bridge_slave_1 entered promiscuous mode
[  953.287685][ T5456] bridge0: port 2(bridge_slave_1) entered blocking state
[  953.295487][ T5456] bridge0: port 2(bridge_slave_1) entered forwarding state
[  953.300306][  T314] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  953.302742][ T5456] bridge0: port 1(bridge_slave_0) entered blocking state
[  953.312202][  T314] usb 3-1: config 1 has no interface number 1
[  953.318808][ T5456] bridge0: port 1(bridge_slave_0) entered forwarding state
[  953.320666][   T20] kye 0003:0458:5019.0096: unknown main item tag 0x0
[  953.325749][  T314] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  953.332241][   T20] kye 0003:0458:5019.0096: unknown main item tag 0x0
[  953.356552][   T20] kye 0003:0458:5019.0096: unknown main item tag 0x0
[  953.363861][   T20] kye 0003:0458:5019.0096: hidraw0: USB HID v0.00 Device [HID 0458:5019] on usb-dummy_hcd.3-1/input0
[  953.374595][   T20] kye 0003:0458:5019.0096: tablet-enabling feature report not found
[  953.382434][   T20] kye 0003:0458:5019.0096: tablet enabling failed
[  953.420061][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  953.428361][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[  953.435969][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[  953.456606][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  953.467379][ T1116] bridge0: port 1(bridge_slave_0) entered blocking state
[  953.474264][ T1116] bridge0: port 1(bridge_slave_0) entered forwarding state
[  953.481677][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  953.491886][ T1116] bridge0: port 2(bridge_slave_1) entered blocking state
[  953.498993][ T1116] bridge0: port 2(bridge_slave_1) entered forwarding state
[  953.506576][  T314] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  953.518447][  T314] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  953.526547][  T314] usb 3-1: Product: syz
[  953.530602][  T314] usb 3-1: Manufacturer: syz
[  953.535026][  T314] usb 3-1: SerialNumber: syz
[  953.547236][  T337] usb 4-1: USB disconnect, device number 73
[  953.562039][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  953.569922][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  953.587965][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  953.598382][ T5456] device veth0_vlan entered promiscuous mode
[  953.605933][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  953.618256][ T5456] device veth1_macvtap entered promiscuous mode
[  953.625418][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  953.634276][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  953.642391][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  953.658369][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  953.666558][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  953.675111][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  953.683355][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  953.731655][    T8] device bridge_slave_1 left promiscuous mode
[  953.738036][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  953.746574][    T8] device bridge_slave_0 left promiscuous mode
[  953.753164][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  953.761376][    T8] device veth1_macvtap left promiscuous mode
[  953.767447][    T8] device veth0_vlan left promiscuous mode
[  953.991192][  T314] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  954.042799][  T314] usb 3-1: USB disconnect, device number 47
[  954.164707][ T5505] 8021q: VLANs not supported on lo
[  954.485062][ T5525] device wg2 entered promiscuous mode
[  954.713758][ T5536] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  954.727958][ T5538] 8021q: VLANs not supported on lo
[  955.182758][ T5573] xt_TPROXY: Can be used only with -p tcp or -p udp
[  955.355595][   T30] audit: type=1326 audit(955.329:40995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba43a25ea9 code=0x7ffc0000
[  955.440830][   T30] audit: type=1326 audit(955.359:40996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba43a25ea9 code=0x7ffc0000
[  955.618635][   T30] audit: type=1326 audit(955.359:40997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba43a25ea9 code=0x7ffc0000
[  955.643411][   T30] audit: type=1326 audit(955.359:40998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba43a25ea9 code=0x7ffc0000
[  955.673184][   T30] audit: type=1326 audit(955.369:40999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba43a25ea9 code=0x7ffc0000
[  955.699485][   T30] audit: type=1326 audit(955.369:41000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fba43a23627 code=0x7ffc0000
[  955.730824][   T30] audit: type=1326 audit(955.369:41001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fba439e9309 code=0x7ffc0000
[  955.777532][ T5617] loop1: detected capacity change from 0 to 8192
[  955.803588][   T30] audit: type=1326 audit(955.369:41002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fba43a25ea9 code=0x7ffc0000
[  955.856890][ T5617] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  955.920587][ T5628] device wg2 entered promiscuous mode
[  956.050596][   T30] audit: type=1326 audit(955.369:41003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fba43a23627 code=0x7ffc0000
[  956.075769][   T30] audit: type=1326 audit(955.369:41004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fba439e9309 code=0x7ffc0000
[  956.127274][ T5632] loop3: detected capacity change from 0 to 512
[  956.151182][ T5638] loop1: detected capacity change from 0 to 256
[  956.156456][ T5632] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  956.164546][ T5632] EXT4-fs (loop3): Test dummy encryption mode enabled
[  956.171451][ T5632] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  956.190497][ T5632] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a064e01c, mo2=0002]
[  956.198303][ T5632] System zones: 1-12
[  956.209654][ T5632] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz-executor.3: casefold flag without casefold feature
[  956.225412][ T5632] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.3: missing EA_INODE flag
[  956.238392][ T5632] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 12 err=-117
[  956.258525][ T5632] EXT4-fs (loop3): 1 orphan inode deleted
[  956.264200][ T5647] loop0: detected capacity change from 0 to 256
[  956.264792][ T5632] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,abort,max_dir_size_kb=0x0000000000009c7c,debug,mblk_io_submit,errors=continue,test_dummy_encryption,prjquota,nodiscard,,errors=continue. Quota mode: writeback.
[  956.313618][ T5647] exfat: Deprecated parameter 'utf8'
[  956.323741][ T5647] exfat: Deprecated parameter 'utf8'
[  956.333410][ T5647] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  956.440062][ T5661] loop4: detected capacity change from 0 to 8192
[  956.462387][ T5661] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  956.531539][ T5669] bridge0: port 1(bridge_slave_0) entered blocking state
[  956.538699][ T5669] bridge0: port 1(bridge_slave_0) entered disabled state
[  956.547614][ T5669] device bridge_slave_0 entered promiscuous mode
[  956.562307][ T5669] bridge0: port 2(bridge_slave_1) entered blocking state
[  956.569209][ T5669] bridge0: port 2(bridge_slave_1) entered disabled state
[  956.576596][ T5669] device bridge_slave_1 entered promiscuous mode
[  956.670446][ T5669] bridge0: port 2(bridge_slave_1) entered blocking state
[  956.677452][ T5669] bridge0: port 2(bridge_slave_1) entered forwarding state
[  956.684540][ T5669] bridge0: port 1(bridge_slave_0) entered blocking state
[  956.691505][ T5669] bridge0: port 1(bridge_slave_0) entered forwarding state
[  956.726788][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  956.735329][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[  956.743786][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[  956.749905][ T5679] loop3: detected capacity change from 0 to 8192
[  956.766542][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  956.777793][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  956.787095][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[  956.793978][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  956.802321][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  956.815134][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  956.837357][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  956.844253][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  956.883257][ T5681] device wg2 entered promiscuous mode
[  956.941157][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  956.949920][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  956.958064][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  956.966678][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  956.975146][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  956.984087][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  957.000583][ T5669] device veth0_vlan entered promiscuous mode
[  957.007791][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  957.016139][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  957.034725][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  957.042801][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  957.051234][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  957.059998][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  957.077686][ T5669] device veth1_macvtap entered promiscuous mode
[  957.091844][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  957.106353][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  957.115087][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  957.129157][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  957.138109][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  957.207430][T32206] device bridge_slave_1 left promiscuous mode
[  957.214314][T32206] bridge0: port 2(bridge_slave_1) entered disabled state
[  957.222976][T32206] device bridge_slave_0 left promiscuous mode
[  957.229874][T32206] bridge0: port 1(bridge_slave_0) entered disabled state
[  957.239670][ T5697] SELinux: security_context_str_to_sid(s) failed for (dev ?, type ?) errno=-22
[  957.249447][T32206] device veth1_macvtap left promiscuous mode
[  957.255623][T32206] device veth0_vlan left promiscuous mode
[  957.264354][ T5697] SELinux: security_context_str_to_sid(s) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  957.565066][ T5718] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  957.574700][ T5718] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  957.585865][ T5718] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  957.589298][ T5722] syz-executor.1[5722] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  957.595221][ T5722] syz-executor.1[5722] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  957.595417][ T5718] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  957.629226][ T5718] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  957.646445][ T5718] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  957.670087][ T5718] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  957.692271][ T5718] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  957.706104][ T5718] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  957.706172][ T5729] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22
[  957.715623][ T5718] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  957.747097][ T5729] SELinux: security_context_str_to_sid(staff_u) failed for (dev sda1, type ext4) errno=-22
[  957.795616][ T5740] incfs: Unexpected inode type
[  957.807165][ T5744] loop3: detected capacity change from 0 to 256
[  957.825967][ T5376] ------------[ cut here ]------------
[  957.837302][ T5376] WARNING: CPU: 1 PID: 5376 at fs/overlayfs/util.c:470 ovl_dir_modified+0x1a5/0x1e0
[  957.854938][ T5718] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5718 comm=syz-executor.0
[  957.867677][ T5376] Modules linked in:
[  957.873117][ T5376] CPU: 1 PID: 5376 Comm: syz-executor.4 Tainted: G        W         5.15.149-syzkaller-00165-g85445b5a2107 #0
[  957.885358][ T5718] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=5718 comm=syz-executor.0
[  957.898571][ T5376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  957.923374][ T5376] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0
[  957.928884][ T5376] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 f2 b8 9f ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 6b 7f 5d ff <0f> 0b e9 06 ff ff ff e8 5f 7f 5d ff 0f 0b e9 3d ff ff ff 44 89 e1
[  957.964612][ T5376] RSP: 0018:ffffc90000d17b60 EFLAGS: 00010293
[  957.975388][ T5376] RAX: ffffffff8212b7f5 RBX: 0000000000000000 RCX: ffff88811302e2c0
[  957.983294][ T5376] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  958.000361][ T5376] RBP: ffffc90000d17b90 R08: ffffffff8212b6f4 R09: ffffed102616aed3
[  958.008952][ T5376] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811c512000
