last executing test programs:

3.243359519s ago: executing program 3 (id=906):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x9, 0x7, 0x6571, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f00000001c0), &(0x7f00000005c0)}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, 0x0, 0x0)
setuid(0xee00)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x15, &(0x7f0000000100)={{r0}, &(0x7f0000000680), &(0x7f0000000640)='%pS    \x00'}, 0x20)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
add_key$user(0x0, &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000340)="2e0f41c109e56d640bb4646fb234b1abf0e1236d51e01b88b6d68e56fbb876322ef1f8c233066ef396a6448fdb6eeee3683cf4def3789b3a58e67d4b06220bfd7f5981529d01691db320ab77e1315f050d7a26250300d0447d9bb2ea50ceb0d7fb5e8c714c85eb92", 0x68, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)

2.882253525s ago: executing program 3 (id=912):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
dup2(r2, r2)

2.813811806s ago: executing program 3 (id=913):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x5, {0x5, 0x0, "b1a748"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r1, 0xc0404807, 0x0)

1.272314671s ago: executing program 2 (id=954):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
creat(&(0x7f00000000c0)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x201000, 0x0)
r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x0, 0x8, 0x0)

1.164366672s ago: executing program 2 (id=955):
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x100000, @empty}}, 0x0, 0x0, 0xc, 0x0, "a1c1dd75a6843e10951cd4b347113e55eb499519becf7542da0bc21470e441225642855b5f2f4bb561dc9363aed4a18d67efd5f2fdf98328de941348589b763d46d14810acc5f700"}, 0xd8)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0xc, 0x80005, 0xed, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000001100)=0x12)

1.142105312s ago: executing program 3 (id=956):
unshare(0x60400)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x8, &(0x7f0000000800)=ANY=[@ANYBLOB="696e6c696e655f64656e74727900016865636b706f696e743d64697361626c652c696e6c696e655f646174612c6e6f636865636b706f696e745f6d657267652c6d6f64653d6c66732c252be76e0a8848022769ce6db839b26b6661756c745f696e6a656374696f6e3d30303030303030303030303030303030303031312c61636c2c6e6f61636c2c636f6d70726573735f63616368652c6572726f72733d72656d6f756e742d726f2c6e6f657874656e745f63616368652c686561702c616c6c6f635f6d6f64653d7265fc2413a788f8817d011fa9de16d2e9ccd0cf7bfdf2eccfdf64bada5a48e38c545bc45a4cf0233d64b6b88ad72cbd055493d674d3b8562bfa8cee7acd180fa03e80ac49c4131ec06b1f277a8e0de9598a22bce43f8fff00"], 0x1, 0x5508, &(0x7f0000002480)="$eJzs3EtvG1UUAODjpOmbEiEW7DpShZRItVWnD8GuQCseolVUYMEKHNux3NqeKHackBULlogF/wSBxIolv4EFa3aIBYgdEshzJ9DwkEBxYtJ8nzQ+c6+vz5xrVZXOTOQATqzF7OcfK3EpzkXEfERcjCjOK+VRuJ3CcxGRRcTcY0elnP994nREnI+IS5PkKWelfOvTq+MrN39446evvjlz6sJnX347u10Ds/Z8RPQ30vl2P8W8k+LDcr4x7haxf2NcxvRG/1E5zlPcbq8VGbYbe+saRbzeSevzja3hJK73Gs1J7HTXi/mNQbrgcNzZy1N84GFjsxi32mtF7A7zInZ2U107u+n/tt3hKOVplfk+KNLHaLQX03x7p532s/GoiM3BqJxPefNWe2cSx2UsLxfNvNcq6lg7yDf9//Zmd7C1k43bm8NuPshu1uov1Oq3qvXNvNUetW9UG/3WrRvZUqc3WVYdtRv925087/TatWbeX86WOs1mtV7Plu6017qNQVav167XrlVvLpdnV7NX77+T9VrZ0iS+3B1sjbq9Ybaeb2bpE8vZSu36i8vZlXr21r3VbPXB3bv3Vt9+786791+69/or5aK/lJUtrVxbWanWr1VX6ssnaP8flUVPcf9wIJVZFwBw/PzX/v+y/h+YgsPr/zcfRBx+/x/6/6k4Vv3vSe//D2H/cCD6fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAE+u7hc9fK04W0/hCOf9UOfVMOa5ExFxE/Po35uP0vpzzZZ6Ff1i/8Kcavq5EkWFyjTPlcT4ibpfHL08f9rcAAAAAT64vPrz8SerW08virAviKKWbNnMX359SvkpELCx+P6Vsc5OXZ6eUrPj3fSp2ppStuIF1dkrJ0i23U9PK9q/M7wtnHwuVFOaOtBwAAOBI7O8EjrYLAQAA4Ch9POsCmI1K7D3K3HsWXPzl/R8PBM/tGwEAAADHUGXWBQAAAACHruj//f4fAAAAPNnS7/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xs793CYORHEAfjZ4Yf9p0Wrv28reoIwtYY97jCggTVBADqSFNEAN5JYSIojwOAQiDpE8tpXo+yRnMpb58QbBYWakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv31Xpxe/X7um3Obt9OntEAAAAAl2yr9aL+Z5b6X5v735tbP5t+ERFlRFyau4/i01nmqMmpXp6/OX2+elXDXUSdcHiPSXN9iYg/zfX4o+tPAQAAAD6uzXI1T7P19Gc2dEH0KS3alN/+ZsorIqKaPWRKKw95vzKF1d/vcfzPlFYvYE0zhaUlt3GutDepf+7HVbvpSVOkprz4smOR2cYOAAD0aHTW9DsLAQAAoE//hi6AYRTxvJV53AqcpKbZ3vt81gMAAADeoWLoAgAAAIDO1fP/ns7/2zv/DwAAAIaRzv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS9tqvdgsV/O2Obt9O3lGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MT+vKNACIRBGOxd35nM/Q8rDZqamlSB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDmd3/5PzE1ziRzr42l55Fk7dTYOjX2zo2jP4yvXwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xpHFQcA/M3MztZWxTXKHiKi4EEvdrutrb2JByV48E8QQrqtsVt/tDnYUsRcvEnOvYgeRQQl3vo/5JxALvGWwx4ieFZmdiY7+QGuv2Y2yecDb953h2He981CyHfeSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDS6O1JnGSHzjiOi3Obew+Xsn7rUJ95vLY9n7UsjupM+mR4sfoh6jaXCAAAAGdHUtb3IYSddH0h6+NOXv+n5TVZzf/t0+O4rOcP1/1lX9b+Wfvl593n9wfqjMfJbnpzeTi4dDSV1v83y9n2zF9e0cqffP7uJcm/kPi91edGaf48o683Nt5p5+G5OrIFAP6Ji2VfBOXvQ1nfbzIxAM6MVqXwLuv/pNNsTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1GK2GJ8s4CiHMtyZxZmvv4dJx/eO17fmyXXv0aC18Oblndos0hHBzeTi4VOtsZtu9+w9uLw6Hg7v1By+FEJoa/a1i+rc/mOLiEBp5PoL/KIiLL3tW8jkZQYM/lAAAOJXSomV1/U66vpCdi+ZC+OO7g/X/q5U4TFn/7354bbM6VrX+79c2w9nXW7nzae/e/QevL99ZvDW4Nfj4jcv9N/tXrl+9er2XvyvpeWMCAADAv9MuWrX+j+eOrv9fqMRhyvr/s2/6X1THStT/x5os+jWdCQAAwNn27Mu//xYdcz5qt8Pniysrd/vj4/7ny+NjA6n+beeKVq3/k7mmswIAAADqMFqNDqz/36jEYcr1/6e+f+HH6j2TEML5Yv3/4tInwxv1TWem1fHnxE3PEQAAgGadL1p1/T/N9//H+1se4hDCa6+M4+LfAE5V/yfvfvVDdazq/v8r9U1xJsXd8fPI+24IrW7TGQEAAHCaPVG0rNj/NV1f+OinC++37f8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqNufAQAA//9hGz6T")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fdatasync(r0)

965.953025ms ago: executing program 2 (id=957):
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x1, 0x4, 0x0, 0x0, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x15)

888.540166ms ago: executing program 3 (id=959):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000140)=ANY=[], 0xff2e)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

869.332276ms ago: executing program 2 (id=962):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000b00)={"51959bc153b9bc25959f6305bd65dcb753a5634773a767c6c824440610297f50e72f8b7d3227f8507f5cbdb99208bae59de30dd80c130bb09462a4776d6d3e12107d31b5c03182b53db2ff16b61004f5a50af645ee99de29c37cbe0792a53ab33c411eb7ab4cbf572b6f0aff930ca2b433dda2cd546efca9581785440e0b8b7d96540e7254ca4b08e8ddaac174046d7e8bc626995eb39e3f5a48791d7f7c2e470ededd5edb5edf0c2a218dcb215744f8d4ed00327b79a4944b9c725b9adee501d874844787c3be84e846c958dad700bf317e466bdbb31a11354bdb7f71431afa5038581f408f9fb4834f54c92a25182ca127821c341df1dbfdfb68da89fbf0874616aa34fd8eb090bd786a80c460252c6f923afc3fbec647638f55b8593310085dbe310b8473218f5e95207533a4e273e91ad644542f6ce2679008dae25f58cb1d2becde90e2f99d4e1521c082ff4d96b2116857fa11dbd06c432e160f3f92c7e533f2e2d7b279df484b7a06fbfc915064458747d0f60c1b77bc5699e44b12ed8747bffd28035dafb5ad21f41c50f35f67760cd3cc6b17180e31880e9ee65ecd6e1aa9403df2b733fa25af2d301c9a3c955b060edb8a583f102094645454abbf36bff972bddd076861897edfcb436991ff93ff05498265dbf5035d6dcb381f204cabb485825b99a2c8bcc2c1f17885ca5a01bd136edfa0864655897bd542b0af5520df2e77032a6d06381fa8e8595a1f0ab2ba43ca6fee390a33e75a5991e2d495b38054f4defb3a255c7793eca334e4d1ea3267065f8f4ac55fd733d6d72b20fc93b43cba33b8c58e16081eff2746258cbd5f767f4ddcbb337b866720648f9f2b4ed2bb10b637706fd048eb7cebf6e66d487b668a3f7842038c518a2f7b4d797fefc3b96ec8468b773475e8a19f31b0d19520cb1133b4f2125a258e625a6303dd992bcc044f2054cb0e483e1ea3dc03d8645f97da1c1b7bafb82c41d36bcfd67eb312b25a9ae284ae1b202871f708df9cd98c4ee0ba876080e6ce8cea56c100e50e0554cf958b4eb8a0c4d17238b7abe773451238209af3ea41d9413d1fbf94a9385f98724deccba7d321aad3193b859c56525aa81c9775097993ba86cd5b33938efa420788f4d780d48cc2325a511453dc1f5b080ef0318600dbe8d7079d841c2a0973f7a614139919290159ee04cc477eb0e85aac0eb6c1f6f0921aefae8d3c37f25c052fde9a349dfb4ac84590ff31664a117ad7fd9b00c589a21f8cf353a49e53ffd9abced6d72402852f12ef3694553317e9daaaae1c800f5748fa6a4edbbd73b1ae0ad10307331ba78db0f1161546f125dee01f8d98fa25577eb16ac237ca47374a53fb64c72abe283e64bc331b05fbe3a966b65a4005b4047384e590265bd7b4523e693d0ea1dbeaddddb62876f1e1d1bfe6ae9a7f41ae63b8d00625"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

749.755568ms ago: executing program 2 (id=967):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x20000400)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)=@ipv4_newroute={0x1c, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9}}, 0x1c}}, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'lo\x00', {0x2, 0x0, @broadcast}})

654.0185ms ago: executing program 0 (id=972):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xff58)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x7, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000a000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2100, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

576.519001ms ago: executing program 0 (id=974):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r0)

561.190371ms ago: executing program 0 (id=975):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x414, &(0x7f0000000080)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
rename(&(0x7f0000000800)='./file0\x00', &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = inotify_init()
r1 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r2 = inotify_add_watch(r0, &(0x7f0000000240)='./file0\x00', 0x8c5)
write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[@ANYRES64=r2], 0x69)
close(r1)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

552.119552ms ago: executing program 2 (id=976):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_usb_connect$uac1(0x2, 0xbc, &(0x7f0000000440)=ANY=[@ANYBLOB="12010003000000106b1d01014000010203010902aa00030156c0020904000000010100000a24010101bb02010211240601040507000a0008000300020005052405060f0f2406020504020002000a000a00040c240202030202508000090111240605020507002e130a004ef1020000092403"], &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000080))
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000240)=ANY=[])
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0xf8}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)

492.465982ms ago: executing program 0 (id=977):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x20000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000440)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x4d, 0x0, @wg=@initiation={0x1, 0x3, "a028fc3d1617af8c214992e93ac24e1441d3d56315bf3e272467821a8120de39", "6a567a838071aaa10d57eab95b18282803fc455b49058ab7bd65c22c7f089a63f5452f56f86572bb077df67e372d6f84", "a774d0a19c3de300d2bd38524275f1dc21d787cf4edf48f9efb9b694", {"4f317397789b7281a54fda7311812419", "a42863b9cc9581f40b5f75d00f556093"}}}}}}}, 0x0)

482.423493ms ago: executing program 0 (id=979):
r0 = socket$netlink(0x10, 0x3, 0xf)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)={0x14, 0x1, 0x8, 0x101}, 0x14}}, 0x0)

456.177223ms ago: executing program 0 (id=980):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000009e602206d0414c340000000000109022400010400a000090400000103010100093700086ce8220100090581"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x29, 0xf, {0xf, 0x29, 0xc, 0x80, 0x4, 0x2, "02010200", '\nj#\x00'}}, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x408, 0xcd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)

412.366424ms ago: executing program 4 (id=982):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x2a)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x37, 0x1, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000003c0)={'vlan1\x00', &(0x7f0000000340)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}})
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000080)}], 0x1)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file2\x00', 0x1, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
io_getevents(0x0, 0x6, 0x0, &(0x7f0000000940), &(0x7f00000009c0))
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

