last executing test programs:

3.867488093s ago: executing program 2 (id=1843):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000000)=[{{}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)

3.845160045s ago: executing program 2 (id=1847):
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r0 = getpid()
r1 = gettid()
rt_tgsigqueueinfo(r0, r1, 0xb, &(0x7f0000000080)={0xfffffffc, 0x0, 0x3})
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
readv(r2, &(0x7f0000001880)=[{&(0x7f0000000440)=""/164, 0xa4}], 0x1)

3.831946775s ago: executing program 2 (id=1848):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0xb00000000000000, &(0x7f0000004080)=@base={0x8, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2.699719354s ago: executing program 2 (id=1857):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000005a80)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f0000000540)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
creat(&(0x7f0000000040)='./bus\x00', 0x100)

2.268598431s ago: executing program 2 (id=1867):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x4, 0x46})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008d02"])

1.931806341s ago: executing program 2 (id=1870):
r0 = syz_usb_connect$cdc_ncm(0x2, 0x76, &(0x7f0000000940)=ANY=[@ANYBLOB="12015001020000402505a1a44000010203010902640002010070000904000001020d0000052406000105240000000d240f01ff000000fdff08000006241a02000808241c8bbc816c1309058103080004fd000904010000020d00000904010102020d000009058202100008040009050302ff"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000540)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x20, 0x80, 0x1c, {0xfff0, 0xfe00, 0x0, 0x8001, 0x101, 0x0, 0x7, 0x889, 0x4, 0x6, 0x208, 0x3}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000100)={0x14, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

1.031840286s ago: executing program 4 (id=1874):
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r0 = getpid()
r1 = gettid()
rt_tgsigqueueinfo(r0, r1, 0xb, &(0x7f0000000080)={0xfffffffc, 0x0, 0x3})
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
readv(r2, &(0x7f0000001880)=[{&(0x7f0000000440)=""/164, 0xa4}], 0x1)

1.011190027s ago: executing program 1 (id=1875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0xffffffffffffffca, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r1}, 0x10)
timer_create(0x0, 0x0, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

1.010550767s ago: executing program 0 (id=1876):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

1.008345608s ago: executing program 4 (id=1877):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
futimesat(0xffffffffffffffff, 0x0, 0x0)

990.102719ms ago: executing program 1 (id=1878):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)