[  958.017820][ T5376] R13: ffff88811c512030 R14: 1ffff110238a2406 R15: ffff888130b575f0
[  958.025784][ T5376] FS:  0000555556d5a480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  958.041894][ T5376] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  958.048433][ T5376] CR2: 0000555556fb3818 CR3: 0000000129a62000 CR4: 00000000003506a0
[  958.062124][ T5376] Call Trace:
[  958.068491][ T5376]  <TASK>
[  958.074886][ T5376]  ? show_regs+0x58/0x60
[  958.079162][ T5376]  ? __warn+0x160/0x2f0
[  958.083251][ T5376]  ? ovl_dir_modified+0x1a5/0x1e0
[  958.088086][ T5376]  ? report_bug+0x3d9/0x5b0
[  958.093818][ T5376]  ? ovl_dir_modified+0x1a5/0x1e0
[  958.093944][ T5762] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22
[  958.098752][ T5376]  ? handle_bug+0x41/0x70
[  958.109676][ T5762] SELinux: security_context_str_to_sid(staff_u) failed for (dev sda1, type ext4) errno=-22
[  958.112818][ T5376]  ? exc_invalid_op+0x1b/0x50
[  958.126498][ T5376]  ? asm_exc_invalid_op+0x1b/0x20
[  958.131730][ T5376]  ? ovl_dir_modified+0xa4/0x1e0
[  958.136582][ T5376]  ? ovl_dir_modified+0x1a5/0x1e0
[  958.142931][ T5376]  ? ovl_dir_modified+0x1a5/0x1e0
[  958.149306][ T5376]  ovl_do_remove+0x64c/0xa30
[  958.155472][ T5376]  ? ovl_set_redirect+0x690/0x690
[  958.164801][ T5376]  ? selinux_inode_rmdir+0x22/0x30
[  958.171515][ T5376]  ovl_rmdir+0x1a/0x20
[  958.175507][ T5376]  vfs_rmdir+0x324/0x470
[  958.179483][ T5376]  incfs_kill_sb+0x113/0x230
[  958.184006][ T5376]  deactivate_locked_super+0xad/0x110
[  958.189227][ T5376]  deactivate_super+0xbe/0xf0
[  958.196982][ T5376]  cleanup_mnt+0x45c/0x510
[  958.201558][ T5376]  __cleanup_mnt+0x19/0x20
[  958.205878][ T5376]  task_work_run+0x129/0x190
[  958.210799][ T5376]  exit_to_user_mode_loop+0xc4/0xe0
[  958.215842][ T5376]  exit_to_user_mode_prepare+0x5a/0xa0
[  958.222187][ T5376]  syscall_exit_to_user_mode+0x26/0x160
[  958.226088][ T5774] loop0: detected capacity change from 0 to 2048
[  958.242437][ T5376]  do_syscall_64+0x49/0xb0
[  958.246696][ T5376]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  958.252565][ T5376] RIP: 0033:0x7f41c8f251d7
[  958.256902][ T5376] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[  958.276586][ T5376] RSP: 002b:00007fff2c4851b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  958.286467][ T5376] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f41c8f251d7
[  958.295315][ T5376] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff2c485270
[  958.309604][ T5376] RBP: 00007fff2c485270 R08: 0000000000000000 R09: 0000000000000000
[  958.317153][ T5774] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  958.317901][ T5376] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff2c486320
[  958.334874][ T5774] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 234: padding at end of block bitmap is not set
[  958.351498][ T5376] R13: 00007f41c8f80636 R14: 00000000000e9d2a R15: 0000000000000008
[  958.359303][ T5376]  </TASK>
[  958.366505][ T5376] ---[ end trace 4db6d66001ec901c ]---
[  958.372515][ T5376] ------------[ cut here ]------------
[  958.377888][ T5376] WARNING: CPU: 0 PID: 5376 at fs/overlayfs/util.c:470 ovl_dir_modified+0x1a5/0x1e0
[  958.387235][ T5376] Modules linked in:
[  958.391311][ T5376] CPU: 0 PID: 5376 Comm: syz-executor.4 Tainted: G        W         5.15.149-syzkaller-00165-g85445b5a2107 #0
[  958.403019][ T5376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  958.413402][ T5376] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0
[  958.419166][ T5376] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 f2 b8 9f ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 6b 7f 5d ff <0f> 0b e9 06 ff ff ff e8 5f 7f 5d ff 0f 0b e9 3d ff ff ff 44 89 e1
[  958.438956][ T5376] RSP: 0018:ffffc90000d17b60 EFLAGS: 00010293
[  958.448270][ T5376] RAX: ffffffff8212b7f5 RBX: 0000000000000000 RCX: ffff88811302e2c0
[  958.456445][ T5376] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  958.464630][ T5376] RBP: ffffc90000d17b90 R08: ffffffff8212b6f4 R09: ffffed102616aed3
[  958.473596][ T5376] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811c512000
[  958.481454][ T5376] R13: ffff88811c512030 R14: 1ffff110238a2406 R15: ffff888130b575f0
[  958.489288][ T5376] FS:  0000555556d5a480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  958.498321][ T5376] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  958.505031][ T5376] CR2: 0000001b2da24000 CR3: 0000000129a62000 CR4: 00000000003506b0
[  958.514542][ T5376] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000001d17
[  958.537947][ T5376] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  958.546235][ T5376] Call Trace:
[  958.550039][ T5376]  <TASK>
[  958.552889][ T5376]  ? show_regs+0x58/0x60
[  958.556975][ T5376]  ? __warn+0x160/0x2f0
[  958.561063][ T5376]  ? ovl_dir_modified+0x1a5/0x1e0
[  958.566124][ T5376]  ? report_bug+0x3d9/0x5b0
[  958.570529][ T5376]  ? ovl_dir_modified+0x1a5/0x1e0
[  958.575425][ T5376]  ? handle_bug+0x41/0x70
[  958.579581][ T5376]  ? exc_invalid_op+0x1b/0x50
[  958.584113][ T5376]  ? asm_exc_invalid_op+0x1b/0x20
[  958.589299][ T5376]  ? ovl_dir_modified+0xa4/0x1e0
[  958.594136][ T5376]  ? ovl_dir_modified+0x1a5/0x1e0
[  958.598979][ T5376]  ? ovl_dir_modified+0x1a5/0x1e0
[  958.677779][ T5376]  ovl_do_remove+0x64c/0xa30
[  958.682771][ T5376]  ? ovl_set_redirect+0x690/0x690
[  958.687792][ T5376]  ? selinux_inode_rmdir+0x22/0x30
[  958.693084][ T5376]  ovl_rmdir+0x1a/0x20
[  958.697141][ T5376]  vfs_rmdir+0x324/0x470
[  958.701448][ T5376]  incfs_kill_sb+0x1b4/0x230
[  958.706521][ T5376]  deactivate_locked_super+0xad/0x110
[  958.711854][ T5376]  deactivate_super+0xbe/0xf0
[  958.716907][ T5376]  cleanup_mnt+0x45c/0x510
[  958.977587][ T5376]  __cleanup_mnt+0x19/0x20
[  958.990104][ T5376]  task_work_run+0x129/0x190
[  958.994652][ T5376]  exit_to_user_mode_loop+0xc4/0xe0
[  959.000139][ T5376]  exit_to_user_mode_prepare+0x5a/0xa0
[  959.007137][ T5376]  syscall_exit_to_user_mode+0x26/0x160
[  959.012837][ T5376]  do_syscall_64+0x49/0xb0
[  959.017129][ T5376]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  959.022920][ T5376] RIP: 0033:0x7f41c8f251d7
[  959.027106][ T5376] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[  959.047336][ T5376] RSP: 002b:00007fff2c4851b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  959.056043][ T5376] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f41c8f251d7
[  959.071106][ T5376] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff2c485270
[  959.081900][ T5376] RBP: 00007fff2c485270 R08: 0000000000000000 R09: 0000000000000000
[  959.090441][ T5376] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff2c486320
[  959.099059][ T5376] R13: 00007f41c8f80636 R14: 00000000000e9d2a R15: 0000000000000008
[  959.107360][ T5376]  </TASK>
[  959.110573][ T5376] ---[ end trace 4db6d66001ec901d ]---
[  959.601280][ T5834] loop1: detected capacity change from 0 to 512
[  959.644064][ T5834] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  959.682976][ T5834] EXT4-fs (loop1): 1 orphan inode deleted
[  959.688671][ T5834] EXT4-fs (loop1): 1 truncate cleaned up
[  959.694312][ T5834] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[  959.718029][ T5838] loop0: detected capacity change from 0 to 256
[  959.745506][ T5838] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  959.925414][ T5848] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0'
[  960.779277][ T5913] xt_TCPMSS: Only works on TCP SYN packets
[  960.785434][ T5913] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5913 comm=syz-executor.2
[  961.626683][ T5926] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0'
[  962.226462][ T5943] loop1: detected capacity change from 0 to 16
[  962.251185][ T5943] erofs: (device loop1): mounted with root inode @ nid 36.
[  962.590588][ T5963] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0'
[  962.728511][ T5965] xt_TCPMSS: Only works on TCP SYN packets
[  962.739651][ T5965] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5965 comm=syz-executor.4
[  963.128635][ T5974] loop0: detected capacity change from 0 to 512
[  963.151680][ T5974] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  963.172068][ T5974] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  964.120415][ T6013] xt_TCPMSS: Only works on TCP SYN packets
[  964.127524][ T6013] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6013 comm=syz-executor.3
[  964.161111][ T6019] __nla_validate_parse: 8 callbacks suppressed
[  964.161129][ T6019] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'.
[  964.182886][ T6019] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.4'.
[  964.199641][ T6019] tc_dump_action: action bad kind
[  964.210975][ T6025] serio: Serial port ptm0
[  964.286727][ T6023] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  964.297610][ T6023] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  964.995852][ T6106] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.2'.
[  965.198637][ T6124] xt_TCPMSS: Only works on TCP SYN packets
[  965.214309][ T6124] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6124 comm=syz-executor.0
[  965.291644][ T6134] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.1'.
[  965.336802][ T6143] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.3'.
[  965.382088][ T6143] loop3: detected capacity change from 0 to 512
[  965.485199][ T6143] EXT4-fs (loop3): orphan cleanup on readonly fs
[  965.505449][ T6143] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr
[  965.554599][ T6143] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz-executor.3: couldn't read orphan inode 15 (err -117)
[  965.567247][ T6143] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  965.625062][ T6150] device syzkaller0 entered promiscuous mode
[  966.383333][ T6169] loop4: detected capacity change from 0 to 256
[  966.428011][ T6169] FAT-fs (loop4): Directory bread(block 64) failed
[  966.434542][ T6169] FAT-fs (loop4): Directory bread(block 65) failed
[  966.441149][ T6169] FAT-fs (loop4): Directory bread(block 66) failed
[  966.447918][ T6169] FAT-fs (loop4): Directory bread(block 67) failed
[  966.455768][ T6169] FAT-fs (loop4): Directory bread(block 68) failed
[  966.462327][ T6169] FAT-fs (loop4): Directory bread(block 69) failed
[  966.471041][ T6169] FAT-fs (loop4): Directory bread(block 70) failed
[  966.478121][ T6169] FAT-fs (loop4): Directory bread(block 71) failed
[  966.484761][ T6169] FAT-fs (loop4): Directory bread(block 72) failed
[  966.491272][ T6169] FAT-fs (loop4): Directory bread(block 73) failed
[  966.689360][ T6185] bridge0: port 1(bridge_slave_0) entered blocking state
[  966.696569][ T6185] bridge0: port 1(bridge_slave_0) entered disabled state
[  966.704145][ T6185] device bridge_slave_0 entered promiscuous mode
[  966.711578][ T6185] bridge0: port 2(bridge_slave_1) entered blocking state
[  966.718577][ T6185] bridge0: port 2(bridge_slave_1) entered disabled state
[  966.726295][ T6185] device bridge_slave_1 entered promiscuous mode
[  966.934874][  T878] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  967.164916][ T6185] bridge0: port 2(bridge_slave_1) entered blocking state
[  967.171810][ T6185] bridge0: port 2(bridge_slave_1) entered forwarding state
[  967.178911][ T6185] bridge0: port 1(bridge_slave_0) entered blocking state
[  967.185686][ T6185] bridge0: port 1(bridge_slave_0) entered forwarding state
[  967.225593][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  967.236658][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[  967.251832][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[  967.274349][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  967.282633][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  967.289519][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  967.309657][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  967.319392][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[  967.326270][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[  967.333590][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  967.341941][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  967.387933][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  967.401276][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  967.409172][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  967.416669][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  967.428876][ T6185] device veth0_vlan entered promiscuous mode
[  967.460673][  T878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  967.594810][  T878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  967.623861][  T878] usb 2-1: New USB device found, idVendor=0810, idProduct=0002, bcdDevice= 0.00
[  967.691236][  T878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  967.757767][ T6185] device veth1_macvtap entered promiscuous mode
[  967.768233][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  967.776795][  T878] usb 2-1: config 0 descriptor??
