last executing test programs:

16.164450848s ago: executing program 3 (id=3262):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000540)={"6b0a4d9a49e21578faa0c2c3204e0688", 0x0, <r1=>0x0, {0x10, 0x10001}, {0x5, 0x7fff}, 0xa44, [0x6, 0x2, 0x1000, 0x80000000, 0x7, 0x32, 0x2, 0x80000001, 0x3ff, 0xe, 0x100000000, 0x6, 0x1ff, 0xb, 0x1, 0x1]})
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f0000000800)={{r0}, r1, 0x0, @unused=[0x3, 0x7, 0x2], @subvolid=0x907})
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./bus\x00', 0x120c086, &(0x7f0000000440)={[{@resgid}, {@nouid32}, {@jqfmt_vfsold}, {@dioread_nolock}, {@data_ordered}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@abort}, {@bsdgroups}, {@nobh}], [{@context={'context', 0x3d, 'user_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '['}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@permit_directio}, {@fsname={'fsname', 0x3d, '[]&\'-'}}, {@dont_appraise}, {@obj_user={'obj_user', 0x3d, '-:#]\'@.!'}}, {@permit_directio}, {@seclabel}, {@appraise}]}, 0x11, 0x5ec, &(0x7f0000000c00)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0kKQAg2t0aIJJcGNiXFjjIkrF+J/oUS2rHTlwo0rQ0LUsDTxmrmdKb3t3Jb+uJ3a+XyS2545507PmbbfnnNPz5kbQGUNph9qEQcjYjqJ6E/mF8s6IyscXHjeoz8+PJ8+kqjXX/stiSTLy5+fZJ/7spN7IuKH75M40LGy3pm5G5fHp6Ymr2fHw7NXpodn5m4cvXRl/OLkxcmroy+Mnjp54uSpkWMbuq6bBXlnb7/zXv/HY29+/eWfycg3P48lcTpezp649Dq2Si37niQri/pObXVlJelY/D15LFmewY6V//y6IuJ/0R8dS36a/fHRK6U2DmirehJRByoqEf9QUfk4IH9tv/x1cK2UUQmwHR6eWZgAWBn/nQtzg9HTmBvY+yhpmudJImJjM3PN9kXE/Xtjty/cG7sdbZqHA4rN34qI/xfFf9KI/4HoiYFG/Nea4j8dF5zLPqf5r26w/uVTxeIfts9C/PesGv/RIv7fWhL/b2+w/sFsDjLV2xT/vZu5LAAAAAAAAKiku2ci4vmi///XFtf/RMH6n76IOL0F9Q8uO175///agy2oBijw8EzES4Xrf2v56t+Bjiz1r8Z6gK7kwqWpyWMR8e+IOBJde9LjkVXqOPrJgS9alQ1m6//yR1r//WwtYNaOB517ms+ZGB8c3+x1AxEPb0U8Vbj+N1ns/5OC/j/9ezD9hHUcePbOuVZla8c/0C71ryIOF/b/j+9akax+f47hxnhgOB8VrPT0B59+26r+jca/W0zA5qX9/97V438gWXq/npn113F8rrPeqmxj4//Z8e7k9cZdhbqzvPfHZ2evj0R0J2c70tym/NH1txl2ozwe8nhJ4//IM6vP/xWN/3sjYn7Z105+b95TnPvvX32/tGqP8T+UJ43/iXX1/+tPjN4Z+K5V/U/W/59o9PVHspy0/2/fdwT+OT7Pw7S7Ob8gHDuLira7vQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwG9QiYl8ktaHFdK02NBTRFxH/ib21qWszs89duPbu1Ym0rPH+/7X8nX77F46Txvv/19L04+PRaD4+HhH7I+Kzjt7G8dD5a1MTZV88AAAAAAAAAAAAAAAAAAAA7BB9Lfb/p37tKLt1QNt1lt0AoDQF8f9jGe0Att+6+//59rQD2H7G/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAAOwq+w/d/SmJiPkXexuPVHdW1lVqy4B2q5XdAKA0bvED1WXpD1SX1/hAskZ5T8uT1jpzNdPnN3EyAAAAAAAAAAAAAFTO4YP2/0NV2f8P1WX/P1RXvv//UMntALaf1/hArLGTv3D//+pnzW+2PQAAAAAAAAAAAABAs5m5G5fHp6Ymr0u8sTOaUZTobdNXrtfrN9PfgtIvcHck8qXwO6U9yxL5Xr8nO6u8v0kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECzvwMAAP//SfslYQ==")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x3814744, &(0x7f00000007c0)={[{@noauto_da_alloc}, {@acl}, {@test_dummy_encryption}, {@resgid}, {@jqfmt_vfsv0}, {@oldalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@noauto_da_alloc}, {@test_dummy_encryption}]}, 0x1, 0x46f, &(0x7f0000000b00)="$eJzs3E9oXMUfAPDve7tp++u/5Ffrn9ZWo1UM/kmatGoPXhQFDwqCHuoxJmmp3TbSRLAlaBSpRyl4F4+Cd8GTJ1FPgle9S6FoEFq9uPJ230uzm900fzbd2P18YNuZN/PezDBv3s7O7CaAnjWY/ZNE7I6IXyKivx5tzDBY/+/GwtzEXwtzE0lUq6//ntTyXV+YmyiyFuftyiNDaUT6cZIX0mjm4qWz45XK1IU8PjJ77p2RmYuXnjpzbvz01Omp82MnThw/NvrsM2NPd6SdWZ2uH3x/+tCBl9+88urEyStv/fBVVt97DtfTl7ajUwazhv9RrWlOe7TThXXZP9Wb7UzK3a4Nq1WKiKy7+mrjvz9KcbPz+uOlj7paOWBTZc/s7e2T56vAHSyJbtcA6I7ijT77/Fu8btPUY0u49nz9A1DW7hv5q55SjjTP07eJ5Q9GxMn5vz/PXtG0DlFtsW4AALBR32bznyeXz/9qeyNL8iX53tBARPw/IvZFxF0RsT8i7s7z3hsR962x/OatoesLc2njkfTqOpu2Ktn877l8b6tx/rdYjYFSHttTa39fcupMZepoROyNiKHo257FR1tdvLjEiz9/2q78pfO/7JWVX8wF84tcLTct0E2Oz453alJ67cOIg+VW7U8WdwKyvj8QEQfXdum9ReDM418eapfp1u1fQQf2mapfRDxW7//5qLc/T5lfzJOsvD85siMqU0dHirtiuR9/uvxau/I31P4OyPp/Z+P935Sj/89k6X7tzNrLuPzrJ20/U5bXef9vS96o7Vlvy4+9Nz47e2E0YlvySi3ecHzs5rlFvMiftX/oSOvxvy8/J2v//RGR3cSHI+KBiHgw77uHIuLhiDiyQvu/f+GRt9ulbYX+n2z5/Fv8FsBAY/+vPVA6+9037cpf3fPveC00lB+pPf9uoXg0LK/OjjxlvXczAAAA/PekEbE7knR4MZymw8P178vvj51pZXpm9olT0++en6z/RmAg+tJipat/yXroaFKsl9XjY/lacZF+LF83/qz0v1p8eGK6MtnltkOv29Vm/Gd+KzVl3tGNGgKbyu+1oHc1j/+0S/UAbj/v/9C7jH/oXcY/9K5W4/+DpnjzXgBwZ/D+D73L+IfeZfxD7zL+oSdt5Hf9KwW+3sDp5eh8fQQ6HYh0S1RDoEWgvGx074mISvEXeVY8PYmILNDFhxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAH/RsAAP//KdXnsw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff39b36732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1ba"], 0x1, 0x551b, &(0x7f000000b2c0)="$eJzs3L1vG2UYAPDnkqbflAgxsPWkCimRaqtO0wq2Aq34EK2iAgMTOLZjubV9Uew4IRMDI2Jg5p9AIDEx8jcwMLMhBhAbEsh3F2j4kIjixCT5/aTzc+/r1889r1VVeu4iB3Bqzae//JTElbgQEbMRcTkiP0/KI3enCM9FxNWImHniSMr5PybORsTFiLgyTl7kTMq3Pr0+unbrxzd+/vrbc2cuff7Vd9PbNTBtz0dEb7043+oVMWsX8VE5Xx918pjEKI+95eKN3uNynBVxq7WaZ9iq766r5/Fmu1ifrW8OxnGtW2+MY7uzls+v94sLDkbt3Tz5Bx7VN/Jxs7Wax84gy2N7p6hre6f4v21nMCzyNMt8H+TpYzjcjcV8a7tV7Gf9cR4b/WE5X+TNmq3tcRyVsbxcNLJuM69j9SDf9P/bm53+5nY6am0MOlk/vVWtvVCt3a7UNrJma9hartR7zdvL6UK7O15WGbbqvTvtLGt3W9VG1ltMF9qNRqVWSxfutlY79X5aq1VvVm9Ubi2WZ9fTVx+8k3ab6cI4vtzpbw473UG6lm2kxScW06XqzRcX02u19K37K+nKw3v37q+8/d7ddx+8dP/1V8pFfysrXVi6sbRUqd2oLNUWT9H+PyqLnuD+4UCS/S0/d1h1ABwj+n9gGvbT//eW99P/bzyMOPz+P/T/E3Gs+t9D6/8/O7X7hwPZZ/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDJ8f3cF6/lJ/PF+FI5/1Q59Uw5TiJiJiJ++wezcXZPztkyz9y/rJ/7Sw3fJJFnGF/jXHlcjIg75fHr04f9LQAAAMDJ9eWHVz8puvXiZX7aBXGUips2M5ffn1C+JCLm5n+YULaZ8cuzE0qW//s+E9sTypbfwDo/oWTFLbczk8r2n8zuCeefCEkRZo60HAAA4Ejs7QSOtgsBAADgKH087QKYjiR2H2XuPgvO//L+zweCF/aMAAAAgGMomXYBAAAAwKHL+3+//wcAAAAnW/H7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zs795KYNRHEAfja40H8qqrpvj9IdHKNH6LLLigP0EhyBXiEX4AxklyNEEOFxUIiSKIrHtkK+TzLDWPDzM8KLmZEGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLl9V68f/v939tc3b7dl542R9t6wYAAIC3YFutF/WbWep/bM5/bk59bfpFRJQR8dDYfRTvTjJHTU71yOerezVcRNQJh2tMmuNDRPxsjusvXf8KAAAAcL42y9U8jdbTy2zoguhTmrQpP/3KlFdERDW7ypRWHvK+ZQqr/9/j+JMprZ7AmmYKS1Nu41xpz1I/7sdZu+mdpkhN+fT3s907AADQo9FJ0+8oBAAAgD79HroAhlHE7VLmcSlwkppmee/9SQ8AAAB4hYqhCwAAAAA6V4//7f8HAAAA5y3t/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECXttV6sVmu5m1zdvt28twNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA37M87CoRAGITB3vWdydz/sNKgqalJFQgff2MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxP7cpAIJAGAa3sq9/4f0PGy/oGSKYAeFhFwUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+5J6xjFPrjC3xVFXLNLFn3KvqyCpxZpW4cqGPB1v/8EcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzv38xpHFQcA/M3MziatimuUPUTEgge92HRbW3sTD0rw4J8ghHRbY7f+aHOwpQi5eJOcexE9ighKvPV/6LmFXuqthz1U8FyZX8nkx2EVdmaT/XzgzfvOMMz7vlkI+e57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAPuMP9+IkO/SKOC6vPXx2dz3rHx3oM/e3Hy9nLYujJpM+Ht6on0T92sli88kAAAAwH5Kqvg8hPEl3VrM+7uX1f1rdk9X8P71UxFU9f7Dur/qq9s/an388fW13oF4xTvbQqxuj4bnDqXSmN8sZ9vzlCW7q5G8+/+4lyT+Q+JOtV8dp/j6jHx48+KibhwvTTxcA+H/OVn0ZVL8PZf2gzcQAmBudWuFd1f9Jr92cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJow3govVHEUQlju7MWZR8/urh/V399+vFy1S/fubdefmT0iDSFc3RgNz4XFBmcz227dvnN9bTQa3mw+eDOE0NboH5TTv/7ZBDeHMKU0zrT05ucsiMsPe1byOR5Biz+UAAA4kdKyZXX9k3RnNbsWLYXw/Of99f/btThMWP8//fzSw/pY9fp/0NgMZ9/K5o2vV27dvvPuxo21a8Nrwy/fOz94f3Dh8sWLl1fy70qKY9tpAgAAcIx1y1av/+Olw+v/p2v3hwnr/29+HHxXHytR/x9pb9Gv7UwAAADm2ytn/vk7OuJ61O2Gb9c2N28OiuPu+fni2EKq/9lC2er1f7LUdlYAAABAE8Zb0b71/yu1OEy4/v/iL6//Vn9mEkI4Va7/n13/anSluenMtKn88fBC+XA7CwAAACjr8VMH1v/TfP9/vLvlIQ4hvPNWEZf/BnCi+j/5+Ptf62PV9/9faG6KMynuF+8j7/shdPptZwQAAMBJtpi3Xl7//5XurH7x++lPu/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADTt3wAAAP//Rz47fg==")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$inet_udplite(0x2, 0x2, 0x88)
sched_setscheduler(0x0, 0x1, &(0x7f00000003c0)=0x6)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc086, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000640)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="000005"], 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000740)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x240, 0x0, 0x0, 0x148, 0x0, 0x148, 0x1a8, 0x240, 0x240, 0x1a8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast1, 0x0, 0x0, 'macvtap0\x00', 'virt_wifi0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)
getpriority(0x2, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}})