955.184701ms ago: executing program 4 (id=1879):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000001d80)=ANY=[], 0x1, 0x151a, &(0x7f0000002a80)="$eJzs3AuYjtX6MPB1r7UexjTpbZLDsO51P7xpsEyS5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDTZ0iRJSEiyvku7/2fvr713//3V9/m+Pffvuhbrnue97/d+3nuueZ/nva6Zb3qOqteifu1mRCT+EPjrfylCiBghxDAhxDVCiEAIUSm+Uvyl4wUUpPyxJ2F/rgfTr3QH7Eri+edtPP+8jeeft/H88zaef97G88/beP55G8+fsbxs+5xi1/LKu+sKf/7v4Y89K/tD+P3/P0hu+clfbCx/fa9/I4Xnn7fx/PM2nn/exvPP23j+eRvP/z9frX9xjOeft/H8GcvLrvTnz/8frZhfX7Ir3cefuq7wtx9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsTzinL9MCyH+a3+l+2KMMcYYY4wxxtifx+e/0h0wxhhjjDHGGGPs/zwQUiihRSDyifwiRhQQseIqESeuFgXFNSIirhXx4jpRSFwvCosioqgoJhJEcVFCGIHCChKhKClKiai4QZQWN4pEUUaUFeWEE+VFkrhJVBA3i4riFlFJ3Coqi9tEFVFVVBPVxe2ihrhD1BS1RG1xp6gj6op6or64SzQQd4uG4h7RSNwrGov7RBNxv2gqHhDNxIOiuXhItBAPi5biEdFKtBZtRFvR7n8r/wXRV7wo+on+IkUMEAPFS2KQGCyGiKFimHhZDBeviBHiVZEqRopR4jUxWrwuxog3xFgxTowXb4oJYqKYJCaLKWKqSBNviWnibTFdvCNmiJlilpgt0sUcMVe8K+aJ+WKBeE8sFO+LRWKxWCKWigzxgcgUy0SW+FAsFx+JbLFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHbxsdghdopdYrfYI/aKfeITsV98Kg6Iz0SO+PzfzD/7v+T3AgECJEjQoCEf5IMYiIFYiIU4iIOCUBAiEIF4iIdCUAgKQ2EoCkUhARKgBJQABAQCgpJQEqIQhdJQGhIhEcpCWXDgIAmSoALcDBWhIlSCSlAZKkMVqApVoTpUhxpQA2pCTagNtaEO1IF6UA/ugrvgbmgIDaERNILG0BiaQBNoCk2hGTSD5tAcWkALaAktoRW0gjbQBtpBO2gP7aEDdIBO0Ak6Q2foAl0gGZKhK3SFbtANukN36AE9oCf0hF7QG3rDC/ACvAgvQn+oIwfAQBgIg2AQDIGhMBRehuHwCrwCr0IqjIRR8Bq8Bq/DGDgDY2EcjIfxUENOhEkwGUhOhTRIg2kwDabDdJgBM2EmzIZ0mANzYS7Mg/kwH96DhfD+ufdhMSyGpZABGZAJyyALsmA5nIVsWAErYRWshjWwGtbBelgHG2ETbIQtsAW2wTb4GD6GnbATdsNu2At74RP4BD6FTyEVciAHDsJBOASH4DAchlzIhSNwBI7CUTgGx+A4HIcTcBJOwUk4DafhDJyFc3AOzsN5uADPJXzVfG+ZDalCXqKllvlkPhkjY2SsjJVxMk4WlAVlREZkvIyXhWQhWVgWlkVlUZkgE2QJWUKiREkylCVlSRmVUVlalpaJMlGWlWWlk04mySRZQVaQFWVFWUneKivL22QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUTeb9sKgfAEHhQXppMCzkSWspR0Eq2lm1kW/k6PCrbyzHQQXaUneTjchyMhS6yvUuWT8muchJ0k8/IyfCs7CGnQk/5vOwle8s+8gXZV3Zw/WR/OQMGyIFyNgySg+UQOVTOg7ry0sTqyVdlqhwpR8nX5FJ4XY6Rb8ixcpwcL9+UE+REOUlOllPkVJkm35LT5NtyunxHzpAz5Sw5W6bLOXKufFfOk/PlAvmeXCjfl4vkYrlELpUZ8gOZKZfJLPmhXC4/ktlyhVwpV8nVco1cK9fJ9XKD3Cg3yc1yi9wqt8nt8mO5Q+6Uu+RuuUfulfvkJ3K//FQekJ/JHPm5PCj/Ig/JL+Rh+aXMlV/JI/JreVR+I4/Jb+Vx+Z08IU/KU/J7eVr+IM/Is/Kc/FGelz/JC/JneVF6KRQoqZTSKlD5VH4VowqoWHWVilNXq4LqGhVR16p4dZ0qpK5XhVURVVQVUwmquCqhjEJlFalQlVSlVFTdoEqrG1WiKqPKqnLKqfIqSd2kKqibVUV1i6qkblWV1W2qiqqqqqnq6nZVQ92haqpaqra6U9VRdVU9VV/dpRqou1VDdY9qpO5VjdV9qom6XzVVD6hm6kHVXD2kWqiHVUv1iGqlWqs2qq1qpx5V7dVjqoPqqDqpx1Vn9YTqop5Uyeop1VU9rbqpZ1R39azqoZ5TPdXzqpfqrfqon9VF5VU/1V+lqAFqoHpJDVKD1RA1VA1TL6vh6hU1Qr2qUtVINUq9pkar19UY9YYaq8ap8epNNUFNVJPUZDVFTVVp6i01Tb2tpqt31Aw1U81Ss1W6mqOG/FppwX8j/+1/kD/il2ffprarj9UOtVPtUrvVHrVX7VP71H61Xx1QB1SOylEH1UF1SB1Sh9Vhlaty1RF1RB1VR9UxdUwdV8fVCXVS/ai+V6fVD+qMOqvOqh/VeXVeXfj1NRAatNRKax3ofDq/jtEFdKy+Ssfpq3VBfY2O6Gt1vL5OF9LX68K6iC6qi+kEXVyX0Eajtpp0qEvqUjqqb9Cl9Y06UZfRZXU57XR5naRv+sP5v9dfO91Ot9ftdQfdQXfSnXRn3Vl30V10sk7WXXVX3U130911d91D99A9dU/dS/fSfXQf3Vf31f10P52iU/RA/ZIepAfrIXqoHqZf1sP1cD1Cj9CpOlWP0qP0aD1aj9Fj9Fg9Vo/X4/UEPUFP0pP0FD1Fp+k0PU1P09P1dD1Dz9Cz9CydrtP1XD1Xz9Pz9AK9QC/UC/UivUgv0Ut0hs7QmTpTZ+ksvVwv19l6hV6hV+lVeo1eo9fpdXqD3qA36U16i96is/V2vV3v0Dv0Lr1L79F79D69T+/X+/UBfUDn6Bx9UB/Uh/QhfVgf1rk6Vx/RR/RRfVQf08f0cX1cn9An9Cl9Sp/Wp/UZfUaf0+f0eX1eX9AX9EV98dJlXyADGehAB/mCfEFMEBPEBrFBXBAXFAwKBpEgEsQH8UGh4PqgcFAkKBoUCxKC4kGJwAQY2ICCMCgZlAqiwQ1B6eDGIDEoE5QNygUuKB8kBTcFFYKbg4rBLUGl4NagcnBbUCWoGlQLqge3BzWCO4KaQa2gdnBnUCeoG9QL6gdVJ/71mvSeoFFwb9A4uC9oEtwfNA0eCJoFDwbNg4eCFsHDQcvgkaBV0DpoE7QN2v1b9e8KGgR3Bw2Df1bf+zNFHnP9TH+TYgaYgeYlM8gMNkPMUDPMvGyGm1fMCPOqSTUjzSjzmhltXjdjzBtmrBlnxps3zQQz0Uwyk80UM9WkmbfMNPO2mW7eMTPMTDPLzDbpZo6Za94188x8s8C8Zxaa980is9gsMUtNhvnAZJplJst8aJabj0y2WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mm1mu/nY7DA7zS6z2+wxe80+84nZbz41B