391.043004ms ago: executing program 4 (id=983):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000000000000000617474722c616374697665c72c6191138918655f2c6f67733d342c9b756f74082c66b2d1c46f4b2a3d159dce99edb2a4ea6173670000000000dbb374615f666c7573682c70726a6a71756f74613d2d7b2c6a7166748dba745fe3616368652c66611d229b3547dadba6d8f9bfb74f705a8b2786d610d1f2335eb1dbbc87d1b7692ffe82e508d80bdcf88ebdd5523426b8a12703418316731cf8b17ccf39330769e5a4a505efbc7f3c5c2d958ffa4d22b0e082b7d907739b8adf1841440857364bd0ce880b4e382a53b6db010b536c4453c83641a4dbf3d147b6a4cced9500000000000000a9842380695333b8de7b86b28ca33d0553231dae70b0939ae315df79727bd626461089d02408b11aedcbf812b43ce60900"/297], 0x1, 0x54ff, &(0x7f0000000400)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYogbSQBqiB3FJCBBEeB4WIRJE8thX0fZIZxoIfMwgO80YaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS3fVenFz9fu6bc5u306e2QAAAADnbKv1on4yS/2vzf3vza2fTb+IiDIizq3dR/HpJHPU5FSvvL56MYbbiDrh8BmT5voSEX+a6+FH198CAAAAXK7NcjVPq/X0MBt6QPQpFW3Kb38z5RURUc3uM6WVh7xfmcLq3/c4/mdKqwtY00xhqeQ2zpX2LvXf/Vi1mz5ritSUb78/29wBAIAejU6aflchAAAA9Onf0ANgGEU8bWUetwInqWm29z6f9AAAAIAPqBh6AAAAAEDn6vW/8/8AAADgsqXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjStlovNsvVvG3Obt9OntkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/JykYwkAQRusf4rCT3P+wUqBnEOE9CHyk6UUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAG32ul+8dv8aR5N/fxshIZpKlo8baUWPrQmPvwnz6GgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE527t03jiIMAPjs7u2FBBCHQVcYIZAooCGXS0hIhyhAFgV/ApLlXILJhUfigkQRkhs65DoNghIhJJDp8j+kjiU3pnNxhZGoQfuy1w/E8do927+fNDvfrVY73+xJlr+dsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMrk7b04yQ69Io7Lc4937i9l/caBPvNwbXM+a1kcNZn08fBi/UPUL/q4pWQAAAA4HZKqvg8hbKXrC1kf9/L6P62uyWrTb54u4qqeP1j3V31V+2ft55+2n98dqFeMk930+vJ4dOFwKp3/b5az7Zm/vKKTP/n8HUGSfyHxe6vPTdL8eUZfPXr0TjcPzzSRLQDwT5yv+jKofh/K+mGbiQFwanRqhXdV/ye9dnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaMJkNTxZxVEIYb6zF2c2du4vHdU/XNucr9qVBw/W6vfMbpGGEK4vj0cXGpzLrLtz997NxfF4dLv54KUQQlujv1VO/+YHU1wcQivPR/AfBXH5Zc9KPscjaPGHEgAAJ1Jatqyu30rXF7Jz0VwIv3+7v/5/tRaHKev/7Q+vPK6PVa//h43NcPYNVm59Orhz997ry7cWb4xujD5+4+LwzeGlq5cvXx3k70oG3pgAAADw73TLVq//47nD6//nanH4k/o/OlD/f/b18Iv6WIn6/0h7i35tZwIAAHC6Pfvyb79GR5yPut3w+eLKyu1hcdz9fLE4tpDq33ambPX6P5lrOysAAACgCZPVaN/6/7VaHKbc///Udy/8UL9nEkI4W67/n1/6ZHytuenMtCb+nLjtOQIAANCus2Wrr/+n+f7/eHfLQxxCeO2VIi7/DeBU9X/y7pff18eq7/+/1NwUZ1LcL55H3vdD6PTbzggAAICT7ImyZcX+L+n6wkc/nnu/a/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNP+CAAA//8smT5m")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
ioctl$FITRIM(r0, 0x40305839, &(0x7f0000000080)={0x0, 0x1ff, 0x8000000})
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
ioctl$FITRIM(r1, 0x40305839, &(0x7f0000000080)={0x0, 0x0, 0x8000000})

349.260435ms ago: executing program 1 (id=984):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020200828500000070000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x0, 0x62, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

294.144966ms ago: executing program 1 (id=985):
syz_mount_image$fuse(0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0)
setxattr$trusted_overlay_opaque(0x0, 0x0, 0x0, 0x0, 0x3)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getrusage(0x0, &(0x7f0000002740))

236.480056ms ago: executing program 1 (id=986):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
listen(r0, 0x3)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)

235.956716ms ago: executing program 1 (id=996):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x6, 0x0, &(0x7f0000000040)="4e3f261e29a7", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158cf474fec87891f6d76745b686158bbcfe8875afdef00010000000029"], 0x66)

175.010398ms ago: executing program 4 (id=987):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
preadv(r1, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/257, 0x101}], 0x1, 0x8000, 0xc)

164.699618ms ago: executing program 4 (id=988):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

134.212108ms ago: executing program 4 (id=989):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x1001a, &(0x7f0000000180), 0x1, 0x42e, &(0x7f0000000940)="$eJzs20tvG0UcAPD/rpOUvkgo5dEHECiIiEfSpAV64AICiQsSEhzKMSRpFeI2qAkSrSIICHFFlbgjjkh8Ak5wQcAJiSsfAFWqUC4tnIzW3k1sx3k4deKCfz9pk5ndcWb+3hl7dicbQM8azn4kEYci4o+IGKxlGwsM137dXlma+ntlaSqJSuXtv5JquVsrS1NF0eJ1B/PMSBqRfp7EiRb1Lly9NjdZLs9cyfNji5c+GFu4eu352UuTF2cuzlyeOHfu7Jnxl16ceKEjcWZtunX84/mTx9549/qbU+evv/fLd0kRf1McHTK82cGnKpUOV9ddh+vSSV8XG0JbShGRna7+6vgfjFKsnbzBeP2zrjYO2FWVSqVycOPDyxXgfyyJbrcA6I7iiz67/i22PZp63BVuvlK7AMrivp1vtSN9keZl+puubztpOCLOL//zdbbF7tyHAABo8EM2/3mu1fwvjQfryt2brw0NRcR9EXEkIu6PiKMR8UBEtexDEfFwm/U3L5Ksn/+kN3YU2DZl87+X87WtxvlfMfuLoVKeO1yNvz+5MFueOZ2/JyPRvy/Lj29Sx4+v/f7lRsfq53/ZltVfzAXzdtzo29f4munJxck7ibnezU8jjve1ij9ZXQlIIuJYRBzfYR2zz3x7cqNjW8e/iQ6sM1W+iXi6dv6Xoyn+QrL5+uTYPVGeOT1W9Ir1fv3ti7c2qv+O4u+A7PwfaNn/V+MfSurXaxfa+/v7tji+0/4/kLxTTQ/k+z6aXFy8Mh4xMNfYKar7J9bni/JZ/COnWo//I7H2TpyIiKwTPxIRj0bEY3nbH4+IJyLi1CYx/vzqk+/vPP7dlcU/3db5X0sMRPOe1onS3E/fN1Q61E782fk/W02N5Hu28/m3nXa135sBAADgvymNiEORpKOr6TQdHa39v/zROJCW5xcWn70w/+Hl6dozAkPRnxZ3ugbr7oeO55f1RX6iKX8mv2/8VWl/NT86NV+e7nbw0OMObjD+M3+Wut06YNd5Xgt6l/EPvcv4h95l/EPvajH+93ejHcDea/X9/0kX2gHsvabxb9kPeojrf+hdxj/0LuMfetLC/tj6IXkJiXWJSO+KZkjsUqLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//9Oa5Js=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ftruncate(r1, 0x2000009)
write$cgroup_int(r0, &(0x7f0000000100), 0x12)
write$binfmt_script(r1, &(0x7f0000000140), 0xfcb8)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000000)={0x17c04, 0xffffffffffffffff, 0x0, 0x100000001, 0x0, 0x10000})
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000080)={0x17c04, r0, 0xfffffffffffffdfd, 0x100000000, 0x3})

134.020489ms ago: executing program 4 (id=990):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x2a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x37, 0x1, 0x0, 0x0, 0x0)
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000003c0)={'vlan1\x00', &(0x7f0000000340)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}})
writev(r4, &(0x7f0000000180)=[{&(0x7f0000000080)}], 0x1)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file2\x00', 0x1, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
io_getevents(0x0, 0x6, 0x0, &(0x7f0000000940), &(0x7f00000009c0))
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

133.581088ms ago: executing program 1 (id=991):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0/../file0\x00', 0x88101)
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)

201.821µs ago: executing program 1 (id=992):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x2a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x37, 0x1, 0x0, 0x0, 0x0)
r6 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000003c0)={'vlan1\x00', &(0x7f0000000340)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}})
writev(r5, &(0x7f0000000180)=[{&(0x7f0000000080)}], 0x1)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file2\x00', 0x1, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
io_getevents(0x0, 0x6, 0x0, &(0x7f0000000940), &(0x7f00000009c0))
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

0s ago: executing program 3 (id=993):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x2a)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x37, 0x1, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000003c0)={'vlan1\x00', &(0x7f0000000340)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}})
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000080)}], 0x1)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file2\x00', 0x1, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
io_getevents(0x0, 0x6, 0x0, &(0x7f0000000940), &(0x7f00000009c0))
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

kernel console output (not intermixed with test programs):