12.49253454s ago: executing program 3 (id=3270):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000fd00000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0xfff, 0x7, 0x1004, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000240)='./file0\x00', 0x80028, &(0x7f0000000500)={[{@noauto_da_alloc}, {@min_batch_time={'min_batch_time', 0x3d, 0x7}}, {@data_writeback}, {@quota}, {@oldalloc}, {@noinit_itable}, {@errors_remount}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@acl}, {@nobarrier}, {@journal_dev={'journal_dev', 0x3d, 0x1c}}], [{@appraise_type}]}, 0x4, 0x484, &(0x7f0000000e40)="$eJzs281vG0UfAODfOk6afrxN3lI+WloIFETER9KkBXrgAAgkDiCB4FBuhCStStMGNUGiVQUBoXJElTiDOCLxF3DihIATEle4o0oVVEgtXDBae9eNjTckqV2n8fNITmc8szsznZ31eMYbQM8aSf8kETsi4ueIGKpFGzOM1P65duX89J9Xzk8nUam8+ltSzXf1yvnpPGt+3PYsMlqKKH2UZIU0Wjh77uTU3NzsmSw+vnjq7fGFs+ceO3Fq6vjs8dnTk0eOHD408eQTk4+3pZ1pna7ufW9+354XXr/40vTRi29+/1Va3zv219KXt6P+/3KDRtKz/F6pak57sA3n30j+rlxvZ1Ludm1Yrb6ISLurvzr+h6IvrnfeUDz/YatjSjezgkDHpPfsLcXJSxVgE0ui2zUAuiP/oE+//2avp2/S1GNDuPxM7QtQ2vZr2auWUq5/z+nvYPkjEXF06a/P01c0rUNUmtcN3uhgRQCAnvFNOv95tGH+V51/VPdGluVLsr2h4Yj4f0TsiojbImJ3RNye5b0zIu5aY/nN+yzN+zARpUvrbNqqpPO/p7K9rcb5X32Ve7gvi/2v2v7+5NiJudmDEbEzIkajf0san2h18vwUz/30SVH5y+d/6SstP58LZie5VG5aoJuZWpxq16T08gcRe8ut2p/UdwLSvt8TEXvrR21dzal35oETD3+5ryjTf7d/BW3YZ6p8EfFQrf+Xoqn9uWTl/cnxwZibPTieXxX/9sOPF14uKv+G2t8Gaf9va7z+m3IM/ZEs369dWHsZF375eLoorbzO638gea26Zz2Qvffu1OLimYmIgeTFarzh/cnrx+bxPH/a/tEDrcf/ruyYtP13R0R6Ee+PiHsi4t6s7+6LiPsj4sAK7f/u2QfeKkrbCP0/0/L+V7/+hxv7f+2BvpPffl1U/uruf4erodHsner9r9jZ9E9xdQazbOu9mgEAAODWU4qIHZGUxurhUmlsrPZ7+d2xrTQ3v7D4yLH5d07P1J4RGI7+Ur7SNbRsPXQiWaqdcKAWn8zWivP0Q9m68ad9W6vxsen5uZluNx563PaC8Z/6ta/btQM6zvNa0Luax78H/KB3+PyH3rXu8Z+0tx7AzefzH3pXq/H/flPcXgBsTj7/oXcZ/9C7jH/oXQXj388AYHO7kef6OxUor/D0/i0ReOWziA1Qjc4GolScZ/BW78HVBQY36iAqr6ViMRjRIqmLNyUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA2+icAAP//4FXsCQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
r7 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_opts(r7, 0x29, 0x3b, &(0x7f0000000d80)=ANY=[@ANYBLOB], 0x48)
r8 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r8, 0x1, 0x3c, 0x0, 0x0)
connect$inet6(r8, &(0x7f00000004c0)={0xa, 0x4e23, 0x0, @empty}, 0x1c)

11.332680786s ago: executing program 3 (id=3273):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0xfff, 0xa, 0x1004, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x3, 0x1004, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000e8000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000080000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000280)='netlink_extack\x00', r6}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000400000008000500", @ANYRES32=r8], 0x20}}, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

10.484484056s ago: executing program 3 (id=3276):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000000002}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket(0x1e, 0x1, 0x0)
connect$tipc(r4, &(0x7f00000000c0)=@id={0x1e, 0x3, 0x1, {0x4e23}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
setreuid(0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmsg$NL80211_CMD_GET_SCAN(r4, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x28, 0x0, 0x300, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x3, 0x63}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0xa011}, 0x4000010)
r6 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r6, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r6, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}, 0x1f}, 0x5c)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000700)=ANY=[@ANYBLOB="e0010000100033060000000000000000fc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000019316af227f52fdec617b5035348389d81413af3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414000000000000000000000000000000000032000000fe88000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0001000000000000000000d4000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600400005ed06947fcd8102b2b87518f2eabdc1a75006cc0b8440b6028814c3d0fccf14cb8808db9170493243ec9dcbad06f0714f5178376d7bdfb5c542339eb18eb3932498f0b0b26464955f9376b8e9491f14beeac23770a07638db98257d6d217fcf2da0fd6e9e863b423f47f6ccfc90ec112b050ca783d953c352dd5bd4820deb474fc50d585aa3642a6d16429061c000400"/408], 0x1e0}}, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

9.400692764s ago: executing program 3 (id=3278):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000140001000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
close(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2802, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
dup3(r4, r0, 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
write$binfmt_misc(r5, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_ext={0x1c, 0x8, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@jmp={0x5, 0x1, 0x8, 0x9, 0x3, 0x40, 0xfffffffffffffff0}, @map_val={0x18, 0x1}, @alu={0x7, 0x1, 0x2, 0x3, 0x8, 0x100, 0x1}, @call={0x85, 0x0, 0x0, 0xbf}]}, &(0x7f0000000000)='syzkaller\x00', 0x6, 0xfd, &(0x7f0000000440)=""/253, 0x41100, 0xe, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f00000005c0)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000600)={0x1, 0x9, 0x0, 0x6eb80}, 0x10, 0x2c76, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x84, @void, @value}, 0x94)
io_setup(0x8, &(0x7f0000004200)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000340)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

8.468603574s ago: executing program 3 (id=3279):
syz_mount_image$f2fs(&(0x7f0000000180), &(0x7f00000000c0)='./bus\x00', 0x8, &(0x7f0000000640)={[{@nogc_merge}, {@checkpoint_diasble}, {@alloc_mode_def}, {@fastboot}, {@inline_data}, {@nogc_merge}, {@inline_data}, {@acl}, {@heap}, {@noinline_data}, {@noextent_cache}, {@compress_chksum}, {@jqfmt_vfsold}, {@noextent_cache}, {@nouser_xattr}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3D9vG2UYAPDHSdP/lAgxsPWkCimRaqtOmwq2AK34I1JFBQYmcGzHcmv7othxQiYGRsTAN0EgMTHyGRiY2RADiA0J5Ltz2wCVkGLHpPn9pPNz7+vXzz2vVVV67iIHcGotJr//WoorcSEi5iPicsSj89J40VoeXoqIqxEx98RRKuYfTZyNiIsRcWWU/HGe0VtfXh9eW/3lnd++++HcmUtfffvj7HYNzNrLEdHdzs/3unlMW3l8UMzXhu0sdm8Ni5i/0X1YjNM87jU3swx7tfG6WhZvtvL16fZufxS3OrX6KLbaW9n8di+/YH/YGufJPvCgtpONG83NLLb7aRZbB3ld+wf5/20H/UGep1Hk+yRLH4PBOObzzf1mvp/th1ms9wbFfJ43bTT3R3FYxOJyUU87jayOzaN80/9v77Z7u/vJsLnTb6e9ZLVSfaVSvV2u7qSN5qB5q1zrNm7fSpZandGy8qBZ66610rTVaVbqaXc5WWrV6+VqNVm609xs13pJtVq5WblRXl0uzq4nb977IOk0kqVRfL3d2x20O/1kK91J8k8sJyuVm68uJ9eqyXvrG8nG/bt31zfe/+jOh/deW3/7jWLRP8pKllZurKyUqzfKK9XlU7T/z4qiJ7h/OJLSrAsAOHme1v+X9P/AFE2v/9+5HzH9/j/0/xNxovrf097/T2H/cCT6fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAU+unha/fyk4W8/GlYv65YuqFYlyKiLmI+PNfzMfZQznnizwLT1m/8Lcavi9FlmF0jXPFcTEi1orjj+en/S0AAADAs+ubT69+kXfr+cvirAviOOU3beYufzyhfKWIWFj8eULZ5kYvL04oWfbv+0zsTyhbdgPr/ISS5bfczkwq238yfyicfyKU8jB3rOUAAADH4nAncLxdCAAAAMfp81kXwGyUYvwoc/wsOPvL+8cPBC8cGgEAAAAnUGnWBQAAAABTl/X/fv8PAAAAnm357/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAX+zcz23iQBQH4GeDF/afFq32vq3sDcrYEva4x4gC0gQF5EBaSAPUQG4pIYIIj0Mg4hDJY1uJvk9yJmOZH28QHGZGGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv31Xpxe/X7um3Obt9OntEAAAAAl2yr9aL+Z5b6X5v735tbP5t+ERFlRFyau4/i01nmqMmpXp6/OX2+elXDXUSdcHiPSXN9iYg/zfX4o+tPAQAAAD6uzXI1T7P19Gc2dEH0KS3alN/+ZsorIqKaPWRKKw95vzKF1d/vcfzPlFYvYE0zhaUlt3GutDepf+7HVbvpSVOkprz4smOR2cYOAAD0aHTW9DsLAQAAoE//hi6AYRTxvJV53AqcpKbZ3vt81gMAAADeoWLoAgAAAIDO1fP/ns7/2zv/DwAAAIaRzv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS9tqvdgsV/O2Obt9O3lGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDmd3/5PzE1ziRzr42l55Fk7dTYOjX2zo2jP4yvXwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFzP69xVHEAwN/M7GxtVVyj7CEiCh70Yrfb2tqbeFCCB/8EIaTbGrv1R5uDLUXMxZvk3IvoUURQ4q3/Q84J5BJvOewhgmdlZmeykx/g+mtmk3w+8OZ9dxjmfd8shHznvQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDS6O1JnGSHzjiOi3Obew+Xsn7rUJ95vLY9n7UsjupM+mR4sfoh6jaXCAAAAGdHUtb3IYSddH0h6+NOXv+n5TVZzf/t0+O4rOcP1/1lX9b+Wfvl593n9wfqjMfJbnpzeTi4dDSV1v83y9n2zF9e0cqffP7uJcm/kPi91edGaf48o683Nt5p5+G5OrIFAP6Ji2VfBOXvQ1nfbzIxAM6MVqXwLuv/pNNsTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1GK2GJ8s4CiHMtyZxZmvv4dJx/eO17fmyXXv0aC18Oblndos0hHBzeTi4VOtsZtu9+w9uLw6Hg7v1By+FEJoa/a1i+rc/mOLiEBp5PoL/KIiLL3tW8jkZQYM/lAAAOJXSomV1/U66vpCdi+ZC+OO7g/X/q5U4TFn/7354bbM6VrX+79c2w9nXW7nzae/e/QevL99ZvDW4Nfj4jcv9N/tXrl+9er2XvyvpeWMCAADAv9MuWrX+j+eOrv9fqMRhyvr/s2/6X1THStT/x5os+jWdCQAAwNn27Mu//xYdcz5qt8Pniysrd/vj4/7ny+NjA6n+beeKVq3/k7mmswIAAADqMFqNDqz/36jEYcr1/6e+f+HH6j2TEML5Yv3/4tInwxv1TWem1fHnxE3PEQAAgGadL1p1/T/N9//H+1se4hDCa6+M4+LfAE5V/yfvfvVDdazq/v8r9U1xJsXd8fPI+24IrW7TGQEAAHCaPVG0rNj/NV1f+OinC++37f8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqNufAQAA//9Hjj6U")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
open(&(0x7f00000002c0)='./file0\x00', 0x14937e, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6a000}], 0x1, 0x7000, 0x0, 0x3)
r2 = gettid()
rmdir(0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
r3 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r3, 0x0)
accept4$unix(r3, 0x0, 0x0, 0x0)
gettid()
pipe(0x0)
ptrace(0x10, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x140030})
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_usb_connect$uac1(0x3, 0x10d, &(0x7f0000000900)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xfb, 0x3, 0x1, 0x4, 0x10, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7fff, 0xb}, [@output_terminal={0x9, 0x24, 0x3, 0x5, 0x303, 0x4, 0x1, 0x8}, @input_terminal={0xc, 0x24, 0x2, 0x5, 0x203, 0x5, 0x9, 0x0, 0x10, 0x81}, @processing_unit={0xc, 0x24, 0x7, 0x3, 0x0, 0x13, "7c8b33fcd1"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x0, 0x3, 0x4, 0x8, "fc", "d0fe29"}, @format_type_ii_discrete={0x10, 0x24, 0x2, 0x2, 0xffff, 0x0, 0x1a, "9102ef43ab6372"}, @format_type_ii_discrete={0x10, 0x24, 0x2, 0x2, 0xb2, 0x8, 0xb, "e73241f58bb5f0"}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x5, 0x1, 0x84, 0x3, "fb71b7", "a3"}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x9, 0x9, 0x66, {0x7, 0x25, 0x1, 0xc3, 0x8, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x795, 0x8, 0x4, "2e0a92"}, @format_type_ii_discrete={0xd, 0x24, 0x2, 0x2, 0x4, 0x7, 0xa, "4fac79a6"}, @format_type_i_discrete={0x11, 0x24, 0x2, 0x1, 0x3a, 0x3, 0x1, 0x3, '\x00\x00\x00\x00\x00\x00\x00\x00\x00'}, @as_header={0x7, 0x24, 0x1, 0x9, 0x0, 0x3}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x9, 0x3, 0x9, 0x0, "235293"}, @as_header={0x7, 0x24, 0x1, 0x4d, 0x4, 0x1001}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0xbe, 0x40, 0x0, {0x7, 0x25, 0x1, 0x82, 0x2, 0x25}}}}}}}]}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

3.759395898s ago: executing program 0 (id=3294):
openat2$dir(0xffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f0000000280)={0x606000, 0x109, 0x2}, 0xffffffffffffff2b)

3.492113759s ago: executing program 0 (id=3297):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b040000000000000000020000004c000480480001800a000100696e6e65720000003800028008000240000000ff0800034000000007080004400000000f080001400000000014000580090001006d65740200000000040002800900010073797a30000000000900020073797a32"], 0xa0}}, 0x0)

3.419656238s ago: executing program 0 (id=3299):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x0, 0x0, 0x8007, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
pipe(0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00f3ffffffff21e8ae50d0cf0dc0248fc51c340008000800000000000000005a1d2edab32de6d900000000000000db00"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x300, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x8000000003ff}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r5, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f000076e000/0x4000)=nil, 0x400000, 0x0, 0x2})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1400090000ce", @ANYRES32, @ANYBLOB="1000"/20, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)

3.14947211s ago: executing program 0 (id=3310):
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x1, &(0x7f0000000040), &(0x7f0000000180)=0xfffffffffffffc94)

3.068298749s ago: executing program 0 (id=3311):
syz_usb_connect$printer(0x2, 0x0, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001500)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100000000000000000002"], 0x28}}, 0x0)

2.38130241s ago: executing program 2 (id=3321):
pipe(0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0xfffffffb, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.985844247s ago: executing program 0 (id=3327):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x5b04, 0x0)

1.408660925s ago: executing program 2 (id=3338):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r2, r2, 0x0)
setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, 0x0, 0x0)

1.408370295s ago: executing program 2 (id=3339):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000001bc0)={'batadv_slave_1\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000003c0)={@remote, 0x1d, r2})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000b80)={'batadv_slave_1\x00', <r5=>0x0})
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000300)={@remote, r5}, 0x14)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, 0x0, 0x0)

1.407948765s ago: executing program 2 (id=3340):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)={0x110, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x66, 0xe, {{{}, {0x7fbf}, @device_b, @device_b, @initial, {0x0, 0x9}}, 0x0, @default, 0x0, @val, @val={0x1, 0x2, [{0x12}, {0x4}]}, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a, {0x8000}}, @void, @val={0x71, 0x7, {0x0, 0x0, 0x0, 0x0, 0xfc}}, @val={0x76, 0x6}}}, @NL80211_ATTR_BEACON_TAIL={0x73, 0xf, [@preq={0x82, 0x41, {{0x0, 0x1, 0x1, 0x0, 0x1}, 0xc, 0x2, 0x59, @broadcast, 0x2, @value=@broadcast, 0x2, 0x5f49, 0x3, [{{}, @device_a, 0x2}, {{0x1}, @broadcast, 0x1}, {{0x1, 0x0, 0x1}, @device_b, 0x9}]}}, @supported_rates={0x1, 0x3, [{0x60, 0x1}, {0x60, 0x1}, {0x5, 0x1}]}, @mesh_chsw={0x76, 0x6, {0x0, 0x3, 0x2a, 0x81}}, @sec_chan_ofs={0x3e, 0x1, 0x3}, @ht={0x2d, 0x1a, {0x400, 0x1, 0x5, 0x0, {0x81, 0x9, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1}, 0x800, 0xdf66, 0x4}}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x110}}, 0x0)