8xnJsd8bg6av5hD5gtz2Hxpcs1X5oj52hw135hj5ltz3HxnTpiT5pT53pw2P5gz5qw5Z340581P5oL52Vw0/tLF/aW3d9SoMR/mwxiMwViMxTiMw4JYECMYwXiMx0JYCAtjYSyKRTEBE7AElsBLCAlLYkmMYhRLY2lMxEQsi2XRocMkTMIKWAErYkWshJWwMlbGKlgFq2E1vB1vxzvwDqyFtfBOvBPrYl2sj/WxATbAhtgQG2EjbIyNsQk2wabYFJthM2yOzbEFtsCW2BJbYStsg22wHbbD9tgeO2AH7ISdsDN2xi7YBZMxGbtiV+yG3bA7dsce2AN7Yk/shb2wD/bBvtgX+2E/TMEUHIgDcRAOwiE4BIfhMByOw3EEjsBUTMVROApH42gcg2NwLI7D8fgmTsCJOAkn4xScimmYhtNwGk7H6TgDZ+AsnIXpmI5zcS7Ow3m4ABfgQlyIi3ARLsElmIEZmImZmIVZuByXYzZm40pciatxNa7Ftbge1+NG3IibcTNuxa24HbfjDtyBu3AX7sE9uA/34X7cjwfwAOZgDh7Eg3gID+FhPIy5mItH8AgexaN4DI/hcTyOJ/AEnsJTeBpP4xk8g+fwHJ7Hn/AC/owX0WOMlSLWXmXj7NW2oL3GxtgC9m/joraYTbDFbQlrbGFb5O9itNYm2jK2rC1nnS1vk+xNv4mr2Kq2mq1ub7c17B225m/iBvZu29DeYxvZe219e9ffxY3tfbaJfdg2tY/YZra1bW7b2hb2YdvSPmJb2da2jW1rO9snbBf7pE22T9mu9unfxJl2mV1vN9iNdpPdbz+15+yP9qj9xp63P9l+tr8dZl+2w+0rdoR91abakb+Jx9s37QQ70U6yk+0UO/U38Sw726bbOXaufdfOs/N/E2fYD+xCm2UX2cV2iV36S3yppyz7oV1uP7LZdoVdaVfZ1XaNXWvX/c9eV9ktdqvdZvfZT+wOu9PusrvtHrv3l/jSeRywn9kc+7k9Yr+2h+wX9rA9ZnPtV7/El87vmP3WHrff2RP2pD1lv7en7Q/2jD37y/lfOvfv7c/2ovVWEJAkRZoCykf5KYYKUCxdRXF0NRWkayhC11I8XUeF6HoqTEWoKBWjBCpOJcgQkiWikEpSKYrSDVSabqREKkNlqRw5Kk9JdBNVoJupIt1ClehWqky3URWqStWoOt1ONegOqkm1qDbdSXWoLtWj+nQXNaC7qSHdQ43oXmpM91ETup+a0gPUjB6k5vQQtaCHqSU9Qq2oNbWhttSOHqX29Bh1oI7UiR6nzvQEdaEnKZmeoq70NHWjZ6g7PUs96DnqSc9TL+pNfegF6ksvUj/qTyk0gAbSSzSIBtMQGkrD6GUaTq/QCHqVUmkkjaLXaDS9TmPoDRpL42g8vUkTaCJNosk0haZSGr1F0+htmk7v0AyaSbNoNqXTHJpL79I8mk8L6D1aSO/TIlpMS2gpZdAHlEnLKIs+pOX0EWXTClpJq2g1raG1tI7W0wbaSJtoM22hrbSNttPHtIN20i7aTXtoL+2jT2g/fUoH6DPKoc/pIP2FDtEXdJi+pFz6io7Q13SUvqFj9C0dp+/oBJ2kU/Q9naYf6AydpXP0I52nn+gC/UwXyZMIIZShCnUYhPnC/GFMWCCMDa8K48Krw4LhNWEkvDaMD68LC4XXh4XDImHRsFiYEBYPS4QmxNCGFIZhybBUGA1vCEuHN4aJYZmwbFgudGH5MCm8KawQ3hxWDG8JK4W3hpXD28IqYdXw4Xurh7eHNcI7wpphrbB2eGdYJ6wb1gvrh3eFDcK7w4bhPWGj8N6wYnhf2CS8P2waPhA2Cx8Mm4cPhS3Ch8OW4SNhq7B12CZsG7YLHw3bh4+FHcKOYafw8bBz+ETYJXwyTA6fCruGT//u8ZRwQDgwfCl8KfT+HrUkujSaEf0gmhldFs2KfhhdHv0omh1dEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEt0a3Rb1vn5+4cBJp5x2gcvn8rsYV8DFuqtcnLvaFXTXuIi71sW761whd70r7Iq4oq6YS3DFXQlnHDrryIWupCvlou4GV9rd6BJdGVfWlXPOlXdJrq1r59q59u4x18F1dJ3c4+5x94R7wj3pnnRPua7uadfNPeO6u2ddD/ece84973q53q6Pe8H1dS+6fq6/S3EpbqAb6Aa5QW6IG+KGuWFuuBvuRrgRLtWlulFulBvtRrsxbowb68a68W68m+AmuElukpviprg0l+amuWluupvuZrgZbpab5dJdupvr5rp5bp5b4Ba4hYkL3SK3yC1xS1yGy3CZLtNluSy33C132S7brXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9wut8vtcXvcPrfP7Xf73QF3wOW4HHfQHXSH3CF32H3pct1X7oj72h1137hj7lt33H3nTriT7pT73p12P7gz7qw75350591P7oL72V103qVF3opMi7wdmR55JzIjMjMyKzI7kh6ZE5kbeTcyLzI/siDyXmRh5P3IosjiyJLI0khG5INIZmRZJCvyYWR55KNIdmRFZGVkVWR1ZE3E++I7Ql/Sl/JRf4Mv7W/0ib6ML+vLeefL+yR/k6/gb/YV/S2+kr/VV/a3+Sq+qq/mH/GtfGvfxrf17fyjvr1/zHfwHX0n/7jv7J/wXfyTPtk/5bv6p303/4zv7p/1Pfxzvqd/3vfyvX0f/4Lv61/0/Xx/n+IH+IH+JT/ID/ZD/FA/zL/sh/tX/Aj/qk/1I/0o/5of7V/3Y/wbfqwf58f7N/0EP9FP8pP9FD/Vp/m3/DT/tp/u3/Ez/Ew/y8/26X6On+vf9fP8fL/Av+cX+vf9Ir/YL/FLfYb/wGf6ZT7Lf+iX+498tl/hV/pVfrVf49f6dX693+A3+k1+s9/it/ptfrv/2O/wO/0uv9vv8Xv9Pv+J3+8/9Qf8Zz7Hf+4P+r/4Q/4Lf9h/6XP9V/6I/9of9d/4Y/5bf9x/50/4k/6U/96f9j/4M/6sP+d/9Of9T/6C/9lf5N9ZY4wxxhj7b9la+F8fH/APviZ/XZcMFEJcvbNY7t8eV0KIzb/WHSwTOkeEEE/17/ngf606dVJSUn59bLYSQanFQojI5fx84nK84pd/k0VHUeEf9jdY9j5Pv1M/eqsQsX+TEyMuxytEJ/HEL/Vv/if1H318fGbl8Fz8v6i/WIjEUpdzCojL8eX6Ff9J/SLtf6f/Al+kCdHhb3LixOX4cv0k8Zh4WiT/3SMZY4wxxhhjjLG/Giyrdf+9++dL9+cJ+nJOfnE5vnz/+Y/vzxljjDHGGGOMMXblPdu7z5OPJid37M6bP7wB+H+iDd7w5k/YXOmfTIwxxhhjjLE/2+WL/ivdCWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlnf93/hzYlf6HBljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLEr7X8EAAD//7MxObU=")
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./control\x00')
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$incfs(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='./bus\x00', &(0x7f0000000640), 0x0, 0x0)