z-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[   45.024936][  T470] loop2: detected capacity change from 0 to 2048
[   45.031332][  T453] loop1: detected capacity change from 0 to 128
[   45.035754][   T28] audit: type=1326 audit(1743707978.173:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=469 comm="syz.2.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[   45.060434][  T471] Zero length message leads to an empty skb
[   45.060562][   T28] audit: type=1326 audit(1743707978.173:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=469 comm="syz.2.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[   45.089081][  T463] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 1125899906842627)!
[   45.090322][   T28] audit: type=1326 audit(1743707978.173:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=469 comm="syz.2.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[   45.123220][  T463] EXT4-fs (loop3): group descriptors corrupted!
[   45.130193][   T28] audit: type=1326 audit(1743707978.173:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=469 comm="syz.2.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[   45.153742][   T28] audit: type=1326 audit(1743707978.203:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=469 comm="syz.2.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[   45.154231][  T453] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   45.177568][  T453] ext4 filesystem being mounted at /6/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   45.203042][  T470]  loop2: p3 < > p4 < >
[   45.207155][  T470] loop2: partition table partially beyond EOD, truncated
[   45.233875][  T470] loop2: p3 start 4284289 is beyond EOD, truncated
[   46.114813][  T488] loop3: detected capacity change from 0 to 128
[   46.121440][  T486] loop0: detected capacity change from 0 to 256
[   46.128129][  T486] FAT-fs (loop0): Unrecognized mount option "ÿÿÿÿ" or missing value
[   46.164407][  T291] EXT4-fs (loop1): unmounting filesystem.
[   46.191905][  T313] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   46.209417][  T488] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   46.241315][  T488] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   47.208146][  T496] tipc: Started in network mode
[   47.213283][  T496] tipc: Node identity 0a85cca1f741, cluster identity 4711
[   47.220448][  T496] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   47.951935][  T487] tipc: Disabling bearer <eth:syzkaller0>
[   48.313100][  T296] EXT4-fs (loop3): unmounting filesystem.
[   48.797924][  T517] bridge0: port 3(gretap0) entered blocking state
[   48.811485][  T517] bridge0: port 3(gretap0) entered disabled state
[   48.822845][  T486] loop0: detected capacity change from 0 to 512
[   48.836184][  T486] ext3: Bad value for 'max_dir_size_kb'
[   48.842175][  T517] device gretap0 entered promiscuous mode
[   49.046034][  T517] bridge0: port 3(gretap0) entered blocking state
[   49.052345][  T517] bridge0: port 3(gretap0) entered forwarding state
[   49.372602][  T519] netlink: 12 bytes leftover after parsing attributes in process `syz.3.41'.
[   49.383466][  T519] device vlan2 entered promiscuous mode
[   49.388847][  T519] device erspan0 entered promiscuous mode
[   49.395147][  T519] device erspan0 left promiscuous mode
[   49.402982][  T515] device gretap0 left promiscuous mode
[   49.408354][  T515] bridge0: port 3(gretap0) entered disabled state
[   51.453898][   T28] kauditd_printk_skb: 168 callbacks suppressed
[   51.453918][   T28] audit: type=1400 audit(1743707983.353:349): avc:  denied  { mount } for  pid=522 comm="syz.1.42" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   51.683259][   T28] audit: type=1400 audit(1743707984.043:350): avc:  denied  { bind } for  pid=525 comm="syz.4.43" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   51.708912][   T28] audit: type=1400 audit(1743707984.043:351): avc:  denied  { create } for  pid=525 comm="syz.4.43" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   51.736703][   T28] audit: type=1400 audit(1743707984.043:352): avc:  denied  { write } for  pid=525 comm="syz.4.43" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   51.935934][  T545] netlink: 20 bytes leftover after parsing attributes in process `syz.4.46'.
[   52.876025][  T550] overlayfs: missing 'lowerdir'
[   53.302760][  T553] syz.0.47[553] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.304167][  T553] syz.0.47[553] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.324333][  T553] netlink: 165 bytes leftover after parsing attributes in process `syz.0.47'.
[   53.675451][   T28] audit: type=1400 audit(1743707985.213:353): avc:  denied  { bind } for  pid=532 comm="syz.3.45" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   54.212727][   T28] audit: type=1400 audit(1743707985.213:354): avc:  denied  { listen } for  pid=532 comm="syz.3.45" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   54.233392][   T28] audit: type=1400 audit(1743707986.913:355): avc:  denied  { mount } for  pid=541 comm="syz.0.47" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   54.256615][   T28] audit: type=1400 audit(1743707987.343:356): avc:  denied  { ioctl } for  pid=554 comm="syz.4.50" path="socket:[16602]" dev="sockfs" ino=16602 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   54.360913][  T556] loop4: detected capacity change from 0 to 1024
[   54.586925][   T28] audit: type=1400 audit(1743707988.173:357): avc:  denied  { write } for  pid=555 comm="syz.1.49" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   54.608458][  T556] EXT4-fs: Ignoring removed orlov option
[   54.997126][  T556] EXT4-fs (loop4): Test dummy encryption mode enabled
[   55.059062][   T28] audit: type=1400 audit(1743707988.643:358): avc:  denied  { unmount } for  pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   55.109792][  T556] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   58.194775][  T584] ÿ: renamed from bond_slave_0
[   60.126336][  T573] loop1: detected capacity change from 0 to 1024
[   60.132961][  T573] EXT4-fs: Ignoring removed orlov option
[   60.146713][  T573] EXT4-fs (loop1): Test dummy encryption mode enabled
[   60.156615][   T28] kauditd_printk_skb: 1 callbacks suppressed
[   60.156631][   T28] audit: type=1400 audit(1743707991.703:360): avc:  denied  { create } for  pid=566 comm="syz.2.52" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   60.230351][  T573] EXT4-fs: failed to create workqueue
[   60.235607][  T573] EXT4-fs (loop1): mount failed
[   60.254991][   T28] audit: type=1400 audit(1743707991.863:361): avc:  denied  { connect } for  pid=566 comm="syz.2.52" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   60.282841][  T293] EXT4-fs (loop4): unmounting filesystem.
[   60.295723][   T28] audit: type=1400 audit(1743707991.883:362): avc:  denied  { getopt } for  pid=566 comm="syz.2.52" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   62.002076][  T596] loop4: detected capacity change from 0 to 256
[   62.235300][  T596] FAT-fs (loop4): Unrecognized mount option "ÿÿÿÿ" or missing value
[   62.271919][   T28] audit: type=1400 audit(1743707995.853:363): avc:  denied  { append } for  pid=608 comm="syz.3.63" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   62.304461][   T28] audit: type=1400 audit(1743707995.883:364): avc:  denied  { write } for  pid=606 comm="syz.1.59" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   62.323228][   T28] audit: type=1400 audit(1743707995.883:365): avc:  denied  { ioctl } for  pid=606 comm="syz.1.59" path="socket:[16222]" dev="sockfs" ino=16222 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   62.349764][  T610] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   62.368420][   T28] audit: type=1400 audit(1743707995.933:366): avc:  denied  { ioctl } for  pid=609 comm="syz.2.62" path="/dev/kvm" dev="devtmpfs" ino=83 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   62.394137][  T313] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   62.891732][  T620] loop3: detected capacity change from 0 to 512
[   62.932632][   T28] audit: type=1400 audit(1743707996.513:367): avc:  denied  { write } for  pid=609 comm="syz.2.62" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   62.959633][  T620] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   62.971406][  T620] EXT4-fs (loop3): orphan cleanup on readonly fs
[   62.979206][  T620] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.63: bg 0: block 248: padding at end of block bitmap is not set
[   62.993823][  T620] Quota error (device loop3): write_blk: dquota write failed
[   63.046811][  T620] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   63.092539][  T620] EXT4-fs error (device loop3): ext4_acquire_dquot:6782: comm syz.3.63: Failed to acquire dquot type 1
[   63.104249][  T620] EXT4-fs (loop3): 1 truncate cleaned up
[   63.157230][  T620] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   63.867489][  T621] loop4: detected capacity change from 0 to 512
[   63.913058][  T621] ext3: Bad value for 'max_dir_size_kb'
[   65.190908][   T28] kauditd_printk_skb: 3 callbacks suppressed
[   65.190926][   T28] audit: type=1400 audit(1743707998.773:371): avc:  denied  { create } for  pid=651 comm="syz.4.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   65.317805][   T28] audit: type=1400 audit(1743707998.903:372): avc:  denied  { ioctl } for  pid=651 comm="syz.4.68" path="socket:[16888]" dev="sockfs" ino=16888 ioctlcmd=0x52c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   65.471804][  T655] device veth1_macvtap left promiscuous mode
[   65.528985][  T655] device veth1_macvtap entered promiscuous mode
[   65.753468][   T28] audit: type=1326 audit(1743707999.343:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=656 comm="syz.1.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   65.767871][  T646] loop0: detected capacity change from 0 to 40427
[   65.845671][  T646] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   65.866750][   T28] audit: type=1326 audit(1743707999.363:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=656 comm="syz.1.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   65.891836][  T646] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   65.918853][  T646] F2FS-fs (loop0): invalid crc value
[   65.932095][   T28] audit: type=1326 audit(1743707999.363:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=656 comm="syz.1.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   65.956714][   T28] audit: type=1326 audit(1743707999.363:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=656 comm="syz.1.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   65.982286][   T28] audit: type=1326 audit(1743707999.363:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=656 comm="syz.1.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   66.007163][  T662] syz.1.69[662] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.007257][  T662] syz.1.69[662] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.054514][  T662] loop1: detected capacity change from 0 to 512
[   66.071738][  T662] ext3: Unknown parameter 'measure'
[   66.446278][  T646] F2FS-fs (loop0): Found nat_bits in checkpoint
[   67.025519][  T668] loop4: detected capacity change from 0 to 256
[   68.054917][   T28] audit: type=1326 audit(1743707999.363:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=656 comm="syz.1.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   68.185046][   T28] audit: type=1326 audit(1743707999.363:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=656 comm="syz.1.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   68.209361][   T28] audit: type=1326 audit(1743707999.363:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=656 comm="syz.1.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   68.379835][  T674] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   68.388522][  T674] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[   68.400064][  T674] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   68.445630][  T674] netlink: 96 bytes leftover after parsing attributes in process `syz.4.71'.
[   68.670674][  T677] loop0: detected capacity change from 0 to 512
[   68.677546][  T677] EXT4-fs: Ignoring removed i_version option
[   68.683497][  T677] EXT4-fs: Invalid want_extra_isize 107
[   69.040376][  T683] loop4: detected capacity change from 0 to 512
[   69.187836][  T683] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[   69.381249][  T686] loop1: detected capacity change from 0 to 512
[   69.393747][  T686] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   69.402291][  T686] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[   69.411524][  T296] EXT4-fs (loop3): unmounting filesystem.
[   69.426972][  T683] loop4: detected capacity change from 0 to 2048
[   69.444372][  T683] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   69.554952][  T694] loop3: detected capacity change from 0 to 512
[   69.562112][  T694] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   69.582010][  T694] EXT4-fs (loop3): orphan cleanup on readonly fs
[   69.588922][  T694] EXT4-fs error (device loop3): ext4_acquire_dquot:6782: comm syz.3.76: Failed to acquire dquot type 1
[   69.829423][  T697] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.74: bg 0: block 234: padding at end of block bitmap is not set
[   69.976571][  T697] EXT4-fs (loop4): Remounting filesystem read-only
[   69.983826][  T694] EXT4-fs (loop3): 1 truncate cleaned up
[   70.030308][  T694] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   70.165639][  T702] SELinux: failed to load policy
[   70.198778][   T28] kauditd_printk_skb: 30 callbacks suppressed
[   70.198797][   T28] audit: type=1400 audit(1743708003.753:409): avc:  denied  { load_policy } for  pid=685 comm="syz.1.75" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   70.228182][  T293] EXT4-fs (loop4): unmounting filesystem.
[   70.314373][  T296] EXT4-fs (loop3): unmounting filesystem.
[   70.391238][  T708] loop3: detected capacity change from 0 to 1024
[   70.472040][  T711] netlink: 8 bytes leftover after parsing attributes in process `syz.4.78'.
[   70.563564][  T708] EXT4-fs: Ignoring removed nobh option
[   70.677064][  T708] EXT4-fs: Ignoring removed bh option
[   70.737974][  T708] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   70.874840][  T708] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   70.906155][   T28] audit: type=1400 audit(1743708004.493:410): avc:  denied  { read write open } for  pid=707 comm="syz.3.79" path="/14/file1/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   70.931709][  T708] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.79: Allocating blocks 481-513 which overlap fs metadata
[   71.617897][  T725] loop4: detected capacity change from 0 to 512
[   71.656555][  T725] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   71.751578][  T296] EXT4-fs (loop3): unmounting filesystem.
[   71.770210][  T725] EXT4-fs (loop4): orphan cleanup on readonly fs
[   71.781409][  T725] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.81: bg 0: block 248: padding at end of block bitmap is not set
[   71.797031][  T725] Quota error (device loop4): write_blk: dquota write failed
[   71.804605][  T725] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   71.814502][  T725] EXT4-fs error (device loop4): ext4_acquire_dquot:6782: comm syz.4.81: Failed to acquire dquot type 1
[   71.829576][  T725] EXT4-fs (loop4): 1 truncate cleaned up
[   71.844524][  T725] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   73.181421][  T734] capability: warning: `syz.1.83' uses deprecated v2 capabilities in a way that may be insecure
[   73.192798][  T734] overlayfs: upper fs does not support tmpfile.
[   74.434852][   T28] audit: type=1400 audit(1743708007.843:411): avc:  denied  { read } for  pid=735 comm="syz.0.84" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   74.464349][  T293] EXT4-fs (loop4): unmounting filesystem.
[   74.472277][  T743] loop3: detected capacity change from 0 to 256
[   74.488015][   T28] audit: type=1400 audit(1743708007.853:412): avc:  denied  { open } for  pid=735 comm="syz.0.84" path="/dev/loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   74.513347][   T28] audit: type=1400 audit(1743708007.893:413): avc:  denied  { ioctl } for  pid=735 comm="syz.0.84" path="/dev/loop-control" dev="devtmpfs" ino=113 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   74.558350][  T743] FAT-fs (loop3): Unrecognized mount option "ÿÿÿÿ" or missing value
[   74.691076][  T748] xt_limit: Overflow, try lower: 2147483649/3300
[   75.930290][  T755] loop4: detected capacity change from 0 to 256
[   76.049434][   T28] audit: type=1400 audit(1743708009.633:414): avc:  denied  { getopt } for  pid=749 comm="syz.0.87" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   76.196596][  T755] FAT-fs (loop4): Directory bread(block 64) failed
[   76.773666][  T755] FAT-fs (loop4): Directory bread(block 65) failed
[   76.780072][  T755] FAT-fs (loop4): Directory bread(block 66) failed
[   76.803471][  T755] FAT-fs (loop4): Directory bread(block 67) failed
[   76.817501][  T755] FAT-fs (loop4): Directory bread(block 68) failed
[   76.830569][  T755] FAT-fs (loop4): Directory bread(block 69) failed
[   76.872601][  T755] FAT-fs (loop4): Directory bread(block 70) failed
[   76.893086][  T755] FAT-fs (loop4): Directory bread(block 71) failed
[   76.927780][  T755] FAT-fs (loop4): Directory bread(block 72) failed
[   76.958905][  T765] loop3: detected capacity change from 0 to 512
[   76.969481][  T755] FAT-fs (loop4): Directory bread(block 73) failed
[   76.992646][  T765] EXT4-fs: Ignoring removed orlov option
[   77.023500][  T765] ext4: Unknown parameter 'uid>00000000000000000000'
[   77.040538][  T769] netlink: 'syz.0.91': attribute type 10 has an invalid length.
[   77.065099][   T28] audit: type=1400 audit(1743708010.633:415): avc:  denied  { bind } for  pid=768 comm="syz.0.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   77.092010][   T28] audit: type=1400 audit(1743708010.633:416): avc:  denied  { ioctl } for  pid=768 comm="syz.0.91" path="socket:[17485]" dev="sockfs" ino=17485 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   77.119405][  T765] syz.3.89 uses obsolete (PF_INET,SOCK_PACKET)
[   77.143637][  T759] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   77.275596][  T774] ÿ: renamed from bond_slave_0
[   78.126708][  T765] loop3: detected capacity change from 0 to 1024
[   78.300253][  T760] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   78.320969][   T28] audit: type=1400 audit(1743708010.633:417): avc:  denied  { connect } for  pid=768 comm="syz.0.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   78.387114][  T313] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   78.659930][  T781] loop4: detected capacity change from 0 to 128
[   78.702158][  T781] EXT4-fs (loop4): Test dummy encryption mode enabled
[   78.703590][   T28] audit: type=1400 audit(1743708012.283:418): avc:  denied  { read } for  pid=783 comm="syz.1.93" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   78.753164][   T28] audit: type=1400 audit(1743708012.343:419): avc:  denied  { write } for  pid=783 comm="syz.1.93" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   78.758573][  T786] loop3: detected capacity change from 0 to 512