1.397061086s ago: executing program 2 (id=3341):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syncfs(r0)

1.396601076s ago: executing program 2 (id=3342):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
userfaultfd(0x80001)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb2361000000010902"], 0x0)
inotify_init1(0x800)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4affeeaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r2, @ANYRES32=r2], 0x44}}, 0x0)

999.941183ms ago: executing program 4 (id=3343):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r2, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

989.937154ms ago: executing program 4 (id=3344):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x34c, 0x18c, 0x2b8, 0x182, 0x18c, 0x0, 0x284, 0x3a8, 0x3a8, 0x284, 0x3a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x164, 0x18c, 0x0, {0x0, 0xe0ffff00000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "83f0a574725c23587dcfbd695650fe91ad9f7783f34f23315a573f167f755eaff4d665d219fa653cdfd7ee1092b07e243bd3e81b17fa1a6a18d79ae45b76f817515ec14cdf53d785cfe1d638f578cf51801a954830bfb97c4595e7b07b7147a846d1a230f2e1053fd68b5c45f2847c271539bdbd0f149a701a72fc1f87ab788a"}}]}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0xc8, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24, '\x00', 0x0, 0xfffffffb}}}}, 0x3a8)

940.56354ms ago: executing program 4 (id=3345):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000005304"], 0x14}}, 0x0)

940.02702ms ago: executing program 4 (id=3346):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080000000200400", @ANYRES32, @ANYBLOB="00000000ffff0000000000000000000072bd3cf62b6efcbcc5e2283900000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x16, 0x17, &(0x7f0000000140)=ANY=[@ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r1, @ANYRESOCT=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000008000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b807200500000000", &(0x7f00000004c0)=""/18, 0x1004, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x23)
syz_open_dev$usbfs(&(0x7f0000000040), 0x77, 0x101301)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001300)={0xc, {"a2e3ad214fc752f91b4847f70e06d038e7ff7fc6e5539b326d078b089b3b083872090890e0878f0e1ac6e7049b3367959b669a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31300d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f097e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f028dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c000003716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f22b625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b611fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47afed367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0xfffffffffffffebd}}, 0x1006)
ioctl$PIO_UNIMAP(r4, 0x4b67, &(0x7f00000002c0))
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
read$FUSE(r4, &(0x7f0000002340)={0x2020, 0x0, 0x0, <r5=>0x0}, 0x2020)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000140)=@md0, r5, &(0x7f0000000300))
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r6, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0)
socket$packet(0x11, 0x2, 0x300)
mount(0x0, 0x0, 0x0, 0xf6ff, 0x0)

506.012911ms ago: executing program 1 (id=3348):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000002f00)={0x0, <r1=>0x0}, 0x8)
r2 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r1, 0x4)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r2, r0}, 0x10)

456.426587ms ago: executing program 1 (id=3349):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x78, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @multicast2}]}, {0xffffffffffffff52}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0)

456.094807ms ago: executing program 1 (id=3350):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x14, 0x11, 0x0, 0x1, @match={{0xa}, @val={0x4}}}]}], {0x14, 0x10}}, 0x78}}, 0x0)

455.643367ms ago: executing program 1 (id=3351):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x141202, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/snmp\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioprio_get$pid(0x2, 0x0)
read(r2, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)={0x48, r3, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_KEY={0x28, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "61cce2444181321f0e8c4ae529500443"}, @NL802154_KEY_ATTR_ID={0x8, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x8}, 0x20000810)
setpriority(0x2, 0x0, 0x3)

55.450864ms ago: executing program 1 (id=3352):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)={0x58, r1, 0x1, 0x70bd29, 0x1000000, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x7}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x7}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

46.155115ms ago: executing program 4 (id=3353):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = fcntl$dupfd(r0, 0x0, r1)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDSIGACCEPT(r2, 0x400455c8, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = io_uring_setup(0x79af, &(0x7f0000001240))
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r4 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r4, &(0x7f000047b000)={0xa, 0x4e20, 0x4, @loopback}, 0x1c)
listen(r4, 0x20000005)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x20000ff9, &(0x7f0000000240)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000600), 0x4)
recvmsg(r5, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
r6 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
accept4(r4, 0x0, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

400.941µs ago: executing program 1 (id=3354):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000340)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x3, 0x84}]}}}}}}}, 0x0)

0s ago: executing program 4 (id=3355):
socket(0x2c, 0x1, 0x1000)
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, &(0x7f0000000080)='l', 0x1)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r2, 0xc0f85403, &(0x7f0000000040)={{0x1}, 0x0, 0x0, 'id0\x00', 'timer1\x00'})
r3 = socket(0x10, 0x803, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0)
getsockname$packet(r3, &(0x7f0000000740)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x20}}, 0x0)
syz_usb_disconnect(r0)

kernel console output (not intermixed with test programs):