954.941951ms ago: executing program 0 (id=1880):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
timer_create(0x2, 0x0, &(0x7f0000000480))
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_create(0x2, 0x0, &(0x7f0000000480)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_delete(r0)

954.425501ms ago: executing program 0 (id=1882):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x10c42, &(0x7f0000000d80)=ANY=[@ANYBLOB="756e695f786c6174653d312c6e6f6e756d7461696c3d300000000000000008303030303030303030303034303030303030303030302c73686f72746e616d653d65722c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72f46e616d653d6d697865642c696f630100727365743d757466f69e75731725e72216799ebd57484a7e1948a8aa65667265652c757466383d312c6e66733d6e6f7374616c655f726f2c73686f72682e616d653d6d697865642c757466383d306d653d77696e6e742c007aea3388304ddedb3208ceb9b2c23924743277bd2c0d0019d44efede967f3df81cce421f7aafa8aa7c706311ab7a0ce39abf7858b6ba6ef5206da03692650000000000000001d0559b166f8c433d34c03a60999dea3bab649a260b216354ecc726cd1f6519546e8ef6ae17a0da1b9313ef4b5633c5f1bf756a7816d304d61c4d15539bae9f6e8dc91d178c85744c5cc226ca0568f9f6da8997bc10100b836488e47d0b7e6ccffaf123b1000000d6d876f2e37dde582f497ab6d4d11f7211b4aaf087f529ffc0000ee312a30cc69ae25ac6a986a76824020b12971980e00a27786eef1c2537fdcb1de9c4bed7175c6704f0c39d14da07a8edf97525a0c8138686d6e2b8d90102027245729e944719894ebe079bf1ab2b7002c54c5c714bff93d9475ff23f653874321e4ecc1ebd2baa44aea86a1617e53fcc5683e5c7b14e5158239aebf96ef3b73359414993575bf4e880ac24d7fee38c5a22f6fae6a22a2185cd5a25b7bc11062d649340f8220bfa18cae94fd73afbb38b2fc20a263e091c5eb14ce630628aaf65b7ccab9b4d3b2c220153cd28c86e6c8e58903c66698fd27f4f22a9fd1dd67d70de664e3b985f20ada8c0f531865a9093fe6d3cd52c721dcfe391a812583c4e745b824429ce98f2a7928d22c9b5302719058f593fddbbb60ca7f54653b33118a4e01fcfe3a2329576bf6a45353bf9f720cea11bf481ed7ed0979416e75e6fa5f6b699749e9d4446c849ed79650b35dd0bd6e1955fe9b0c09861cf61fd57be7ba905990ed7a4c5b3793959636630d74ecc23264ea54d4d2cc4f112f49319943f00"/797], 0x1, 0x27a, &(0x7f0000000540)="$eJzs3DFrE38cx/FP0/zbNKVNhr+CgvhFF12ONj4ACdKCGFBqI+ogXO1FQ85cyYVKRGw3FwcfR3F0E9Qn0MXN3a2L4FJQjCRNTdKmitr0onm/oHff5pdP8rvkEr53kNu6+fxBqRA6BbeqWMIUk9a1LaUbVctIax1r1mPqtK7zk5/en7p+6/aVbC43t2A2n128kDGz6dOvHz5+ceZtdfLGy+lX49pM39n6mPmweXzzxNbXxfvF0IqhlYOqubYUBFV3yfdsuRiWHLNrvueGnhXLoVfpGi/4wcpKzdzy8lRypeKFobnlmpW8mlUDq1Zq5t5zi2VzHMemksLP5DcWFtxs1LNA38Qbi0ol645Kmtg3nN+IYlIAACBanf2/Bq7/b3QtP+7/1+n//wD9/zBo9P/J1ue3G/0/AAAAAAAAAAAAAAAAAAAAAAB/g+16PVWv11O7692/cUkJSbv/Rz1P9Afv/3Dr+OFeQvKfruZX85I/0lg2ZAsqypenGaX0pbk/tOzU85dzczPWlNYbf62VX1vNj3bnZ5VSund+didv3fn/lOzMZ5TS/73zmZ75MZ0725F3lNK7uwrka7m5X7fzT2bNLl3N7clPNO8HAAAAAMC/wLHveh6/O85B4zv5Xzg/sOf4Oq6T8Wi3HQAAAACAYRHWHpVc3/cq0RSfWycLIp7GgBfHJP1W/GLHVV/bQ/F9txx28SwYlJduAIuEpEN9wAn1Y6oRfikBAAAA6It20x/1TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF5HccGzA546dsSbCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAETuWwAAAP//AmwlzQ==")
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
getdents64(r0, &(0x7f000003f980)=""/4088, 0xff8)