[   78.789240][  T786] ext2: Unknown parameter 'smackfsfloor'
[   78.794778][  T781] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   78.812770][  T781] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   78.912840][  T781] can0: slcan on ptm1.
[   78.918982][   T28] audit: type=1400 audit(1743708012.503:420): avc:  denied  { read } for  pid=140 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   78.948421][   T28] audit: type=1400 audit(1743708012.523:421): avc:  denied  { watch watch_reads } for  pid=776 comm="syz.4.92" path="/19/mnt" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   79.684792][  T797] futex_wake_op: syz.4.92 tries to shift op by -1; fix this program
[   79.701698][   T28] audit: type=1400 audit(1743708012.523:422): avc:  denied  { create } for  pid=776 comm="syz.4.92" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   79.763306][  T781] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   79.788947][  T800] binder: 793:800 ioctl c0306201 0 returned -14
[   80.098151][  T781] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   80.115684][   T28] audit: type=1400 audit(1743708013.663:423): avc:  denied  { connect } for  pid=801 comm="syz.1.96" lport=256 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   80.242727][  T812] SELinux:  policydb magic number 0x75622f2e does not match expected magic number 0xf97cff8c
[   80.267457][  T812] SELinux: failed to load policy
[   80.292498][  T778] can0 (unregistered): slcan off ptm1.
[   80.319456][  T293] EXT4-fs (loop4): unmounting filesystem.
[   80.609185][  T843] loop4: detected capacity change from 0 to 512
[   80.631651][  T843] EXT4-fs: Ignoring removed bh option
[   80.654437][  T843] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1800c018, mo2=0002]
[   80.665206][  T843] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2809: Unable to expand inode 17. Delete some EAs or run e2fsck.
[   80.704768][  T843] EXT4-fs (loop4): 1 truncate cleaned up
[   80.710335][  T843] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   80.966903][  T853] bridge0: port 3(syz_tun) entered blocking state
[   80.973296][  T853] bridge0: port 3(syz_tun) entered disabled state
[   80.985890][  T853] device syz_tun entered promiscuous mode
[   80.992560][  T853] bridge0: port 3(syz_tun) entered blocking state
[   80.998907][  T853] bridge0: port 3(syz_tun) entered forwarding state
[   82.093381][   T28] kauditd_printk_skb: 54 callbacks suppressed
[   82.093404][   T28] audit: type=1326 audit(1743708015.623:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=841 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c25b8d169 code=0x7ffc0000
[   82.125333][  T293] EXT4-fs (loop4): unmounting filesystem.
[   82.653704][  T870] loop4: detected capacity change from 0 to 128
[   84.031016][  T879] netlink: 'syz.4.103': attribute type 49 has an invalid length.
[   84.038862][  T879] netlink: 'syz.4.103': attribute type 49 has an invalid length.
[   84.763536][   T28] audit: type=1326 audit(1743708015.623:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=841 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c25b8d169 code=0x7ffc0000
[   84.787001][   T28] audit: type=1326 audit(1743708016.493:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=865 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   85.038477][  T881] loop3: detected capacity change from 0 to 256
[   85.074908][  T881] netlink: 24 bytes leftover after parsing attributes in process `syz.3.106'.
[   85.090351][   T28] audit: type=1326 audit(1743708016.493:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=865 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   85.092171][  T881] netlink: 4 bytes leftover after parsing attributes in process `syz.3.106'.
[   85.127802][   T28] audit: type=1326 audit(1743708016.513:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=865 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   85.201034][   T28] audit: type=1326 audit(1743708016.513:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=865 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   85.327193][   T28] audit: type=1326 audit(1743708016.523:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=865 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   85.360578][  T886] loop2: detected capacity change from 0 to 256
[   85.372196][   T28] audit: type=1326 audit(1743708016.533:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=865 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   85.420587][  T886] exfat: Unknown parameter 'iocharse¦Nl™'
[   85.426639][   T28] audit: type=1326 audit(1743708016.533:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=865 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   85.451506][   T28] audit: type=1326 audit(1743708016.533:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=865 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[   85.517164][  T313] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   86.402574][  T358] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   86.494548][  T903] loop1: detected capacity change from 0 to 128
[   86.533460][  T903] EXT4-fs (loop1): Test dummy encryption mode enabled
[   89.603140][  T358] usb 5-1: Using ep0 maxpacket: 8
[   89.611413][  T903] EXT4-fs: failed to create workqueue
[   89.680593][  T358] usb 5-1: config 11 has an invalid interface number: 80 but max is 0
[   89.695291][  T903] EXT4-fs (loop1): mount failed
[   89.726825][  T913] 9pnet: Could not find request transport: rdma
[   89.908070][  T358] usb 5-1: config 11 has no interface number 0
[   89.990004][   T28] kauditd_printk_skb: 35 callbacks suppressed
[   89.990025][   T28] audit: type=1400 audit(1743708023.553:523): avc:  denied  { unmount } for  pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[   90.077523][  T358] usb 5-1: config 11 interface 80 has no altsetting 0
[   90.090449][  T358] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=a4.ea
[   90.101279][  T358] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.115374][  T358] usb 5-1: Product: syz
[   90.122694][  T358] usb 5-1: Manufacturer: syz
[   90.163172][  T358] usb 5-1: SerialNumber: syz
[   90.485481][  T358] usb 5-1: can't set config #11, error -71
[   90.492187][  T358] usb 5-1: USB disconnect, device number 3
[   90.621166][   T28] audit: type=1326 audit(1743708477.206:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=924 comm="syz.0.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[   90.645267][  T929] syz.0.118 (929): /proc/924/oom_adj is deprecated, please use /proc/924/oom_score_adj instead.
[   90.675426][  T932] loop1: detected capacity change from 0 to 40427
[   90.682768][  T932] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   90.690364][  T932] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   90.699506][   T28] audit: type=1326 audit(1743708477.206:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=924 comm="syz.0.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[   90.722627][   T28] audit: type=1326 audit(1743708477.236:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=924 comm="syz.0.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[   90.746394][   T28] audit: type=1326 audit(1743708477.236:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=924 comm="syz.0.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[   90.770165][   T28] audit: type=1326 audit(1743708477.236:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=924 comm="syz.0.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[   90.838860][  T932] F2FS-fs (loop1): invalid crc value
[   91.153928][  T932] F2FS-fs (loop1): Found nat_bits in checkpoint
[   91.159551][   T28] audit: type=1326 audit(1743708477.236:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=924 comm="syz.0.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[   91.198624][   T28] audit: type=1326 audit(1743708477.256:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=924 comm="syz.0.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[   91.229199][   T28] audit: type=1326 audit(1743708477.256:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=924 comm="syz.0.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[   91.253242][  T932] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   91.260106][  T932] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   91.283104][   T28] audit: type=1326 audit(1743708477.256:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=924 comm="syz.0.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[   91.500019][  T952] loop4: detected capacity change from 0 to 128
[   91.884250][  T953] syz.1.117: attempt to access beyond end of device
[   91.884250][  T953] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   93.745765][  T962] loop2: detected capacity change from 0 to 256
[   93.778815][  T962] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   93.860516][  T964] netlink: 28 bytes leftover after parsing attributes in process `syz.4.122'.
[   94.223304][  T976] syz.0.127[976] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.224751][  T976] syz.0.127[976] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   98.199884][  T981] loop1: detected capacity change from 0 to 2048
[   98.380339][  T981] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 1125899906842627)!
[   98.380390][  T981] EXT4-fs (loop1): group descriptors corrupted!
[   98.430403][  T976] tty tty3: ldisc open failed (-12), clearing slot 2
[   98.584100][   T28] kauditd_printk_skb: 152 callbacks suppressed
[   98.584116][   T28] audit: type=1400 audit(1743708485.176:685): avc:  denied  { remove_name } for  pid=294 comm="syz-executor" name=".index" dev="loop2" ino=1048605 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   98.656790][   T28] audit: type=1400 audit(1743708485.206:686): avc:  denied  { rmdir } for  pid=294 comm="syz-executor" name=".index" dev="loop2" ino=1048605 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   98.679885][   T28] audit: type=1400 audit(1743708485.206:687): avc:  denied  { unlink } for  pid=294 comm="syz-executor" name="file0" dev="loop2" ino=1048607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   98.712835][  T313] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  100.416756][  T993] loop2: detected capacity change from 0 to 256
[  100.776633][   T28] audit: type=1326 audit(1743708487.336:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=999 comm="syz.1.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[  100.907391][   T28] audit: type=1326 audit(1743708487.336:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=999 comm="syz.1.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[  101.006347][   T28] audit: type=1326 audit(1743708487.336:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=999 comm="syz.1.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[  101.053391][   T28] audit: type=1326 audit(1743708487.336:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=999 comm="syz.1.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[  101.076582][   T28] audit: type=1326 audit(1743708487.336:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=999 comm="syz.1.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[  101.076612][   T28] audit: type=1326 audit(1743708487.336:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=999 comm="syz.1.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[  101.076637][   T28] audit: type=1326 audit(1743708487.336:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=999 comm="syz.1.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x7ffc0000
[  102.919998][ T1015] loop2: detected capacity change from 0 to 512
[  104.013011][   T28] kauditd_printk_skb: 9 callbacks suppressed
[  104.013101][   T28] audit: type=1400 audit(1743708490.406:704): avc:  denied  { sys_module } for  pid=1041 comm="syz.3.141" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  104.226527][ T1040] loop4: detected capacity change from 0 to 40427
[  104.327039][ T1040] F2FS-fs (loop4): Found nat_bits in checkpoint
[  104.362555][   T28] audit: type=1400 audit(1743708490.946:705): avc:  denied  { connect } for  pid=1048 comm="syz.0.143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  104.830002][   T28] audit: type=1326 audit(1743708491.326:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1048 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[  104.834022][ T1040] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  104.907633][   T28] audit: type=1326 audit(1743708491.326:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1048 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[  104.930828][   T28] audit: type=1326 audit(1743708491.326:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1048 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[  105.070806][   T28] audit: type=1326 audit(1743708491.336:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1048 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[  105.156222][ T1067] loop1: detected capacity change from 0 to 2048
[  105.455985][ T1064] netlink: 'syz.4.140': attribute type 12 has an invalid length.
[  105.531322][ T1072] 9pnet_fd: Insufficient options for proto=fd
[  105.558794][   T28] audit: type=1326 audit(1743708491.336:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1048 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[  105.750318][ T1067]  loop1: p1 < > p4
[  105.754979][  T293] syz-executor: attempt to access beyond end of device
[  105.754979][  T293] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  105.841822][ T1067] loop1: p4 size 8388608 extends beyond EOD, truncated
[  105.855948][   T28] audit: type=1326 audit(1743708491.336:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1048 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[  105.883592][ T1076] input: syz0 as /devices/virtual/input/input4
[  105.889837][   T28] audit: type=1326 audit(1743708491.336:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1048 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[  105.957066][   T28] audit: type=1326 audit(1743708491.336:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1048 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f2178d169 code=0x7ffc0000
[  107.862492][  T710] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  108.412513][  T710] usb 5-1: Using ep0 maxpacket: 8
[  108.419471][  T710] usb 5-1: config 11 has an invalid interface number: 80 but max is 0
[  108.579129][  T710] usb 5-1: config 11 has no interface number 0
[  108.780312][ T1103] netlink: 4 bytes leftover after parsing attributes in process `syz.1.151'.
[  108.793629][  T710] usb 5-1: config 11 interface 80 has no altsetting 0
[  108.802372][  T710] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=a4.ea
[  108.811582][  T710] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.843858][ T1094] loop2: detected capacity change from 0 to 40427
[  108.851660][ T1094] F2FS-fs (loop2): fault_injection options not supported
[  108.863077][ T1094] F2FS-fs (loop2): invalid crc value
[  108.879297][ T1094] F2FS-fs (loop2): Found nat_bits in checkpoint
[  108.949862][  T710] usb 5-1: Product: syz
[  108.953999][  T710] usb 5-1: Manufacturer: syz
[  108.958462][  T710] usb 5-1: SerialNumber: syz
[  109.073869][  T710] snd-usb-audio: probe of 5-1:11.80 failed with error -22
[  109.081421][  T710] usb 5-1: USB disconnect, device number 4
[  109.087398][ T1094] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  109.611129][   T28] kauditd_printk_skb: 24 callbacks suppressed
[  109.611149][   T28] audit: type=1400 audit(1743708495.936:738): avc:  denied  { map } for  pid=1115 comm="syz.4.157" path="/dev/ashmem" dev="devtmpfs" ino=265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  109.647647][   T28] audit: type=1400 audit(1743708496.226:739): avc:  denied  { write } for  pid=1115 comm="syz.4.157" path="socket:[17909]" dev="sockfs" ino=17909 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  109.743793][    T6] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  109.780262][ T1123] loop1: detected capacity change from 0 to 512
[  109.813291][ T1123] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  109.844377][ T1123] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.976233][    T6] usb 4-1: Using ep0 maxpacket: 32
[  110.004403][    T6] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  110.117107][ T1138] netlink: 16 bytes leftover after parsing attributes in process `syz.2.158'.
[  110.480825][    T6] usb 4-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  110.580843][    T6] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  111.134300][  T710] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  111.142661][    T6] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  111.154070][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  111.165304][    T6] usb 4-1: SerialNumber: syz
[  111.453151][  T710] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  111.841486][  T291] EXT4-fs (loop1): unmounting filesystem.
[  114.780806][  T358] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  114.987871][    T6] usb 4-1: USB disconnect, device number 2
[  115.036437][   T28] audit: type=1400 audit(1743708501.626:740): avc:  denied  { write } for  pid=1165 comm="syz.4.167" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  115.065480][ T1166] random: crng reseeded on system resumption
[  115.104517][   T28] audit: type=1400 audit(1743708501.656:741): avc:  denied  { open } for  pid=1165 comm="syz.4.167" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  115.234798][ T1175] loop2: detected capacity change from 0 to 512
[  115.466715][ T1182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.165'.
[  115.482696][ T1182] netlink: 12 bytes leftover after parsing attributes in process `syz.1.165'.
[  115.586802][   T28] audit: type=1400 audit(1743708501.986:742): avc:  denied  { read } for  pid=1169 comm="syz.1.165" path="socket:[18837]" dev="sockfs" ino=18837 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  115.665615][ T1175] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  115.724434][ T1175] ext4 filesystem being mounted at /31/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  116.981170][  T294] EXT4-fs (loop2): unmounting filesystem.
[  117.059931][   T28] audit: type=1400 audit(1743708503.646:743): avc:  denied  { ioctl } for  pid=1165 comm="syz.4.167" path="/dev/snapshot" dev="devtmpfs" ino=91 ioctlcmd=0x3309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  117.149232][ T1192] netlink: 'syz.3.170': attribute type 4 has an invalid length.
[  117.201260][ T1192] netlink: 'syz.3.170': attribute type 4 has an invalid length.
[  117.251276][ T1192] fuse: blksize only supported for fuseblk
[  117.457474][ T1194] loop1: detected capacity change from 0 to 512
[  117.558668][ T1194] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  117.639222][ T1194] EXT4-fs (loop1): orphan cleanup on readonly fs
[  117.670892][ T1194] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  117.730553][ T1194] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  118.102522][ T1194] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.172: Failed to acquire dquot type 1
[  118.124768][ T1199] loop2: detected capacity change from 0 to 512