): bridge0: link becomes ready
[ 1009.369610][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1009.377555][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1009.391923][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1009.439552][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1009.758730][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1009.766132][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1009.774231][T15348] device veth0_vlan entered promiscuous mode
[ 1009.788069][T15348] device veth1_macvtap entered promiscuous mode
[ 1011.073594][T15162] usb 3-1: Using ep0 maxpacket: 16
[ 1011.174041][ T8951] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[ 1011.181924][ T8951] usb 5-1: USB disconnect, device number 99
[ 1011.204917][T15162] usb 3-1: config 172 has an invalid descriptor of length 126, skipping remainder of the config
[ 1011.215605][T15162] usb 3-1: config 172 has 0 interfaces, different from the descriptor's value: 1
[ 1011.224599][T15162] usb 3-1: New USB device found, idVendor=056a, idProduct=00fa, bcdDevice= 0.00
[ 1011.233816][T15162] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1011.250635][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1011.293277][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1011.301727][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1011.547366][T15396] loop1: detected capacity change from 0 to 512
[ 1011.794800][ T8951] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[ 1011.914518][T15396] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1011.936604][T15396] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.3126: bg 0: block 248: padding at end of block bitmap is not set
[ 1011.964772][T15162] usb 3-1: string descriptor 0 read error: -71
[ 1011.965977][T15396] Quota error (device loop1): write_blk: dquota write failed
[ 1011.975232][T15162] usb 3-1: USB disconnect, device number 102
[ 1011.980935][T15396] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 1011.994117][T15396] EXT4-fs error (device loop1): ext4_acquire_dquot:6764: comm syz.1.3126: Failed to acquire dquot type 1
[ 1012.008884][T15396] EXT4-fs (loop1): 1 truncate cleaned up
[ 1012.014587][T15396] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1012.099963][T15402] loop2: detected capacity change from 0 to 40427
[ 1012.106938][T15402] F2FS-fs (loop2): Invalid segment/section count (24 != 24 * 3)
[ 1012.114777][T15402] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1012.122936][T15402] F2FS-fs (loop2): heap/no_heap options were deprecated
[ 1012.124656][T14884] EXT4-fs (loop1): unmounting filesystem.
[ 1012.132531][T15402] F2FS-fs (loop2): Image doesn't support compression
[ 1012.144244][T15402] F2FS-fs (loop2): invalid crc value
[ 1012.153536][T15402] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1012.188743][T15402] F2FS-fs (loop2): Start checkpoint disabled!
[ 1012.195481][T15402] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1012.202360][T15402] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1012.227203][T15402] syz.2.3129: attempt to access beyond end of device
[ 1012.227203][T15402] loop2: rw=2049, sector=77824, nr_sectors = 848 limit=40427
[ 1012.313114][ T8951] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1012.324348][ T3712] device bridge_slave_1 left promiscuous mode
[ 1012.330368][ T8951] usb 5-1: config 0 has no interfaces?
[ 1012.333444][ T3712] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1012.335911][ T8951] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1012.353711][ T3712] device bridge_slave_0 left promiscuous mode
[ 1012.364070][ T8951] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1012.369016][ T3712] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1012.380241][ T8951] usb 5-1: config 0 descriptor??
[ 1012.395464][ T3712] device veth1_macvtap left promiscuous mode
[ 1012.408604][ T3712] device veth0_vlan left promiscuous mode
[ 1012.574783][T15162] usb 3-1: new high-speed USB device number 103 using dummy_hcd
[ 1012.601693][T15420] loop3: detected capacity change from 0 to 40427
[ 1012.614344][T15420] F2FS-fs (loop3): Invalid segment/section count (24 != 24 * 3)
[ 1012.622926][T15420] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1012.694126][T15420] F2FS-fs (loop3): heap/no_heap options were deprecated
[ 1012.701502][T15420] F2FS-fs (loop3): Image doesn't support compression
[ 1012.715194][T15420] F2FS-fs (loop3): invalid crc value
[ 1012.721660][T15420] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1012.771212][T15420] F2FS-fs (loop3): Start checkpoint disabled!
[ 1012.786832][T15420] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1012.801015][T15420] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1012.835744][ T3712] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1012.880194][T15420] syz.3.3134: attempt to access beyond end of device
[ 1012.880194][T15420] loop3: rw=2049, sector=77824, nr_sectors = 848 limit=40427
[ 1012.974796][T15162] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1012.992131][T15162] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1013.016763][T15162] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1013.214793][T15162] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1013.224642][T15162] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1013.233208][T15162] usb 3-1: Product: syz
[ 1013.237843][T15162] usb 3-1: Manufacturer: syz
[ 1013.242895][T15162] usb 3-1: SerialNumber: syz
[ 1013.454820][ T9786] usb 1-1: new high-speed USB device number 122 using dummy_hcd
[ 1013.744766][ T9786] usb 1-1: Using ep0 maxpacket: 32
[ 1013.896491][ T9786] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1013.906564][ T9786] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1013.915370][ T9786] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1013.924183][ T9786] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1013.932798][ T9786] usb 1-1: config 0 descriptor??
[ 1014.324746][  T311] usb 2-1: new full-speed USB device number 112 using dummy_hcd
[ 1014.694808][  T311] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1014.705701][  T311] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1014.715240][  T311] usb 2-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 1014.724055][  T311] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1014.732969][  T311] usb 2-1: config 0 descriptor??
[ 1014.844827][ T3874] Bluetooth: hci0: command 0x1003 tx timeout
[ 1014.844911][T12313] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1015.215650][  T311] samsung 0003:0419:0600.00D9: item fetching failed at offset 1/5
[ 1015.223395][  T311] samsung 0003:0419:0600.00D9: parse failed
[ 1015.229063][  T311] samsung: probe of 0003:0419:0600.00D9 failed with error -22
[ 1015.416495][T15438] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1015.424967][T15438] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1015.434472][  T311] usb 2-1: USB disconnect, device number 112
[ 1015.873306][  T311] usb 5-1: USB disconnect, device number 100
[ 1015.943813][T15443] loop1: detected capacity change from 0 to 512
[ 1015.950315][T15443] EXT4-fs: Ignoring removed orlov option
[ 1015.956461][T15443] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1015.964079][T15443] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a000e09c, mo2=0002]
[ 1015.972227][T15443] System zones: 1-12
[ 1015.976656][T15443] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.3139: casefold flag without casefold feature
[ 1015.989423][T15443] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.3139: missing EA_INODE flag
[ 1016.002201][T15443] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3139: error while reading EA inode 12 err=-117
[ 1016.016029][T15443] EXT4-fs (loop1): 1 orphan inode deleted
[ 1016.022854][T15443] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1016.043102][T15448] FAULT_INJECTION: forcing a failure.
[ 1016.043102][T15448] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1016.056130][T15448] CPU: 1 PID: 15448 Comm: syz.4.3138 Not tainted 6.1.99-syzkaller-00053-g5e1f4bb11f0d #0
[ 1016.065756][T15448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1016.075658][T15448] Call Trace:
[ 1016.078770][T15448]  <TASK>
[ 1016.081545][T15448]  dump_stack_lvl+0x151/0x1b7
[ 1016.086061][T15448]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1016.091354][T15448]  dump_stack+0x15/0x1b
[ 1016.095345][T15448]  should_fail_ex+0x3d0/0x520
[ 1016.099860][T15448]  should_fail+0xb/0x10
[ 1016.103850][T15448]  should_fail_usercopy+0x1a/0x20
[ 1016.108707][T15448]  _copy_from_user+0x1e/0xc0
[ 1016.113145][T15448]  __sys_bpf+0x23b/0x7f0
[ 1016.117221][T15448]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[ 1016.122431][T15448]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1016.127900][T15448]  __x64_sys_bpf+0x7c/0x90
[ 1016.132149][T15448]  x64_sys_call+0x87f/0x9a0
[ 1016.136574][T15448]  do_syscall_64+0x3b/0xb0
[ 1016.140828][T15448]  ? clear_bhb_loop+0x55/0xb0
[ 1016.145338][T15448]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1016.151065][T15448] RIP: 0033:0x7f675e97dff9
[ 1016.155321][T15448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1016.174759][T15448] RSP: 002b:00007f675f7d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1016.183009][T15448] RAX: ffffffffffffffda RBX: 00007f675eb36130 RCX: 00007f675e97dff9
[ 1016.190822][T15448] RDX: 0000000000000048 RSI: 00000000200009c0 RDI: 0000000000000000
[ 1016.198623][T15448] RBP: 00007f675f7d4090 R08: 0000000000000000 R09: 0000000000000000
[ 1016.206437][T15448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1016.214337][T15448] R13: 0000000000000001 R14: 00007f675eb36130 R15: 00007fff2df50ed8
[ 1016.222157][T15448]  </TASK>
[ 1016.604827][T15162] usb 3-1: 0:2 : does not exist
[ 1016.610987][T15162] usb 3-1: USB disconnect, device number 103
[ 1016.618746][  T347] udevd[347]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1016.755289][T15453] loop4: detected capacity change from 0 to 1024
[ 1016.761734][T15453] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1016.770752][T15453] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1016.862089][T14884] EXT4-fs (loop1): unmounting filesystem.
[ 1016.909191][T14983] EXT4-fs (loop4): unmounting filesystem.
[ 1016.988863][T15463] loop1: detected capacity change from 0 to 512
[ 1016.996621][T15463] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1017.030473][T15463] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.3141: invalid block
[ 1017.781763][T15463] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3141: couldn't read orphan inode 11 (err -117)
[ 1017.794625][T15463] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1017.928548][T15162] usb 1-1: USB disconnect, device number 122
[ 1017.965564][T14884] EXT4-fs (loop1): unmounting filesystem.
[ 1017.989945][T15469] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3143'.
[ 1018.007630][T15469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3143'.
[ 1018.871515][   T28] audit: type=1326 audit(1729616316.814:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15472 comm="syz.1.3145" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdc7a37dff9 code=0x0
[ 1020.008842][T15492] 9pnet: Could not find request transport: fd0x0000000000000008
[ 1020.204726][   T19] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[ 1020.584848][   T19] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1020.594763][   T19] usb 2-1: config 0 has no interfaces?
[ 1020.600043][   T19] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1020.608901][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1020.617353][   T19] usb 2-1: config 0 descriptor??
[ 1021.934765][ T8951] usb 5-1: new full-speed USB device number 101 using dummy_hcd
[ 1021.990783][ T3712] kworker/u4:8: attempt to access beyond end of device
[ 1021.990783][ T3712] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[ 1022.059973][T15508] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.066878][T15508] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1022.073930][T15508] device bridge_slave_0 entered promiscuous mode
[ 1022.081612][T15508] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.088762][T15508] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1022.096210][T15508] device bridge_slave_1 entered promiscuous mode
[ 1022.148655][T15508] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.155521][T15508] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1022.162571][T15508] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.169580][T15508] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1022.191107][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1022.198848][ T1125] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1022.206270][ T1125] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1022.231088][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1022.239067][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.245906][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1022.253430][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1022.261645][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.268480][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1022.276112][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1022.283820][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1022.299610][T15508] device veth0_vlan entered promiscuous mode
[ 1022.305806][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1022.313897][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1022.321743][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1022.329008][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1022.342738][T15508] device veth1_macvtap entered promiscuous mode
[ 1022.348965][ T8951] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1022.359704][ T8951] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1022.370349][ T8951] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[ 1022.383238][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1022.391913][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1022.400290][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1022.434385][T15514] loop2: detected capacity change from 0 to 512
[ 1022.445046][ T3712] kworker/u4:8: attempt to access beyond end of device
[ 1022.445046][ T3712] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[ 1022.461518][T15514] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1022.474859][ T8951] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1022.486992][ T8951] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1022.499243][ T8951] usb 5-1: SerialNumber: syz
[ 1022.518625][T15514] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1022.529396][T15514] EXT4-fs (loop2): 1 orphan inode deleted
[ 1022.537858][T15505] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1022.537997][T15514] EXT4-fs (loop2): 1 truncate cleaned up
[ 1022.551234][T15505] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1022.551884][T15514] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1022.572252][T15515] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.579156][T15515] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1022.585117][ T8951] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[ 1022.586674][T15515] device bridge_slave_0 entered promiscuous mode
[ 1022.603523][   T28] audit: type=1400 audit(1729616320.554:336): avc:  denied  { mounton } for  pid=15513 comm="syz.2.3153" path="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[ 1022.609041][T15515] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.635865][T15508] EXT4-fs error (device loop2): ext4_lookup:1855: inode #16: comm syz-executor: iget: bad extra_isize 46 (inode size 256)
[ 1022.648571][T15515] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1022.655554][T15508] EXT4-fs error (device loop2): ext4_lookup:1855: inode #16: comm syz-executor: iget: bad extra_isize 46 (inode size 256)
[ 1022.668645][T15515] device bridge_slave_1 entered promiscuous mode
[ 1022.737641][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1022.745096][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1022.753459][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1022.761592][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1022.769611][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.776464][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1022.784136][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1022.787933][T15508] EXT4-fs (loop2): unmounting filesystem.
[ 1022.865955][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1022.874409][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1022.882832][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1022.890993][ T1125] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.897861][ T1125] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1022.990101][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1022.997871][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1023.008645][ T9957] device bridge_slave_1 left promiscuous mode
[ 1023.014580][ T9957] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1023.021857][ T9957] device bridge_slave_0 left promiscuous mode
[ 1023.027847][ T9957] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1023.035780][ T9957] device veth1_macvtap left promiscuous mode
[ 1023.041630][ T9957] device veth0_vlan left promiscuous mode
[ 1023.119550][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1023.127415][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1023.134712][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1023.146593][T15515] device veth0_vlan entered promiscuous mode
[ 1023.164878][ T3874] Bluetooth: hci0: command 0x1003 tx timeout
[ 1023.170715][T12313] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1023.182597][T15515] device veth1_macvtap entered promiscuous mode
[ 1023.193526][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1023.195275][   T19] usb 2-1: USB disconnect, device number 113
[ 1023.207420][T15523] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1023.214418][T15523] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1023.221974][T15523] device bridge_slave_0 entered promiscuous mode
[ 1023.231169][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1023.240092][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1023.249688][T15523] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1023.259399][T15523] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1023.267904][T15523] device bridge_slave_1 entered promiscuous mode
[ 1023.587561][T15539] FAULT_INJECTION: forcing a failure.
[ 1023.587561][T15539] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1023.600465][T15539] CPU: 0 PID: 15539 Comm: syz.3.3154 Not tainted 6.1.99-syzkaller-00053-g5e1f4bb11f0d #0
[ 1023.610137][T15539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1023.620023][T15539] Call Trace:
[ 1023.623144][T15539]  <TASK>
[ 1023.625922][T15539]  dump_stack_lvl+0x151/0x1b7
[ 1023.630442][T15539]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1023.635728][T15539]  ? do_vfs_ioctl+0xba7/0x29a0
[ 1023.640331][T15539]  dump_stack+0x15/0x1b
[ 1023.644322][T15539]  should_fail_ex+0x3d0/0x520
[ 1023.648844][T15539]  should_fail+0xb/0x10
[ 1023.652839][T15539]  should_fail_usercopy+0x1a/0x20
[ 1023.657686][T15539]  _copy_to_user+0x1e/0x90
[ 1023.661945][T15539]  simple_read_from_buffer+0xc7/0x150
[ 1023.667155][T15539]  proc_fail_nth_read+0x1a3/0x210
[ 1023.672011][T15539]  ? proc_fault_inject_write+0x390/0x390
[ 1023.677476][T15539]  ? fsnotify_perm+0x269/0x5b0
[ 1023.682076][T15539]  ? security_file_permission+0x86/0xb0
[ 1023.687457][T15539]  ? proc_fault_inject_write+0x390/0x390
[ 1023.693079][T15539]  vfs_read+0x26c/0xae0
[ 1023.697008][T15539]  ? kernel_read+0x1f0/0x1f0
[ 1023.701427][T15539]  ? mutex_lock+0xb1/0x1e0
[ 1023.705690][T15539]  ? bit_wait_io_timeout+0x120/0x120
[ 1023.710803][T15539]  ? __fdget_pos+0x2e2/0x390
[ 1023.715229][T15539]  ? ksys_read+0x77/0x2c0
[ 1023.719395][T15539]  ksys_read+0x199/0x2c0
[ 1023.723474][T15539]  ? vfs_write+0xed0/0xed0
[ 1023.727729][T15539]  ? debug_smp_processor_id+0x17/0x20
[ 1023.732939][T15539]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1023.738867][T15539]  __x64_sys_read+0x7b/0x90
[ 1023.743177][T15539]  x64_sys_call+0x28/0x9a0
[ 1023.747433][T15539]  do_syscall_64+0x3b/0xb0
[ 1023.751681][T15539]  ? clear_bhb_loop+0x55/0xb0
[ 1023.756202][T15539]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1023.761923][T15539] RIP: 0033:0x7f7819b7ca3c
[ 1023.766178][T15539] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1023.785617][T15539] RSP: 002b:00007f781a8bb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1023.793868][T15539] RAX: ffffffffffffffda RBX: 00007f7819d36130 RCX: 00007f7819b7ca3c
[ 1023.801675][T15539] RDX: 000000000000000f RSI: 00007f781a8bb0a0 RDI: 0000000000000008
[ 1023.809485][T15539] RBP: 00007f781a8bb090 R08: 0000000000000000 R09: 0000000000000000
[ 1023.817304][T15539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1023.825123][T15539] R13: 0000000000000000 R14: 00007f7819d36130 R15: 00007ffe12e20d98
[ 1023.832930][T15539]  </TASK>
[ 1023.836543][   T28] audit: type=1400 audit(1729616321.534:337): avc:  denied  { connect } for  pid=15534 comm="syz.3.3154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1023.921672][T15523] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1023.928577][T15523] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1023.935974][T15523] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1023.942799][T15523] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1023.979561][  T696] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1023.986870][  T696] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1024.004393][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1024.011701][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1024.019072][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1024.027243][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1024.035312][ T1125] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1024.042159][ T1125] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1024.050098][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1024.058205][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1024.066263][ T1125] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1024.073103][ T1125] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1024.088862][T15543] loop3: detected capacity change from 0 to 512