909.758744ms ago: executing program 4 (id=1883):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0x80000039f8, 0x4)
sendto$inet6(r0, &(0x7f0000000000)="8d", 0x1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000049c0)=[{{0x0, 0xd0f872b6aab77cd2, 0x0, 0x0, &(0x7f00000014c0)=""/158, 0x9e}, 0x3ff}], 0x1, 0x40012043, 0x0)

895.146735ms ago: executing program 0 (id=1885):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
setresuid(0x0, 0x0, 0x0)

894.483124ms ago: executing program 1 (id=1886):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="820000000000000071000040"])

629.961561ms ago: executing program 0 (id=1897):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000a000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000001c0)='mm_page_alloc\x00', r1}, 0x10)
setitimer(0x1, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x10)

629.343601ms ago: executing program 1 (id=1898):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x1, 0x8008, 0x8, 0x11, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000080), &(0x7f0000000200)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

610.426322ms ago: executing program 0 (id=1888):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x64, 0x0, 0x0)
ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f0000000440)={{0x0, 0x0, 0x80}})
syz_usb_connect(0x3, 0x8c6, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201500236e47e2082055c2955d4010203010902b408048006a00309047f0e01ff2dde700a24010100800201020824050503"], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x2f, &(0x7f0000000100)=ANY=[@ANYBLOB="2f03bac6c75bef54b57901ce9c63dae3933f2b25"]}]})

597.955263ms ago: executing program 1 (id=1890):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

549.217776ms ago: executing program 1 (id=1893):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x7fffffff, 0x372, 0x0, 0x19, "40b80000000000000000001c00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17)

412.046484ms ago: executing program 3 (id=1896):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x1)
fchdir(r1)
openat(0xffffffffffffff9c, &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000080)='./bus\x00', 0x2, &(0x7f00000009c0)={[{@errors_remount}, {@grpquota}, {@prjquota}], [{@audit}, {@fsname={'fsname', 0x3d, 'grpquota'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@euid_lt}, {@smackfsfloor={'smackfsfloor', 0x3d, 'ext3\x00'}}]}, 0x2, 0x517, &(0x7f0000000140)="$eJzs3U9vI2cZAPBnJvGS7aYkpRxKpZaKFu1WsPamgTbi0BYJcasEKvclSrwhihNHsdNuQoVS8QGQEIJKnDhxQeIDIKHyDapKK8EdAQIh2MIBIWDQ2OPdxBpvEjW2I/v3k8bzzuuZeZ53HI/nX2YCmFrPRcTrETETES9GxEJRnxZdHHW7fLyP7r+zlnfxQRJv/i2JpKiLTumha8Vkc91eqdbB4dZqo1HfK4Zr7e3dWuvg8Obm9upGfaO+s7y89PLKKysxd2vQLL5znnbm7Xr1a3/68Q9+/vVXf/3Ft39/+y83vpdnPV+8323Ho6UnhmbOFLe7ZCr5ssjd+3dRv3ee5C+xpFi2lXEnAgDAmTwZEZ+KiM91tv8XYiZme2/ZpAMAAIAJkb02H/9JIjIAAABgYr3WuQY2SavF9a3zkabVavca3k/HY2mj2Wp/4U5zf2e9e63sYlTSO5uN+q3ius/FqCT58FKn/HD4pb7h5Yh4IiJ+tHC1M1xdazbWx33wAwAAAKbEtb79/38udPf/AQAAgAmzOO4EAAAAgKEbtP+fjDgPAAAAYHic/wcAAICJ9o033si7rPf86/W3Dva3mm/dXK+3tqrb+2vVtebebnWj2dzo3LNv+7T5NZrN3S/Fzv7dWrveatdaB4e3t5v7O+3bm71HYAMAAACj9sRn3/9dEhFHX7na6XJX8peZARO4VgAmRnqekf84vDyA0Rv0Mw9MvtlxJwCMz1Gxvw9MrRO3+ijZKDh+8c6JYwYfDC8nAADgYl3/TPn5/3wXoDLu5IChOtf5f2CiOP8P06vs/P9vBo/+4TBzAUarYgsApt5pj/oYePOOM5//z7JT5wUAAAzVfL7tfxRRLc4FzkeaVqsRj3f+1b+S3Nls1G9FxCcj4rcLlU/kw0udKROPBwQAAAAAAAAAAAAAAAAAAAAAAACAM8qyJDIAAABgokWkf06K539dX3hhvv/4wJXkXwudfkS8/dM3f3J3td3eW8rr//6gvv1eUf/SOI5gAAAAwNSb7a/o7af39uMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CJ9dP+dtV43yrh//WpELJbFn425Tn8uKhHx2D+SmD02XRIRMxcQ/+jdiHiqLH6SpxWLRRb98dOIuDqa+M9kWZZGSfxrFxAfptn7+frn9bLvXxrPdfrl3//Zovu4Bq//0gfrv5kB67/Hzxjj6Xu/rA2M/27E07Pl659e/GRA/OfLZliyUL79rcPDQfGzn0VcL/39SU7EqrW3d2utg8Obm9urG/WN+s7y8tLLK6+sfHnlVu3OZqNevJbG+OEzv/pfX9V/s65O+2NA/MVT2v9CXqgcb0x/mCLYvbv3n+wWK32z6MS/8Xz55//UI+LnfxOfL34H8vev98pH3fJxz/7iw2dLEyvirw9o/2mf/41BM+3z4je//4czjgoAjEDr4HBrtdGo7w298F6WZaOKdWkK2eVI41IU5i5HGgqnFy7iyBYAAHDZPNzoP8dE3x1iQgAAAAAAAAAAAAAAAAAAADCFWgeRDrwN2JWLuZ1Yf8yj8TQVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/h8AAP//oszk1w==")