[  967.794697][ T6223] loop4: detected capacity change from 0 to 256
[  967.796987][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  967.809834][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  967.837982][ T6223] FAT-fs (loop4): Directory bread(block 64) failed
[  967.845837][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  967.850364][ T6223] FAT-fs (loop4): Directory bread(block 65) failed
[  967.854118][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  967.860536][ T6223] FAT-fs (loop4): Directory bread(block 66) failed
[  967.874627][ T6223] FAT-fs (loop4): Directory bread(block 67) failed
[  967.881082][ T6223] FAT-fs (loop4): Directory bread(block 68) failed
[  967.887828][ T6223] FAT-fs (loop4): Directory bread(block 69) failed
[  967.894409][ T6223] FAT-fs (loop4): Directory bread(block 70) failed
[  967.900883][ T6223] FAT-fs (loop4): Directory bread(block 71) failed
[  967.907563][ T6223] FAT-fs (loop4): Directory bread(block 72) failed
[  967.914106][ T6223] FAT-fs (loop4): Directory bread(block 73) failed
[  967.962079][T15378] device bridge_slave_1 left promiscuous mode
[  967.968084][T15378] bridge0: port 2(bridge_slave_1) entered disabled state
[  967.980839][T15378] device bridge_slave_0 left promiscuous mode
[  967.992761][T15378] bridge0: port 1(bridge_slave_0) entered disabled state
[  968.004593][T15378] device veth1_macvtap left promiscuous mode
[  968.010564][T15378] device veth0_vlan left promiscuous mode
[  969.025007][  T878] pantherlord 0003:0810:0002.0097: item fetching failed at offset 0/3
[  969.033271][  T878] pantherlord 0003:0810:0002.0097: parse failed
[  969.090681][  T878] pantherlord: probe of 0003:0810:0002.0097 failed with error -22
[  969.118536][   T30] kauditd_printk_skb: 238 callbacks suppressed
[  969.118558][   T30] audit: type=1326 audit(969.089:41243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  969.156288][  T490] usb 2-1: USB disconnect, device number 63
[  969.189197][ T6255] syz-executor.3[6255] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  969.196772][ T6255] syz-executor.3[6255] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  969.251101][   T30] audit: type=1326 audit(969.119:41244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  969.340560][   T30] audit: type=1326 audit(969.119:41245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  969.364102][   T30] audit: type=1326 audit(969.119:41246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  969.401111][   T30] audit: type=1326 audit(969.119:41247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  969.426058][   T30] audit: type=1326 audit(969.119:41248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  969.449796][   T30] audit: type=1326 audit(969.119:41249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  969.477332][   T30] audit: type=1326 audit(969.119:41250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  969.528947][   T30] audit: type=1326 audit(969.129:41251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  969.559094][   T30] audit: type=1326 audit(969.129:41252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  969.716245][ T6285] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  970.400429][  T878] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[  970.627933][ T6337] syz-executor.3[6337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  970.627984][ T6337] syz-executor.3[6337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  970.651477][ T6339] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  970.702029][T15378] device bridge_slave_1 left promiscuous mode
[  970.708361][T15378] bridge0: port 2(bridge_slave_1) entered disabled state
[  970.716827][T15378] device bridge_slave_0 left promiscuous mode
[  970.723118][T15378] bridge0: port 1(bridge_slave_0) entered disabled state
[  970.731388][T15378] device veth1_macvtap left promiscuous mode
[  970.840388][  T878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  970.851354][  T878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  970.860999][  T878] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  970.869900][  T878] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  970.871154][   T20] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  970.893895][  T878] usb 1-1: config 0 descriptor??
[  971.120460][   T20] usb 3-1: Using ep0 maxpacket: 8
[  971.148707][ T6368] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  971.240338][   T20] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  971.251245][   T20] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  971.260975][   T20] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  971.650631][  T878] usb 1-1: language id specifier not provided by device, defaulting to English
[  971.907473][   T20] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.40
[  971.916925][   T20] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  971.924866][   T20] usb 3-1: Product: syz
[  971.928851][   T20] usb 3-1: Manufacturer: syz
[  971.933310][   T20] usb 3-1: SerialNumber: syz
[  971.984561][ T6395] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  972.081787][  T878] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0098/input/input111
[  972.095246][  T878] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0098/input/input112
[  972.108044][  T878] uclogic 0003:256C:006D.0098: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0
[  972.190468][   T20] usbhid 3-1:1.0: can't add hid device: -22
[  972.196388][   T20] usbhid: probe of 3-1:1.0 failed with error -22
[  972.280286][    T6] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  972.310603][  T314] usb 1-1: USB disconnect, device number 74
[  972.403120][   T20] usb 3-1: USB disconnect, device number 48
[  972.520259][    T6] usb 4-1: Using ep0 maxpacket: 8
[  972.640327][    T6] usb 4-1: config 135 has an invalid interface number: 230 but max is 0
[  972.648535][    T6] usb 4-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  972.658770][    T6] usb 4-1: config 135 has no interface number 0
[  972.664832][    T6] usb 4-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  972.830467][    T6] usb 4-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  972.839393][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  972.847196][    T6] usb 4-1: Product: syz
[  972.851261][    T6] usb 4-1: Manufacturer: syz
[  972.855685][    T6] usb 4-1: SerialNumber: syz
[  972.900759][    T6] usb 4-1: Found UVC 0.00 device syz (18ec:3288)
[  972.907072][    T6] usb 4-1: No valid video chain found.
[  973.086941][ T6442] tmpfs: Unknown parameter '
'
[  973.101289][  T314] usb 4-1: USB disconnect, device number 74
[  973.847740][ T6482] bridge0: port 1(bridge_slave_0) entered blocking state
[  973.854694][ T6482] bridge0: port 1(bridge_slave_0) entered disabled state
[  973.861924][ T6482] device bridge_slave_0 entered promiscuous mode
[  973.868845][ T6482] bridge0: port 2(bridge_slave_1) entered blocking state
[  973.875787][ T6482] bridge0: port 2(bridge_slave_1) entered disabled state
[  973.883050][ T6482] device bridge_slave_1 entered promiscuous mode
[  973.929607][ T6482] bridge0: port 2(bridge_slave_1) entered blocking state
[  973.936481][ T6482] bridge0: port 2(bridge_slave_1) entered forwarding state
[  973.943675][ T6482] bridge0: port 1(bridge_slave_0) entered blocking state
[  973.950441][ T6482] bridge0: port 1(bridge_slave_0) entered forwarding state
[  973.991372][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  973.998781][  T878] bridge0: port 1(bridge_slave_0) entered disabled state
[  974.006654][  T878] bridge0: port 2(bridge_slave_1) entered disabled state
[  974.021770][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  974.030031][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[  974.036929][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  974.044590][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  974.053696][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  974.060575][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  974.067816][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  974.083456][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  974.103677][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  974.117106][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  974.125482][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  974.132775][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  974.140938][ T6482] device veth0_vlan entered promiscuous mode
[  974.155603][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  974.165268][ T6499] JBD2: Spotted dirty metadata buffer (dev = sda1, blocknr = 267). There's a risk of filesystem corruption in case of system crash.
[  974.165517][ T6482] device veth1_macvtap entered promiscuous mode
[  974.202045][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  974.229223][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  974.250273][   T20] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  974.291649][T15378] device bridge_slave_1 left promiscuous mode
[  974.297668][T15378] bridge0: port 2(bridge_slave_1) entered disabled state
[  974.307981][T15378] device bridge_slave_0 left promiscuous mode
[  974.314875][T15378] bridge0: port 1(bridge_slave_0) entered disabled state
[  974.323287][T15378] device veth1_macvtap left promiscuous mode
[  974.330385][T15378] device veth0_vlan left promiscuous mode
[  974.500333][   T20] usb 3-1: Using ep0 maxpacket: 8
[  974.570341][T28018] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  974.600381][T15321] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  974.620422][   T20] usb 3-1: config 135 has an invalid interface number: 230 but max is 0
[  974.628642][   T20] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  974.638818][   T20] usb 3-1: config 135 has no interface number 0
[  974.645028][   T20] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  974.810429][   T20] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  974.819586][   T20] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  974.827591][   T20] usb 3-1: Product: syz
[  974.830590][T28018] usb 5-1: Using ep0 maxpacket: 16
[  974.831552][   T20] usb 3-1: Manufacturer: syz
[  974.841036][T15321] usb 2-1: Using ep0 maxpacket: 8
[  974.845889][   T20] usb 3-1: SerialNumber: syz
[  974.890842][   T20] usb 3-1: Found UVC 0.00 device syz (18ec:3288)
[  974.897006][   T20] usb 3-1: No valid video chain found.
[  974.960420][T15321] usb 2-1: New USB device found, idVendor=0403, idProduct=f0c8, bcdDevice= 2.56
[  974.969493][T15321] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  974.978027][T15321] usb 2-1: config 0 descriptor??
[  974.980339][T28018] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[  974.990921][T28018] usb 5-1: config 0 has no interface number 0
[  974.996718][T28018] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  975.006263][T28018] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  975.020723][T15321] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  975.096904][  T490] usb 3-1: USB disconnect, device number 49
[  975.153946][ T6536] loop0: detected capacity change from 0 to 512
[  975.180454][T28018] usb 5-1: New USB device found, idVendor=0082, idProduct=0000, bcdDevice= f.00
[  975.189563][T28018] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  975.198761][T28018] usb 5-1: Product: syz
[  975.203044][T28018] usb 5-1: Manufacturer: syz
[  975.207810][T28018] usb 5-1: SerialNumber: syz
[  975.208894][ T6536] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  975.214085][T28018] usb 5-1: config 0 descriptor??
[  975.237025][ T6536] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  975.249719][ T6536] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  975.263536][T15321] usb 2-1: Detected FT8U232AM
[  975.263643][ T6536] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  975.268620][T15321] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  975.289534][ T6536] EXT4-fs (loop0): 1 orphan inode deleted
[  975.295884][ T6536] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  975.338755][ T6545] loop3: detected capacity change from 0 to 256
[  975.364674][ T6545] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  975.426839][ T6551] loop3: detected capacity change from 0 to 256
[  975.486603][T15321] usb 2-1: USB disconnect, device number 64
[  975.493321][T15321] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  975.503018][T15321] ftdi_sio 2-1:0.0: device disconnected
[  975.523644][ T6519] loop4: detected capacity change from 0 to 128
[  975.554426][ T6519] UDC core: couldn't find an available UDC or it's busy: -16
[  975.561835][ T6519] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  975.870471][  T878] usb 5-1: USB disconnect, device number 62
[  975.896902][ T6571] JBD2: Spotted dirty metadata buffer (dev = sda1, blocknr = 267). There's a risk of filesystem corruption in case of system crash.
[  975.920688][ T6577] syz-executor.0[6577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  975.920748][ T6577] syz-executor.0[6577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  976.043781][   T30] kauditd_printk_skb: 71 callbacks suppressed
[  976.043796][   T30] audit: type=1326 audit(976.019:41324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6579 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16efeeeea9 code=0x7fc00000
[  976.045145][ T6582] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'.
[  976.061808][   T30] audit: type=1326 audit(976.019:41325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6579 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f16efeeeea9 code=0x7fc00000
[  976.646582][ T6605] bridge0: port 1(bridge_slave_0) entered blocking state
[  976.660004][ T6605] bridge0: port 1(bridge_slave_0) entered disabled state
[  976.667690][ T6605] device bridge_slave_0 entered promiscuous mode
[  976.680618][ T6605] bridge0: port 2(bridge_slave_1) entered blocking state
[  976.690262][ T6605] bridge0: port 2(bridge_slave_1) entered disabled state
[  976.698738][ T6605] device bridge_slave_1 entered promiscuous mode
[  976.775462][   T30] audit: type=1326 audit(976.749:41326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6579 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16efeeeea9 code=0x7fc00000
[  976.929427][ T6605] bridge0: port 2(bridge_slave_1) entered blocking state
[  976.936329][ T6605] bridge0: port 2(bridge_slave_1) entered forwarding state
[  976.943558][ T6605] bridge0: port 1(bridge_slave_0) entered blocking state
[  976.950409][ T6605] bridge0: port 1(bridge_slave_0) entered forwarding state
[  976.982170][ T6599] loop1: detected capacity change from 0 to 131072
[  976.991625][ T5156] device bridge_slave_1 left promiscuous mode
[  977.005422][ T5156] bridge0: port 2(bridge_slave_1) entered disabled state
[  977.014543][ T5156] device bridge_slave_0 left promiscuous mode
[  977.021160][ T5156] bridge0: port 1(bridge_slave_0) entered disabled state
[  977.029679][ T5156] device veth1_macvtap left promiscuous mode
[  977.039937][ T5156] device veth0_vlan left promiscuous mode
[  977.062765][ T6599] F2FS-fs (loop1): Found nat_bits in checkpoint
[  977.063895][ T6621] loop0: detected capacity change from 0 to 256
[  977.080314][ T1116] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  977.113184][ T6621] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  977.127352][ T6599] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  977.301453][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  977.330627][T15321] bridge0: port 1(bridge_slave_0) entered disabled state
[  977.338015][T15321] bridge0: port 2(bridge_slave_1) entered disabled state
[  977.351131][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  977.359687][  T878] bridge0: port 1(bridge_slave_0) entered blocking state
[  977.366567][  T878] bridge0: port 1(bridge_slave_0) entered forwarding state
[  977.374154][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  977.382326][  T878] bridge0: port 2(bridge_slave_1) entered blocking state
[  977.389303][  T878] bridge0: port 2(bridge_slave_1) entered forwarding state
[  977.402280][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  977.419585][ T6605] device veth0_vlan entered promiscuous mode
[  977.426066][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  977.434482][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  977.442818][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  977.450149][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  977.458663][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  977.470402][ T1116] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  977.478844][ T6605] device veth1_macvtap entered promiscuous mode
[  977.482861][ T1116] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  977.489224][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  977.497893][ T1116] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  977.505651][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  977.515444][ T6643] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'.