[ 1024.098908][T15543] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1024.105214][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1024.105900][T15543] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.3161: bg 0: block 248: padding at end of block bitmap is not set
[ 1024.113657][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1024.141021][T15543] Quota error (device loop3): write_blk: dquota write failed
[ 1024.148477][T15543] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1024.158388][T15543] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz.3.3161: Failed to acquire dquot type 1
[ 1024.169988][T15543] EXT4-fs (loop3): 1 truncate cleaned up
[ 1024.177500][T15543] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1024.180830][T15546] loop1: detected capacity change from 0 to 512
[ 1024.211763][T15546] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1024.219789][T15546] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.3162: invalid block
[ 1024.231370][T15546] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3162: couldn't read orphan inode 11 (err -117)
[ 1024.243097][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1024.244156][T15546] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1024.251446][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1024.316888][T15536] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1024.323806][T15536] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1024.331375][T15536] device bridge_slave_0 entered promiscuous mode
[ 1024.339144][T15515] EXT4-fs (loop3): unmounting filesystem.
[ 1024.346950][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1024.357386][ T1125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1024.392017][T15536] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1024.399919][T15536] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1024.488828][T15536] device bridge_slave_1 entered promiscuous mode
[ 1024.579162][T15523] device veth0_vlan entered promiscuous mode
[ 1024.592902][T15523] device veth1_macvtap entered promiscuous mode
[ 1024.622367][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1024.630134][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1024.638362][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1024.646390][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1024.654322][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1024.661823][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1024.682093][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1024.871719][ T8951] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[ 1024.931805][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1024.942638][ T8951] usb 5-1: USB disconnect, device number 101
[ 1024.968292][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1025.040899][T14884] EXT4-fs (loop1): unmounting filesystem.
[ 1025.071348][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1025.083071][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1025.466950][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1025.474471][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1025.484235][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1025.493502][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1025.501958][ T9786] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1025.508997][ T9786] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1025.516461][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1025.524661][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1025.524835][ T8951] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[ 1025.532781][ T9786] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1025.546823][ T9786] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1025.563144][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1025.573765][T15577] loop3: detected capacity change from 0 to 512
[ 1025.580447][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1025.592579][ T2387] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1025.603825][T15577] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1025.610049][ T2387] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1025.614307][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1025.623348][T15577] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.3167: bg 0: block 248: padding at end of block bitmap is not set
[ 1025.626245][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1025.640387][T15577] Quota error (device loop3): write_blk: dquota write failed
[ 1025.648486][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1025.655080][T15577] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1025.663372][T15536] device veth0_vlan entered promiscuous mode
[ 1025.676506][T15577] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz.3.3167: Failed to acquire dquot type 1
[ 1025.688684][T15577] EXT4-fs (loop3): 1 truncate cleaned up
[ 1025.698094][T15577] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1025.718824][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1025.729477][T15536] device veth1_macvtap entered promiscuous mode
[ 1025.737136][ T9957] device bridge_slave_1 left promiscuous mode
[ 1025.743164][ T9957] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1025.751206][ T9957] device bridge_slave_0 left promiscuous mode
[ 1025.757425][ T9957] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1025.766316][T15515] EXT4-fs (loop3): unmounting filesystem.
[ 1025.778672][ T9957] device bridge_slave_1 left promiscuous mode
[ 1025.785003][ T9957] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1025.793321][ T9957] device bridge_slave_0 left promiscuous mode
[ 1025.799542][ T9957] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1025.810031][ T9957] device bridge_slave_1 left promiscuous mode
[ 1025.816759][ T9957] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1025.825393][ T9957] device bridge_slave_0 left promiscuous mode
[ 1025.831615][ T9957] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1025.840994][ T9957] device veth1_macvtap left promiscuous mode
[ 1025.846939][ T9957] device veth0_vlan left promiscuous mode
[ 1025.853046][ T9957] device veth1_macvtap left promiscuous mode
[ 1025.858962][ T9957] device veth0_vlan left promiscuous mode
[ 1025.865002][ T9957] device veth1_macvtap left promiscuous mode
[ 1025.870821][ T9957] device veth0_vlan left promiscuous mode
[ 1026.385186][T15583] netlink: 240 bytes leftover after parsing attributes in process `syz.3.3168'.
[ 1026.435176][ T8951] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1026.447695][ T8951] usb 5-1: config 0 has no interfaces?
[ 1026.453103][ T8951] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1026.467578][ T8951] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1026.489521][ T8951] usb 5-1: config 0 descriptor??
[ 1026.919412][T15593] overlayfs: missing 'lowerdir'
[ 1026.925912][T15594] incfs: Options parsing error. -22
[ 1026.931336][T15594] incfs: mount failed -22
[ 1027.445445][ T3712] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1027.456497][ T3712] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1027.581655][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1027.600252][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1027.616835][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1027.654336][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1027.987728][T15610] loop0: detected capacity change from 0 to 512
[ 1027.994001][T15610] EXT4-fs: Ignoring removed orlov option
[ 1028.028552][T15610] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1028.059526][T15610] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a000e09c, mo2=0002]
[ 1028.071133][T15610] System zones: 1-12
[ 1028.083916][T15610] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.3158: casefold flag without casefold feature
[ 1028.130284][T15610] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.3158: missing EA_INODE flag
[ 1028.152314][T15607] loop1: detected capacity change from 0 to 40427
[ 1028.165962][T15607] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1028.172797][T15610] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.3158: error while reading EA inode 12 err=-117
[ 1028.183793][T15607] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1028.194772][T15607] F2FS-fs (loop1): invalid crc value
[ 1028.215915][T15610] EXT4-fs (loop0): 1 orphan inode deleted
[ 1028.226183][T15607] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1028.232447][T15610] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1028.380420][T15607] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1028.388483][T15607] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1028.479140][T15627] loop2: detected capacity change from 0 to 512
[ 1028.508753][T15627] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1028.527466][T15627] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.3177: bg 0: block 248: padding at end of block bitmap is not set
[ 1028.530403][T15617] loop3: detected capacity change from 0 to 40427
[ 1028.555144][T15627] Quota error (device loop2): write_blk: dquota write failed
[ 1028.562629][T15617] F2FS-fs (loop3): heap/no_heap options were deprecated
[ 1028.575678][T15627] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 1028.578560][T15617] F2FS-fs (loop3): invalid crc value
[ 1028.586012][T15627] EXT4-fs error (device loop2): ext4_acquire_dquot:6764: comm syz.2.3177: Failed to acquire dquot type 1
[ 1028.603656][T15617] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1028.604061][T15627] EXT4-fs (loop2): 1 truncate cleaned up
[ 1028.626020][T15627] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1028.806625][T15617] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1028.830319][T15523] EXT4-fs (loop2): unmounting filesystem.
[ 1028.936964][T15638] netlink: 240 bytes leftover after parsing attributes in process `syz.1.3178'.
[ 1029.007121][T15639] FAULT_INJECTION: forcing a failure.
[ 1029.007121][T15639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1029.020029][T15639] CPU: 1 PID: 15639 Comm: syz.3.3176 Not tainted 6.1.99-syzkaller-00053-g5e1f4bb11f0d #0
[ 1029.029614][T15639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1029.039510][T15639] Call Trace:
[ 1029.042632][T15639]  <TASK>
[ 1029.045412][T15639]  dump_stack_lvl+0x151/0x1b7
[ 1029.049927][T15639]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1029.055215][T15639]  ? raw_irqentry_exit_cond_resched+0x2a/0x30
[ 1029.061120][T15639]  ? irqentry_exit+0x30/0x40
[ 1029.065547][T15639]  ? sysvec_reschedule_ipi+0x80/0x160
[ 1029.070755][T15639]  dump_stack+0x15/0x1b
[ 1029.074743][T15639]  should_fail_ex+0x3d0/0x520
[ 1029.079259][T15639]  should_fail+0xb/0x10
[ 1029.079967][   T28] audit: type=1400 audit(1729616326.944:338): avc:  denied  { create } for  pid=15616 comm="syz.3.3176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1029.083246][T15639]  should_fail_usercopy+0x1a/0x20
[ 1029.107984][T15639]  _copy_from_user+0x1e/0xc0
[ 1029.112407][T15639]  mon_bin_ioctl+0x203/0xe90
[ 1029.116835][T15639]  ? selinux_file_alloc_security+0x120/0x120
[ 1029.122651][T15639]  ? irqentry_exit+0x30/0x40
[ 1029.127078][T15639]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1029.132546][T15639]  ? mon_bin_poll+0x150/0x150
[ 1029.137057][T15639]  ? security_file_ioctl+0x84/0xb0
[ 1029.142004][T15639]  ? mon_bin_poll+0x150/0x150
[ 1029.146517][T15639]  __se_sys_ioctl+0x114/0x190
[ 1029.151031][T15639]  __x64_sys_ioctl+0x7b/0x90
[ 1029.155458][T15639]  x64_sys_call+0x98/0x9a0
[ 1029.159714][T15639]  do_syscall_64+0x3b/0xb0
[ 1029.163961][T15639]  ? clear_bhb_loop+0x55/0xb0
[ 1029.168481][T15639]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1029.174210][T15639] RIP: 0033:0x7f7819b7dff9
[ 1029.178458][T15639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1029.197899][T15639] RSP: 002b:00007f781a8bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1029.206142][T15639] RAX: ffffffffffffffda RBX: 00007f7819d36130 RCX: 00007f7819b7dff9
[ 1029.213952][T15639] RDX: 0000000020000080 RSI: 00000000c0109207 RDI: 0000000000000008
[ 1029.221764][T15639] RBP: 00007f781a8bb090 R08: 0000000000000000 R09: 0000000000000000
[ 1029.229575][T15639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1029.237387][T15639] R13: 0000000000000000 R14: 00007f7819d36130 R15: 00007ffe12e20d98
[ 1029.245205][T15639]  </TASK>
[ 1029.340033][T15536] EXT4-fs (loop0): unmounting filesystem.
[ 1029.485361][ T3874] Bluetooth: hci0: command 0x1003 tx timeout
[ 1030.307272][T12313] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1030.663438][T15654] loop2: detected capacity change from 0 to 512
[ 1030.707618][T15659] loop1: detected capacity change from 0 to 512
[ 1030.717790][T15656] loop0: detected capacity change from 0 to 1024
[ 1030.725503][T15659] EXT4-fs: Ignoring removed i_version option
[ 1030.731321][T15659] EXT4-fs: Ignoring removed nobh option
[ 1030.759203][T15656] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[ 1030.775654][T15659] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1030.782337][T15659] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1030.803558][T15659] EXT4-fs (loop1): 1 truncate cleaned up
[ 1030.814733][T15659] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1030.840431][T15656] loop0: detected capacity change from 0 to 512
[ 1030.855129][T15656] EXT4-fs: Ignoring removed oldalloc option
[ 1030.861274][T15656] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1030.934694][T15665] netlink: 240 bytes leftover after parsing attributes in process `syz.3.3181'.
[ 1031.103945][T15656] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.3184: invalid block
[ 1031.190736][T15656] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.3184: couldn't read orphan inode 11 (err -117)
[ 1031.232150][T15656] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1031.582474][ T2387] usb 5-1: USB disconnect, device number 102
[ 1031.618686][T15676] loop2: detected capacity change from 0 to 512
[ 1031.649654][T15681] loop4: detected capacity change from 0 to 512
[ 1031.655019][T15676] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1031.655988][T15681] EXT4-fs: Ignoring removed orlov option
[ 1031.671298][T15681] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1031.672208][T15676] EXT4-fs (loop2): 1 truncate cleaned up
[ 1031.681041][T15681] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a000e09c, mo2=0002]
[ 1031.683785][T15676] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1031.701562][T15681] System zones: 1-12
[ 1031.825850][T15681] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.3190: casefold flag without casefold feature
[ 1031.867467][T15676] EXT4-fs (loop2): re-mounted. Quota mode: none.
[ 1031.875808][T15681] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.3190: missing EA_INODE flag
[ 1031.876011][T15676] EXT4-fs (loop2): re-mounted. Quota mode: none.
[ 1031.887882][T15681] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.3190: error while reading EA inode 12 err=-117
[ 1031.905972][T15681] EXT4-fs (loop4): 1 orphan inode deleted
[ 1031.911574][T15681] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1031.927157][T14461] usb 1-1: new high-speed USB device number 123 using dummy_hcd
[ 1031.996250][T14884] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /51/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1032.018024][T14884] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1032.037869][T14884] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /51/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1032.059724][T14884] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1032.079890][T14884] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /51/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1032.101478][T14884] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1032.122193][T14884] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /51/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1032.124854][   T28] audit: type=1400 audit(1729616330.064:339): avc:  denied  { bind } for  pid=15675 comm="syz.2.3189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1032.144137][T14884] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1032.184247][T14884] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /51/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1032.206710][T14884] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1032.327056][T14884] EXT4-fs (loop1): unmounting filesystem.
[ 1032.394801][T14461] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1032.408356][T14461] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1032.457914][T14461] usb 1-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[ 1032.467349][T14461] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1032.478475][T15690] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1032.485633][T14461] usb 1-1: config 0 descriptor??
[ 1032.486133][T15690] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1032.498097][T15690] device bridge_slave_0 entered promiscuous mode
[ 1032.505160][T15690] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1032.512116][T15690] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1032.512577][T15523] EXT4-fs (loop2): unmounting filesystem.
[ 1032.519620][T15690] device bridge_slave_1 entered promiscuous mode
[ 1032.537114][T15697] FAULT_INJECTION: forcing a failure.
[ 1032.537114][T15697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1032.551080][T15697] CPU: 0 PID: 15697 Comm: syz.2.3195 Not tainted 6.1.99-syzkaller-00053-g5e1f4bb11f0d #0
[ 1032.560699][T15697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1032.570604][T15697] Call Trace:
[ 1032.573715][T15697]  <TASK>
[ 1032.576492][T15697]  dump_stack_lvl+0x151/0x1b7
[ 1032.581107][T15697]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1032.586393][T15697]  ? vfs_write+0x952/0xed0
[ 1032.590644][T15697]  ? __kasan_slab_free+0x11/0x20
[ 1032.595416][T15697]  dump_stack+0x15/0x1b
[ 1032.599413][T15697]  should_fail_ex+0x3d0/0x520
[ 1032.603923][T15697]  should_fail+0xb/0x10
[ 1032.607916][T15697]  should_fail_usercopy+0x1a/0x20
[ 1032.612784][T15697]  _copy_from_user+0x1e/0xc0
[ 1032.617206][T15697]  move_addr_to_kernel+0x87/0x150
[ 1032.622065][T15697]  __sys_bind+0x161/0x2e0
[ 1032.626239][T15697]  ? __ia32_sys_socketpair+0xb0/0xb0
[ 1032.631351][T15697]  ? debug_smp_processor_id+0x17/0x20
[ 1032.636555][T15697]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1032.642459][T15697]  __x64_sys_bind+0x7a/0x90
[ 1032.646798][T15697]  x64_sys_call+0x17f/0x9a0
[ 1032.651143][T15697]  do_syscall_64+0x3b/0xb0
[ 1032.655392][T15697]  ? clear_bhb_loop+0x55/0xb0
[ 1032.659907][T15697]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1032.665649][T15697] RIP: 0033:0x7f347857dff9
[ 1032.669887][T15697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1032.689335][T15697] RSP: 002b:00007f34783ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[ 1032.697572][T15697] RAX: ffffffffffffffda RBX: 00007f3478735f80 RCX: 00007f347857dff9
[ 1032.705383][T15697] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003
[ 1032.713202][T15697] RBP: 00007f34783ff090 R08: 0000000000000000 R09: 0000000000000000
[ 1032.721014][T15697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1032.728830][T15697] R13: 0000000000000000 R14: 00007f3478735f80 R15: 00007ffc2ab0ee68
[ 1032.736721][T15697]  </TASK>
[ 1032.796770][T14983] EXT4-fs (loop4): unmounting filesystem.
[ 1032.821434][T15702] loop4: detected capacity change from 0 to 512
[ 1032.894742][ T2387] usb 4-1: new full-speed USB device number 115 using dummy_hcd
[ 1032.929390][T15690] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1032.936309][T15690] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1032.943356][T15690] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1032.950341][T15690] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1032.966052][T14461] logitech-hidpp-device 0003:046D:C086.00DA: unknown main item tag 0x0
[ 1032.974270][T14461] logitech-hidpp-device 0003:046D:C086.00DA: unknown main item tag 0x0
[ 1032.976220][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1032.982661][T14461] logitech-hidpp-device 0003:046D:C086.00DA: unknown main item tag 0x0
[ 1032.997966][T14461] logitech-hidpp-device 0003:046D:C086.00DA: unknown main item tag 0x0
[ 1032.998175][T15162] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1033.006294][T14461] logitech-hidpp-device 0003:046D:C086.00DA: unknown main item tag 0x0
[ 1033.695790][T14461] logitech-hidpp-device 0003:046D:C086.00DA: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.0-1/input0
[ 1033.886444][T15162] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1033.969033][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1033.977583][T15162] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1033.984437][T15162] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1033.992108][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1034.001306][T15162] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1034.008203][T15162] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1034.015802][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1034.023696][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1034.034799][ T2387] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1034.045667][ T2387] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1034.055223][ T2387] usb 4-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 1034.065566][ T2387] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1034.070964][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1034.075198][ T2387] usb 4-1: config 0 descriptor??
[ 1034.087557][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1034.322205][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1034.329927][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1034.338108][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1034.345404][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1034.353027][T15690] device veth0_vlan entered promiscuous mode