357.264618ms ago: executing program 3 (id=1899):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="080000000400000004000000a4"], 0x48)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r2}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000380), &(0x7f0000000200)=r2}, 0x20)

356.763167ms ago: executing program 3 (id=1900):
socket(0xa, 0x2, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000200)=r2, 0x4)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)={0x18, r0, 0x333, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}, 0x1, 0xa60d000000000000}, 0x0)

322.86591ms ago: executing program 3 (id=1901):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x20000, 0x4)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/5, 0x204000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', <r2=>0x0})
bind$xdp(r0, &(0x7f00000002c0)={0x2c, 0x4, r2}, 0x10)

250.193344ms ago: executing program 3 (id=1902):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1e000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50)

249.683564ms ago: executing program 3 (id=1903):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000005a80)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f0000000540)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
creat(&(0x7f0000000040)='./bus\x00', 0x100)

49.692337ms ago: executing program 4 (id=1904):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x1, 0x8008, 0x8, 0x11, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000080), &(0x7f0000000200)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

0s ago: executing program 4 (id=1905):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
unshare(0x22020600)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, 0x0, 0x0)

kernel console output (not intermixed with test programs):

1 has invalid wMaxPacketSize 0
[   62.401339][ T2173] EXT4-fs: Ignoring removed orlov option
[   62.410868][   T39] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   62.415818][ T2173] EXT4-fs: Ignoring removed nomblk_io_submit option
[   62.428842][   T19] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[   62.431337][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.442427][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.456869][   T39] usb 1-1: config 0 descriptor??
[   62.460013][   T19] usb 2-1: config 0 descriptor??
[   62.463728][   T39] hub 1-1:0.0: USB hub found
[   62.609993][ T2192] 9pnet: p9_errstr2errno: server reported unknown error �@b
[   62.633577][ T2195] netlink: 'syz.3.762': attribute type 6 has an invalid length.
[   62.665499][   T39] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[   62.704354][ T2204] 9pnet: p9_errstr2errno: server reported unknown error �����sŧ��"E��gW4�����w5���fIt�KT���	i���|e$�Y
[   62.704354][ T2204] 4qhC�1��	�\��,�x
[   62.751125][ T2208] I/O error, dev loop7, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[   62.760640][ T2208] EXT4-fs (loop7): unable to read superblock
[   62.841115][ T2218] netlink: 68 bytes leftover after parsing attributes in process `syz.3.764'.
[   62.876826][   T39] hid-generic 0003:046D:C31C.000E: item fetching failed at offset 0/1
[   62.887076][   T39] hid-generic: probe of 0003:046D:C31C.000E failed with error -22
[   62.897652][   T60] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   62.923985][ T2226] loop3: detected capacity change from 0 to 1024
[   62.930612][ T2226] EXT4-fs: Ignoring removed nomblk_io_submit option
[   62.937543][ T2226] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   62.948483][ T2226] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[   62.959148][ T2226] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #3: comm syz.3.768: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[   62.977089][ T2226] EXT4-fs (loop3): no journal found
[   62.982249][ T2226] EXT4-fs (loop3): can't get journal size
[   63.040965][ T2234] loop2: detected capacity change from 0 to 512
[   63.049763][ T2234] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   63.058064][ T2234] EXT4-fs (loop2): orphan cleanup on readonly fs
[   63.064625][ T2234] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #16: comm syz.2.771: casefold flag without casefold feature
[   63.077494][ T2234] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.771: couldn't read orphan inode 16 (err -117)
[   63.077659][   T60] usb 5-1: Using ep0 maxpacket: 16
[   63.095184][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.106128][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.115825][   T60] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   63.128606][   T60] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   63.137396][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.146066][   T60] usb 5-1: config 0 descriptor??
[   63.194135][ T2243] device ip6gretap1 entered promiscuous mode
[   63.219501][ T1854] usb 1-1: USB disconnect, device number 5
[   63.232750][ T2247] netem: incorrect ge model size
[   63.269826][   T19] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   63.279762][   T19] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[   63.290938][    T6] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   63.298280][   T19] asix: probe of 2-1:0.0 failed with error -71
[   63.305002][   T19] usb 2-1: USB disconnect, device number 7
[   63.487744][    T6] usb 4-1: Using ep0 maxpacket: 8
[   63.493646][    T6] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[   63.501842][    T6] usb 4-1: config 179 has no interface number 0
[   63.508132][    T6] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[   63.519184][    T6] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[   63.530371][    T6] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 44, changing to 9
[   63.541629][    T6] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 25705, setting to 1024
[   63.552901][    T6] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   63.566018][    T6] usb 4-1: config 179 interface 65 has no altsetting 0
[   63.573342][    T6] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[   63.582252][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.592712][   T60] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[   63.599990][   T60] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[   63.607116][ T2226] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[   63.614158][   T60] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[   63.622857][    T6] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input24
[   63.635187][   T60] microsoft 0003:045E:07DA.000F: No inputs registered, leaving
[   63.642665][  T319] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   63.651249][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -1
[   63.659803][   T60] microsoft 0003:045E:07DA.000F: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[   63.671028][   T60] microsoft 0003:045E:07DA.000F: no inputs found
[   63.677166][   T60] microsoft 0003:045E:07DA.000F: could not initialize ff, continuing anyway
[   63.804033][   T39] usb 5-1: USB disconnect, device number 7
[   63.823391][   T60] usb 4-1: USB disconnect, device number 7
[   63.829110][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   63.838779][  T319] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.857613][  T319] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.866795][ T2266] loop0: detected capacity change from 0 to 40427
[   63.867157][  T319] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   63.874857][ T2266] F2FS-fs (loop0): fault_injection options not supported
[   63.886556][   T60] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   63.894139][ T2266] F2FS-fs (loop0): invalid crc value
[   63.903789][  T319] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   63.917003][  T319] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.929231][ T2266] F2FS-fs (loop0): Found nat_bits in checkpoint
[   63.937952][  T319] usb 3-1: config 0 descriptor??
[   63.958621][ T2268] netlink: 'syz.1.787': attribute type 12 has an invalid length.
[   63.979379][ T2266] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   64.058268][  T298] syz-executor: attempt to access beyond end of device
[   64.058268][  T298] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   64.168925][ T2281] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   64.218792][   T28] kauditd_printk_skb: 114 callbacks suppressed
[   64.218809][   T28] audit: type=1400 audit(1740428898.185:451): avc:  denied  { ioctl } for  pid=2288 comm="syz.0.794" path="socket:[24041]" dev="sockfs" ino=24041 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   64.346224][  T319] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving
[   64.375068][  T319] plantronics 0003:047F:FFFF.0010: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   64.446047][ T2319] loop3: detected capacity change from 0 to 128
[   64.452920][ T2319] EXT4-fs: Ignoring removed nobh option
[   64.461116][ T2319] ext4 filesystem being mounted at /180/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   64.529153][ T2326] loop4: detected capacity change from 0 to 512
[   64.539141][ T2326] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.551785][ T2326] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #2: comm syz.4.812: corrupted inode contents
[   64.563548][ T2326] EXT4-fs error (device loop4): ext4_dirty_inode:6091: inode #2: comm syz.4.812: mark_inode_dirty error
[   64.575097][ T2326] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #2: comm syz.4.812: corrupted inode contents
[   64.588380][ T2326] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #2: comm syz.4.812: corrupted inode contents
[   64.600208][ T2326] EXT4-fs error (device loop4): ext4_dirty_inode:6091: inode #2: comm syz.4.812: mark_inode_dirty error
[   64.611665][ T2326] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #2: comm syz.4.812: corrupted inode contents
[   64.615225][ T2332] syz.3.813[2332] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.623614][ T2326] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.812: mark_inode_dirty error
[   64.624107][ T2332] syz.3.813[2332] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.635709][ T2326] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #2: comm syz.4.812: corrupted inode contents
[   64.668614][ T2326] EXT4-fs error (device loop4): ext4_dirty_inode:6091: inode #2: comm syz.4.812: mark_inode_dirty error
[   64.680119][ T2333] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #2: comm syz.4.812: corrupted inode contents
[   64.691856][    T6] usb 3-1: USB disconnect, device number 5
[   64.714566][ T2338] netlink: 9 bytes leftover after parsing attributes in process `syz.3.815'.