[  977.530662][   T30] audit: type=1326 audit(977.489:41327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6638 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd99cdceea9 code=0x7fc00000
[  977.539264][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  977.554127][ T1116] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  977.572335][   T30] audit: type=1326 audit(977.489:41328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6638 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd99cdceea9 code=0x7fc00000
[  977.596939][ T1116] usb 3-1: config 0 descriptor??
[  977.605754][ T6647] loop3: detected capacity change from 0 to 2048
[  977.612251][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  977.621062][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  977.629258][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  977.637642][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  977.672922][ T6647] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  977.740934][ T6656] 9pnet: p9_errstr2errno: server reported unknown error 
[  978.226498][ T6651] loop4: detected capacity change from 0 to 131072
[  978.239967][   T30] audit: type=1326 audit(978.209:41329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6638 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd99cdceea9 code=0x7fc00000
[  978.264018][ T6668] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  978.273776][ T6668] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  978.291596][ T6651] F2FS-fs (loop4): Found nat_bits in checkpoint
[  978.336146][ T6651] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  978.400325][ T1116] usbhid 3-1:0.0: can't add hid device: -71
[  978.406144][ T1116] usbhid: probe of 3-1:0.0 failed with error -71
[  978.413501][ T1116] usb 3-1: USB disconnect, device number 50
[  978.560639][ T6692] loop4: detected capacity change from 0 to 512
[  978.615940][ T6692] EXT4-fs (loop4): Number of reserved GDT blocks insanely large: 2048
[  978.671381][ T6695] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  978.680825][ T6695] IPv6: Can't replace route, no match found
[  978.690890][ T6692] loop4: detected capacity change from 0 to 512
[  978.731296][ T6692] EXT4-fs (loop4): Ignoring removed bh option
[  978.737281][ T6692] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  978.747588][ T6692] EXT4-fs (loop4): orphan cleanup on readonly fs
[  978.754823][ T6692] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 19 vs 41 free clusters
[  978.769431][ T6692] Quota error (device loop4): write_blk: dquota write failed
[  978.776965][ T6692] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  978.787226][ T6692] EXT4-fs (loop4): 1 truncate cleaned up
[  978.788564][ T6705] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.3'.
[  978.792781][   T30] audit: type=1326 audit(978.759:41330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6698 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7fc00000
[  978.832411][ T6692] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsddf,noblock_validity,usrquota,barrier=0x0000000000000000,nogrpid,resgid=0x000000000000ee01,bh,inode_readahead_blks=0x0000000000000080,resgid=0x000000000000ee002,errors=continue. Quota mode: writeback.
[  978.858037][   T30] audit: type=1326 audit(978.759:41331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6698 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f965855cea9 code=0x7fc00000
[  978.942982][ T6692] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback.
[  979.173967][ T6719] loop0: detected capacity change from 0 to 40427
[  979.449347][ T6719] F2FS-fs (loop0): invalid crc value
[  979.470423][ T6719] F2FS-fs (loop0): Found nat_bits in checkpoint
[  979.505864][ T6719] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  979.615210][ T6736] loop0: detected capacity change from 0 to 2048
[  979.672508][ T6736] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  979.806461][ T6754] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  979.815766][ T6754] IPv6: Can't replace route, no match found
[  979.942113][ T6763] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'.
[  979.979665][ T6768] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  979.987443][ T6768] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  980.070506][T15321] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  980.430367][T15321] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  980.444444][T15321] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  980.460831][T15321] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  980.471858][T15321] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  980.485699][T15321] usb 3-1: config 0 descriptor??
[  980.860104][ T6784] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  980.883129][ T6786] ./bus: Can't open blockdev
[  980.971587][T15321] lg-g15 0003:046D:C222.0099: unknown main item tag 0x0
[  980.978476][T15321] lg-g15 0003:046D:C222.0099: unknown main item tag 0x0
[  980.989617][T15321] lg-g15 0003:046D:C222.0099: unknown main item tag 0x0
[  980.996457][T15321] lg-g15 0003:046D:C222.0099: unknown main item tag 0x0
[  981.005524][T15321] lg-g15 0003:046D:C222.0099: unknown main item tag 0x0
[  981.016625][T15321] lg-g15 0003:046D:C222.0099: item fetching failed at offset 8/11
[  981.024915][T15321] lg-g15: probe of 0003:046D:C222.0099 failed with error -22
[  981.174387][  T490] usb 3-1: USB disconnect, device number 51
[  981.224939][ T6782] loop3: detected capacity change from 0 to 131072
[  981.274486][ T6782] F2FS-fs (loop3): Found nat_bits in checkpoint
[  981.290450][ T6824] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  981.309113][ T6782] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  981.310339][T15321] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  981.327525][ T6827] ./bus: Can't open blockdev
[  981.573913][T15321] usb 5-1: Using ep0 maxpacket: 8
[  981.901466][ T6855] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  981.910357][T15321] usb 5-1: config 135 has an invalid interface number: 230 but max is 0
[  981.921146][T15321] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  981.931397][T15321] usb 5-1: config 135 has no interface number 0
[  981.937961][T15321] usb 5-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  982.110321][T15321] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  982.119188][T15321] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  982.140213][T15321] usb 5-1: Product: syz
[  982.144199][T15321] usb 5-1: Manufacturer: syz
[  982.148713][T15321] usb 5-1: SerialNumber: syz
[  982.210810][T15321] usb 5-1: Found UVC 0.00 device syz (18ec:3288)
[  982.216985][T15321] usb 5-1: No valid video chain found.
[  982.429312][ T6861] loop3: detected capacity change from 0 to 128
[  982.446290][T15321] usb 5-1: USB disconnect, device number 63
[  982.472368][ T6861] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  982.498088][ T6861] attempt to access beyond end of device
[  982.498088][ T6861] loop3: rw=3, want=6952, limit=128
[  982.529074][ T6861] attempt to access beyond end of device
[  982.529074][ T6861] loop3: rw=2051, want=7894, limit=128
[  982.648344][ T6869] loop0: detected capacity change from 0 to 40427
[  982.682318][ T6869] F2FS-fs (loop0): invalid crc value
[  982.692494][   T30] kauditd_printk_skb: 160 callbacks suppressed
[  982.692508][   T30] audit: type=1326 audit(982.669:41492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6880 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  982.732861][   T30] audit: type=1326 audit(982.699:41493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6880 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  982.744351][ T6869] F2FS-fs (loop0): Found nat_bits in checkpoint
[  982.756384][   T30] audit: type=1326 audit(982.699:41494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6880 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  982.831483][ T6869] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  982.845332][ T6482] attempt to access beyond end of device
[  982.845332][ T6482] loop0: rw=2049, want=45104, limit=40427
[  983.404878][ T6897] syz-executor.4[6897] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  983.404944][ T6897] syz-executor.4[6897] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  983.431766][   T30] audit: type=1400 audit(983.409:41495): avc:  denied  { create } for  pid=6898 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=decnet_socket permissive=1
[  983.711168][ T6914] device syz_tun entered promiscuous mode
[  983.716932][ T6914] device vlan2 entered promiscuous mode
[  983.727220][ T6914] device syz_tun left promiscuous mode
[  984.303391][ T6924] loop4: detected capacity change from 0 to 512
[  984.316604][ T6919] loop3: detected capacity change from 0 to 40427
[  984.354788][ T6919] F2FS-fs (loop3): invalid crc value
[  984.362469][ T6919] F2FS-fs (loop3): Found nat_bits in checkpoint
[  984.379839][ T6924] EXT4-fs (loop4): 1 orphan inode deleted
[  984.385528][ T6924] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  984.472122][ T6919] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  984.785455][   T30] audit: type=1326 audit(984.759:41496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6942 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16efeeeea9 code=0x7ffc0000
[  984.809026][   T30] audit: type=1326 audit(984.779:41497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6942 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7f16efeeeea9 code=0x7ffc0000
[  984.832317][T28018] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  984.840089][   T30] audit: type=1326 audit(984.779:41498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6942 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16efeeeea9 code=0x7ffc0000
[  984.866311][ T6949] loop3: detected capacity change from 0 to 256
[  985.378886][ T6923] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz-executor.4: Invalid block bitmap block 0 in block_group 0
[  985.524577][ T6923] EXT4-fs (loop4): Remounting filesystem read-only
[  985.531231][ T6923] EXT4-fs error (device loop4): ext4_discard_preallocations:5104: comm syz-executor.4: Error -117 reading block bitmap for 0
[  985.621583][ T6605] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #2: block 3: comm syz-executor.4: lblock 0 mapped to illegal pblock 3 (length 1)
[  985.750591][T28018] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  985.761719][T28018] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  985.948877][T28018] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  985.957866][T28018] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  985.966706][T28018] usb 3-1: config 0 descriptor??
[  986.421779][   T30] audit: type=1400 audit(986.399:41499): avc:  denied  { create } for  pid=6937 comm="syz-executor.2" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  986.448424][T28018] holtek_kbd 0003:04D9:A055.009A: hidraw0: USB HID v0.00 Device [HID 04d9:a055] on usb-dummy_hcd.2-1/input0
[  986.481124][ T5155] device bridge_slave_1 left promiscuous mode
[  986.487114][ T5155] bridge0: port 2(bridge_slave_1) entered disabled state
[  986.494712][ T5155] device bridge_slave_0 left promiscuous mode
[  986.500846][ T5155] bridge0: port 1(bridge_slave_0) entered disabled state
[  986.508617][ T5155] device veth1_macvtap left promiscuous mode
[  986.514661][ T5155] device veth0_vlan left promiscuous mode
[  986.646822][T15321] usb 3-1: USB disconnect, device number 52
[  986.672041][ T6978] bridge0: port 1(bridge_slave_0) entered blocking state
[  986.679061][ T6978] bridge0: port 1(bridge_slave_0) entered disabled state
[  986.686461][ T6978] device bridge_slave_0 entered promiscuous mode
[  986.693752][ T6978] bridge0: port 2(bridge_slave_1) entered blocking state
[  986.700889][ T6978] bridge0: port 2(bridge_slave_1) entered disabled state
[  986.708700][ T6978] device bridge_slave_1 entered promiscuous mode
[  986.709272][ T6990] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  986.806479][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  986.814410][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  986.831198][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  986.839410][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  986.849096][T28018] bridge0: port 1(bridge_slave_0) entered blocking state
[  986.855962][T28018] bridge0: port 1(bridge_slave_0) entered forwarding state
[  986.863335][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  986.871697][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  986.879802][T28018] bridge0: port 2(bridge_slave_1) entered blocking state
[  986.886672][T28018] bridge0: port 2(bridge_slave_1) entered forwarding state
[  986.894040][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  986.902190][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  986.921888][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  986.941162][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  986.963941][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  986.972645][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  986.980151][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  986.988634][ T6978] device veth0_vlan entered promiscuous mode
[  987.001874][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  987.012157][ T6978] device veth1_macvtap entered promiscuous mode
[  987.024421][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  987.038395][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  987.066249][   T30] audit: type=1326 audit(987.039:41500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6995 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18d6a94ea9 code=0x7ffc0000
[  987.092661][   T30] audit: type=1326 audit(987.039:41501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6995 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7f18d6a94ea9 code=0x7ffc0000
[  987.540924][ T7034] incfs: Error accessing: ./file0/file0.