[ 1034.359665][   T10] device bridge_slave_1 left promiscuous mode
[ 1034.365698][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1034.372946][   T10] device bridge_slave_0 left promiscuous mode
[ 1034.379008][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1034.386567][   T10] device veth1_macvtap left promiscuous mode
[ 1034.392427][   T10] device veth0_vlan left promiscuous mode
[ 1034.464744][T15162] usb 3-1: new high-speed USB device number 104 using dummy_hcd
[ 1034.491430][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1034.499491][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1034.508796][T15690] device veth1_macvtap entered promiscuous mode
[ 1034.517996][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1034.525515][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1034.533550][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1034.543145][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1034.551290][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1034.576836][T15726] loop1: detected capacity change from 0 to 512
[ 1034.585373][T15726] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz.1.3193: corrupted in-inode xattr
[ 1034.597576][T15726] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3193: couldn't read orphan inode 15 (err -117)
[ 1034.610065][T15726] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1034.792945][T15729] usb usb8: check_ctrlrecip: process 15729 (syz.1.3193) requesting ep 01 but needs 81
[ 1035.061554][T14461] usb 1-1: USB disconnect, device number 123
[ 1035.070295][ T2387] samsung 0003:0419:0600.00DB: item fetching failed at offset 1/5
[ 1035.078253][ T2387] samsung 0003:0419:0600.00DB: parse failed
[ 1035.084415][ T2387] samsung: probe of 0003:0419:0600.00DB failed with error -22
[ 1035.168032][T15536] EXT4-fs (loop0): unmounting filesystem.
[ 1035.174910][T15162] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1035.190380][T15162] usb 3-1: config 0 has no interfaces?
[ 1035.196022][T15162] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1035.205271][T15162] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1035.216932][T15162] usb 3-1: config 0 descriptor??
[ 1035.247753][T15695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1035.256565][T15695] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1035.265828][  T313] usb 4-1: USB disconnect, device number 115
[ 1035.380565][  T696] usb 5-1: new full-speed USB device number 103 using dummy_hcd
[ 1035.541032][T15690] EXT4-fs (loop1): unmounting filesystem.
[ 1035.567947][  T797] Bluetooth: hci0: sending frame failed (-49)
[ 1035.573978][T15649] Bluetooth: hci0: Opcode 0x1003 failed: -49
[ 1035.646423][  T313] usb 3-1: USB disconnect, device number 104
[ 1035.914787][  T696] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1035.925638][  T696] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1035.935145][  T696] usb 5-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 1035.944005][  T696] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1035.953270][T15745] loop3: detected capacity change from 0 to 512
[ 1035.957802][  T696] usb 5-1: config 0 descriptor??
[ 1035.959846][T15745] EXT4-fs: Ignoring removed i_version option
[ 1035.970348][T15745] EXT4-fs: Ignoring removed nobh option
[ 1035.976244][T15745] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1035.982839][T15745] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1035.994412][T15745] EXT4-fs (loop3): 1 truncate cleaned up
[ 1035.999928][T15745] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1036.075989][T15749] loop0: detected capacity change from 0 to 2048
[ 1036.093636][T15749] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1036.116181][T15749] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1036.129355][T15749] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #12: block 5: comm syz.0.3206: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[ 1036.148385][T15749] EXT4-fs (loop0): Remounting filesystem read-only
[ 1036.154957][T15749] incfs: Can't find or create .index dir in ./file0
[ 1036.161420][T15749] incfs: mount failed -117
[ 1036.223229][T15749] incfs: Can't find or create .index dir in ./file0
[ 1036.229724][T15749] incfs: mount failed -30
[ 1036.265072][T15536] EXT4-fs (loop0): unmounting filesystem.
[ 1036.456078][T15762] loop1: detected capacity change from 0 to 512
[ 1036.462399][T15762] EXT4-fs: Ignoring removed i_version option
[ 1036.469157][  T696] samsung 0003:0419:0600.00DC: item fetching failed at offset 1/5
[ 1036.477294][  T696] samsung 0003:0419:0600.00DC: parse failed
[ 1036.483148][  T696] samsung: probe of 0003:0419:0600.00DC failed with error -22
[ 1036.492170][T15762] EXT4-fs: Ignoring removed nobh option
[ 1036.506854][T15762] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1036.508368][T15758] loop0: detected capacity change from 0 to 40427
[ 1036.528988][T15762] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1036.538872][T15758] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1036.546797][T15758] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1036.556248][T15758] F2FS-fs (loop0): invalid crc value
[ 1036.556383][T15762] EXT4-fs (loop1): 1 truncate cleaned up
[ 1036.567219][T15762] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1036.595039][T15758] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1036.670170][T15734] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1036.678058][T15758] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1036.682907][T15734] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1036.690367][T15758] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1036.701789][T15162] usb 5-1: USB disconnect, device number 103
[ 1036.761665][T15758] netlink: 'syz.0.3208': attribute type 3 has an invalid length.
[ 1036.978889][   T28] audit: type=1400 audit(1729616334.894:340): avc:  denied  { write } for  pid=15757 comm="syz.0.3208" name="ppp" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1037.275609][   T10] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1037.406913][   T10] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1037.674739][  T314] usb 5-1: new full-speed USB device number 104 using dummy_hcd
[ 1037.689381][T15780] loop0: detected capacity change from 0 to 512
[ 1037.702672][T15780] EXT4-fs: Ignoring removed i_version option
[ 1037.709275][T15780] EXT4-fs: Ignoring removed nobh option
[ 1037.721919][T15780] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1037.735879][T15780] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1037.763508][T15780] EXT4-fs (loop0): 1 truncate cleaned up
[ 1037.770393][T15515] EXT4-fs (loop3): unmounting filesystem.
[ 1037.776121][T15780] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1038.245910][  T314] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1038.256972][  T314] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1038.268011][  T314] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[ 1038.401190][T15690] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /2/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1038.428276][T15690] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1038.451320][T15690] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /2/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1038.472911][T15690] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1038.492823][T15690] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /2/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1038.517173][T15690] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1038.536666][  T314] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1038.536949][T15690] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /2/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1038.545598][  T314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1038.576029][  T314] usb 5-1: SerialNumber: syz
[ 1038.581182][T15690] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1038.601839][T15690] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /2/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1038.603231][T15536] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /6/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1038.623493][T15690] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1038.644015][T15777] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1038.675128][T15777] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1038.683304][T15536] EXT4-fs error (device loop0): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1038.704412][T15536] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /6/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1038.705329][  T314] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[ 1038.734915][T15536] EXT4-fs error (device loop0): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1038.757659][T15536] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /6/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1038.779625][T15536] EXT4-fs error (device loop0): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1038.799501][T15536] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /6/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1038.821066][T15536] EXT4-fs error (device loop0): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1038.840859][T15536] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /6/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1038.862296][T15536] EXT4-fs error (device loop0): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1038.887109][T15690] EXT4-fs (loop1): unmounting filesystem.
[ 1039.040609][T15795] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1039.085998][T15795] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1039.272157][T15162] usb 4-1: new high-speed USB device number 116 using dummy_hcd
[ 1039.282038][T15795] device bridge_slave_0 entered promiscuous mode
[ 1039.350826][T15795] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1039.360448][T15536] EXT4-fs (loop0): unmounting filesystem.
[ 1039.366127][T15795] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1039.373511][T15795] device bridge_slave_1 entered promiscuous mode
[ 1039.966006][T15162] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1039.976186][T15162] usb 4-1: config 0 has no interfaces?
[ 1039.981507][T15162] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1039.991207][T15162] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1040.003340][T15162] usb 4-1: config 0 descriptor??
[ 1040.355182][  T314] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[ 1040.386452][T15809] loop4: detected capacity change from 0 to 512
[ 1040.387192][  T314] usb 5-1: USB disconnect, device number 104
[ 1040.392804][T15809] EXT4-fs: Ignoring removed i_version option
[ 1040.404219][T15809] EXT4-fs: Ignoring removed nobh option
[ 1040.419344][T15809] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1040.426144][T15809] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1040.437047][T15811] loop2: detected capacity change from 0 to 1024
[ 1040.443305][T15809] EXT4-fs (loop4): 1 truncate cleaned up
[ 1040.449210][T15811] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[ 1040.457388][T15809] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1040.530705][T15811] loop2: detected capacity change from 0 to 512
[ 1040.546484][T15811] EXT4-fs: Ignoring removed oldalloc option
[ 1040.556812][T15811] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1040.576164][T15811] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.3224: invalid block
[ 1040.588308][T15811] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.3224: couldn't read orphan inode 11 (err -117)
[ 1040.600130][T15811] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1040.643247][T15814] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1040.650784][T15814] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1040.658216][T15814] device bridge_slave_0 entered promiscuous mode
[ 1040.668004][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1040.675400][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1040.691522][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1040.699885][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1040.708292][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1040.715171][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1040.722688][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1040.731465][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1040.739825][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1040.746703][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1040.757008][T15814] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1040.764258][T15814] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1040.771816][T15814] device bridge_slave_1 entered promiscuous mode
[ 1040.785622][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1040.804983][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1040.822136][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1040.854586][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1040.870182][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1040.878401][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1040.885839][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1040.895040][T15795] device veth0_vlan entered promiscuous mode
[ 1040.922623][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1040.932600][T15795] device veth1_macvtap entered promiscuous mode
[ 1040.946981][   T10] device bridge_slave_1 left promiscuous mode
[ 1040.952933][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1040.961451][   T10] device bridge_slave_0 left promiscuous mode
[ 1040.967712][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1040.976230][   T10] device veth1_macvtap left promiscuous mode
[ 1040.982078][   T10] device veth0_vlan left promiscuous mode
[ 1041.101313][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1041.109479][  T696] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1041.117714][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1041.174014][ T2387] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1041.232661][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1041.245323][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1041.252196][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1041.263621][ T2387] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1041.294517][T15814] device veth0_vlan entered promiscuous mode
[ 1041.308412][T15814] device veth1_macvtap entered promiscuous mode
[ 1041.345030][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1041.353703][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1041.362739][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1041.370980][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1041.378721][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1041.387093][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1041.485120][  T696] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1041.596524][  T696] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1041.619172][T15162] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1041.626076][T15162] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1041.633301][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1041.641470][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1041.641502][  T696] usb 3-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[ 1041.658532][  T696] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1041.667686][  T696] usb 3-1: config 0 descriptor??
[ 1041.682410][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1041.692217][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1041.701015][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1041.709285][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1041.836055][T14983] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /38/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1041.857908][T14983] EXT4-fs error (device loop4): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1041.878221][T14983] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /38/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1041.899904][T14983] EXT4-fs error (device loop4): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1041.919791][T14983] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /38/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1041.941958][T14983] EXT4-fs error (device loop4): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1041.961916][T14983] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /38/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1041.983499][T14983] EXT4-fs error (device loop4): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1042.003477][T14983] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /38/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1042.024930][T14983] EXT4-fs error (device loop4): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[ 1042.025352][T15162] usb 1-1: new full-speed USB device number 124 using dummy_hcd
[ 1042.117921][T14983] EXT4-fs (loop4): unmounting filesystem.
[ 1042.140921][   T28] audit: type=1400 audit(1729616340.084:341): avc:  denied  { append } for  pid=15831 comm="syz.1.3228" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1042.195949][  T696] logitech-hidpp-device 0003:046D:C086.00DD: unknown main item tag 0x0
[ 1042.204063][  T696] logitech-hidpp-device 0003:046D:C086.00DD: unknown main item tag 0x0
[ 1042.212391][  T696] logitech-hidpp-device 0003:046D:C086.00DD: unknown main item tag 0x0
[ 1042.220902][  T696] logitech-hidpp-device 0003:046D:C086.00DD: unknown main item tag 0x0
[ 1042.229403][  T696] logitech-hidpp-device 0003:046D:C086.00DD: unknown main item tag 0x0
[ 1042.239519][  T696] logitech-hidpp-device 0003:046D:C086.00DD: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.2-1/input0
[ 1042.278168][T15839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1042.285132][T15839] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1042.292285][T15839] device bridge_slave_0 entered promiscuous mode
[ 1042.301967][T15839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1042.309114][T15839] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1042.316321][T15839] device bridge_slave_1 entered promiscuous mode
[ 1042.354253][T15839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1042.361104][T15839] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1042.364781][T15649] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1042.368219][T15839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1042.380998][T15839] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1042.422379][T15718] usb 4-1: USB disconnect, device number 116
[ 1042.448109][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1042.455943][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1042.463096][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1042.470181][   T60] usb 2-1: new high-speed USB device number 114 using dummy_hcd
[ 1042.487675][   T10] device bridge_slave_1 left promiscuous mode
[ 1042.493807][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1042.501234][   T10] device bridge_slave_0 left promiscuous mode
[ 1042.507255][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1042.507440][T15162] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1042.525394][T15162] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1042.535079][   T10] device veth1_macvtap left promiscuous mode
[ 1042.535219][T15162] usb 1-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 1042.541368][   T10] device veth0_vlan left promiscuous mode
[ 1042.553466][T15848] loop3: detected capacity change from 0 to 512
[ 1042.568724][T15162] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1042.580261][T15162] usb 1-1: config 0 descriptor??
[ 1042.586580][T15848] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1042.594017][T15848] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.3231: bg 0: block 248: padding at end of block bitmap is not set
[ 1042.596560][T15850] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1042.618672][T15848] Quota error (device loop3): write_blk: dquota write failed
[ 1042.627212][T15848] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1042.637272][T15848] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz.3.3231: Failed to acquire dquot type 1
[ 1042.656391][T15848] EXT4-fs (loop3): 1 truncate cleaned up
[ 1042.662822][T15848] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1042.691538][ T2387] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1042.704498][ T2387] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1042.711384][ T2387] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1042.714724][   T60] usb 2-1: Using ep0 maxpacket: 8
[ 1042.718788][ T2387] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1042.735729][ T2387] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1042.742578][ T2387] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1042.754837][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1042.763470][T15515] EXT4-fs (loop3): unmounting filesystem.
[ 1042.770540][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1042.788654][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1042.797621][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1042.830884][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1042.841749][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1042.855341][   T60] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 511, setting to 64
[ 1042.859680][T15839] device veth0_vlan entered promiscuous mode
[ 1042.871884][   T60] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16
[ 1042.881796][   T60] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[ 1042.889270][T15839] device veth1_macvtap entered promiscuous mode