[  118.133352][ T1194] EXT4-fs (loop1): 1 truncate cleaned up
[  118.138945][ T1194] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  118.216226][ T1199] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.171: casefold flag without casefold feature
[  118.359657][ T1199] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.171: couldn't read orphan inode 15 (err -117)
[  118.386414][ T1199] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  118.401327][   T28] audit: type=1400 audit(1743708504.986:744): avc:  denied  { bind } for  pid=1206 comm="syz.3.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  118.423237][ T1208] tipc: Failed to remove unknown binding: 66,1,1/0:1879905736/1879905738
[  118.432288][   T28] audit: type=1400 audit(1743708505.006:745): avc:  denied  { setopt } for  pid=1206 comm="syz.3.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  118.442519][ T1208] tipc: Failed to remove unknown binding: 66,1,1/0:1879905736/1879905738
[  119.392394][  T294] EXT4-fs (loop2): unmounting filesystem.
[  119.807302][ T1222] device pim6reg1 entered promiscuous mode
[  121.016062][ T1235] netlink: 25 bytes leftover after parsing attributes in process `syz.2.177'.
[  121.395981][ T1235] device gretap0 entered promiscuous mode
[  121.405285][ T1236] netlink: 45349 bytes leftover after parsing attributes in process `syz.2.177'.
[  121.414448][ T1236] 0ªX¹¦Dö»: renamed from gretap0
[  121.421314][ T1236] device 
00ªX¹¦Dö» left promiscuous mode
[  121.794533][ T1243] loop2: detected capacity change from 0 to 256
[  121.993619][  T291] EXT4-fs (loop1): unmounting filesystem.
[  122.033447][ T1249] netlink: 24 bytes leftover after parsing attributes in process `syz.3.183'.
[  122.072638][ T1249] netlink: 20 bytes leftover after parsing attributes in process `syz.3.183'.
[  122.372627][   T28] audit: type=1400 audit(1743708508.946:746): avc:  denied  { accept } for  pid=1250 comm="syz.1.182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  122.427882][ T1249] netlink: 20 bytes leftover after parsing attributes in process `syz.3.183'.
[  123.124657][ T1259] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=1005 sclass=netlink_tcpdiag_socket pid=1259 comm=syz.3.188
[  123.142961][ T1259] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=1005 sclass=netlink_tcpdiag_socket pid=1259 comm=syz.3.188
[  123.286720][ T1265] netlink: 24 bytes leftover after parsing attributes in process `syz.2.190'.
[  124.396123][ T1265] netlink: 16 bytes leftover after parsing attributes in process `syz.2.190'.
[  124.412239][ T1265] netlink: 16 bytes leftover after parsing attributes in process `syz.2.190'.
[  124.432987][   T28] audit: type=1400 audit(1743708510.426:747): avc:  denied  { ioctl } for  pid=1261 comm="syz.1.186" path="/dev/rtc0" dev="devtmpfs" ino=259 ioctlcmd=0x7014 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  125.208451][ T1308] netlink: 8 bytes leftover after parsing attributes in process `syz.1.206'.
[  125.246600][ T1310] netlink: 8 bytes leftover after parsing attributes in process `syz.1.207'.
[  125.268701][   T28] audit: type=1400 audit(1743708511.856:748): avc:  denied  { bind } for  pid=1311 comm="syz.3.208" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  125.300811][   T28] audit: type=1400 audit(1743708511.876:749): avc:  denied  { name_bind } for  pid=1311 comm="syz.3.208" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  125.331215][   T28] audit: type=1400 audit(1743708511.876:750): avc:  denied  { node_bind } for  pid=1311 comm="syz.3.208" saddr=ff01::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  125.378473][   T28] audit: type=1400 audit(1743708511.966:751): avc:  denied  { mounton } for  pid=1316 comm="syz.0.211" path="/proc/164/ns/mnt" dev="proc" ino=18254 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lnk_file permissive=1
[  125.479891][ T1324] device veth3 entered promiscuous mode
[  125.567585][ T1337] device ip6tnl1 entered promiscuous mode
[  125.573806][   T28] audit: type=1400 audit(1743708512.166:752): avc:  denied  { nlmsg_read } for  pid=1338 comm="syz.3.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  125.650094][   T28] audit: type=1400 audit(1743708512.236:753): avc:  denied  { getopt } for  pid=1350 comm="syz.2.227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  125.684018][   T28] audit: type=1400 audit(1743708512.266:754): avc:  denied  { setopt } for  pid=1347 comm="syz.0.224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  126.126680][   T28] audit: type=1400 audit(1743708512.696:755): avc:  denied  { nlmsg_read } for  pid=1372 comm="syz.3.234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  126.184173][ T1380] __nla_validate_parse: 2 callbacks suppressed
[  126.184192][ T1380] netlink: 12 bytes leftover after parsing attributes in process `syz.2.236'.
[  126.221839][ T1385] netlink: 108 bytes leftover after parsing attributes in process `syz.2.240'.
[  126.778260][ T1409] netlink: 8 bytes leftover after parsing attributes in process `syz.2.250'.
[  126.792478][ T1409] netlink: 32 bytes leftover after parsing attributes in process `syz.2.250'.
[  127.248752][ T1417] usb usb8: usbfs: process 1417 (syz.3.255) did not claim interface 0 before use
[  127.674383][   T28] audit: type=1400 audit(1743708514.266:756): avc:  denied  { sqpoll } for  pid=1425 comm="syz.2.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  127.713387][ T1428] tipc: Trying to set illegal importance in message
[  127.728269][ T1431] loop1: detected capacity change from 0 to 512
[  127.781680][ T1431] EXT4-fs: Ignoring removed nomblk_io_submit option
[  127.808359][   T28] audit: type=1400 audit(1743708514.396:757): avc:  denied  { read } for  pid=1434 comm="syz.3.261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  127.828916][ T1431] EXT4-fs: Ignoring removed mblk_io_submit option
[  127.938519][ T1431] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  127.947186][ T1431] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  127.955738][ T1431] EXT4-fs (loop1): 1 truncate cleaned up
[  127.961278][ T1431] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  127.975383][   T28] audit: type=1400 audit(1743708514.566:758): avc:  denied  { remount } for  pid=1430 comm="syz.1.259" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  128.059519][ T1450] overlayfs: missing 'lowerdir'
[  128.071538][ T1431] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  128.252331][  T291] EXT4-fs (loop1): unmounting filesystem.
[  129.113511][ T1457] netlink: 25 bytes leftover after parsing attributes in process `syz.0.266'.
[  129.145096][ T1457] device gretap0 entered promiscuous mode
[  129.155854][ T1457] netlink: 45349 bytes leftover after parsing attributes in process `syz.0.266'.
[  129.164882][ T1457] 0ªX¹¦Dö»: renamed from gretap0
[  129.174399][ T1457] device 
00ªX¹¦Dö» left promiscuous mode
[  129.521812][ T1468] netlink: 8 bytes leftover after parsing attributes in process `syz.0.271'.
[  129.781533][ T1479] overlayfs: missing 'lowerdir'
[  129.948490][ T1482] loop1: detected capacity change from 0 to 256
[  131.108956][ T1485] netlink: 'syz.0.277': attribute type 5 has an invalid length.
[  131.118370][ T1485] device ip6erspan0 entered promiscuous mode
[  131.272113][ T1482] FAT-fs (loop1): Directory bread(block 64) failed
[  131.278584][ T1482] FAT-fs (loop1): Directory bread(block 65) failed
[  131.285179][ T1482] FAT-fs (loop1): Directory bread(block 66) failed
[  131.291584][ T1482] FAT-fs (loop1): Directory bread(block 67) failed
[  131.298614][ T1482] FAT-fs (loop1): Directory bread(block 68) failed
[  131.305037][ T1482] FAT-fs (loop1): Directory bread(block 69) failed
[  131.311503][ T1482] FAT-fs (loop1): Directory bread(block 70) failed
[  131.317927][ T1482] FAT-fs (loop1): Directory bread(block 71) failed
[  131.324539][ T1482] FAT-fs (loop1): Directory bread(block 72) failed
[  131.330933][ T1482] FAT-fs (loop1): Directory bread(block 73) failed
[  131.510963][ T1482] bridge0: port 3(vlan0) entered blocking state
[  131.517114][ T1482] bridge0: port 3(vlan0) entered disabled state
[  131.568671][   T28] audit: type=1400 audit(1743708518.146:759): avc:  denied  { create } for  pid=1474 comm="syz.1.275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  132.269709][   T28] audit: type=1400 audit(1743708518.156:760): avc:  denied  { sys_admin } for  pid=1474 comm="syz.1.275" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  132.376623][   T28] audit: type=1400 audit(1743708518.156:761): avc:  denied  { checkpoint_restore } for  pid=1474 comm="syz.1.275" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  133.724545][ T1514] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  134.156169][ T1525] netlink: 28 bytes leftover after parsing attributes in process `syz.0.293'.
[  134.165273][ T1525] netlink: 24 bytes leftover after parsing attributes in process `syz.0.293'.
[  134.297986][ T1544] netlink: 'syz.4.300': attribute type 13 has an invalid length.
[  134.368063][ T1553] netlink: 20 bytes leftover after parsing attributes in process `syz.3.307'.
[  134.382557][ T1553] netlink: 40 bytes leftover after parsing attributes in process `syz.3.307'.
[  134.398582][ T1553] netlink: 40 bytes leftover after parsing attributes in process `syz.3.307'.
[  134.440390][   T28] audit: type=1400 audit(1743708521.026:762): avc:  denied  { create } for  pid=1561 comm="syz.0.311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  134.516521][   T28] audit: type=1400 audit(1743708521.046:763): avc:  denied  { setopt } for  pid=1561 comm="syz.0.311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  134.585417][ T1580] device ip6tnl1 entered promiscuous mode
[  136.117057][   T28] audit: type=1400 audit(1743708522.706:764): avc:  denied  { getopt } for  pid=1586 comm="syz.3.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  136.171548][ T1592] device wg1 entered promiscuous mode
[  136.229628][   T28] audit: type=1400 audit(1743708522.816:765): avc:  denied  { getopt } for  pid=1600 comm="syz.2.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  136.511461][ T1639] loop4: detected capacity change from 0 to 256
[  136.537025][ T1646] capability: warning: `syz.3.351' uses 32-bit capabilities (legacy support in use)
[  136.860575][ T1648] overlayfs: missing 'lowerdir'
[  136.866647][   T28] audit: type=1400 audit(1743708523.146:766): avc:  denied  { setopt } for  pid=1645 comm="syz.3.351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  136.942967][ T1639] FAT-fs (loop4): error, clusters badly computed (0 != 128)
[  136.974581][ T1639] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  138.186555][   T28] audit: type=1400 audit(1743708524.776:767): avc:  denied  { ioctl } for  pid=1662 comm="syz.3.357" path="socket:[19813]" dev="sockfs" ino=19813 ioctlcmd=0x7459 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  138.222473][    T6] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  138.226219][   T28] audit: type=1400 audit(1743708524.816:768): avc:  denied  { shutdown } for  pid=1664 comm="syz.3.358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  138.310211][ T1675] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  138.372492][  T435] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  138.412492][    T6] usb 5-1: Using ep0 maxpacket: 8
[  138.418678][    T6] usb 5-1: config 0 interface 0 altsetting 13 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.430296][    T6] usb 5-1: config 0 interface 0 altsetting 13 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.444019][    T6] usb 5-1: config 0 interface 0 has no altsetting 0
[  138.450574][    T6] usb 5-1: New USB device found, idVendor=05ac, idProduct=029f, bcdDevice= 0.00
[  138.459530][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.468142][    T6] usb 5-1: config 0 descriptor??
[  139.032784][    T6] apple 0003:05AC:029F.0001: ignoring exceeding usage max
[  139.041583][    T6] apple 0003:05AC:029F.0001: hidraw0: USB HID v0.00 Device [HID 05ac:029f] on usb-dummy_hcd.4-1/input0
[  139.052676][  T435] usb 2-1: Using ep0 maxpacket: 16
[  139.059475][  T435] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.070287][  T435] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.079892][  T435] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  139.092505][  T435] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  139.101300][  T435] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.109749][  T435] usb 2-1: config 0 descriptor??
[  139.235070][    T6] usb 5-1: USB disconnect, device number 5
[  139.525326][  T435] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0002/input/input7
[  139.537760][  T435] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  139.557341][   T28] audit: type=1400 audit(1743708526.146:769): avc:  denied  { shutdown } for  pid=1733 comm="syz.2.390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  139.576930][  T320] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  139.618793][ T1740] veth1_to_batadv: vlans aren't supported yet for dev_uc|mc_add()
[  139.643089][ T1742] loop2: detected capacity change from 0 to 1024
[  139.653054][ T1742] EXT4-fs: Ignoring removed nobh option
[  139.658526][ T1742] EXT4-fs: Ignoring removed bh option
[  139.664087][ T1742] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  139.684373][ T1742] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  139.701756][  T294] EXT4-fs (loop2): unmounting filesystem.
[  139.719500][  T358] usb 2-1: USB disconnect, device number 2
[  139.773939][  T320] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.784726][  T320] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.794592][  T320] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  139.803526][  T320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.822659][  T320] usb 4-1: config 0 descriptor??
[  139.874304][ T1749] loop2: detected capacity change from 0 to 40427
[  139.881348][ T1749] F2FS-fs (loop2): fault_injection options not supported
[  139.889096][ T1749] F2FS-fs (loop2): invalid crc value
[  139.895329][ T1749] F2FS-fs (loop2): Found nat_bits in checkpoint
[  139.936955][ T1749] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  139.958097][  T294] syz-executor: attempt to access beyond end of device
[  139.958097][  T294] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  140.043059][  T346] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  140.222562][  T346] usb 5-1: Using ep0 maxpacket: 8
[  140.243635][ T1761] overlayfs: missing 'lowerdir'
[  140.279184][  T346] usb 5-1: config 0 interface 0 has no altsetting 0
[  140.304037][  T320] hid (null): usage index exceeded
[  140.331970][  T320] lg-g15 0003:046D:C222.0003: ignoring exceeding usage max
[  140.345718][  T346] usb 5-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00
[  140.433434][  T320] lg-g15 0003:046D:C222.0003: ignoring exceeding usage max
[  140.440976][  T346] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.449086][  T320] lg-g15 0003:046D:C222.0003: usage index exceeded
[  140.456211][  T320] lg-g15 0003:046D:C222.0003: item 0 0 2 2 parsing failed
[  140.463446][  T346] usb 5-1: config 0 descriptor??
[  140.468565][  T320] lg-g15: probe of 0003:046D:C222.0003 failed with error -22
[  140.504583][ T1764] loop1: detected capacity change from 0 to 1024
[  140.511042][  T320] usb 4-1: USB disconnect, device number 3
[  140.514962][ T1764] EXT4-fs: Ignoring removed i_version option
[  140.523880][ T1764] EXT4-fs (loop1): Test dummy encryption mode enabled
[  140.533233][ T1764] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  140.549629][ T1763] fscrypt: AES-256-XTS using blk-crypto-fallback
[  140.568228][  T291] EXT4-fs (loop1): unmounting filesystem.
[  140.881245][  T346] hid-generic 0003:1E71:170E.0004: hidraw0: USB HID vff.ff Device [HID 1e71:170e] on usb-dummy_hcd.4-1/input0
[  141.125580][  T346] usb 5-1: USB disconnect, device number 6
[  141.366112][ T1798] loop2: detected capacity change from 0 to 256
[  141.424989][  T369] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  141.546352][   T28] audit: type=1400 audit(1743708528.136:770): avc:  denied  { accept } for  pid=1804 comm="syz.2.418" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  141.565196][ T1807] netlink: 'syz.1.417': attribute type 4 has an invalid length.
[  141.576225][ T1807] netlink: 'syz.1.417': attribute type 1 has an invalid length.
[  141.584579][ T1807] netlink: 'syz.1.417': attribute type 1 has an invalid length.
[  141.592256][ T1807] netlink: 3625 bytes leftover after parsing attributes in process `syz.1.417'.
[  141.622483][  T320] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  141.680709][ T1824] loop1: detected capacity change from 0 to 1024
[  141.706764][ T1824] EXT4-fs: Ignoring removed i_version option
[  141.731348][ T1824] EXT4-fs (loop1): Test dummy encryption mode enabled
[  141.776319][ T1824] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  141.833508][  T291] EXT4-fs (loop1): unmounting filesystem.
[  141.843583][  T320] usb 4-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.856800][  T320] usb 4-1: config 0 interface 0 has no altsetting 0
[  141.863686][  T320] usb 4-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  141.868511][ T1851] netlink: 'syz.1.438': attribute type 2 has an invalid length.
[  141.873027][  T320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.895729][ T1853] 9pnet_fd: Insufficient options for proto=fd
[  141.907106][  T320] usb 4-1: config 0 descriptor??
[  142.469758][  T320] magicmouse 0003:05AC:0269.0005: item fetching failed at offset 5/7
[  142.505153][  T320] magicmouse 0003:05AC:0269.0005: magicmouse hid parse failed
[  143.002696][ T1861] overlayfs: missing 'lowerdir'
[  143.015246][  T320] magicmouse: probe of 0003:05AC:0269.0005 failed with error -22
[  143.103931][  T320] usb 4-1: USB disconnect, device number 4
[  143.362624][  T435] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  143.443363][   T28] audit: type=1400 audit(1743708530.036:771): avc:  denied  { create } for  pid=1877 comm="syz.2.449" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  143.492175][   T28] audit: type=1400 audit(1743708530.056:772): avc:  denied  { write } for  pid=1877 comm="syz.2.449" name="file0" dev="tmpfs" ino=584 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  143.542290][   T28] audit: type=1400 audit(1743708530.056:773): avc:  denied  { open } for  pid=1877 comm="syz.2.449" path="/105/file0" dev="tmpfs" ino=584 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  143.565829][  T435] usb 5-1: Using ep0 maxpacket: 16
[  143.571072][   T28] audit: type=1400 audit(1743708530.056:774): avc:  denied  { ioctl } for  pid=1877 comm="syz.2.449" path="/105/file0" dev="tmpfs" ino=584 ioctlcmd=0x1265 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  143.602052][   T28] audit: type=1400 audit(1743708530.066:775): avc:  denied  { unlink } for  pid=294 comm="syz-executor" name="file0" dev="tmpfs" ino=584 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  143.624874][  T435] usb 5-1: config 0 interface 0 has no altsetting 0
[  143.645730][  T435] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  143.665136][  T435] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.696461][  T435] usb 5-1: Product: syz
[  143.701013][  T435] usb 5-1: Manufacturer: syz