[  987.546435][ T7034] incfs: mount failed -5
[  987.652429][ T7051] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  987.663481][ T7051] device ip6tnl1 entered promiscuous mode
[  989.048495][ T7098] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22
[  989.062946][ T7098] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev bpf, type bpf) errno=-22
[  989.096477][ T7106] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  989.117782][ T7109] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  989.150783][ T6978] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  989.170480][ T6978] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  989.179459][ T6978] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  989.225186][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  989.225201][   T30] audit: type=1326 audit(989.199:41504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7117 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  989.263299][   T30] audit: type=1326 audit(989.229:41505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7117 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  989.269414][ T7126] loop3: detected capacity change from 0 to 128
[  989.286707][   T30] audit: type=1326 audit(989.229:41506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7117 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  989.329743][   T30] audit: type=1326 audit(989.229:41507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7117 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  989.355677][   T30] audit: type=1326 audit(989.229:41508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7117 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  990.620837][ T7140] xt_hashlimit: invalid interval
[  990.688209][ T7148] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  990.715272][ T6978] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  990.731429][ T6978] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  990.750462][ T6978] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  990.905374][ T7180] fuse: Bad value for 'fd'
[  990.992004][ T7202] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  991.002745][ T7202] device ip6tnl1 entered promiscuous mode
[  991.523864][ T7220] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22
[  991.533485][ T7220] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  991.972726][ T7234] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  993.890166][ T7306] IPv6: sit1: Disabled Multicast RS
[  993.896086][   T30] audit: type=1326 audit(993.869:41509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7304 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x0
[  994.863027][ T7342] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  994.952821][ T7347] EXT4-fs (sda1): Unrecognized mount option "ª" or missing value
[  996.241694][ T7401] fuse: Bad value for 'fd'
[  996.348283][   T30] audit: type=1107 audit(996.319:41510): pid=7410 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  996.730780][ T7419] device syzkaller0 entered promiscuous mode
[  996.765032][   T30] audit: type=1400 audit(996.739:41511): avc:  denied  { ioctl } for  pid=7426 comm="syz-executor.2" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  996.871617][ T7436] device syzkaller0 entered promiscuous mode
[  996.941129][   T30] audit: type=1326 audit(996.919:41512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  996.964988][   T30] audit: type=1326 audit(996.919:41513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  996.988612][   T30] audit: type=1326 audit(996.919:41514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  997.012030][   T30] audit: type=1326 audit(996.919:41515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  997.035760][   T30] audit: type=1326 audit(996.919:41516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  997.059865][   T30] audit: type=1400 audit(996.949:41517): avc:  denied  { mounton } for  pid=7426 comm="syz-executor.2" path="/root/syzkaller-testdir338391593/syzkaller.ZqhXkR/212/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  997.725826][ T7458] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  997.856740][ T7470] EXT4-fs (sda1): Unrecognized mount option "ª" or missing value
[  998.737652][   T30] audit: type=1326 audit(998.709:41518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7482 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  998.770311][   T30] audit: type=1326 audit(998.739:41519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7482 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f965855cea9 code=0x7ffc0000
[  999.435683][ T7526] netlink: 180 bytes leftover after parsing attributes in process `syz-executor.2'.
[  999.887212][ T7557] syz-executor.3[7557] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  999.887271][ T7557] syz-executor.3[7557] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1000.689914][ T7610] netlink: 37 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1000.984884][ T7635] netlink: 37 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1001.128409][ T7641] device syzkaller0 entered promiscuous mode
[ 1001.220987][ T7643] overlayfs: conflicting options: nfs_export=on,metacopy=on
[ 1001.476837][ T7669] overlayfs: conflicting options: nfs_export=on,metacopy=on
[ 1001.754084][ T7692] loop3: detected capacity change from 0 to 512
[ 1001.760309][   T30] kauditd_printk_skb: 42 callbacks suppressed
[ 1001.760322][   T30] audit: type=1400 audit(1001.729:41562): avc:  denied  { create } for  pid=7693 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 1001.814095][ T7692] EXT4-fs (loop3): 1 orphan inode deleted
[ 1001.819705][ T7692] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 1001.871200][ T7707] syz-executor.2[7707] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1001.871281][ T7707] syz-executor.2[7707] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1001.913125][ T7711] syz-executor.2[7711] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1001.925011][ T7711] syz-executor.2[7711] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1002.471691][ T7739] syz-executor.4[7739] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1002.483278][ T7739] syz-executor.4[7739] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1002.594375][ T7691] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz-executor.3: Invalid block bitmap block 0 in block_group 0
[ 1002.619818][ T7691] EXT4-fs (loop3): Remounting filesystem read-only
[ 1002.626157][ T7691] EXT4-fs error (device loop3): ext4_discard_preallocations:5104: comm syz-executor.3: Error -117 reading block bitmap for 0
[ 1002.659226][ T6185] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #2: block 3: comm syz-executor.3: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1002.821842][ T7746] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1002.828767][ T7746] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1002.836087][ T7746] device bridge_slave_0 entered promiscuous mode
[ 1002.843024][ T7746] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.849934][ T7746] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1002.857595][ T7746] device bridge_slave_1 entered promiscuous mode
[ 1002.909223][ T7746] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.916093][ T7746] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1002.923293][ T7746] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1002.930317][ T7746] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1002.953324][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1002.961262][T15321] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1002.968470][T15321] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1002.980942][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1002.988991][T15321] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1002.995840][T15321] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1003.003295][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1003.011525][T15321] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1003.018352][T15321] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1003.041140][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1003.049394][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1003.058138][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1003.071428][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1003.079524][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1003.087242][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1003.097707][ T7746] device veth0_vlan entered promiscuous mode
[ 1003.113391][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1003.123720][ T7746] device veth1_macvtap entered promiscuous mode
[ 1003.137446][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1003.151615][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1003.251111][ T5155] device bridge_slave_1 left promiscuous mode
[ 1003.257161][ T5155] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1003.264735][ T5155] device bridge_slave_0 left promiscuous mode
[ 1003.270769][ T5155] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1003.278659][ T5155] device veth1_macvtap left promiscuous mode
[ 1003.284498][ T5155] device veth0_vlan left promiscuous mode
[ 1003.601292][ T7774] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[ 1004.142846][ T7806] incfs: Options parsing error. -22
[ 1004.148118][ T7806] incfs: mount failed -22
[ 1004.221618][ T7812] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[ 1004.229997][ T7812] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[ 1004.341275][ T7817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1004.349374][ T7817] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1004.357925][ T7817] device bridge_slave_0 entered promiscuous mode
[ 1004.367556][ T7817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1004.374476][ T7817] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1004.382075][ T7817] device bridge_slave_1 entered promiscuous mode
[ 1004.436138][ T7817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1004.443018][ T7817] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1004.450166][ T7817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1004.457048][ T7817] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1004.481845][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1004.489355][T15321] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1004.496841][T15321] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1004.506853][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1004.515018][T28018] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1004.521892][T28018] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1004.541121][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1004.549217][T28018] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1004.556151][T28018] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1004.563393][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1004.571680][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1004.586743][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1004.598664][ T7817] device veth0_vlan entered promiscuous mode
[ 1004.605159][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1004.613067][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1004.620725][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1004.635458][T28018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1004.644638][ T7817] device veth1_macvtap entered promiscuous mode
[ 1004.657905][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1004.666157][T15321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1004.781307][ T5155] device bridge_slave_1 left promiscuous mode
[ 1004.787286][ T5155] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1004.794954][ T5155] device bridge_slave_0 left promiscuous mode
[ 1004.801048][ T5155] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1004.811409][ T5155] device veth1_macvtap left promiscuous mode
[ 1004.817917][ T5155] device veth0_vlan left promiscuous mode
[ 1005.019614][   T30] audit: type=1326 audit(1004.989:41563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7831 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18d6a94ea9 code=0x0
[ 1005.630787][ T7875] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7875 comm=syz-executor.1
[ 1005.644244][ T7875] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1007.372208][   T30] audit: type=1326 audit(1007.189:41564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7904 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18d6a94ea9 code=0x0
[ 1007.607228][ T7928] loop1: detected capacity change from 0 to 512
[ 1007.653879][ T7928] EXT4-fs error (device loop1): mb_free_blocks:1845: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[ 1007.668564][ T7928] EXT4-fs (loop1): Remounting filesystem read-only
[ 1007.675031][ T7928] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz-executor.1: invalid indirect mapped block 1 (level 1)
[ 1007.688511][T28990] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[ 1007.688791][ T7928] EXT4-fs (loop1): 1 truncate cleaned up
[ 1007.702205][ T7928] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,sysvgroups,. Quota mode: none.
[ 1007.722715][ T7928] netlink: 'syz-executor.1': attribute type 16 has an invalid length.
[ 1007.731055][ T7928] netlink: 'syz-executor.1': attribute type 17 has an invalid length.
[ 1008.292668][ T7953] loop1: detected capacity change from 0 to 256
[ 1008.408076][T28990] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1008.420895][T28990] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1008.431566][T28990] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1008.441614][T28990] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1008.516279][T28990] usb 4-1: config 0 descriptor??