[ 1042.904240][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1042.913270][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1042.923173][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1042.932803][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1042.941634][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1042.953213][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1042.960788][T14461] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1042.974796][   T60] usb 2-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[ 1042.986916][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1042.997815][ T2387] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1043.004765][   T60] usb 2-1: SerialNumber: syz
[ 1043.013410][ T2387] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1043.024574][ T2387] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1043.033023][ T2387] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1043.034845][T15838] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[ 1043.055074][   T60] hub 2-1:1.0: bad descriptor, ignoring hub
[ 1043.055580][T15162] samsung 0003:0419:0600.00DE: item fetching failed at offset 1/5
[ 1043.060792][   T60] hub: probe of 2-1:1.0 failed with error -5
[ 1043.074728][  T314] usb 4-1: new full-speed USB device number 117 using dummy_hcd
[ 1043.082217][T15162] samsung 0003:0419:0600.00DE: parse failed
[ 1043.090316][T15162] samsung: probe of 0003:0419:0600.00DE failed with error -22
[ 1043.101567][T15854] loop4: detected capacity change from 0 to 2048
[ 1043.109547][T15854] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1043.125934][T15854] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1043.136486][T15854] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #12: block 5: comm syz.4.3229: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[ 1043.158082][T15854] EXT4-fs (loop4): Remounting filesystem read-only
[ 1043.164502][T15854] incfs: Can't find or create .index dir in ./file0
[ 1043.171623][T15854] incfs: mount failed -117
[ 1043.212182][T15854] incfs: Can't find or create .index dir in ./file0
[ 1043.218838][T15854] incfs: mount failed -30
[ 1043.240241][T15839] EXT4-fs (loop4): unmounting filesystem.
[ 1043.264107][T15858] loop4: detected capacity change from 0 to 2048
[ 1043.272184][T15838] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[ 1043.277962][T15830] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1043.283778][T15858] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1043.288304][T15830] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1043.297781][T15858] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038 (0x7fffffff)
[ 1043.317563][T15162] usb 1-1: USB disconnect, device number 124
[ 1043.485436][  T314] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1043.496285][  T314] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1043.507078][  T314] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[ 1043.594950][  T314] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1043.603976][  T314] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1043.612142][  T314] usb 4-1: SerialNumber: syz
[ 1043.645102][T15852] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1043.652763][   T10] device bridge_slave_1 left promiscuous mode
[ 1043.659034][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1043.666385][T15852] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1043.673811][   T10] device bridge_slave_0 left promiscuous mode
[ 1043.680176][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1043.687810][   T10] device veth1_macvtap left promiscuous mode
[ 1043.693882][   T10] device veth0_vlan left promiscuous mode
[ 1043.699979][  T314] cdc_acm 4-1:1.0: Control and data interfaces are not separated!
[ 1043.926682][   T60] cdc_ether: probe of 2-1:1.0 failed with error -71
[ 1044.087405][  T311] usb 3-1: USB disconnect, device number 105
[ 1044.129548][   T60] usb 2-1: USB disconnect, device number 114
[ 1045.886410][T15869] loop0: detected capacity change from 0 to 2048
[ 1045.887779][T15839] EXT4-fs (loop4): unmounting filesystem.
[ 1045.901079][T15873] loop1: detected capacity change from 0 to 512
[ 1045.909155][T15869] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1045.920564][  T314] cdc_acm 4-1:1.0: ttyACM0: USB ACM device
[ 1045.942948][  T314] usb 4-1: USB disconnect, device number 117
[ 1046.463901][T15869] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1046.582767][T15869] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #12: block 5: comm syz.0.3234: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[ 1046.602155][T15869] EXT4-fs (loop0): Remounting filesystem read-only
[ 1046.608746][T15869] incfs: Can't find or create .index dir in ./file0
[ 1046.615592][T15869] incfs: mount failed -117
[ 1046.657546][T15523] EXT4-fs (loop2): unmounting filesystem.
[ 1046.716981][T15889] loop1: detected capacity change from 0 to 1024
[ 1046.763362][T15889] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[ 1046.775440][T15889] loop1: detected capacity change from 0 to 512
[ 1046.781880][T15889] EXT4-fs: Ignoring removed oldalloc option
[ 1046.789643][T15889] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1046.793760][T15893] incfs: Can't find or create .index dir in ./file0
[ 1046.810031][T15889] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.3239: invalid block
[ 1046.814737][T15893] incfs: mount failed -30
[ 1046.828989][T15889] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3239: couldn't read orphan inode 11 (err -117)
[ 1046.841349][T15889] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1047.348623][ T7425] usb 2-1: new high-speed USB device number 115 using dummy_hcd
[ 1047.484524][T15814] EXT4-fs (loop0): unmounting filesystem.
[ 1047.517140][T15905] loop0: detected capacity change from 0 to 512
[ 1047.544751][  T314] usb 4-1: new high-speed USB device number 118 using dummy_hcd
[ 1047.556376][  T347] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1047.651248][T15907] loop2: detected capacity change from 0 to 2048
[ 1047.658697][T15907] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1047.714975][ T7425] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1047.736174][ T7425] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1047.763843][ T7425] usb 2-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[ 1047.774204][ T7425] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1047.830818][ T7425] usb 2-1: config 0 descriptor??
[ 1047.842845][T15907] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1047.854162][T15907] EXT4-fs error (device loop2): ext4_find_dest_de:2112: inode #12: block 5: comm syz.2.3243: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[ 1047.873010][T15907] EXT4-fs (loop2): Remounting filesystem read-only
[ 1047.879416][T15907] incfs: Can't find or create .index dir in ./file0
[ 1047.885796][T15907] incfs: mount failed -117
[ 1047.923980][T15907] incfs: Can't find or create .index dir in ./file0
[ 1047.930469][T15907] incfs: mount failed -30
[ 1047.951076][T15523] EXT4-fs (loop2): unmounting filesystem.
[ 1048.000425][T15917] device pim6reg1 entered promiscuous mode
[ 1048.114789][  T314] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1048.125098][  T314] usb 4-1: config 0 has no interfaces?
[ 1048.130401][  T314] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1048.139280][  T314] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1048.147492][  T314] usb 4-1: config 0 descriptor??
[ 1048.244823][   T60] usb 3-1: new full-speed USB device number 106 using dummy_hcd
[ 1048.274765][ T1125] usb 5-1: new full-speed USB device number 105 using dummy_hcd
[ 1048.315695][ T7425] logitech-hidpp-device 0003:046D:C086.00DF: unknown main item tag 0x0
[ 1048.323869][ T7425] logitech-hidpp-device 0003:046D:C086.00DF: unknown main item tag 0x0
[ 1048.331952][ T7425] logitech-hidpp-device 0003:046D:C086.00DF: unknown main item tag 0x0
[ 1048.340086][ T7425] logitech-hidpp-device 0003:046D:C086.00DF: unknown main item tag 0x0
[ 1048.357936][ T7425] logitech-hidpp-device 0003:046D:C086.00DF: unknown main item tag 0x0
[ 1048.375214][ T7425] logitech-hidpp-device 0003:046D:C086.00DF: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.1-1/input0
[ 1048.944942][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1048.956601][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1048.966304][   T60] usb 3-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 1048.977717][   T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1048.980384][T15925] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1048.986618][   T60] usb 3-1: config 0 descriptor??
[ 1049.015185][ T1125] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1049.027667][ T1125] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1049.041409][ T1125] usb 5-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 1049.050493][ T1125] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1049.061981][ T1125] usb 5-1: config 0 descriptor??
[ 1049.279893][T15934] loop0: detected capacity change from 0 to 1024
[ 1049.287160][T15934] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[ 1049.330784][T15934] loop0: detected capacity change from 0 to 512
[ 1049.337285][T15934] EXT4-fs: Ignoring removed oldalloc option
[ 1049.343617][T15934] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1049.351655][T15934] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.3249: invalid block
[ 1049.362626][T15934] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.3249: couldn't read orphan inode 11 (err -117)
[ 1049.374507][T15934] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1049.479103][   T60] samsung 0003:0419:0600.00E0: item fetching failed at offset 1/5
[ 1049.510460][   T60] samsung 0003:0419:0600.00E0: parse failed
[ 1049.516484][   T60] samsung: probe of 0003:0419:0600.00E0 failed with error -22
[ 1049.545469][ T1125] samsung 0003:0419:0600.00E1: item fetching failed at offset 1/5
[ 1049.553278][ T1125] samsung 0003:0419:0600.00E1: parse failed
[ 1049.559039][ T1125] samsung: probe of 0003:0419:0600.00E1 failed with error -22
[ 1049.677328][T15915] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1049.685698][T15915] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1049.694756][  T311] usb 3-1: USB disconnect, device number 106
[ 1049.748693][T15917] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1049.757164][T15917] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1049.766563][ T1125] usb 5-1: USB disconnect, device number 105
[ 1049.794763][   T60] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[ 1050.154810][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1050.165776][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1050.175388][   T60] usb 1-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[ 1050.184227][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1050.194502][  T314] usb 2-1: USB disconnect, device number 115
[ 1050.195412][   T60] usb 1-1: config 0 descriptor??
[ 1050.260445][T15795] EXT4-fs (loop1): unmounting filesystem.
[ 1050.359902][T15943] loop4: detected capacity change from 0 to 2048
[ 1050.366867][T15943] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1050.384550][T15939] loop2: detected capacity change from 0 to 40427
[ 1050.391662][T15939] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1050.395677][T15943] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1050.399539][T15939] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1050.428109][T15939] F2FS-fs (loop2): invalid crc value
[ 1050.524887][T15649] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1050.726708][  T314] usb 4-1: USB disconnect, device number 118
[ 1050.734538][T15943] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #12: block 5: comm syz.4.3252: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[ 1050.743850][T15939] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1050.753946][T15943] EXT4-fs (loop4): Remounting filesystem read-only
[ 1050.765985][T15943] incfs: Can't find or create .index dir in ./file0
[ 1050.773327][T15943] incfs: mount failed -117
[ 1050.814008][   T60] logitech-hidpp-device 0003:046D:C086.00E2: unknown main item tag 0x0
[ 1050.817155][T15939] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1050.838048][T15939] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1050.875814][   T60] logitech-hidpp-device 0003:046D:C086.00E2: unknown main item tag 0x0
[ 1050.884069][   T60] logitech-hidpp-device 0003:046D:C086.00E2: unknown main item tag 0x0
[ 1050.915945][   T60] logitech-hidpp-device 0003:046D:C086.00E2: unknown main item tag 0x0
[ 1050.924283][   T60] logitech-hidpp-device 0003:046D:C086.00E2: unknown main item tag 0x0
[ 1051.169391][T15958] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1051.195143][   T60] logitech-hidpp-device 0003:046D:C086.00E2: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.0-1/input0
[ 1051.196744][T15959] incfs: Can't find or create .index dir in ./file0
[ 1051.224779][T15959] incfs: mount failed -30
[ 1051.443097][T15839] EXT4-fs (loop4): unmounting filesystem.
[ 1051.583892][T15966] loop3: detected capacity change from 0 to 2048
[ 1051.607560][T15966] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1051.675702][T15966] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1051.712103][T15966] EXT4-fs error (device loop3): ext4_find_dest_de:2112: inode #12: block 5: comm syz.3.3255: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[ 1051.731570][T15966] EXT4-fs (loop3): Remounting filesystem read-only
[ 1051.738031][T15966] incfs: Can't find or create .index dir in ./file0
[ 1051.744502][T15966] incfs: mount failed -117
[ 1051.784469][T15962] loop4: detected capacity change from 0 to 40427
[ 1051.804773][T15966] incfs: Can't find or create .index dir in ./file0
[ 1051.811261][T15966] incfs: mount failed -30
[ 1051.815981][T15962] F2FS-fs (loop4): Invalid segment/section count (24 != 24 * 3)
[ 1051.823566][T15962] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1051.840694][T15962] F2FS-fs (loop4): heap/no_heap options were deprecated
[ 1051.847851][T15962] F2FS-fs (loop4): Image doesn't support compression
[ 1051.847970][T15515] EXT4-fs (loop3): unmounting filesystem.
[ 1051.855513][T15962] F2FS-fs (loop4): invalid crc value
[ 1051.875475][T15962] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1051.947785][T15962] F2FS-fs (loop4): Start checkpoint disabled!
[ 1051.954899][T15962] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1051.955108][  T314] usb 2-1: new full-speed USB device number 116 using dummy_hcd
[ 1051.961818][T15962] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1052.022631][T15962] syz.4.3254: attempt to access beyond end of device
[ 1052.022631][T15962] loop4: rw=2049, sector=77824, nr_sectors = 848 limit=40427
[ 1052.053669][T15979] 9pnet_fd: Insufficient options for proto=fd
[ 1052.364475][  T696] usb 1-1: USB disconnect, device number 125
[ 1052.471282][T15814] EXT4-fs (loop0): unmounting filesystem.
[ 1052.604814][  T314] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1052.615638][  T311] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[ 1052.623074][  T314] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1052.633669][  T314] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[ 1052.714886][  T314] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1052.723914][  T314] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1052.732025][  T314] usb 2-1: SerialNumber: syz
[ 1052.754811][T15969] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1052.761787][T15969] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1052.777665][  T314] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[ 1052.805377][T15992] loop3: detected capacity change from 0 to 1024
[ 1052.811835][T15992] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[ 1052.839624][T15992] loop3: detected capacity change from 0 to 512
[ 1052.846565][T15992] EXT4-fs: Ignoring removed oldalloc option
[ 1052.852657][T15992] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1052.860849][T15992] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.3262: invalid block
[ 1052.871810][T15992] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.3262: couldn't read orphan inode 11 (err -117)
[ 1052.883747][T15992] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1052.892269][  T696] usb 1-1: new full-speed USB device number 126 using dummy_hcd
[ 1053.105113][  T314] cdc_acm 2-1:1.0: ttyACM0: USB ACM device
[ 1053.112328][  T314] usb 2-1: USB disconnect, device number 116
[ 1053.324762][T15162] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[ 1053.334740][   T60] usb 4-1: new high-speed USB device number 119 using dummy_hcd
[ 1053.384787][  T696] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1053.395636][  T696] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1053.405770][  T696] usb 1-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 1053.414615][  T696] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.423647][  T696] usb 1-1: config 0 descriptor??
[ 1053.694854][   T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1053.706058][   T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1053.714777][T15162] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1053.716202][   T60] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[ 1053.736044][   T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.757831][   T60] usb 4-1: config 0 descriptor??
[ 1053.901690][T15162] usb 3-1: config 0 has no interfaces?
[ 1053.907091][T15162] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1053.915965][T15162] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.916647][  T696] samsung 0003:0419:0600.00E3: item fetching failed at offset 1/5
[ 1053.925103][T15162] usb 3-1: config 0 descriptor??
[ 1053.932890][  T696] samsung 0003:0419:0600.00E3: parse failed
[ 1053.941923][  T696] samsung: probe of 0003:0419:0600.00E3 failed with error -22
[ 1054.119529][T15988] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1054.127983][T15988] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1054.137052][  T696] usb 1-1: USB disconnect, device number 126
[ 1054.255800][   T60] logitech-hidpp-device 0003:046D:C086.00E4: unknown main item tag 0x0
[ 1054.263978][   T60] logitech-hidpp-device 0003:046D:C086.00E4: unknown main item tag 0x0
[ 1054.272107][   T60] logitech-hidpp-device 0003:046D:C086.00E4: unknown main item tag 0x0
[ 1054.504286][   T60] logitech-hidpp-device 0003:046D:C086.00E4: unknown main item tag 0x0
[ 1054.512692][   T60] logitech-hidpp-device 0003:046D:C086.00E4: unknown main item tag 0x0
[ 1054.675372][   T60] logitech-hidpp-device 0003:046D:C086.00E4: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.3-1/input0
[ 1054.879184][T16010] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1056.247781][T15162] usb 3-1: USB disconnect, device number 107
[ 1056.278785][T16022] loop1: detected capacity change from 0 to 512
[ 1056.337063][T16025] loop0: detected capacity change from 0 to 512
[ 1056.343550][T16025] EXT4-fs: Ignoring removed orlov option
[ 1056.347796][T16022] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1056.355810][T16025] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1056.355889][   T60] usb 4-1: USB disconnect, device number 119
[ 1056.367281][T16022] EXT4-fs error (device loop1): ext4_find_extent:936: inode #4: comm syz.1.3268: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0)
[ 1056.375810][T16025] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a000e09c, mo2=0002]
[ 1056.386767][T16022] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=-117
[ 1056.392720][T16025] System zones: 1-12
[ 1056.406011][T16022] EXT4-fs warning (device loop1): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1056.406706][T16025] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.3269: casefold flag without casefold feature
[ 1056.420953][T16022] EXT4-fs (loop1): Cannot turn on quotas: error -22
[ 1056.439260][T16022] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1056.454915][T16025] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.3269: missing EA_INODE flag
[ 1056.467117][T15515] EXT4-fs (loop3): unmounting filesystem.
[ 1056.477871][T16025] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.3269: error while reading EA inode 12 err=-117
[ 1056.495018][T16025] EXT4-fs (loop0): 1 orphan inode deleted
[ 1056.505204][T16025] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1056.513639][T16029] loop3: detected capacity change from 0 to 512
[ 1056.568902][  T347] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1056.644731][T15162] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1057.124763][T15162] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1057.142891][T15162] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1057.162750][T15162] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[ 1057.178942][T15162] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.196327][T15795] EXT4-fs (loop1): unmounting filesystem.
[ 1057.205321][T15162] usb 3-1: config 0 descriptor??
[ 1057.360168][T16041] FAULT_INJECTION: forcing a failure.
[ 1057.360168][T16041] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1057.373241][T16041] CPU: 0 PID: 16041 Comm: syz.1.3271 Not tainted 6.1.99-syzkaller-00053-g5e1f4bb11f0d #0
[ 1057.382827][T16041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1057.392728][T16041] Call Trace:
[ 1057.395847][T16041]  <TASK>
[ 1057.398628][T16041]  dump_stack_lvl+0x151/0x1b7
[ 1057.403138][T16041]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1057.408435][T16041]  dump_stack+0x15/0x1b
[ 1057.412522][T16041]  should_fail_ex+0x3d0/0x520
[ 1057.417032][T16041]  should_fail_alloc_page+0x68/0x90
[ 1057.422064][T16041]  __alloc_pages+0x1f4/0x780
[ 1057.426495][T16041]  ? prep_new_page+0x110/0x110
[ 1057.431093][T16041]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[ 1057.436736][T16041]  __folio_alloc+0x15/0x40
[ 1057.440986][T16041]  handle_mm_fault+0x1cf7/0x30e0
[ 1057.445766][T16041]  ? numa_migrate_prep+0xe0/0xe0
[ 1057.450532][T16041]  ? __rcu_read_unlock+0x7e/0xd0
[ 1057.455306][T16041]  ? lock_vma_under_rcu+0x4aa/0x590
[ 1057.460430][T16041]  ? debug_smp_processor_id+0x17/0x20
[ 1057.465635][T16041]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1057.471537][T16041]  exc_page_fault+0x3b3/0x6d0
[ 1057.476053][T16041]  asm_exc_page_fault+0x27/0x30
[ 1057.480736][T16041] RIP: 0033:0x7ff4bbd2b31b