[  143.711005][  T435] usb 5-1: SerialNumber: syz
[  143.719854][  T435] r8152-cfgselector 5-1: config 0 descriptor??
[  143.764207][ T1899] loop2: detected capacity change from 0 to 256
[  143.795764][ T1899] syz.2.459: attempt to access beyond end of device
[  143.795764][ T1899] loop2: rw=2049, sector=256, nr_sectors = 4 limit=256
[  144.072005][  T311] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  144.136328][ T1942] overlayfs: missing 'lowerdir'
[  144.146163][  T435] r8152-cfgselector 5-1: Unknown version 0x0000
[  144.152974][  T435] r8152-cfgselector 5-1: bad CDC descriptors
[  144.160712][  T435] r8152-cfgselector 5-1: Unknown version 0x0000
[  144.167724][  T435] r8152-cfgselector 5-1: USB disconnect, device number 7
[  144.252452][  T311] usb 2-1: Using ep0 maxpacket: 32
[  144.258680][  T311] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.269457][   T28] audit: type=1400 audit(1743708530.846:776): avc:  denied  { read } for  pid=1952 comm="syz.3.485" name="file0" dev="tmpfs" ino=591 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  144.291683][  T311] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.301335][  T311] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  144.310260][  T311] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.319359][  T311] usb 2-1: config 0 descriptor??
[  144.324189][   T28] audit: type=1400 audit(1743708530.906:777): avc:  denied  { setopt } for  pid=1956 comm="syz.3.487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  144.344361][  T311] hub 2-1:0.0: USB hub found
[  144.401767][   T28] audit: type=1400 audit(1743708530.986:778): avc:  denied  { bind } for  pid=1966 comm="syz.3.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  144.550649][  T311] hub 2-1:0.0: 1 port detected
[  144.801377][  T311] hub 2-1:0.0: hub_hub_status failed (err = -71)
[  144.818526][  T311] hub 2-1:0.0: config failed, can't get hub status (err -71)
[  144.827254][  T311] usbhid 2-1:0.0: can't add hid device: -71
[  144.833274][  T311] usbhid: probe of 2-1:0.0 failed with error -71
[  144.862732][  T311] usb 2-1: USB disconnect, device number 3
[  144.935459][ T1981] 9pnet_fd: Insufficient options for proto=fd
[  145.092528][  T435] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  145.283617][  T435] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  145.295846][  T435] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  145.308216][  T435] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  145.324138][  T435] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  145.391760][  T435] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  145.415080][  T435] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.427926][  T435] usb 5-1: Product: syz
[  145.434364][  T435] usb 5-1: Manufacturer: syz
[  145.438999][  T435] usb 5-1: SerialNumber: syz
[  145.440716][   T28] audit: type=1400 audit(1743708532.026:779): avc:  denied  { read } for  pid=2000 comm="syz.3.507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  145.444887][  T435] usb 5-1: config 0 descriptor??
[  145.468443][  T435] usb-storage 5-1:0.0: USB Mass Storage device detected
[  145.481160][  T435] usb-storage 5-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  145.518124][   T28] audit: type=1400 audit(1743708532.106:780): avc:  denied  { read } for  pid=2008 comm="syz.1.510" name="usbmon0" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  145.541435][   T28] audit: type=1400 audit(1743708532.106:781): avc:  denied  { open } for  pid=2008 comm="syz.1.510" path="/dev/usbmon0" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  145.671496][  T435] usb 5-1: USB disconnect, device number 8
[  145.726971][ T2035] syz.1.522[2035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.727051][ T2035] syz.1.522[2035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.773046][   T28] audit: type=1400 audit(1743708532.366:782): avc:  denied  { wake_alarm } for  pid=2040 comm="syz.2.525" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  145.799514][ T2043] netlink: 8 bytes leftover after parsing attributes in process `syz.2.526'.
[  146.002131][ T2049] overlayfs: missing 'lowerdir'
[  146.261175][  T321] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  146.298569][ T2067] loop4: detected capacity change from 0 to 1024
[  146.330275][ T2075] syz.0.540[2075] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.330399][ T2075] syz.0.540[2075] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.335913][ T2067] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  146.364958][   T28] audit: type=1400 audit(1743708532.956:783): avc:  denied  { read } for  pid=2066 comm="syz.4.537" name="file2" dev="loop4" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  146.387752][ T2067] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.537: Allocating blocks 497-513 which overlap fs metadata
[  146.408092][ T2067] EXT4-fs (loop4): pa ffff888119d53b28: logic 256, phys. 353, len 10
[  146.414468][ T2080] process 'syz.3.542' launched '/dev/fd/-1/./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  146.416096][ T2067] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  146.522011][  T293] EXT4-fs (loop4): unmounting filesystem.
[  146.543585][  T321] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.561788][  T321] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.578121][  T321] usb 2-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  146.588186][  T321] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.600663][  T321] usb 2-1: config 0 descriptor??
[  146.676300][   T28] audit: type=1400 audit(1743708533.266:784): avc:  denied  { read write } for  pid=2104 comm="syz.0.552" name="uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  146.745647][   T28] audit: type=1400 audit(1743708533.266:785): avc:  denied  { open } for  pid=2104 comm="syz.0.552" path="/dev/uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  147.062695][  T311] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  147.254649][  T311] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  147.286811][  T311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.298691][  T321] holtek_mouse 0003:04D9:A067.0006: unknown main item tag 0xd
[  147.307061][  T321] holtek_mouse 0003:04D9:A067.0006: hidraw0: USB HID v0.00 Device [HID 04d9:a067] on usb-dummy_hcd.1-1/input0
[  147.341164][  T320] usb 2-1: USB disconnect, device number 4
[  147.429438][  T311] usb 3-1: config 0 descriptor??
[  147.459623][ T2122] netlink: 132 bytes leftover after parsing attributes in process `syz.3.560'.
[  147.536007][ T2137] overlayfs: missing 'lowerdir'
[  147.563796][ T2138] netlink: 8 bytes leftover after parsing attributes in process `syz.3.566'.
[  147.574271][ T2138] netlink: 36 bytes leftover after parsing attributes in process `syz.3.566'.
[  148.242511][  T321] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  148.273835][  T311] usb 3-1: Cannot set autoneg
[  148.278443][  T311] MOSCHIP usb-ethernet driver: probe of 3-1:0.0 failed with error -71
[  148.299090][  T311] usb 3-1: USB disconnect, device number 2
[  148.333614][ T2187] tap0: tun_chr_ioctl cmd 1074025677
[  148.338822][ T2187] tap0: linktype set to 65534
[  148.442592][  T321] usb 4-1: Using ep0 maxpacket: 8
[  148.449032][  T321] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  148.457661][  T321] usb 4-1: config 179 has no interface number 0
[  148.464093][  T321] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  148.475586][  T321] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  148.486802][  T321] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  148.499449][  T321] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  148.510895][  T321] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  148.526509][ T2200] 9pnet_fd: Insufficient options for proto=fd
[  148.532883][  T321] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  148.541945][  T321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.562901][ T2160] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  148.682451][  T661] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  148.872514][  T661] usb 2-1: Using ep0 maxpacket: 16
[  148.879066][  T661] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8
[  148.911244][  T661] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  148.934472][  T661] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.956594][  T661] usb 2-1: Product: syz
[  148.972938][  T661] usb 2-1: Manufacturer: syz
[  148.989397][  T661] usb 2-1: SerialNumber: syz
[  149.010726][  T311] usb 4-1: USB disconnect, device number 5
[  149.010787][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  149.018943][  T661] usb 2-1: config 0 descriptor??
[  149.024750][    C0] dummy_hcd dummy_hcd.3: timer fired with no URBs pending?
[  149.059859][  T661] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  149.081567][  T661] usb 2-1: Detected FT232R
[  149.259834][  T661] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  149.282454][  T320] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  149.470955][  T661] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  149.483798][  T320] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  149.493587][  T320] usb 3-1: config 0 has no interface number 0
[  149.513569][  T320] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  149.528956][  T320] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.539402][  T320] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  149.551775][  T320] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.565515][  T320] usb 3-1: config 0 descriptor??
[  149.702798][  T321] usb 2-1: USB disconnect, device number 5
[  149.714620][  T321] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  149.725491][  T321] ftdi_sio 2-1:0.0: device disconnected
[  149.974486][  T320] hid (null): invalid report_size 923855921
[  150.174081][  T320] uclogic 0003:28BD:0071.0007: failed retrieving string descriptor #100: -71
[  150.182818][  T320] uclogic 0003:28BD:0071.0007: failed retrieving pen parameters: -71
[  150.191169][  T320] uclogic 0003:28BD:0071.0007: pen probing failed: -71
[  150.197873][  T320] uclogic 0003:28BD:0071.0007: failed probing parameters: -71
[  150.205217][  T320] uclogic: probe of 0003:28BD:0071.0007 failed with error -71
[  150.213467][  T320] usb 3-1: USB disconnect, device number 3
[  150.295521][ T2267] bridge0: port 2(bridge_slave_1) entered learning state
[  150.402656][  T661] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  150.552593][ T2278] device ip6gretap0 entered promiscuous mode
[  150.583513][  T661] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  150.601585][  T661] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  150.611340][  T661] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  150.630762][  T661] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  150.639269][  T661] usb 5-1: SerialNumber: syz
[  150.749305][ T2288] incfs: Backing dir is not set, filesystem can't be mounted.
[  150.757070][ T2288] incfs: mount failed -2
[  150.854746][  T661] usb 5-1: 0:2 : does not exist
[  150.879313][  T661] usb 5-1: USB disconnect, device number 9
[  150.923335][ T2294] loop1: detected capacity change from 0 to 40427
[  150.930115][ T2294] F2FS-fs (loop1): Invalid segment/section count (31 != 24 * 1)
[  150.937683][ T2294] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  150.945815][ T2294] F2FS-fs (loop1): heap/no_heap options were deprecated
[  150.953490][ T2294] F2FS-fs (loop1): invalid crc value
[  150.959658][ T2294] F2FS-fs (loop1): Found nat_bits in checkpoint
[  150.994354][ T2294] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  151.001314][ T2294] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  151.018806][ T2294] syz.1.633: attempt to access beyond end of device
[  151.018806][ T2294] loop1: rw=2049, sector=53248, nr_sectors = 800 limit=40427
[  151.039548][  T291] syz-executor: attempt to access beyond end of device
[  151.039548][  T291] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  151.062476][  T321] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  151.062504][  T710] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  151.151273][   T28] audit: type=1326 audit(1743708537.736:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2296 comm="syz.1.634" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe328b8d169 code=0x0
[  151.253880][  T321] usb 4-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.263527][  T321] usb 4-1: config 0 interface 0 has no altsetting 0
[  151.269878][  T321] usb 4-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00
[  151.273666][  T710] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 101, changing to 10
[  151.278811][  T321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.283112][  T321] usb 4-1: config 0 descriptor??
[  151.291976][  T710] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24697, setting to 1024
[  151.314547][  T710] usb 3-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  151.323537][  T710] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.332030][  T710] usb 3-1: config 0 descriptor??
[  151.379214][ T2300] raw_sendmsg: syz.4.635 forgot to set AF_INET. Fix it!
[  151.501125][ T2290] futex_wake_op: syz.3.631 tries to shift op by 32; fix this program
[  151.662560][ T2309] overlayfs: missing 'lowerdir'
[  151.777931][  T710] hid-generic 0003:05AC:4262.0008: unknown main item tag 0x6
[  151.855432][  T710] hid-generic 0003:05AC:4262.0008: hidraw0: USB HID v0.00 Device [HID 05ac:4262] on usb-dummy_hcd.2-1/input0
[  152.527919][  T710] usb 3-1: USB disconnect, device number 4
[  152.931156][   T28] audit: type=1400 audit(1743708539.516:787): avc:  denied  { unmount } for  pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  152.947846][  T321] usbhid 4-1:0.0: can't add hid device: -71
[  152.959781][  T321] usbhid: probe of 4-1:0.0 failed with error -71
[  152.967460][  T321] usb 4-1: USB disconnect, device number 6
[  153.057214][ T2332] xt_hashlimit: size too large, truncated to 1048576
[  153.579193][ T2356] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  153.587930][ T2356] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  154.530485][ T2366] loop1: detected capacity change from 0 to 2048
[  154.668511][ T2366] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802e02c, mo2=0002]
[  154.687446][ T2366] System zones: 0-7
[  154.771487][ T2380] bridge0: port 3(vlan2) entered blocking state
[  154.787004][ T2366] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  154.896247][ T2380] bridge0: port 3(vlan2) entered disabled state
[  155.008892][ T2385] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.660: bg 0: block 234: padding at end of block bitmap is not set
[  155.036434][ T2385] EXT4-fs (loop1): Remounting filesystem read-only
[  155.048770][ T2387] tun0: tun_chr_ioctl cmd 1074025675
[  155.054008][ T2387] tun0: persist disabled
[  155.087521][  T291] EXT4-fs (loop1): unmounting filesystem.
[  155.095557][   T28] audit: type=1400 audit(1743708541.686:788): avc:  denied  { execute } for  pid=2390 comm="syz.0.669" path="/133/blkio.bfq.time_recursive" dev="tmpfs" ino=728 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  155.122017][ T2371] loop4: detected capacity change from 0 to 40427
[  155.129434][ T2371] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  155.144880][ T2371] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  155.164433][ T2371] F2FS-fs (loop4): invalid crc value
[  155.172198][ T2393] netlink: 20 bytes leftover after parsing attributes in process `syz.1.667'.
[  155.193474][ T2371] F2FS-fs (loop4): Found nat_bits in checkpoint
[  155.257947][ T2371] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  155.266008][ T2371] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  155.326428][ T2412] loop1: detected capacity change from 0 to 128
[  155.333086][ T2412] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  155.806868][ T2441] loop2: detected capacity change from 0 to 512
[  155.935038][ T2439] overlayfs: missing 'lowerdir'
[  156.069098][ T2453] loop1: detected capacity change from 0 to 512
[  156.075960][ T2453] EXT4-fs (loop1): Test dummy encryption mode enabled
[  156.082957][ T2453] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  156.094310][ T2453] EXT4-fs (loop1): 1 truncate cleaned up
[  156.099803][ T2453] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  156.110412][   T28] audit: type=1400 audit(1743708542.696:789): avc:  denied  { create } for  pid=2450 comm="syz.1.692" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  156.119429][ T2453] EXT4-fs warning (device loop1): __ext4fs_dirhash:270: inode #2: comm syz.1.692: Siphash requires key
[  156.152277][   T28] audit: type=1400 audit(1743708542.706:790): avc:  denied  { remove_name } for  pid=2450 comm="syz.1.692" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  156.209412][   T28] audit: type=1400 audit(1743708542.706:791): avc:  denied  { rename } for  pid=2450 comm="syz.1.692" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  156.536826][  T291] EXT4-fs (loop1): unmounting filesystem.
[  156.647427][ T2471] loop1: detected capacity change from 0 to 512
[  156.657433][ T2471] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  156.666932][ T2471] EXT4-fs (loop1): orphan cleanup on readonly fs
[  156.673746][ T2471] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  156.683142][ T2471] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  156.692502][ T2471] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.699: Failed to acquire dquot type 1
[  156.704453][ T2471] EXT4-fs (loop1): 1 truncate cleaned up
[  156.710051][ T2471] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  156.723195][ T2471] netlink: 36 bytes leftover after parsing attributes in process `syz.1.699'.
[  156.740287][  T291] EXT4-fs (loop1): unmounting filesystem.
[  157.129801][  T710] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  157.534594][  T710] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  157.578514][  T710] usb 4-1: config 220 has 1 interface, different from the descriptor's value: 3
[  157.620948][  T710] usb 4-1: config 220 interface 0 has no altsetting 0
[  157.680319][  T710] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  157.690787][   T28] audit: type=1400 audit(1743708544.276:792): avc:  denied  { compute_member } for  pid=2500 comm="syz.1.710" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  157.715959][  T710] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.729548][  T710] usb 4-1: Product: syz
[  157.753281][ T2493] loop2: detected capacity change from 0 to 40427
[  157.770927][ T2493] F2FS-fs (loop2): fault_injection options not supported
[  157.771945][  T710] usb 4-1: Manufacturer: syz
[  157.793743][  T710] usb 4-1: SerialNumber: syz
[  157.799602][ T2493] F2FS-fs (loop2): fault_type options not supported
[  157.807831][ T2493] F2FS-fs (loop2): Image doesn't support compression
[  157.814575][ T2493] F2FS-fs (loop2): Image doesn't support compression
[  157.824930][ T2493] F2FS-fs (loop2): invalid crc value
[  157.831313][ T2493] F2FS-fs (loop2): Found nat_bits in checkpoint