[ 1008.837714][ T7974] futex_wake_op: syz-executor.1 tries to shift op by 32; fix this program
[ 1008.967383][ T7989] fuse: Bad value for 'fd'
[ 1008.990833][T28990] hid (null): bogus close delimiter
[ 1009.429749][ T8006] futex_wake_op: syz-executor.4 tries to shift op by 32; fix this program
[ 1009.736458][ T8010] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1009.744091][ T8010] IPv6: Can't replace route, no match found
[ 1009.963698][ T8013] bridge0: port 3(syz_tun) entered blocking state
[ 1009.995103][ T8013] bridge0: port 3(syz_tun) entered disabled state
[ 1010.018419][T28990] usb 4-1: string descriptor 0 read error: -71
[ 1010.025991][ T8013] device syz_tun entered promiscuous mode
[ 1010.031732][ T8013] bridge0: port 3(syz_tun) entered blocking state
[ 1010.037963][ T8013] bridge0: port 3(syz_tun) entered forwarding state
[ 1010.044756][T28990] uclogic 0003:256C:006D.009B: failed retrieving string descriptor #200: -71
[ 1010.047059][ T8015] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1010.060425][T28990] uclogic 0003:256C:006D.009B: failed retrieving pen parameters: -71
[ 1010.085464][T28990] uclogic 0003:256C:006D.009B: failed probing pen v2 parameters: -71
[ 1010.100280][T28990] uclogic 0003:256C:006D.009B: failed probing parameters: -71
[ 1010.107585][T28990] uclogic: probe of 0003:256C:006D.009B failed with error -71
[ 1010.131421][T28990] usb 4-1: USB disconnect, device number 75
[ 1010.304035][ T8042] loop1: detected capacity change from 0 to 1024
[ 1010.313630][ T8042] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1010.398382][ T8051] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[ 1010.410873][ T8051] 9pnet: Insufficient options for proto=fd
[ 1010.487215][ T8066] device pim6reg1 entered promiscuous mode
[ 1010.533814][ T8061] loop1: detected capacity change from 0 to 40427
[ 1010.574063][ T8061] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1010.598445][ T8061] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1010.614472][ T8061] attempt to access beyond end of device
[ 1010.614472][ T8061] loop1: rw=10241, want=45104, limit=40427
[ 1010.629447][ T7817] attempt to access beyond end of device
[ 1010.629447][ T7817] loop1: rw=2049, want=45112, limit=40427
[ 1010.717633][ T8076] loop1: detected capacity change from 0 to 1024
[ 1010.741492][ T8076] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1010.752891][ T8076] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsddf,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000007,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1010.785287][ T8076] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #2: block 48: comm syz-executor.1: bad entry in directory: directory entry overrun - offset=128, inode=18, rec_len=896, size=1012 fake=0
[ 1010.807899][ T7817] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[ 1010.823806][ T7817] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[ 1010.839258][ T7817] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[ 1010.855011][ T7817] EXT4-fs error (device loop1): ext4_validate_block_bitmap:420: comm syz-executor.1: bg 0: bad block bitmap checksum
[ 1010.867466][ T7817] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6153: Filesystem failed CRC
[ 1010.877088][ T7817] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[ 1010.892711][ T7817] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path /root/syzkaller-testdir2399868542/syzkaller.XadoBt/37/file0/lost+found: directory fails checksum at offset 0
[ 1010.911878][ T7817] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[ 1010.928533][ T7817] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path /root/syzkaller-testdir2399868542/syzkaller.XadoBt/37/file0/lost+found: directory fails checksum at offset 1024
[ 1010.948012][ T7817] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[ 1010.963608][ T7817] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path /root/syzkaller-testdir2399868542/syzkaller.XadoBt/37/file0/lost+found: directory fails checksum at offset 2048
[ 1010.983101][ T7817] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[ 1010.998692][ T7817] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path /root/syzkaller-testdir2399868542/syzkaller.XadoBt/37/file0/lost+found: directory fails checksum at offset 3072
[ 1011.018211][ T7817] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[ 1011.033863][ T7817] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path /root/syzkaller-testdir2399868542/syzkaller.XadoBt/37/file0/lost+found: directory fails checksum at offset 4096
[ 1011.053341][ T7817] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[ 1011.069034][ T7817] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path /root/syzkaller-testdir2399868542/syzkaller.XadoBt/37/file0/lost+found: directory fails checksum at offset 5120
[ 1011.088761][ T7817] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[ 1011.104794][ T7817] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path /root/syzkaller-testdir2399868542/syzkaller.XadoBt/37/file0/lost+found: directory fails checksum at offset 6144
[ 1011.156437][ T8087] loop3: detected capacity change from 0 to 512
[ 1011.191498][ T8087] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[ 1011.245440][ T7817] bridge0: port 3(syz_tun) entered disabled state
[ 1011.253306][ T7817] device syz_tun left promiscuous mode
[ 1011.258698][ T7817] bridge0: port 3(syz_tun) entered disabled state
[ 1011.425532][ T8096] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1011.432793][ T8096] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1011.440114][ T8096] device bridge_slave_0 entered promiscuous mode
[ 1011.450952][ T8096] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1011.457851][ T8096] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1011.468962][ T8096] device bridge_slave_1 entered promiscuous mode
[ 1011.500994][   T30] audit: type=1107 audit(1011.479:41565): pid=8107 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='O'
[ 1011.628236][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1011.635648][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1011.650838][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1011.659046][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1011.667698][  T878] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1011.674578][  T878] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1011.682640][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1011.692470][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1011.701136][  T878] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1011.707981][  T878] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1011.774974][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1011.784498][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1011.828818][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1011.846653][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1011.858279][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1011.866750][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1011.874164][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1011.885435][ T8096] device veth0_vlan entered promiscuous mode
[ 1011.897467][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1011.906767][ T8096] device veth1_macvtap entered promiscuous mode
[ 1011.917458][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1011.925971][  T490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1011.937506][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1011.945788][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1011.966735][ T5156] device bridge_slave_1 left promiscuous mode
[ 1011.973683][ T5156] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1011.981278][ T5156] device bridge_slave_0 left promiscuous mode
[ 1011.987554][ T5156] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1012.001537][ T5156] device veth1_macvtap left promiscuous mode
[ 1012.007580][ T5156] device veth0_vlan left promiscuous mode
[ 1012.034360][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x7
[ 1012.044468][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x6
[ 1012.053390][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.060674][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.067863][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.075193][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.082797][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.090154][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.097491][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.104847][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.112242][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.119497][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.127729][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.135075][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.142495][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.149771][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.157142][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.164502][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.171901][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.179232][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.186466][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.193848][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.201408][ T1116] hid-generic 0000:0000:0000.009C: unknown main item tag 0x0
[ 1012.210019][ T1116] hid-generic 0000:0000:0000.009C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1012.338903][ T8142] loop3: detected capacity change from 0 to 2048
[ 1012.415015][ T8142] EXT4-fs error (device loop3): ext4_fill_super:4831: inode #2: comm syz-executor.3: iget: bad extended attribute block 281474976710655
[ 1012.433754][ T8142] EXT4-fs (loop3): get root inode failed
[ 1012.439312][ T8142] EXT4-fs (loop3): mount failed
[ 1012.616884][ T8162] IPv6: Can't replace route, no match found
[ 1013.197458][ T8171] loop3: detected capacity change from 0 to 40427
[ 1013.242214][ T8171] F2FS-fs (loop3): invalid crc value
[ 1013.249300][ T8171] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1013.290342][ T8171] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[ 1013.299538][ T8171] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[ 1013.889393][ T8211] loop1: detected capacity change from 0 to 512
[ 1013.931275][ T8211] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[ 1014.238721][   T30] audit: type=1326 audit(1014.209:41566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7fc00000
[ 1014.278684][   T30] audit: type=1326 audit(1014.249:41567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7fc00000
[ 1014.358745][   T30] audit: type=1326 audit(1014.329:41568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7fc00000
[ 1014.382452][   T30] audit: type=1326 audit(1014.359:41569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7fc00000
[ 1014.458751][   T30] audit: type=1326 audit(1014.429:41570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7fc00000
[ 1014.482383][   T30] audit: type=1326 audit(1014.459:41571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7fc00000
[ 1014.508695][   T30] audit: type=1326 audit(1014.479:41572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7fc00000
[ 1014.822832][ T8242] loop1: detected capacity change from 0 to 40427
[ 1014.859433][   T30] audit: type=1326 audit(1014.829:41573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7fc00000
[ 1014.884149][ T8242] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1014.892230][ T8242] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1014.901537][ T8242] F2FS-fs (loop1): invalid crc value
[ 1014.910476][ T8242] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1014.947694][ T8242] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1014.956315][ T8242] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1015.069347][ T8252] loop3: detected capacity change from 0 to 40427
[ 1015.341136][ T8252] F2FS-fs (loop3): invalid crc value
[ 1015.353853][ T8252] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1015.389777][ T8252] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[ 1015.416825][ T7746] attempt to access beyond end of device
[ 1015.416825][ T7746] loop3: rw=2049, want=45104, limit=40427
[ 1015.756296][ T5156] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1015.765172][ T5156] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1015.792214][ T8273] loop3: detected capacity change from 0 to 512
[ 1015.831381][ T8273] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[ 1015.842936][ T8275] devtmpfs: Unknown parameter 'rt'
[ 1016.129579][   T30] audit: type=1326 audit(1016.059:41574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8276 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18d6a94ea9 code=0x0
[ 1016.307911][ T8297] SELinux:  Context *yz: is not valid (left unmapped).
[ 1016.314933][   T30] audit: type=1400 audit(1016.289:41575): avc:  denied  { relabelto } for  pid=8296 comm="syz-executor.1" name="file0" dev="sda1" ino=1971 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="*yz:"
[ 1016.654331][   T42] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[ 1016.724980][ T8305] devtmpfs: Unknown parameter 'rt'
[ 1017.061278][   T42] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1017.075677][   T42] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1017.139067][   T42] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1017.168278][   T42] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1017.178469][   T42] usb 2-1: config 0 descriptor??
[ 1017.213537][ T8323] kvm: pic: non byte write
[ 1017.218460][ T8323] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[ 1017.226534][ T8323] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[ 1017.338149][ T8337] bridge0: port 3(vlan2) entered blocking state
[ 1017.344366][ T8337] bridge0: port 3(vlan2) entered disabled state
[ 1017.721317][   T42] hid (null): bogus close delimiter
[ 1017.831339][ T8360] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[ 1017.930640][   T42] usb 2-1: language id specifier not provided by device, defaulting to English
[ 1017.953243][ T8367] bridge0: port 3(vlan2) entered blocking state
[ 1017.959406][ T8367] bridge0: port 3(vlan2) entered disabled state
[ 1018.038002][ T8369] loop3: detected capacity change from 0 to 2048
[ 1018.088210][ T8369] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1018.111345][ T8369] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1018.343042][ T8389] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1018.528609][ T8301] loop1: detected capacity change from 0 to 40427
[ 1018.603411][ T8301] F2FS-fs (loop1): invalid crc value
[ 1018.613730][ T8301] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1018.895247][ T8427] loop3: detected capacity change from 0 to 256
[ 1020.110615][ T8430] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[ 1020.163483][ T8301] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1
[ 1020.311574][   T42] uclogic 0003:256C:006D.009D: failed retrieving string descriptor #200: -71
[ 1020.320303][   T42] uclogic 0003:256C:006D.009D: failed retrieving pen parameters: -71
[ 1020.328194][   T42] uclogic 0003:256C:006D.009D: failed probing pen v2 parameters: -71
[ 1020.336172][   T42] uclogic 0003:256C:006D.009D: failed probing parameters: -71
[ 1020.343464][   T42] uclogic: probe of 0003:256C:006D.009D failed with error -71
[ 1020.352294][   T42] usb 2-1: USB disconnect, device number 65
[ 1020.378372][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1020.378387][   T30] audit: type=1400 audit(1020.349:41578): avc:  denied  { getopt } for  pid=8435 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1020.515649][ T8452] loop1: detected capacity change from 0 to 256
[ 1020.981832][ T8459] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[ 1021.408894][   T42] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 1021.551953][ T8469] loop3: detected capacity change from 0 to 256
[ 1021.810363][   T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1021.829101][   T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1021.854659][   T42] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1021.874720][   T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1021.893380][   T42] usb 3-1: config 0 descriptor??
[ 1021.930024][ T8475] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1021.936989][ T8475] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1021.945603][ T8475] device bridge_slave_0 entered promiscuous mode
[ 1021.952715][ T8475] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1021.959698][ T8475] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1021.967570][ T8475] device bridge_slave_1 entered promiscuous mode
[ 1022.006190][ T8489] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[ 1022.051845][ T8475] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.058832][ T8475] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1022.065977][ T8475] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.072846][ T8475] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1022.084763][ T8495] loop1: detected capacity change from 0 to 1024
[ 1022.099650][ T1391] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1022.106857][ T1391] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1022.114276][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1022.122162][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1022.123185][ T8495] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[ 1022.141758][ T8428] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1022.143777][ T8495] EXT4-fs error (device loop1): ext4_get_journal_inode:5150: comm syz-executor.1: inode #1: comm syz-executor.1: iget: illegal inode #
[ 1022.163659][ T8428] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.170538][ T8428] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1022.177670][ T8495] EXT4-fs (loop1): no journal found
[ 1022.182859][ T8495] EXT4-fs (loop1): can't get journal size
[ 1022.190548][ T8495] EXT4-fs (loop1): failed to initialize system zone (-22)
[ 1022.194841][ T8428] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1022.197564][ T8495] EXT4-fs (loop1): mount failed
[ 1022.257650][ T8428] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.264556][ T8428] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1022.280750][ T8428] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1022.288709][ T8428] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1022.302052][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1022.325987][ T8475] device veth0_vlan entered promiscuous mode
[ 1022.338572][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1022.356955][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1022.364893][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1022.372309][   T42] hid (null): bogus close delimiter
[ 1022.393964][ T8475] device veth1_macvtap entered promiscuous mode
[ 1022.405849][  T878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1022.420496][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1022.428885][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1022.570442][  T878] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[ 1022.590351][   T42] usb 3-1: language id specifier not provided by device, defaulting to English
[ 1022.599619][ T8521] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[ 1022.622658][   T30] audit: type=1400 audit(1022.599:41579): avc:  denied  { ioctl } for  pid=8523 comm="syz-executor.1" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 ioctlcmd=0x63a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1022.722878][   T30] audit: type=1326 audit(1022.699:41580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8510 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a7017fea9 code=0x7fc00000
[ 1022.840473][  T878] usb 4-1: Using ep0 maxpacket: 32
[ 1022.915966][ T8550] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[ 1022.960623][  T878] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1022.968848][  T878] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1022.977296][  T878] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1022.989084][ T8556] input: syz0 as /devices/virtual/input/input113
[ 1022.995304][  T878] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1023.006323][  T878] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1023.015989][  T878] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1023.032392][  T878] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1023.041683][  T878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1023.050814][  T878] usb 4-1: config 0 descriptor??