[   64.724016][ T2338] device gretap0 entered promiscuous mode
[   64.737703][  T319] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   64.745820][ T2338] netlink: 5 bytes leftover after parsing attributes in process `syz.3.815'.
[   64.754747][ T2338] 0�X��D: renamed from gretap0
[   64.760664][ T2338] device 
30�X��D left promiscuous mode
[   64.766750][ T2338] A link change request failed with some changes committed already. Interface 
30�X��D may have been left with an inconsistent configuration, please check.
[   64.857038][   T28] audit: type=1400 audit(1740428898.815:452): avc:  denied  { read write } for  pid=2345 comm="syz.4.819" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   64.893566][   T28] audit: type=1400 audit(1740428898.815:453): avc:  denied  { open } for  pid=2345 comm="syz.4.819" path="/dev/loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   64.918068][   T28] audit: type=1400 audit(1740428898.855:454): avc:  denied  { ioctl } for  pid=2345 comm="syz.4.819" path="/dev/loop-control" dev="devtmpfs" ino=113 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   64.967716][  T319] usb 1-1: Using ep0 maxpacket: 32
[   64.974494][  T319] usb 1-1: unable to get BOS descriptor or descriptor too short
[   64.983006][  T319] usb 1-1: config 1 has an invalid interface number: 5 but max is 0
[   64.991057][  T319] usb 1-1: config 1 has no interface number 0
[   64.997037][  T319] usb 1-1: config 1 interface 5 has no altsetting 0
[   65.012479][  T319] usb 1-1: New USB device found, idVendor=0403, idProduct=e050, bcdDevice=a2.6c
[   65.021808][  T319] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   65.030251][  T319] usb 1-1: Product: syz
[   65.034897][  T319] usb 1-1: Manufacturer: syz
[   65.039976][  T319] usb 1-1: SerialNumber: syz
[   65.104737][   T28] audit: type=1400 audit(1740428899.065:455): avc:  denied  { bind } for  pid=2372 comm="syz.3.831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   65.124006][   T28] audit: type=1400 audit(1740428899.065:456): avc:  denied  { read write } for  pid=2372 comm="syz.3.831" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   65.148083][   T28] audit: type=1400 audit(1740428899.065:457): avc:  denied  { open } for  pid=2372 comm="syz.3.831" path="/dev/ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   65.175751][   T28] audit: type=1400 audit(1740428899.065:458): avc:  denied  { ioctl } for  pid=2372 comm="syz.3.831" path="/dev/ppp" dev="devtmpfs" ino=154 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   65.224017][ T2380] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   65.233543][ T2381] loop1: detected capacity change from 0 to 2048
[   65.244042][ T2381] EXT4-fs (loop1): bad block size 8192
[   65.408295][   T28] audit: type=1400 audit(1740428899.375:459): avc:  denied  { setopt } for  pid=2391 comm="syz.1.840" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   66.019093][ T2400] loop3: detected capacity change from 0 to 128
[   66.027651][ T2400] ext4 filesystem being mounted at /193/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   66.104333][ T2407] loop2: detected capacity change from 0 to 512
[   66.122693][ T2407] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   66.140784][ T2407] EXT4-fs (loop2): orphan cleanup on readonly fs
[   66.148512][ T2407] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present
[   66.158649][ T2407] EXT4-fs error (device loop2): ext4_acquire_dquot:6782: comm syz.2.845: Failed to acquire dquot type 1
[   66.170459][ T2407] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.845: bg 0: block 40: padding at end of block bitmap is not set
[   66.192584][ T2407] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   66.207650][ T2407] EXT4-fs (loop2): 1 truncate cleaned up
[   66.401936][ T2439] input: syz0 as /devices/virtual/input/input26
[   66.428583][ T2442] loop4: detected capacity change from 0 to 512
[   66.435996][ T2442] EXT4-fs error (device loop4): __ext4_iget:5057: inode #2: block 1: comm syz.4.860: invalid block
[   66.449305][ T2442] EXT4-fs (loop4): get root inode failed
[   66.454803][ T2442] EXT4-fs (loop4): mount failed
[   66.592179][ T2447] loop4: detected capacity change from 0 to 256
[   66.877638][    T6] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[   67.058789][    T6] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 255, setting to 64
[   67.070811][    T6] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   67.079749][    T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   67.087506][    T6] usb 5-1: Product: syz
[   67.091557][    T6] usb 5-1: Manufacturer: syz
[   67.095923][    T6] usb 5-1: SerialNumber: syz
[   67.146555][ T2454] xt_hashlimit: invalid rate
[   67.174608][ T2460] loop3: detected capacity change from 0 to 128
[   67.218416][ T2467] input: syz0 as /devices/virtual/input/input27
[   67.311499][ T2449] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[   67.334548][ T2479] loop2: detected capacity change from 0 to 512
[   67.341375][ T2479] EXT4-fs: Ignoring removed orlov option
[   67.347400][ T2479] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   67.363971][ T2479] EXT4-fs (loop2): orphan cleanup on readonly fs
[   67.370986][ T2479] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.875: bg 0: block 248: padding at end of block bitmap is not set
[   67.385692][ T2479] EXT4-fs error (device loop2): ext4_acquire_dquot:6782: comm syz.2.875: Failed to acquire dquot type 1
[   67.397696][ T2479] EXT4-fs (loop2): 1 truncate cleaned up
[   67.403548][ T2479] EXT4-fs mount: 45 callbacks suppressed
[   67.403568][ T2479] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   67.429746][  T319] ftdi_sio 1-1:1.5: FTDI USB Serial Device converter detected
[   67.448235][  T319] ftdi_sio ttyUSB0: unknown device type: 0xa26c
[   67.458715][ T2485] netlink: 8 bytes leftover after parsing attributes in process `syz.0.877'.
[   67.468951][ T2479] EXT4-fs: Ignoring removed orlov option
[   67.474488][ T2479] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   67.483762][  T319] usb 1-1: USB disconnect, device number 6
[   67.493519][  T319] ftdi_sio 1-1:1.5: device disconnected
[   67.504303][ T2487] sch_fq: defrate 0 ignored.
[   67.512203][ T2479] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   67.527701][ T2485] netlink: 12 bytes leftover after parsing attributes in process `syz.0.877'.
[   67.537840][ T2485] Zero length message leads to an empty skb
[   67.549258][ T2479] EXT4-fs error (device loop2): __ext4_remount:6598: comm syz.2.875: Abort forced by user
[   67.568120][ T2479] EXT4-fs (loop2): Remounting filesystem read-only
[   67.580310][ T2479] EXT4-fs (loop2): re-mounted. Quota mode: writeback.
[   67.593231][ T2479] ext4 filesystem being remounted at /142/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   67.613519][  T296] EXT4-fs (loop2): unmounting filesystem.
[   67.643791][ T2498] loop2: detected capacity change from 0 to 16
[   67.658329][ T2498] erofs: (device loop2): mounted with root inode @ nid 36.
[   67.684791][ T2498] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   67.703855][ T2498] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -3 in[47, 4049] out[1851]
[   67.722421][ T2498] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[   67.963704][ T2449] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[   67.970973][ T2514] tipc: Disabling bearer <udp:syz2>
[   68.182867][ T2526] user requested TSC rate below hardware speed
[   68.196388][    T6] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[   68.207598][    T6] cdc_ncm 5-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[   68.218263][ T2535] netlink: 20 bytes leftover after parsing attributes in process `syz.3.898'.
[   68.237062][    T6] cdc_ncm 5-1:1.0: setting rx_max = 2048
[   68.310170][ T2540] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=2540 comm=syz.3.900
[   68.377163][ T2553] loop2: detected capacity change from 0 to 256
[   68.393797][ T2553] exfat: Bad value for 'gid'
[   68.401158][    T6] cdc_ncm 5-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[   68.425949][    T6] usb 5-1: USB disconnect, device number 8
[   68.432420][ T2555] device batadv_slave_1 entered promiscuous mode
[   68.437471][    T6] cdc_ncm 5-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP)
[   68.439368][ T2554] device batadv_slave_1 left promiscuous mode
[   68.563608][ T2576] loop2: detected capacity change from 0 to 512
[   68.572705][ T2576] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2186: inode #15: comm syz.2.917: corrupted in-inode xattr
[   68.585128][ T2576] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.917: couldn't read orphan inode 15 (err -117)
[   68.597207][ T2576] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   68.607496][ T2576] EXT4-fs (loop2): shut down requested (2)
[   68.613332][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.622229][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.631187][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.639895][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.648801][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.657622][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.666266][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.675327][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.684328][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.692992][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.701573][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.710179][ T2576] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   68.724229][  T296] EXT4-fs (loop2): unmounting filesystem.
[   68.900028][ T2596] 9pnet: p9_errstr2errno: server reported unknown error �@�Nd
[   68.937339][ T2604] IPv6: addrconf: prefix option has invalid lifetime
[   68.944817][ T2604] IPv6: addrconf: prefix option has invalid lifetime
[   69.120761][ T2629] user requested TSC rate below hardware speed
[   69.180913][ T2640] loop4: detected capacity change from 0 to 256
[   69.187226][ T2640] exfat: Bad value for 'gid'
[   69.252235][ T2648] IPv6: addrconf: prefix option has invalid lifetime
[   69.260827][ T2648] IPv6: addrconf: prefix option has invalid lifetime
[   69.356024][ T2664] user requested TSC rate below hardware speed
[   69.439229][ T2674] loop1: detected capacity change from 0 to 256
[   69.445651][ T2674] exfat: Bad value for 'gid'
[   69.509402][ T2681] IPv6: addrconf: prefix option has invalid lifetime
[   69.520850][ T2681] IPv6: addrconf: prefix option has invalid lifetime
[   69.567704][  T319] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   69.687353][   T28] kauditd_printk_skb: 10 callbacks suppressed