[  157.877658][ T2493] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  157.919953][   T28] audit: type=1400 audit(1743708544.506:793): avc:  denied  { rename } for  pid=2492 comm="syz.2.708" name="file0" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  157.952345][  T294] syz-executor: attempt to access beyond end of device
[  157.952345][  T294] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  158.004596][  T710] usb 4-1: Found UVC 0.00 device syz (8086:0b07)
[  158.012083][  T710] usb 4-1: No valid video chain found.
[  158.029557][  T710] usb 4-1: USB disconnect, device number 7
[  158.090047][ T2515] binder: 2513:2515 ioctl c00c6211 0 returned -14
[  158.096605][  T435] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  158.113042][ T2517] overlayfs: missing 'lowerdir'
[  158.613629][  T435] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.627875][  T435] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.638290][  T435] usb 2-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  158.647460][  T435] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.676348][  T435] usb 2-1: config 0 descriptor??
[  159.178369][ T2543] overlayfs: missing 'lowerdir'
[  159.658214][ T2549] loop2: detected capacity change from 0 to 256
[  159.684960][ T2549] exfat: Deprecated parameter 'namecase'
[  159.701109][ T2549] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  159.752481][   T28] audit: type=1400 audit(1743708546.336:794): avc:  denied  { append } for  pid=2548 comm="syz.2.727" path="/153/file0/blkio.bfq.io_merged_recursive" dev="loop2" ino=1048616 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  159.834700][   T28] audit: type=1400 audit(1743708546.336:795): avc:  denied  { map } for  pid=2548 comm="syz.2.727" path="/153/file0/blkio.bfq.io_merged_recursive" dev="loop2" ino=1048616 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  159.916703][ T2557] Driver unsupported XDP return value 0 on prog  (id 307) dev N/A, expect packet loss!
[  160.097262][  T435] hid-steam 0003:28DE:1142.0009: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.1-1/input0
[  160.124544][  T435] hid-steam 0003:28DE:1142.000A: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.1-1/input0
[  160.212445][  T435] hid-steam 0003:28DE:1142.0009: Steam wireless receiver connected
[  160.243660][  T435] usb 2-1: USB disconnect, device number 6
[  160.260402][  T435] hid-steam 0003:28DE:1142.0009: Steam wireless receiver disconnected
[  160.278374][ T2576] loop2: detected capacity change from 0 to 512
[  160.295360][ T2576] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  160.307493][ T2576] EXT4-fs (loop2): 1 truncate cleaned up
[  160.313589][ T2576] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  160.331837][   T28] audit: type=1400 audit(1743708546.916:796): avc:  denied  { link } for  pid=2575 comm="syz.2.738" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  160.331856][ T2576] EXT4-fs error (device loop2): ext4_append:79: inode #2: comm syz.2.738: Logical block already allocated
[  160.389054][  T294] EXT4-fs (loop2): unmounting filesystem.
[  160.416332][ T2583] loop2: detected capacity change from 0 to 512
[  160.441232][ T2583] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  160.450056][ T2583] ext4 filesystem being mounted at /162/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.480945][   T28] audit: type=1400 audit(1743708547.066:797): avc:  denied  { ioctl } for  pid=2582 comm="syz.2.739" path="/162/file1/file2" dev="loop2" ino=16 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  160.513074][  T294] EXT4-fs (loop2): unmounting filesystem.
[  160.522647][  T321] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  160.561893][ T2587] loop2: detected capacity change from 0 to 1024
[  160.598836][ T2587] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  160.607720][ T2587] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.641571][  T367] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  160.656646][  T367] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  160.668699][  T367] EXT4-fs (loop2): This should not happen!! Data will be lost
[  160.668699][  T367] 
[  160.684968][  T367] EXT4-fs (loop2): Total free blocks count 0
[  160.690805][  T367] EXT4-fs (loop2): Free/Dirty block details
[  160.697177][  T367] EXT4-fs (loop2): free_blocks=4293918720
[  160.703008][  T367] EXT4-fs (loop2): dirty_blocks=16
[  160.707940][  T367] EXT4-fs (loop2): Block reservation details
[  160.714027][  T367] EXT4-fs (loop2): i_reserved_data_blocks=1
[  160.720570][  T294] EXT4-fs (loop2): unmounting filesystem.
[  160.735170][  T321] usb 5-1: Using ep0 maxpacket: 16
[  160.752525][  T321] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.770149][  T321] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  160.784375][  T321] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  160.801200][  T321] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.811829][ T2605] loop2: detected capacity change from 0 to 512
[  160.825356][  T321] usb 5-1: config 0 descriptor??
[  160.834033][ T2605] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  160.842966][ T2605] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.857912][   T28] audit: type=1400 audit(1743708547.446:798): avc:  denied  { rename } for  pid=2604 comm="syz.2.748" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  160.859776][ T2605] EXT4-fs error (device loop2): ext4_get_first_dir_block:3594: inode #12: comm syz.2.748: directory missing '.'
[  160.879892][  T710] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  160.899187][ T2605] EXT4-fs (loop2): Remounting filesystem read-only
[  160.918171][  T294] EXT4-fs (loop2): unmounting filesystem.
[  161.053615][  T710] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.069918][  T710] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.089491][  T710] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  161.117078][  T710] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  161.140241][  T710] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.167944][  T710] usb 2-1: config 0 descriptor??
[  161.587156][  T710] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  161.633097][  T710] plantronics 0003:047F:FFFF.000B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  161.823015][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  161.823032][   T28] audit: type=1400 audit(1743708548.416:800): avc:  denied  { relabelfrom } for  pid=2635 comm="syz.2.759" name="" dev="pipefs" ino=24871 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  161.854012][  T435] usb 2-1: USB disconnect, device number 7
[  161.891270][   T28] audit: type=1326 audit(1743708548.476:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2640 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[  161.915108][   T28] audit: type=1326 audit(1743708548.476:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2640 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[  161.938858][   T28] audit: type=1326 audit(1743708548.476:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2640 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[  161.963043][   T28] audit: type=1326 audit(1743708548.476:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2640 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[  161.986297][   T28] audit: type=1326 audit(1743708548.476:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2640 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[  162.009558][   T28] audit: type=1326 audit(1743708548.476:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2640 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[  162.032724][   T28] audit: type=1326 audit(1743708548.476:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2640 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[  162.056178][   T28] audit: type=1326 audit(1743708548.476:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2640 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[  162.079619][   T28] audit: type=1326 audit(1743708548.476:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2640 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20c598d169 code=0x7ffc0000
[  162.432470][  T710] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  162.612495][  T320] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  162.622495][  T710] usb 3-1: Using ep0 maxpacket: 16
[  162.628588][  T710] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  162.637193][  T710] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  162.647263][  T710] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  162.657467][  T710] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  162.666383][  T710] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.674167][  T710] usb 3-1: Product: syz
[  162.683461][  T710] usb 3-1: Manufacturer: syz
[  162.688131][  T710] usb 3-1: SerialNumber: syz
[  162.712491][  T329] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  162.723087][ T2658] SELinux: failed to load policy
[  162.792463][  T320] usb 4-1: Using ep0 maxpacket: 8
[  162.798482][  T320] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  162.808598][  T320] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  162.822127][  T320] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.57
[  162.831162][  T320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  162.839065][  T320] usb 4-1: SerialNumber: syz
[  162.859824][  T320] cdc_ether 4-1:1.0: skipping garbage
[  162.865078][  T320] usb 4-1: bad CDC descriptors
[  162.914150][  T329] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  162.926595][  T329] usb 2-1: config 0 has no interface number 0
[  162.944411][  T329] usb 2-1: New USB device found, idVendor=0582, idProduct=b9d5, bcdDevice=73.f7
[  162.970781][  T329] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.995081][  T329] usb 2-1: config 0 descriptor??
[  163.057206][  T661] usb 4-1: USB disconnect, device number 8
[  163.095954][  T710] usb 3-1: 0:2 : does not exist
[  163.245065][  T321] usbhid 5-1:0.0: can't add hid device: -71
[  163.250862][  T321] usbhid: probe of 5-1:0.0 failed with error -71
[  163.292865][  T321] usb 5-1: USB disconnect, device number 10
[  163.713153][  T710] usb 3-1: 1:0: failed to get current value for ch 0 (-22)
[  163.740697][  T710] usb 3-1: USB disconnect, device number 5
[  163.743888][  T329] usb 2-1: USB disconnect, device number 8
[  163.835483][ T2685] loop1: detected capacity change from 0 to 1024
[  163.842292][ T2685] EXT4-fs (loop1): invalid inodes per group: 150994976
[  163.842292][ T2685] 
[  163.852494][  T321] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  163.973023][  T371] udevd[371]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/sound/card1/controlC1/../uevent} for writing: No such file or directory
[  164.043660][  T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  164.054646][  T321] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  164.064175][  T321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.075968][  T321] usb 4-1: config 0 descriptor??
[  164.081312][ T2670] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  164.508312][  T321] hid-generic 0003:04F3:0755.000C: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.3-1/input0
[  164.578683][ T2708] loop4: detected capacity change from 0 to 128
[  164.585570][ T2708] EXT4-fs: Ignoring removed nobh option
[  164.597075][ T2708] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  164.605597][ T2708] ext4 filesystem being mounted at /133/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  164.639037][  T293] EXT4-fs (loop4): unmounting filesystem.
[  164.639231][ T2700] loop2: detected capacity change from 0 to 40427
[  164.652080][ T2700] F2FS-fs (loop2): heap/no_heap options were deprecated
[  164.667271][ T2700] F2FS-fs (loop2): invalid crc value
[  164.673655][ T2700] F2FS-fs (loop2): Found nat_bits in checkpoint
[  164.709661][  T710] usb 4-1: USB disconnect, device number 9
[  164.738870][ T2700] F2FS-fs (loop2): Start checkpoint disabled!
[  164.749126][ T2700] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  164.764654][ T2700] syz.2.786: attempt to access beyond end of device
[  164.764654][ T2700] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  164.795543][   T43] kworker/u4:2: attempt to access beyond end of device
[  164.795543][   T43] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  165.042482][  T661] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  165.182502][  T320] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  165.189977][  T311] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  165.223618][  T661] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  165.238463][  T661] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.249626][  T661] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.259414][  T661] usb 5-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00
[  165.268659][  T661] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.277334][  T661] usb 5-1: config 0 descriptor??
[  165.372444][  T320] usb 2-1: Using ep0 maxpacket: 16
[  165.378647][  T311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.389452][  T320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.400183][  T311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.409767][  T320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.419350][  T311] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  165.432750][  T320] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  165.441622][  T320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.449477][  T311] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  165.458602][  T311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.466768][  T320] usb 2-1: config 0 descriptor??
[  165.473435][  T311] usb 3-1: config 0 descriptor??
[  165.522525][  T329] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  165.684535][  T661] kye 0003:0458:4018.000D: unknown main item tag 0x0
[  165.691101][  T661] kye 0003:0458:4018.000D: unknown main item tag 0x0
[  165.697666][  T661] kye 0003:0458:4018.000D: unbalanced collection at end of report description
[  165.706542][  T661] kye 0003:0458:4018.000D: parse failed
[  165.711926][  T661] kye: probe of 0003:0458:4018.000D failed with error -22
[  165.713720][  T329] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.729660][  T329] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  165.738806][  T329] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.747689][  T329] usb 4-1: config 0 descriptor??
[  165.874065][  T320] gt683r_led 0003:1770:FF00.000E: unbalanced delimiter at end of report description
[  165.884573][  T311] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[  165.892772][  T320] gt683r_led 0003:1770:FF00.000E: hid parsing failed
[  165.899303][  T320] gt683r_led: probe of 0003:1770:FF00.000E failed with error -22
[  165.908680][  T311] plantronics 0003:047F:FFFF.000F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  166.074583][  T311] usb 2-1: USB disconnect, device number 9
[  166.155568][  T329] logitech-hidpp-device 0003:046D:C086.0010: hidraw1: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.3-1/input0
[  166.357276][  T329] usb 4-1: USB disconnect, device number 10
[  166.791422][ T2748] loop1: detected capacity change from 0 to 1024
[  166.798150][ T2748] EXT4-fs: Ignoring removed nomblk_io_submit option
[  166.805528][ T2748] EXT4-fs: Mount option(s) incompatible with ext2
[  166.976586][ T2759] loop1: detected capacity change from 0 to 1024
[  166.983587][ T2759] EXT4-fs: Ignoring removed i_version option
[  166.989915][ T2759] EXT4-fs (loop1): Test dummy encryption mode enabled
[  166.998862][ T2759] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  167.026333][   T28] kauditd_printk_skb: 16 callbacks suppressed
[  167.026352][   T28] audit: type=1400 audit(1743708553.616:826): avc:  denied  { map } for  pid=2756 comm="syz.1.808" path="/162/file0/cpuset.effective_mems" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  167.056229][   T28] audit: type=1400 audit(1743708553.616:827): avc:  denied  { write } for  pid=2756 comm="syz.1.808" path="/162/file0/cpuset.effective_mems" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  167.088247][  T291] EXT4-fs (loop1): unmounting filesystem.
[  167.756351][  T329] usb 5-1: USB disconnect, device number 11
[  167.782920][ T2774] loop4: detected capacity change from 0 to 2048
[  167.814777][ T2774] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  167.836125][  T293] EXT4-fs (loop4): unmounting filesystem.
[  167.861923][ T2782] loop2: detected capacity change from 0 to 1024
[  167.873659][ T2782] EXT4-fs: Ignoring removed i_version option
[  167.882313][ T2782] EXT4-fs (loop2): Test dummy encryption mode enabled
[  167.891103][ T2782] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  167.935993][ T2789] input: syz1 as /devices/virtual/input/input10
[  167.952173][  T294] EXT4-fs (loop2): unmounting filesystem.
[  167.976106][   T28] audit: type=1400 audit(1743708554.566:828): avc:  denied  { write } for  pid=2792 comm="syz.2.819" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  168.004512][  T320] usb 3-1: USB disconnect, device number 6
[  168.025180][   T28] audit: type=1400 audit(1743708554.576:829): avc:  denied  { map } for  pid=2794 comm="syz.4.821" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  168.042743][ T2799] loop4: detected capacity change from 0 to 128
[  168.066135][ T2801] loop2: detected capacity change from 0 to 128
[  168.070286][ T2799] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  168.075426][ T2801] EXT4-fs (loop2): Test dummy encryption mode enabled
[  168.091811][ T2799] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  168.101885][ T2801] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  168.119486][ T2801] ext4 filesystem being mounted at /183/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  168.132238][ T2799] incfs: Can't find or create .incomplete dir in ./file0
[  168.139707][ T2799] incfs: mount failed -28
[  168.161183][  T336] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  168.173975][  T294] EXT4-fs (loop2): unmounting filesystem.
[  168.193630][   T28] audit: type=1400 audit(1743708554.786:830): avc:  denied  { mounton } for  pid=2807 comm="syz.1.828" path="/proc/454/task" dev="proc" ino=24046 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  168.210286][ T2813] loop2: detected capacity change from 0 to 512
[  168.224329][ T2810] overlayfs: missing 'lowerdir'
[  168.237583][ T2813] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  168.247059][ T2813] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.251736][ T2817] loop1: detected capacity change from 0 to 1024
[  168.266025][ T2813] EXT4-fs (loop2): shut down requested (1)
[  168.267422][ T2817] EXT4-fs: Ignoring removed i_version option
[  168.278841][ T2817] EXT4-fs (loop1): Test dummy encryption mode enabled
[  168.294323][  T294] EXT4-fs (loop2): unmounting filesystem.
[  168.324175][ T2824] loop2: detected capacity change from 0 to 512
[  168.328778][ T2817] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  168.333541][ T2824] EXT4-fs: quotafile must be on filesystem root
[  168.407589][  T291] EXT4-fs (loop1): unmounting filesystem.
[  168.432063][ T2832] SELinux: ebitmap start bit (8) is not a multiple of the map unit size (64)