[ 1023.311216][  T878] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 76 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1023.322443][   T30] audit: type=1326 audit(1023.299:41581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8510 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a7017fea9 code=0x7fc00000
[ 1023.333036][  T878] usb 4-1: USB disconnect, device number 76
[ 1023.368241][  T878] usblp0: removed
[ 1023.783018][ T8591] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1024.739422][ T8596] loop1: detected capacity change from 0 to 256
[ 1024.820309][   T42] uclogic 0003:256C:006D.009E: failed retrieving string descriptor #200: -71
[ 1024.834082][   T42] uclogic 0003:256C:006D.009E: failed retrieving pen parameters: -71
[ 1024.857041][   T42] uclogic 0003:256C:006D.009E: failed probing pen v2 parameters: -71
[ 1024.865619][   T42] uclogic 0003:256C:006D.009E: failed probing parameters: -71
[ 1024.873114][   T42] uclogic: probe of 0003:256C:006D.009E failed with error -71
[ 1024.882282][   T42] usb 3-1: USB disconnect, device number 53
[ 1024.907175][ T8606] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22
[ 1024.920421][ T8606] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[ 1025.160286][  T878] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[ 1025.291044][ T8648] loop0: detected capacity change from 0 to 512
[ 1025.385557][ T8651] loop1: detected capacity change from 0 to 256
[ 1025.575860][ T8648] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #16: comm syz-executor.0: iget: bogus i_mode (4755)
[ 1025.588086][ T8648] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 16 (err -117)
[ 1025.600570][ T8648] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1025.941663][ T8680] input: syz0 as /devices/virtual/input/input114
[ 1025.965836][ T8680] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1026.190355][  T878] usb 4-1: Using ep0 maxpacket: 32
[ 1026.310943][  T878] usb 4-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[ 1026.328537][  T878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1026.340367][ T8696] IPv6: addrconf: prefix option has invalid lifetime
[ 1026.346893][ T8696] IPv6: addrconf: prefix option has invalid lifetime
[ 1026.361981][  T878] usb 4-1: config 0 descriptor??
[ 1027.333450][  T878] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1027.343413][  T878] asix: probe of 4-1:0.0 failed with error -71
[ 1027.351008][  T878] usb 4-1: USB disconnect, device number 77
[ 1027.461412][   T30] audit: type=1326 audit(1027.439:41582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8705 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a7017fea9 code=0x0
[ 1028.152348][ T8740] device veth3 entered promiscuous mode
[ 1028.304654][   T30] audit: type=1326 audit(1028.279:41583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8747 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18d6a94ea9 code=0x0
[ 1028.915349][ T8753] loop0: detected capacity change from 0 to 256
[ 1028.957560][ T8755] input: syz0 as /devices/virtual/input/input115
[ 1029.001545][ T8755] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1029.423747][  T490] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[ 1029.689067][ T8828] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1030.124970][ T8846] loop1: detected capacity change from 0 to 512
[ 1030.151162][ T8846] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1030.170737][ T8846] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[ 1030.193315][  T490] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1030.204187][  T490] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1030.214111][ T8846] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz-executor.1: invalid indirect mapped block 2683928664 (level 1)
[ 1030.228316][  T490] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1030.230491][ T8846] EXT4-fs (loop1): Remounting filesystem read-only
[ 1030.237529][  T490] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1030.252268][  T490] usb 4-1: config 0 descriptor??
[ 1030.260415][ T8846] EXT4-fs (loop1): 1 truncate cleaned up
[ 1030.265969][ T8846] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,dioread_nolock,errors=remount-ro,minixdf,jqfmt=vfsv0,usrjquota=.,. Quota mode: writeback.
[ 1030.457827][ T8862] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1030.606501][ T8877] loop0: detected capacity change from 0 to 512
[ 1030.642234][ T8877] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[ 1030.660471][ T8877] EXT4-fs (loop0): Unrecognized mount option "obj_user=/dev/kvm" or missing value
[ 1030.690269][   T20] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 1030.735794][ T8890] syz-executor.2[8890] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1030.735877][ T8890] syz-executor.2[8890] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1030.747740][  T490] hid (null): bogus close delimiter
[ 1030.788356][ T8894] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1030.940354][   T20] usb 2-1: Using ep0 maxpacket: 16
[ 1031.200300][  T490] usb 4-1: string descriptor 0 read error: -71
[ 1031.220789][  T490] uclogic 0003:256C:006D.009F: failed retrieving string descriptor #200: -71
[ 1031.229393][  T490] uclogic 0003:256C:006D.009F: failed retrieving pen parameters: -71
[ 1031.240302][   T20] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[ 1031.249146][   T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1031.270252][  T490] uclogic 0003:256C:006D.009F: failed probing pen v2 parameters: -71
[ 1031.278196][   T20] usb 2-1: Product: syz
[ 1031.282149][   T20] usb 2-1: Manufacturer: syz
[ 1031.286561][   T20] usb 2-1: SerialNumber: syz
[ 1031.291036][  T490] uclogic 0003:256C:006D.009F: failed probing parameters: -71
[ 1031.298293][  T490] uclogic: probe of 0003:256C:006D.009F failed with error -71
[ 1031.306411][   T20] usb 2-1: config 0 descriptor??
[ 1031.312404][  T490] usb 4-1: USB disconnect, device number 78
[ 1031.350811][   T20] snd-usb-audio: probe of 2-1:0.0 failed with error -22
[ 1031.569075][ T8925] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[ 1031.578595][ T8925] fuse: Bad value for 'fd'
[ 1031.607275][ T8859] UDC core: couldn't find an available UDC or it's busy: -16
[ 1031.626902][ T8859] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1031.667776][   T42] usb 2-1: USB disconnect, device number 66
[ 1032.040266][  T490] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[ 1032.100268][ T1391] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[ 1032.143473][   T30] audit: type=1326 audit(1032.119:41584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8943 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a7017fea9 code=0x0
[ 1032.360214][ T1391] usb 3-1: Using ep0 maxpacket: 32
[ 1032.740532][  T490] usb 4-1: config index 0 descriptor too short (expected 45, got 36)
[ 1032.748492][  T490] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1032.769366][  T490] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1032.782643][ T1391] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1032.793473][ T1391] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1032.803086][  T490] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1032.812061][ T1391] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1032.821209][  T490] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1032.829075][ T1391] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1032.837568][  T490] usb 4-1: config 0 descriptor??
[ 1032.844570][ T1391] usb 3-1: config 0 descriptor??
[ 1032.881401][ T1391] hub 3-1:0.0: USB hub found
[ 1032.919445][ T8968] syz-executor.4[8968] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1032.919507][ T8968] syz-executor.4[8968] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1032.952004][ T8970] syz-executor.1[8970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1032.965626][ T8970] syz-executor.1[8970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1033.110330][ T1391] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19)
[ 1033.161187][ T8995] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1033.250434][ T9001] fuse: Bad value for 'fd'
[ 1034.235526][  T490] plantronics 0003:047F:FFFF.00A0: unknown main item tag 0xd
[ 1034.242900][   T20] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 1034.280452][  T490] plantronics 0003:047F:FFFF.00A0: No inputs registered, leaving
[ 1034.295729][  T490] plantronics 0003:047F:FFFF.00A0: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1034.309189][  T490] usb 4-1: USB disconnect, device number 79
[ 1034.319221][ T1391] usbhid 3-1:0.0: can't add hid device: -71
[ 1034.325718][ T1391] usbhid: probe of 3-1:0.0 failed with error -71
[ 1034.370614][ T1391] usb 3-1: USB disconnect, device number 54
[ 1034.397806][ T9040] fuse: Invalid rootmode
[ 1034.552668][ T9046] loop0: detected capacity change from 0 to 2048
[ 1034.652552][ T9046] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1034.871140][ T9058] xt_l2tp: missing protocol rule (udp|l2tpip)
[ 1034.890318][   T20] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[ 1034.900027][   T30] audit: type=1326 audit(1034.869:41585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9059 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7ffc0000
[ 1034.903615][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1034.949153][   T30] audit: type=1326 audit(1034.909:41586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9059 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7ffc0000
[ 1034.973915][   T30] audit: type=1326 audit(1034.919:41587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9059 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d8af97ea9 code=0x7ffc0000
[ 1034.973979][   T20] usb 2-1: config 0 descriptor??
[ 1035.052463][   T30] audit: type=1326 audit(1034.919:41588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9059 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7ffc0000
[ 1035.092646][   T30] audit: type=1326 audit(1034.919:41589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9059 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7ffc0000
[ 1035.116232][   T30] audit: type=1326 audit(1034.919:41590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9059 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d8af97ea9 code=0x7ffc0000
[ 1035.139790][   T30] audit: type=1326 audit(1034.919:41591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9059 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8af97ea9 code=0x7ffc0000
[ 1035.541363][   T30] audit: type=1326 audit(1034.919:41592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9059 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2d8af95627 code=0x7ffc0000
[ 1035.573573][   T30] audit: type=1326 audit(1034.919:41593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9059 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2d8af5b309 code=0x7ffc0000
[ 1035.599004][   T20] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1035.601950][   T30] audit: type=1326 audit(1034.919:41594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9059 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2d8af95627 code=0x7ffc0000
[ 1035.621486][   T20] asix: probe of 2-1:0.0 failed with error -71