[ 1057.484989][T16041] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[ 1057.504430][T16041] RSP: 002b:00007ff4bcb3de10 EFLAGS: 00010246
[ 1057.510330][T16041] RAX: 00007ff4bcb3ff30 RBX: 00007ff4bbf0b620 RCX: 0000000000000000
[ 1057.518142][T16041] RDX: 00007ff4bcb3ff78 RSI: 00007ff4bbddc980 RDI: 00007ff4bcb3de30
[ 1057.525955][T16041] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[ 1057.533767][T16041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1057.541577][T16041] R13: 0000000000000000 R14: 00007ff4bbf36130 R15: 00007ffcda608fd8
[ 1057.549394][T16041]  </TASK>
[ 1057.552430][T16041] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1057.578319][T15814] EXT4-fs (loop0): unmounting filesystem.
[ 1057.806451][T16051] loop0: detected capacity change from 0 to 1024
[ 1057.814910][T16051] EXT4-fs: Ignoring removed orlov option
[ 1057.823421][T16051] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1057.859008][T16051] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1057.956266][T15162] pyra 0003:1E7D:2CF6.00E5: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[ 1058.014746][   T60] usb 2-1: new high-speed USB device number 117 using dummy_hcd
[ 1058.254753][   T60] usb 2-1: Using ep0 maxpacket: 8
[ 1058.374777][   T60] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 511, setting to 64
[ 1058.385503][   T60] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16
[ 1058.426428][   T60] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[ 1059.323055][T15814] EXT4-fs (loop0): unmounting filesystem.
[ 1059.330936][   T60] usb 2-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[ 1059.340158][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1059.353816][   T60] usb 2-1: SerialNumber: syz
[ 1059.404889][T16050] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1059.520960][T16062] loop0: detected capacity change from 0 to 1024
[ 1059.527876][T16062] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[ 1059.537179][T15162] pyra 0003:1E7D:2CF6.00E5: couldn't init struct pyra_device
[ 1059.544462][   T60] hub 2-1:1.0: bad descriptor, ignoring hub
[ 1059.550573][   T60] hub: probe of 2-1:1.0 failed with error -5
[ 1059.556800][T15162] pyra 0003:1E7D:2CF6.00E5: couldn't install mouse
[ 1059.566009][T15162] pyra: probe of 0003:1E7D:2CF6.00E5 failed with error -5
[ 1059.605369][ T1209] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1059.610501][T16062] loop0: detected capacity change from 0 to 512
[ 1059.614881][ T1209] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1059.621177][T16062] EXT4-fs: Ignoring removed oldalloc option
[ 1059.629809][ T1209] Buffer I/O error on dev loop0, logical block 0, async page read
[ 1059.643414][T16050] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1059.643652][T16062] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1059.661537][T16062] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.3277: invalid block
[ 1059.672968][T16062] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.3277: couldn't read orphan inode 11 (err -117)
[ 1059.685832][T16062] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1060.174726][   T39] usb 1-1: new high-speed USB device number 127 using dummy_hcd
[ 1060.275084][   T60] cdc_ether: probe of 2-1:1.0 failed with error -71
[ 1060.315459][   T60] usb 2-1: USB disconnect, device number 117
[ 1060.534837][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1060.545808][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1060.555646][   T39] usb 1-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[ 1060.564524][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1060.575987][   T39] usb 1-1: config 0 descriptor??
[ 1060.608686][T16072] loop3: detected capacity change from 0 to 40427
[ 1060.615446][T16072] F2FS-fs (loop3): Invalid segment/section count (24 != 24 * 3)
[ 1060.622996][T16072] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1060.631028][T16072] F2FS-fs (loop3): heap/no_heap options were deprecated
[ 1060.637924][T16072] F2FS-fs (loop3): Image doesn't support compression
[ 1060.645328][T16072] F2FS-fs (loop3): invalid crc value
[ 1060.651937][T16072] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1060.676113][T16072] F2FS-fs (loop3): Start checkpoint disabled!
[ 1060.682959][T16072] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1060.689854][T16072] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1060.704464][T16072] syz.3.3279: attempt to access beyond end of device
[ 1060.704464][T16072] loop3: rw=2049, sector=77824, nr_sectors = 848 limit=40427
[ 1060.810692][T15718] usb 3-1: USB disconnect, device number 108
[ 1060.825172][T16078] loop2: detected capacity change from 0 to 1024
[ 1060.836080][T16078] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1060.844444][T16078] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038 (0x7fffffff)
[ 1061.007266][   T28] audit: type=1400 audit(1729616358.954:342): avc:  denied  { map } for  pid=16077 comm="syz.2.3280" path="/26/file1/bus" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1061.044639][  T311] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[ 1061.055969][   T39] logitech-hidpp-device 0003:046D:C086.00E6: unknown main item tag 0x0
[ 1061.064069][   T39] logitech-hidpp-device 0003:046D:C086.00E6: unknown main item tag 0x0
[ 1061.072195][   T39] logitech-hidpp-device 0003:046D:C086.00E6: unknown main item tag 0x0
[ 1061.080377][   T39] logitech-hidpp-device 0003:046D:C086.00E6: unknown main item tag 0x0
[ 1061.088467][   T39] logitech-hidpp-device 0003:046D:C086.00E6: unknown main item tag 0x0
[ 1061.097142][   T39] logitech-hidpp-device 0003:046D:C086.00E6: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.0-1/input0
[ 1061.397163][T16085] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1061.437581][  T311] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1061.474834][  T311] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1061.492298][T15650] kworker/u4:0: attempt to access beyond end of device
[ 1061.492298][T15650] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[ 1061.626824][T16089] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1061.641925][T16089] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1061.659741][T15523] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /26/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[ 1061.664402][T16089] device bridge_slave_0 entered promiscuous mode
[ 1061.686691][  T311] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1061.696244][T15523] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 37: comm syz-executor: path /26/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[ 1061.721579][  T311] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1061.735605][  T311] usb 4-1: Product: syz
[ 1061.739595][  T311] usb 4-1: Manufacturer: syz
[ 1061.744452][T15523] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[ 1061.763576][  T311] usb 4-1: SerialNumber: syz
[ 1061.771875][T16089] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1061.782767][T16089] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1061.789788][  T314] usb 2-1: new full-speed USB device number 118 using dummy_hcd
[ 1061.798041][T16089] device bridge_slave_1 entered promiscuous mode
[ 1061.804386][T15523] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 37: comm syz-executor: path /26/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[ 1061.873319][T15523] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[ 1061.910402][T15523] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 37: comm syz-executor: path /26/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[ 1061.934941][T15523] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[ 1061.962813][T15523] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 37: comm syz-executor: path /26/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[ 1061.983864][T15523] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[ 1062.004979][T15523] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 37: comm syz-executor: path /26/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[ 1062.049264][T16089] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1062.056165][T16089] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1062.063236][T16089] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1062.070047][T16089] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1062.094050][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1062.101264][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1062.108727][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1062.115967][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1062.124998][T15718] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1062.133645][T15718] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1062.134793][T15523] EXT4-fs (loop2): unmounting filesystem.
[ 1062.140537][T15718] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1062.157724][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1062.166249][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1062.173120][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1062.191304][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1062.205190][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1062.222898][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1062.234558][T16089] device veth0_vlan entered promiscuous mode
[ 1062.241476][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1062.249691][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1062.254769][  T314] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1062.257145][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1062.274904][  T314] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1062.287646][  T314] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[ 1062.288760][T16089] device veth1_macvtap entered promiscuous mode
[ 1062.305627][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1062.320057][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1062.334456][T15718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1062.380991][T16094] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1062.387964][T16094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1062.388015][  T314] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1062.395928][T16094] device bridge_slave_0 entered promiscuous mode
[ 1062.404529][  T314] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1062.411285][T16094] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1062.418554][  T314] usb 2-1: SerialNumber: syz
[ 1062.425564][T16094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1062.436947][T16094] device bridge_slave_1 entered promiscuous mode
[ 1062.454779][T16088] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1062.461840][T16088] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1062.475247][  T314] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[ 1062.502939][T16094] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1062.509811][T16094] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1062.516921][T16094] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1062.523665][T16094] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1062.535635][ T3511] device bridge_slave_1 left promiscuous mode
[ 1062.544310][ T3511] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1062.551976][ T3511] device bridge_slave_0 left promiscuous mode
[ 1062.558149][ T3511] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1062.565976][ T3511] device veth1_macvtap left promiscuous mode
[ 1062.571939][ T3511] device veth0_vlan left promiscuous mode
[ 1062.650955][T15718] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1062.658872][T15718] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1062.672557][   T28] audit: type=1400 audit(1729616360.614:343): avc:  denied  { execute } for  pid=16107 comm="syz.4.3288" name="file0" dev="tmpfs" ino=32 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1062.680865][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1062.703641][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1062.706379][   T28] audit: type=1400 audit(1729616360.654:344): avc:  denied  { execute_no_trans } for  pid=16107 comm="syz.4.3288" path="/3/file0" dev="tmpfs" ino=32 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1062.711766][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1062.742204][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1062.751255][T15162] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1062.758131][T15162] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1062.765860][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1062.774218][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1062.782658][T15162] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1062.789535][T15162] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1062.814058][T15718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1062.822303][T15718] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1062.830356][T15718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1062.838531][T15718] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1062.874170][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1062.886882][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1063.128874][T16094] device veth0_vlan entered promiscuous mode
[ 1063.142811][T16094] device veth1_macvtap entered promiscuous mode
[ 1063.171278][   T39] usb 1-1: USB disconnect, device number 127
[ 1063.183131][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1063.192350][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1063.200461][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1063.217860][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1063.226325][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1063.234459][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1063.243479][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1063.252031][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1063.260456][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1065.074904][  T314] cdc_acm 2-1:1.0: ttyACM0: USB ACM device
[ 1065.075479][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1065.089584][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1065.128825][  T314] usb 2-1: USB disconnect, device number 118
[ 1065.145589][  T311] usb 4-1: 0:2 : does not exist
[ 1065.184261][  T311] usb 4-1: USB disconnect, device number 120
[ 1065.199802][T15814] EXT4-fs (loop0): unmounting filesystem.
[ 1065.203450][T16129] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3293'.
[ 1065.223091][T16131] EXT4-fs (sda1): shut down requested (2)
[ 1065.308060][T16131] Aborting journal on device sda1-8.
[ 1065.763628][T16163] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3308'.
[ 1065.790314][ T3511] device bridge_slave_1 left promiscuous mode
[ 1065.798534][ T3511] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1065.815794][ T3511] device bridge_slave_0 left promiscuous mode
[ 1065.822570][   T28] audit: type=1400 audit(1729616363.757:345): avc:  denied  { getopt } for  pid=16167 comm="syz.0.3310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1065.836711][ T3511] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1065.858099][ T3511] device veth1_macvtap left promiscuous mode
[ 1065.864111][ T3511] device veth0_vlan left promiscuous mode
[ 1066.102522][T16170] netlink: 'syz.0.3311': attribute type 4 has an invalid length.
[ 1066.110624][T16170] netlink: 17 bytes leftover after parsing attributes in process `syz.0.3311'.
[ 1066.113095][   T28] audit: type=1400 audit(1729616364.029:346): avc:  denied  { mounton } for  pid=16174 comm="syz.2.3312" path="/1/file0" dev="tmpfs" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1066.125050][T16171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3311'.
[ 1066.157424][   T28] audit: type=1400 audit(1729616364.066:347): avc:  denied  { mount } for  pid=16164 comm="syz.1.3309" name="/" dev="pstore" ino=1892 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[ 1066.280456][   T28] audit: type=1400 audit(1729616364.178:348): avc:  denied  { setopt } for  pid=16182 comm="syz.2.3314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1066.368284][   T28] audit: type=1400 audit(1729616364.272:349): avc:  denied  { write } for  pid=16190 comm="syz.2.3318" path="socket:[101282]" dev="sockfs" ino=101282 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1066.646854][T16201] 9pnet_virtio: no channels available for device syz
[ 1066.661871][   T28] audit: type=1400 audit(1729616364.534:350): avc:  denied  { create } for  pid=16202 comm="syz.4.3323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1066.961608][   T28] audit: type=1400 audit(1729616364.739:351): avc:  denied  { unmount } for  pid=15795 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[ 1066.991607][T16214] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3326'.
[ 1067.133281][T16223] 9pnet_virtio: no channels available for device syz
[ 1067.265021][ T8951] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1067.585600][ T8951] usb 1-1: Using ep0 maxpacket: 8
[ 1067.885000][ T8951] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1067.894658][ T8951] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1067.904209][ T8951] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1067.913990][ T8951] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1067.927048][ T8951] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1067.951455][ T8951] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1067.981201][   T28] audit: type=1400 audit(1729616365.778:352): avc:  denied  { audit_write } for  pid=16257 comm="syz.4.3345" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1068.003727][   T28] audit: type=1107 audit(1729616365.778:353): pid=16257 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 1068.023908][T15162] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[ 1068.312851][T15162] usb 3-1: Using ep0 maxpacket: 8
[ 1068.432827][   T28] audit: type=1400 audit(1729616366.199:354): avc:  denied  { create } for  pid=16264 comm="syz.1.3347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1068.466333][T16269] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3349'.
[ 1068.483781][T15162] usb 3-1: config 0 has no interfaces?
[ 1068.491030][T15162] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1068.500223][T15162] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1068.512554][T15162] usb 3-1: config 0 descriptor??
[ 1068.538054][   T28] audit: type=1400 audit(1729616366.302:355): avc:  denied  { read write } for  pid=16272 comm="syz.1.3351" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 1068.562806][   T28] audit: type=1400 audit(1729616366.302:356): avc:  denied  { open } for  pid=16272 comm="syz.1.3351" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 1068.594522][   T28] audit: type=1326 audit(1729616366.348:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16272 comm="syz.1.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4bbd7dff9 code=0x7ffc0000
[ 1068.617926][   T28] audit: type=1326 audit(1729616366.348:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16272 comm="syz.1.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4bbd7dff9 code=0x7ffc0000
[ 1068.641401][   T28] audit: type=1326 audit(1729616366.348:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16272 comm="syz.1.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7ff4bbd7dff9 code=0x7ffc0000
[ 1068.664669][   T28] audit: type=1326 audit(1729616366.348:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16272 comm="syz.1.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4bbd7dff9 code=0x7ffc0000
[ 1068.687932][   T28] audit: type=1326 audit(1729616366.348:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16272 comm="syz.1.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7ff4bbd7dff9 code=0x7ffc0000
[ 1068.781616][ T8951] usb 3-1: USB disconnect, device number 109
SYZFAIL: posix_spawn failed
 (errno 5: Input/output error)
[ 1069.072073][   T10] kworker/u4:1: attempt to access beyond end of device
[ 1069.072073][   T10] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[ 1069.244019][ T8951] usb 1-1: USB disconnect, device number 2
[ 1069.671147][ T3511] device bridge_slave_1 left promiscuous mode
[ 1069.677068][ T3511] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1069.684606][ T3511] device bridge_slave_0 left promiscuous mode
[ 1069.690529][ T3511] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1069.698398][ T3511] device veth1_macvtap left promiscuous mode
[ 1069.704282][ T3511] device veth0_vlan left promiscuous mode
[ 1070.558315][ T3511] device bridge_slave_1 left promiscuous mode
[ 1070.564249][ T3511] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1070.571519][ T3511] device bridge_slave_0 left promiscuous mode
[ 1070.577461][ T3511] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1070.585080][ T3511] device bridge_slave_1 left promiscuous mode
[ 1070.591079][ T3511] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1070.598406][ T3511] device bridge_slave_0 left promiscuous mode
[ 1070.604641][ T3511] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1070.612357][ T3511] device bridge_slave_1 left promiscuous mode
[ 1070.618270][ T3511] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1070.625790][ T3511] device bridge_slave_0 left promiscuous mode
[ 1070.631703][ T3511] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1070.639334][ T3511] device bridge_slave_1 left promiscuous mode
[ 1070.645299][ T3511] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1070.652420][ T3511] device bridge_slave_0 left promiscuous mode
[ 1070.658436][ T3511] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1070.666474][ T3511] device veth1_macvtap left promiscuous mode
[ 1070.672404][ T3511] device veth0_vlan left promiscuous mode
[ 1070.678312][ T3511] device veth1_macvtap left promiscuous mode
[ 1070.684119][ T3511] device veth0_vlan left promiscuous mode
[ 1070.690062][ T3511] device veth1_macvtap left promiscuous mode
[ 1070.695865][ T3511] device veth0_vlan left promiscuous mode
[ 1070.702041][ T3511] device veth1_macvtap left promiscuous mode
[ 1070.707924][ T3511] device veth0_vlan left promiscuous mode