[  168.441916][ T2832] SELinux: failed to load policy
[  168.465161][ T2835] overlayfs: failed to set xattr on upper
[  168.823977][   T28] audit: type=1400 audit(1743708555.416:831): avc:  denied  { remount } for  pid=2865 comm="syz.4.851" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  168.903499][   T28] audit: type=1400 audit(1743708555.496:832): avc:  denied  { read write } for  pid=293 comm="syz-executor" name="loop4" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  168.950051][   T28] audit: type=1400 audit(1743708555.496:833): avc:  denied  { open } for  pid=293 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  168.985785][   T28] audit: type=1400 audit(1743708555.496:834): avc:  denied  { ioctl } for  pid=293 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  169.019085][   T28] audit: type=1400 audit(1743708555.536:835): avc:  denied  { execmem } for  pid=2869 comm="syz.4.853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  169.142046][ T2875] overlayfs: missing 'lowerdir'
[  169.330000][ T2878] overlayfs: failed to resolve './file0': -2
[  170.133278][ T2873] loop2: detected capacity change from 0 to 40427
[  170.183025][ T2873] F2FS-fs (loop2): Found nat_bits in checkpoint
[  170.272031][ T2873] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  170.382500][  T311] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  170.562438][  T311] usb 5-1: Using ep0 maxpacket: 8
[  170.563582][  T311] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  170.577098][  T311] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.581387][  T311] usb 5-1: config 0 descriptor??
[  170.792419][  T311] asix 5-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  171.599407][  T311] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  171.609693][  T311] asix: probe of 5-1:0.0 failed with error -71
[  171.619967][  T311] usb 5-1: USB disconnect, device number 12
[  171.634812][ T2975] xt_hashlimit: size too large, truncated to 1048576
[  171.728849][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[  171.779845][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  171.788632][ T2979] device bridge_slave_0 left promiscuous mode
[  171.795230][ T2979] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.808681][ T2979] device bridge_slave_1 left promiscuous mode
[  171.815455][ T2979] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.833406][ T2982] overlayfs: missing 'lowerdir'
[  171.852808][  T311] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  172.134700][ T2999] loop4: detected capacity change from 0 to 128
[  172.180724][   T28] kauditd_printk_skb: 87 callbacks suppressed
[  172.180740][   T28] audit: type=1400 audit(1743708558.766:923): avc:  denied  { write } for  pid=3000 comm="syz.4.904" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  172.368501][   T28] audit: type=1400 audit(1743708558.886:924): avc:  denied  { execmem } for  pid=3005 comm="syz.3.906" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  172.393064][  T320] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  172.419448][   T28] audit: type=1400 audit(1743708559.006:925): avc:  denied  { unmount } for  pid=3010 comm="syz.4.908" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  172.684790][   T28] audit: type=1400 audit(1743708559.276:926): avc:  denied  { create } for  pid=3019 comm="syz.4.911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  172.752592][   T28] audit: type=1400 audit(1743708559.276:927): avc:  denied  { write } for  pid=3019 comm="syz.4.911" path="socket:[25814]" dev="sockfs" ino=25814 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  172.802087][   T28] audit: type=1400 audit(1743708559.276:928): avc:  denied  { nlmsg_read } for  pid=3019 comm="syz.4.911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  172.846365][   T28] audit: type=1400 audit(1743708559.316:929): avc:  denied  { write } for  pid=3021 comm="syz.3.913" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  172.870364][ T3026] loop1: detected capacity change from 0 to 1024
[  172.911876][ T3038] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  172.924013][  T313] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  172.981332][   T28] audit: type=1400 audit(1743708559.566:930): avc:  denied  { create } for  pid=3046 comm="syz.4.924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  173.001905][  T320] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  173.035032][   T28] audit: type=1400 audit(1743708559.566:931): avc:  denied  { write } for  pid=3046 comm="syz.4.924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  173.057552][ T3048] overlayfs: missing 'lowerdir'
[  173.119793][   T28] audit: type=1400 audit(1743708559.576:932): avc:  denied  { read } for  pid=3046 comm="syz.4.924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  173.183747][  T320] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.200747][  T320] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.218919][  T320] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  173.228599][  T320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.242831][  T320] usb 4-1: config 0 descriptor??
[  173.652312][  T320] hid-steam 0003:28DE:1142.0011: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  173.665008][  T320] hid-steam 0003:28DE:1142.0012: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  173.752471][  T320] hid-steam 0003:28DE:1142.0011: Steam wireless receiver connected
[  173.856286][  T320] usb 4-1: USB disconnect, device number 11
[  173.863194][  T320] hid-steam 0003:28DE:1142.0011: Steam wireless receiver disconnected
[  174.255387][ T3118] loop2: detected capacity change from 0 to 2048
[  174.274552][ T3118] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  174.301393][  T294] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  174.328698][  T294] EXT4-fs (loop2): unmounting filesystem.
[  174.343807][ T3122] overlayfs: missing 'lowerdir'
[  174.838121][ T3157] overlayfs: missing 'lowerdir'
[  175.090814][ T3186] loop1: detected capacity change from 0 to 16
[  175.092941][ T3188] overlayfs: missing 'lowerdir'
[  175.105267][ T3186] erofs: (device loop1): mounted with root inode @ nid 36.
[  175.121269][   T47] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  175.133254][ T3186] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  175.144604][ T3186] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  175.156171][ T3186] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  175.167443][ T3186] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  175.302513][  T321] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  175.428520][  T291] ------------[ cut here ]------------
[  175.433938][  T291] WARNING: CPU: 0 PID: 291 at fs/inode.c:332 drop_nlink+0xc1/0x110
[  175.441681][  T291] Modules linked in:
[  175.445644][  T291] CPU: 0 PID: 291 Comm: syz-executor Not tainted 6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  175.455485][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  175.465486][  T291] RIP: 0010:drop_nlink+0xc1/0x110
[  175.470344][  T291] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 57 d0 ef ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 2f 21 a8 ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c
[  175.489910][  T291] RSP: 0018:ffffc9000cac7bf0 EFLAGS: 00010293
[  175.495807][  T291] RAX: ffffffff81cd7661 RBX: 0000000000000000 RCX: ffff88810e678000
[  175.503620][  T291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  175.511410][  T291] RBP: ffffc9000cac7c18 R08: ffffffff81cd75e4 R09: 0000000000000003
[  175.519259][  T291] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[  175.527090][  T291] R13: 1ffff11023495368 R14: ffff88811a4a9af8 R15: ffff88811a4a9b40
[  175.530041][ T3210] overlayfs: missing 'lowerdir'
[  175.535060][  T291] FS:  000055555d94a500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  175.548440][  T291] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  175.554949][  T291] CR2: 000055555d96d4e8 CR3: 000000011079f000 CR4: 00000000003526b0
[  175.562758][  T291] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  175.570534][  T291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  175.578477][  T291] Call Trace:
[  175.581572][  T291]  <TASK>
[  175.584387][  T291]  ? show_regs+0x58/0x60
[  175.588424][  T291]  ? __warn+0x160/0x3d0
[  175.592451][  T291]  ? drop_nlink+0xc1/0x110
[  175.596678][  T291]  ? report_bug+0x4d5/0x7d0
[  175.601011][  T291]  ? drop_nlink+0xc1/0x110
[  175.605380][  T291]  ? handle_bug+0x41/0x70
[  175.609518][  T291]  ? exc_invalid_op+0x1b/0x50
[  175.614097][  T291]  ? asm_exc_invalid_op+0x1b/0x20
[  175.618573][ T3213] overlayfs: missing 'lowerdir'
[  175.618892][  T291]  ? drop_nlink+0x44/0x110
[  175.627826][  T291]  ? drop_nlink+0xc1/0x110
[  175.632084][  T291]  ? drop_nlink+0xc1/0x110
[  175.636373][  T291]  shmem_rmdir+0x59/0x90
[  175.640415][  T291]  vfs_rmdir+0x398/0x500
[  175.644536][  T291]  incfs_kill_sb+0x113/0x230
[  175.648920][  T291]  deactivate_locked_super+0xad/0x110
[  175.654155][  T291]  deactivate_super+0xbe/0xf0
[  175.658646][  T291]  cleanup_mnt+0x485/0x510
[  175.662919][  T291]  ? user_path_at_empty+0x14e/0x1a0
[  175.667930][  T291]  __cleanup_mnt+0x19/0x20
[  175.672180][  T291]  task_work_run+0x24d/0x2e0
[  175.676660][  T291]  ? task_work_cancel+0x2e0/0x2e0
[  175.681472][  T291]  ? __x64_sys_umount+0x122/0x170
[  175.686363][  T291]  exit_to_user_mode_loop+0x94/0xa0
[  175.691360][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[  175.696692][  T291]  syscall_exit_to_user_mode+0x26/0x130
[  175.702038][  T291]  do_syscall_64+0x47/0xb0
[  175.706327][  T291]  ? clear_bhb_loop+0x55/0xb0
[  175.710800][  T291]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  175.716566][  T291] RIP: 0033:0x7fe328b8e497
[  175.720904][  T291] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  175.740395][  T291] RSP: 002b:00007ffe967cf838 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  175.748612][  T291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fe328b8e497
[  175.756528][  T291] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe967cf8f0
[  175.764336][  T291] RBP: 00007ffe967cf8f0 R08: 0000000000000000 R09: 0000000000000000
[  175.772295][  T291] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe967d0980
[  175.780142][  T291] R13: 00007fe328c0e08c R14: 000000000002ad23 R15: 00007ffe967d09c0
[  175.787949][  T291]  </TASK>
[  175.790778][  T291] ---[ end trace 0000000000000000 ]---
[  175.796736][  T291] ==================================================================
[  175.804622][  T291] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[  175.810701][  T291] Write of size 4 at addr 0000000000000170 by task syz-executor/291
[  175.818502][  T291] 
[  175.820675][  T291] CPU: 0 PID: 291 Comm: syz-executor Tainted: G        W          6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  175.831870][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  175.841762][  T291] Call Trace:
[  175.844886][  T291]  <TASK>
[  175.847666][  T291]  dump_stack_lvl+0x151/0x1b7
[  175.852176][  T291]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  175.857474][  T291]  ? _printk+0xd1/0x111
[  175.861464][  T291]  print_report+0xe1/0x4e0
[  175.865719][  T291]  ? __virt_addr_valid+0x59/0x2f0
[  175.870576][  T291]  ? kasan_addr_to_slab+0xd/0x80
[  175.875359][  T291]  ? ihold+0x20/0x60
[  175.879086][  T291]  kasan_report+0x13c/0x170
[  175.883422][  T291]  ? ihold+0x20/0x60
[  175.887166][  T291]  kasan_check_range+0x294/0x2a0
[  175.891933][  T291]  __kasan_check_write+0x14/0x20
[  175.896705][  T291]  ihold+0x20/0x60
[  175.900261][  T291]  vfs_rmdir+0x268/0x500
[  175.904341][  T291]  incfs_kill_sb+0x113/0x230
[  175.908768][  T291]  deactivate_locked_super+0xad/0x110
[  175.913975][  T291]  deactivate_super+0xbe/0xf0
[  175.918489][  T291]  cleanup_mnt+0x485/0x510
[  175.922738][  T291]  ? user_path_at_empty+0x14e/0x1a0
[  175.927774][  T291]  __cleanup_mnt+0x19/0x20
[  175.932025][  T291]  task_work_run+0x24d/0x2e0
[  175.936451][  T291]  ? task_work_cancel+0x2e0/0x2e0
[  175.941313][  T291]  ? __x64_sys_umount+0x122/0x170
[  175.946169][  T291]  exit_to_user_mode_loop+0x94/0xa0
[  175.951203][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[  175.956499][  T291]  syscall_exit_to_user_mode+0x26/0x130
[  175.961882][  T291]  do_syscall_64+0x47/0xb0
[  175.966130][  T291]  ? clear_bhb_loop+0x55/0xb0
[  175.970648][  T291]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  175.976374][  T291] RIP: 0033:0x7fe328b8e497
[  175.980627][  T291] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  176.000071][  T291] RSP: 002b:00007ffe967cf838 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  176.008312][  T291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fe328b8e497
[  176.016124][  T291] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe967cf8f0
[  176.023934][  T291] RBP: 00007ffe967cf8f0 R08: 0000000000000000 R09: 0000000000000000
[  176.031751][  T291] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe967d0980
[  176.039561][  T291] R13: 00007fe328c0e08c R14: 000000000002ad23 R15: 00007ffe967d09c0
[  176.047383][  T291]  </TASK>
[  176.050236][  T291] ==================================================================
[  176.062579][  T291] Disabling lock debugging due to kernel taint
[  176.068657][  T291] BUG: kernel NULL pointer dereference, address: 0000000000000170
[  176.076213][  T291] #PF: supervisor write access in kernel mode
[  176.082111][  T291] #PF: error_code(0x0002) - not-present page
[  176.087928][  T291] PGD 131773067 P4D 131773067 PUD 0 
[  176.093049][  T291] Oops: 0002 [#1] PREEMPT SMP KASAN
[  176.098085][  T291] CPU: 1 PID: 291 Comm: syz-executor Tainted: G    B   W          6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  176.109280][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  176.119177][  T291] RIP: 0010:ihold+0x25/0x60
[  176.120312][  T321] usb 3-1: unable to get BOS descriptor or descriptor too short
[  176.123512][  T291] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 01 19 a8 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 00 c8 ef ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 84 1c a8
[  176.123532][  T291] RSP: 0018:ffffc9000cac7c30 EFLAGS: 00010246
[  176.123551][  T291] RAX: ffff88810e678000 RBX: 0000000000000001 RCX: ffff88810e678000
[  176.142461][  T321] usb 3-1: not running at top speed; connect to a high speed hub
[  176.150415][  T291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  176.150434][  T291] RBP: ffffc9000cac7c40 R08: ffffffff8144b443 R09: fffffbfff0f6e8fd
[  176.184409][  T321] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  176.187307][  T291] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11022f09106
[  176.187334][  T291] R13: ffff88810fbb2000 R14: 0000000000000000 R15: 1ffff11021f76406
[  176.187349][  T291] FS:  000055555d94a500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  176.210323][  T321] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  176.212820][  T291] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  176.212843][  T291] CR2: 0000000000000170 CR3: 000000011079f000 CR4: 00000000003526a0
[  176.212861][  T291] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  176.212872][  T291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  176.212884][  T291] Call Trace:
[  176.212889][  T291]  <TASK>
[  176.212898][  T291]  ? __die_body+0x62/0xb0
[  176.212922][  T291]  ? __die+0x7e/0x90
[  176.235431][  T321] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  176.236699][  T291]  ? page_fault_oops+0x7f9/0xa90
[  176.253321][  T321] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.260212][  T291]  ? vprintk_default+0x26/0x30
[  176.260247][  T291]  ? kernelmode_fixup_or_oops+0xd0/0xd0
[  176.273255][  T321] usb 3-1: Product: syz
[  176.274097][  T291]  ? add_taint+0x44/0xe0
[  176.293906][  T321] usb 3-1: Manufacturer: syz
[  176.295622][  T291]  ? panic+0x667/0x667
[  176.302445][  T321] usb 3-1: SerialNumber: syz
[  176.305604][  T291]  ? preempt_schedule_thunk+0x16/0x18
[  176.305639][  T291]  ? exc_page_fault+0x529/0x6d0
[  176.336331][  T291]  ? asm_exc_page_fault+0x27/0x30
[  176.341187][  T291]  ? add_taint+0x93/0xe0
[  176.345264][  T291]  ? ihold+0x25/0x60
[  176.349015][  T291]  vfs_rmdir+0x268/0x500
[  176.353079][  T291]  incfs_kill_sb+0x113/0x230
[  176.357502][  T291]  deactivate_locked_super+0xad/0x110
[  176.362711][  T291]  deactivate_super+0xbe/0xf0
[  176.367220][  T291]  cleanup_mnt+0x485/0x510
[  176.371476][  T291]  ? user_path_at_empty+0x14e/0x1a0
[  176.376606][  T291]  __cleanup_mnt+0x19/0x20
[  176.380855][  T291]  task_work_run+0x24d/0x2e0
[  176.385275][  T291]  ? task_work_cancel+0x2e0/0x2e0
[  176.390135][  T291]  ? __x64_sys_umount+0x122/0x170
[  176.394995][  T291]  exit_to_user_mode_loop+0x94/0xa0
[  176.400028][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[  176.405324][  T291]  syscall_exit_to_user_mode+0x26/0x130
[  176.410858][  T291]  do_syscall_64+0x47/0xb0
[  176.415105][  T291]  ? clear_bhb_loop+0x55/0xb0
[  176.419616][  T291]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  176.425358][  T291] RIP: 0033:0x7fe328b8e497
[  176.429597][  T291] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  176.449036][  T291] RSP: 002b:00007ffe967cf838 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  176.457284][  T291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fe328b8e497
[  176.465091][  T291] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe967cf8f0
[  176.472923][  T291] RBP: 00007ffe967cf8f0 R08: 0000000000000000 R09: 0000000000000000
[  176.480718][  T291] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe967d0980
[  176.488534][  T291] R13: 00007fe328c0e08c R14: 000000000002ad23 R15: 00007ffe967d09c0
[  176.496342][  T291]  </TASK>
[  176.499199][  T291] Modules linked in:
[  176.502948][  T291] CR2: 0000000000000170
[  176.506927][  T291] ---[ end trace 0000000000000000 ]---
[  176.512654][  T291] RIP: 0010:ihold+0x25/0x60
[  176.517004][  T291] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 01 19 a8 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 00 c8 ef ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 84 1c a8
[  176.536549][  T291] RSP: 0018:ffffc9000cac7c30 EFLAGS: 00010246
[  176.542562][  T291] RAX: ffff88810e678000 RBX: 0000000000000001 RCX: ffff88810e678000
[  176.550374][  T291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  176.558267][  T291] RBP: ffffc9000cac7c40 R08: ffffffff8144b443 R09: fffffbfff0f6e8fd
[  176.566176][  T291] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11022f09106
[  176.573995][  T291] R13: ffff88810fbb2000 R14: 0000000000000000 R15: 1ffff11021f76406
[  176.582078][  T291] FS:  000055555d94a500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  176.590821][  T291] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  176.597247][  T291] CR2: 0000000000000170 CR3: 000000011079f000 CR4: 00000000003526a0
[  176.605062][  T291] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  176.612868][  T291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  176.620679][  T291] Kernel panic - not syncing: Fatal exception
[  176.626808][  T291] Kernel Offset: disabled
[  176.630939][  T291] Rebooting in 86400 seconds..