[ 1035.652812][   T20] usb 2-1: USB disconnect, device number 67
[ 1035.713155][ T9072] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1035.721094][ T9072] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1035.800465][ T9089] loop3: detected capacity change from 0 to 256
[ 1035.836936][ T9089] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[ 1036.784075][ T9150] loop3: detected capacity change from 0 to 512
[ 1036.830983][ T9136] loop0: detected capacity change from 0 to 40427
[ 1036.841467][ T9150] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1036.862421][ T9150] ==================================================================
[ 1036.870399][ T9150] BUG: KASAN: use-after-free in __ext4_iget+0x2ee/0x3f00
[ 1036.877254][ T9150] Read of size 8 at addr ffff88811c57f838 by task syz-executor.3/9150
[ 1036.885480][ T9150] 
[ 1036.887633][ T9150] CPU: 0 PID: 9150 Comm: syz-executor.3 Tainted: G        W         5.15.149-syzkaller-00165-g85445b5a2107 #0
[ 1036.899092][ T9150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 1036.909069][ T9150] Call Trace:
[ 1036.912192][ T9150]  <TASK>
[ 1036.915317][ T9150]  dump_stack_lvl+0x151/0x1b7
[ 1036.919983][ T9150]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1036.925446][ T9150]  ? panic+0x751/0x751
[ 1036.929360][ T9150]  ? __kasan_check_write+0x14/0x20
[ 1036.934304][ T9150]  print_address_description+0x87/0x3b0
[ 1036.939676][ T9150]  ? __se_sys_mount+0x2c4/0x3b0
[ 1036.944373][ T9150]  ? __x64_sys_mount+0xbf/0xd0
[ 1036.949070][ T9150]  kasan_report+0x179/0x1c0
[ 1036.953392][ T9150]  ? __ext4_iget+0x2ee/0x3f00
[ 1036.957916][ T9150]  ? __ext4_iget+0x2ee/0x3f00
[ 1036.962443][ T9150]  __asan_report_load8_noabort+0x14/0x20
[ 1036.967973][ T9150]  __ext4_iget+0x2ee/0x3f00
[ 1036.972312][ T9150]  ? xas_nomem+0x19a/0x1d0
[ 1036.976564][ T9150]  ? ida_alloc_range+0x9fd/0xa80
[ 1036.981424][ T9150]  ? __kasan_kmalloc+0x9/0x10
[ 1036.985932][ T9150]  ? ext4_get_projid+0x140/0x140
[ 1036.991059][ T9150]  ? __kasan_check_write+0x14/0x20
[ 1036.996002][ T9150]  ? _raw_write_lock+0xa4/0x170
[ 1037.000774][ T9150]  ? __proc_create+0x65a/0xa00
[ 1037.005376][ T9150]  ? ext4_init_orphan_info+0x161/0x1080
[ 1037.010759][ T9150]  ext4_enable_quotas+0x556/0x980
[ 1037.015630][ T9150]  ? ext4_force_commit+0xc0/0xc0
[ 1037.020390][ T9150]  ? proc_create+0x2b0/0x2b0
[ 1037.024819][ T9150]  ? ext4_register_sysfs+0x281/0x2c0
[ 1037.029940][ T9150]  ext4_fill_super+0x8b95/0x96e0
[ 1037.034719][ T9150]  ? ext4_mount+0x40/0x40
[ 1037.038876][ T9150]  ? vscnprintf+0x80/0x80
[ 1037.043042][ T9150]  ? set_blocksize+0x1f0/0x380
[ 1037.047642][ T9150]  ? sb_set_blocksize+0xa8/0xf0
[ 1037.052418][ T9150]  mount_bdev+0x282/0x3b0
[ 1037.056761][ T9150]  ? ext4_mount+0x40/0x40
[ 1037.061467][ T9150]  ext4_mount+0x34/0x40
[ 1037.065525][ T9150]  legacy_get_tree+0xf1/0x190
[ 1037.070119][ T9150]  ? ext4_errno_to_code+0x140/0x140
[ 1037.075159][ T9150]  vfs_get_tree+0x88/0x290
[ 1037.079409][ T9150]  do_new_mount+0x2ba/0xb30
[ 1037.083755][ T9150]  ? do_move_mount_old+0x160/0x160
[ 1037.088691][ T9150]  ? security_capable+0x87/0xb0
[ 1037.093387][ T9150]  ? ns_capable+0x89/0xe0
[ 1037.097549][ T9150]  path_mount+0x671/0x1070
[ 1037.101804][ T9150]  __se_sys_mount+0x2c4/0x3b0
[ 1037.106315][ T9150]  ? __x64_sys_mount+0xd0/0xd0
[ 1037.110915][ T9150]  ? __kasan_check_read+0x11/0x20
[ 1037.115774][ T9150]  __x64_sys_mount+0xbf/0xd0
[ 1037.120204][ T9150]  do_syscall_64+0x3d/0xb0
[ 1037.124456][ T9150]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1037.130288][ T9150] RIP: 0033:0x7f2d8af995aa
[ 1037.134626][ T9150] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1037.154147][ T9150] RSP: 002b:00007f2d8a311ef8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[ 1037.162394][ T9150] RAX: ffffffffffffffda RBX: 00007f2d8a311f80 RCX: 00007f2d8af995aa
[ 1037.170294][ T9150] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 00007f2d8a311f40
[ 1037.178107][ T9150] RBP: 0000000020000040 R08: 00007f2d8a311f80 R09: 0000000000204092
[ 1037.185915][ T9150] R10: 0000000000204092 R11: 0000000000000202 R12: 0000000020000080
[ 1037.193906][ T9150] R13: 00007f2d8a311f40 R14: 000000000000050d R15: 0000000020000000
[ 1037.201723][ T9150]  </TASK>
[ 1037.204575][ T9150] 
[ 1037.206832][ T9150] Allocated by task 6599:
[ 1037.211010][ T9150]  __kasan_slab_alloc+0xb1/0xe0
[ 1037.215683][ T9150]  slab_post_alloc_hook+0x53/0x2c0
[ 1037.220629][ T9150]  kmem_cache_alloc+0xf5/0x200
[ 1037.225229][ T9150]  f2fs_alloc_inode+0x26/0x340
[ 1037.229829][ T9150]  iget_locked+0x174/0x860
[ 1037.234094][ T9150]  f2fs_iget+0x55/0x4de0
[ 1037.238160][ T9150]  f2fs_fill_super+0x4eed/0x80e0
[ 1037.243023][ T9150]  mount_bdev+0x282/0x3b0
[ 1037.247189][ T9150]  f2fs_mount+0x34/0x40
[ 1037.251192][ T9150]  legacy_get_tree+0xf1/0x190
[ 1037.255699][ T9150]  vfs_get_tree+0x88/0x290
[ 1037.260119][ T9150]  do_new_mount+0x2ba/0xb30
[ 1037.264458][ T9150]  path_mount+0x671/0x1070
[ 1037.268805][ T9150]  __se_sys_mount+0x2c4/0x3b0
[ 1037.273322][ T9150]  __x64_sys_mount+0xbf/0xd0
[ 1037.277796][ T9150]  do_syscall_64+0x3d/0xb0
[ 1037.282110][ T9150]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1037.287977][ T9150] 
[ 1037.290199][ T9150] Last potentially related work creation:
[ 1037.295736][ T9150]  kasan_save_stack+0x3b/0x60
[ 1037.300249][ T9150]  __kasan_record_aux_stack+0xd3/0xf0
[ 1037.305465][ T9150]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1037.311098][ T9150]  call_rcu+0x135/0x1310
[ 1037.315175][ T9150]  evict+0x5df/0x630
[ 1037.318912][ T9150]  iput+0x63b/0x7e0
[ 1037.322554][ T9150]  f2fs_put_super+0x683/0xc10
[ 1037.327067][ T9150]  generic_shutdown_super+0x157/0x2e0
[ 1037.332285][ T9150]  kill_block_super+0x7e/0xe0
[ 1037.336788][ T9150]  kill_f2fs_super+0x2f9/0x3c0
[ 1037.341391][ T9150]  deactivate_locked_super+0xad/0x110
[ 1037.346594][ T9150]  deactivate_super+0xbe/0xf0
[ 1037.351202][ T9150]  cleanup_mnt+0x45c/0x510
[ 1037.355445][ T9150]  __cleanup_mnt+0x19/0x20
[ 1037.359699][ T9150]  task_work_run+0x129/0x190
[ 1037.364126][ T9150]  exit_to_user_mode_loop+0xc4/0xe0
[ 1037.369170][ T9150]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1037.374483][ T9150]  syscall_exit_to_user_mode+0x26/0x160
[ 1037.379835][ T9150]  do_syscall_64+0x49/0xb0
[ 1037.384090][ T9150]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1037.389815][ T9150] 
[ 1037.391994][ T9150] Second to last potentially related work creation:
[ 1037.398411][ T9150]  kasan_save_stack+0x3b/0x60
[ 1037.402932][ T9150]  __kasan_record_aux_stack+0xd3/0xf0
[ 1037.408127][ T9150]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1037.413770][ T9150]  call_rcu+0x135/0x1310
[ 1037.417850][ T9150]  evict+0x5df/0x630
[ 1037.421590][ T9150]  evict_inodes+0x5db/0x660
[ 1037.425930][ T9150]  generic_shutdown_super+0x9c/0x2e0
[ 1037.431043][ T9150]  kill_block_super+0x7e/0xe0
[ 1037.435554][ T9150]  kill_f2fs_super+0x2f9/0x3c0
[ 1037.440162][ T9150]  deactivate_locked_super+0xad/0x110
[ 1037.445362][ T9150]  deactivate_super+0xbe/0xf0
[ 1037.450148][ T9150]  cleanup_mnt+0x45c/0x510
[ 1037.454396][ T9150]  __cleanup_mnt+0x19/0x20
[ 1037.458653][ T9150]  task_work_run+0x129/0x190
[ 1037.463074][ T9150]  do_exit+0xc48/0x2ca0
[ 1037.467064][ T9150]  do_group_exit+0x141/0x310
[ 1037.471490][ T9150]  __x64_sys_exit_group+0x3f/0x40
[ 1037.476441][ T9150]  do_syscall_64+0x3d/0xb0
[ 1037.480690][ T9150]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1037.486419][ T9150] 
[ 1037.488590][ T9150] The buggy address belongs to the object at ffff88811c57f330
[ 1037.488590][ T9150]  which belongs to the cache f2fs_inode_cache of size 1424
[ 1037.503173][ T9150] The buggy address is located 1288 bytes inside of
[ 1037.503173][ T9150]  1424-byte region [ffff88811c57f330, ffff88811c57f8c0)
[ 1037.516886][ T9150] The buggy address belongs to the page:
[ 1037.522363][ T9150] page:ffffea0004715e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88811c578c20 pfn:0x11c578
[ 1037.533893][ T9150] head:ffffea0004715e00 order:3 compound_mapcount:0 compound_pincount:0
[ 1037.542052][ T9150] flags: 0x4000000000010200(slab|head|zone=1)
[ 1037.547964][ T9150] raw: 4000000000010200 0000000000000000 dead000000000122 ffff8881003e5e00
[ 1037.556380][ T9150] raw: ffff88811c578c20 000000008015000f 00000001ffffffff 0000000000000000
[ 1037.564793][ T9150] page dumped because: kasan: bad access detected
[ 1037.571048][ T9150] page_owner tracks the page as allocated
[ 1037.576593][ T9150] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 14449, ts 333647463556, free_ts 322587800622
[ 1037.598297][ T9150]  post_alloc_hook+0x1a3/0x1b0
[ 1037.602896][ T9150]  prep_new_page+0x1b/0x110
[ 1037.607333][ T9150]  get_page_from_freelist+0x3550/0x35d0
[ 1037.612710][ T9150]  __alloc_pages+0x27e/0x8f0
[ 1037.617125][ T9150]  new_slab+0x9a/0x4e0
[ 1037.621031][ T9150]  ___slab_alloc+0x39e/0x830
[ 1037.625459][ T9150]  __slab_alloc+0x4a/0x90
[ 1037.629626][ T9150]  kmem_cache_alloc+0x134/0x200
[ 1037.634401][ T9150]  f2fs_alloc_inode+0x26/0x340
[ 1037.639006][ T9150]  new_inode_pseudo+0x64/0x220
[ 1037.643599][ T9150]  new_inode+0x28/0x1c0
[ 1037.647589][ T9150]  f2fs_new_inode+0x10e/0x1410
[ 1037.652189][ T9150]  f2fs_create+0x178/0x1510
[ 1037.656529][ T9150]  path_openat+0x13a8/0x2f40
[ 1037.660959][ T9150]  do_filp_open+0x21c/0x460
[ 1037.665316][ T9150]  do_sys_openat2+0x13f/0x830
[ 1037.669813][ T9150] page last free stack trace:
[ 1037.674322][ T9150]  free_unref_page_prepare+0x7c8/0x7d0
[ 1037.679617][ T9150]  free_unref_page+0xe8/0x750
[ 1037.684129][ T9150]  __free_pages+0x61/0xf0
[ 1037.688293][ T9150]  __free_slab+0xec/0x1d0
[ 1037.692461][ T9150]  discard_slab+0x29/0x40
[ 1037.696626][ T9150]  __slab_free+0x205/0x290
[ 1037.700880][ T9150]  ___cache_free+0x109/0x120
[ 1037.705391][ T9150]  qlink_free+0x4d/0x90
[ 1037.709387][ T9150]  qlist_free_all+0x44/0xb0
[ 1037.713734][ T9150]  kasan_quarantine_reduce+0x15a/0x180
[ 1037.719032][ T9150]  __kasan_slab_alloc+0x2f/0xe0
[ 1037.723714][ T9150]  slab_post_alloc_hook+0x53/0x2c0
[ 1037.728653][ T9150]  kmem_cache_alloc+0xf5/0x200
[ 1037.733286][ T9150]  getname_flags+0xba/0x520
[ 1037.737592][ T9150]  getname+0x19/0x20
[ 1037.741324][ T9150]  do_sys_openat2+0xd7/0x830
[ 1037.745753][ T9150] 
[ 1037.747937][ T9150] Memory state around the buggy address:
[ 1037.753405][ T9150]  ffff88811c57f700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1037.761292][ T9150]  ffff88811c57f780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1037.769192][ T9150] >ffff88811c57f800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1037.777082][ T9150]                                         ^
2033/05/18 03:33:22 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[ 1037.782812][ T9150]  ffff88811c57f880: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1037.790722][ T9150]  ffff88811c57f900: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[ 1037.798610][ T9150] ==================================================================
[ 1037.806507][ T9150] Disabling lock debugging due to kernel taint
[ 1037.829668][ T9150] EXT4-fs warning (device loop3): ext4_enable_quotas:6410: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[ 1037.860804][ T9150] EXT4-fs (loop3): mount failed