[   69.687370][   T28] audit: type=1400 audit(2000000001.190:467): avc:  denied  { write } for  pid=2692 comm="syz.3.970" name="001" dev="devtmpfs" ino=184 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   69.732093][ T2699] user requested TSC rate below hardware speed
[   69.747691][  T319] usb 1-1: Using ep0 maxpacket: 16
[   69.754689][  T319] usb 1-1: config 1 interface 0 has no altsetting 0
[   69.764744][  T319] usb 1-1: New USB device found, idVendor=093a, idProduct=8001, bcdDevice= 0.40
[   69.773723][  T319] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   69.781639][  T319] usb 1-1: Manufacturer: 燰缰鈍激䀑涝橊쏞ὕ|ꡰꁞ縀록쳤ꓵ練맧䌕㉪쒥쐷௬侠翃ॅﳀ⡭⮁潝뺁઀Ⲻ䭡鮭펽ꢝ㧰뷢녣✄闔遣␸尒㾂认㑃繎䞣ⷡ뵯ꧧ긽얫쏇ⱼ液
[   69.872713][ T2717] loop1: detected capacity change from 0 to 512
[   69.881302][ T2717] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2186: inode #15: comm syz.1.990: corrupted in-inode xattr
[   69.893502][ T2717] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.990: couldn't read orphan inode 15 (err -117)
[   69.905455][ T2717] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   69.918258][ T2717] EXT4-fs (loop1): shut down requested (2)
[   69.924222][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   69.933018][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   69.942112][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   69.950875][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   69.959589][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   69.968329][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   69.976995][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   69.986407][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   69.995180][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   70.004522][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   70.013301][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   70.023763][ T2717] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   70.041173][  T295] EXT4-fs (loop1): unmounting filesystem.
[   70.138912][ T2732] loop3: detected capacity change from 0 to 128
[   70.146605][ T2732] EXT4-fs: Ignoring removed nobh option
[   70.154238][ T2732] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   70.163517][ T2732] ext4 filesystem being mounted at /230/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   70.168049][ T2737] loop1: detected capacity change from 0 to 128
[   70.188630][  T294] EXT4-fs (loop3): unmounting filesystem.
[   70.195973][ T2737] syz.1.987: attempt to access beyond end of device
[   70.195973][ T2737] loop1: rw=34817, sector=121, nr_sectors = 120 limit=128
[   70.217789][   T10] kworker/u4:1: attempt to access beyond end of device
[   70.217789][   T10] loop1: rw=1, sector=241, nr_sectors = 800 limit=128
[   70.328025][   T28] audit: type=1400 audit(2000000001.840:468): avc:  denied  { relabelfrom } for  pid=2762 comm="syz.4.1001" name="NETLINK" dev="sockfs" ino=25979 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   70.354335][   T28] audit: type=1400 audit(2000000001.840:469): avc:  denied  { relabelto } for  pid=2762 comm="syz.4.1001" name="NETLINK" dev="sockfs" ino=25979 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1
[   70.417158][   T28] audit: type=1400 audit(2000000001.920:470): avc:  denied  { write } for  pid=2764 comm="syz.2.1002" path="socket:[25988]" dev="sockfs" ino=25988 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   70.640216][  T319] usbhid 1-1:1.0: can't add hid device: -71
[   70.646056][  T319] usbhid: probe of 1-1:1.0 failed with error -71
[   70.653025][  T319] usb 1-1: USB disconnect, device number 7
[   71.242391][   T28] audit: type=1400 audit(2000000002.750:471): avc:  denied  { read } for  pid=2794 comm="syz.2.1016" name="file0" dev="tmpfs" ino=962 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   71.267533][   T28] audit: type=1400 audit(2000000002.770:472): avc:  denied  { watch } for  pid=2794 comm="syz.2.1016" path="/179/file0" dev="tmpfs" ino=962 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   71.327543][ T2809] user requested TSC rate below hardware speed
[   71.354314][ T2816] loop2: detected capacity change from 0 to 128
[   71.361226][   T28] audit: type=1400 audit(2000000002.870:473): avc:  denied  { setcurrent } for  pid=2811 comm="syz.3.1024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   71.380843][ T2816] EXT4-fs: Ignoring removed nobh option
[   71.386429][   T28] audit: type=1401 audit(2000000002.870:474): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[   71.405752][ T2816] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   71.414257][ T2816] ext4 filesystem being mounted at /181/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   71.418620][   T28] audit: type=1400 audit(2000000002.930:475): avc:  denied  { mounton } for  pid=2823 comm="syz.3.1028" path="/237/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   71.465137][  T296] EXT4-fs (loop2): unmounting filesystem.
[   71.547615][ T1854] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   71.591604][ T2855] loop1: detected capacity change from 0 to 128
[   71.598249][ T2855] EXT4-fs: Ignoring removed nobh option
[   71.605196][ T2855] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   71.614026][ T2855] ext4 filesystem being mounted at /211/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   71.638672][  T295] EXT4-fs (loop1): unmounting filesystem.
[   71.737653][ T1854] usb 5-1: Using ep0 maxpacket: 16
[   71.744349][ T1854] usb 5-1: config 1 interface 0 has no altsetting 0
[   71.754052][ T1854] usb 5-1: New USB device found, idVendor=093a, idProduct=8001, bcdDevice= 0.40
[   71.762980][ T1854] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.770755][ T1854] usb 5-1: Manufacturer: 燰缰鈍激䀑涝橊쏞ὕ|ꡰꁞ縀록쳤ꓵ練맧䌕㉪쒥쐷௬侠翃ॅﳀ⡭⮁潝뺁઀Ⲻ䭡鮭펽ꢝ㧰뷢녣✄闔遣␸尒㾂认㑃繎䞣ⷡ뵯ꧧ긽얫쏇ⱼ液
[   72.302548][ T2869] input: syz1 as /devices/virtual/input/input28
[   72.437614][  T327] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[   72.470069][ T2882] netlink: 'syz.2.1063': attribute type 4 has an invalid length.
[   72.477852][ T2882] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.1063'.
[   72.595909][ T1854] usbhid 5-1:1.0: can't add hid device: -71
[   72.601746][ T1854] usbhid: probe of 5-1:1.0 failed with error -71
[   72.608157][   T28] audit: type=1400 audit(2000000004.120:476): avc:  denied  { unlink } for  pid=85 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   72.630706][ T1854] usb 5-1: USB disconnect, device number 9
[   72.638731][  T327] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 255, setting to 64
[   72.650633][  T327] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   72.659508][  T327] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.667289][  T327] usb 1-1: Product: syz
[   72.671353][  T327] usb 1-1: Manufacturer: syz
[   72.675704][  T327] usb 1-1: SerialNumber: syz
[   72.882511][ T2865] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[   73.184226][ T2914] input: syz1 as /devices/virtual/input/input29
[   73.188823][ T2916] netlink: 'syz.1.1066': attribute type 4 has an invalid length.
[   73.198025][ T2916] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.1066'.
[   73.248057][ T2924] device pim6reg1 entered promiscuous mode
[   73.490876][ T2865] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[   73.698862][  T327] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42
[   73.705123][  T327] cdc_ncm 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[   73.712366][  T327] cdc_ncm 1-1:1.0: setting rx_max = 2048
[   73.784139][ T2941] loop2: detected capacity change from 0 to 128
[   73.820736][ T2941] syz.2.1080: attempt to access beyond end of device
[   73.820736][ T2941] loop2: rw=34817, sector=121, nr_sectors = 120 limit=128
[   73.844680][   T10] kworker/u4:1: attempt to access beyond end of device
[   73.844680][   T10] loop2: rw=1, sector=241, nr_sectors = 800 limit=128
[   73.901719][  T327] cdc_ncm 1-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[   73.914318][  T327] usb 1-1: USB disconnect, device number 8
[   73.922106][  T327] cdc_ncm 1-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP)
[   74.016142][ T2978] loop2: detected capacity change from 0 to 256
[   74.039621][ T2978] FAT-fs (loop2): Directory bread(block 64) failed
[   74.045981][ T2978] FAT-fs (loop2): Directory bread(block 65) failed
[   74.052747][ T2978] FAT-fs (loop2): Directory bread(block 66) failed
[   74.059438][ T2978] FAT-fs (loop2): Directory bread(block 67) failed
[   74.065811][ T2978] FAT-fs (loop2): Directory bread(block 68) failed
[   74.072220][ T2978] FAT-fs (loop2): Directory bread(block 69) failed
[   74.078805][ T2978] FAT-fs (loop2): Directory bread(block 70) failed
[   74.085155][ T2978] FAT-fs (loop2): Directory bread(block 71) failed
[   74.093099][ T2978] FAT-fs (loop2): Directory bread(block 72) failed
[   74.099525][ T2978] FAT-fs (loop2): Directory bread(block 73) failed
[   74.306942][ T3001] loop1: detected capacity change from 0 to 256
[   74.313668][ T3001] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   74.324435][ T3001] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[   74.340304][ T3001] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   74.402841][   T43] kworker/u4:2: attempt to access beyond end of device
[   74.402841][   T43] loop2: rw=1, sector=1224, nr_sectors = 64 limit=256
[   74.428424][   T43] kworker/u4:2: attempt to access beyond end of device
[   74.428424][   T43] loop2: rw=1, sector=1320, nr_sectors = 448 limit=256
[   74.442498][   T43] kworker/u4:2: attempt to access beyond end of device
[   74.442498][   T43] loop2: rw=1, sector=1832, nr_sectors = 96 limit=256
[   74.459382][   T43] kworker/u4:2: attempt to access beyond end of device
[   74.459382][   T43] loop2: rw=1, sector=1960, nr_sectors = 5176 limit=256
[   74.488516][   T43] kworker/u4:2: attempt to access beyond end of device
[   74.488516][   T43] loop2: rw=1, sector=7136, nr_sectors = 4512 limit=256
[   74.529230][   T43] kworker/u4:2: attempt to access beyond end of device
[   74.529230][   T43] loop2: rw=1, sector=11648, nr_sectors = 1272 limit=256
[   74.599764][ T3029] input: syz1 as /devices/virtual/input/input30
[   74.679115][ T3038] input: syz1 as /devices/virtual/input/input31
[   74.703856][ T3044] loop2: detected capacity change from 0 to 256
[   74.711455][ T3044] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   74.722116][ T3044] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[   74.735864][ T3044] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   74.825193][ T3055] serio: Serial port ptm0
[   74.848007][   T28] kauditd_printk_skb: 3 callbacks suppressed
[   74.848023][   T28] audit: type=1400 audit(2000000006.360:480): avc:  denied  { create } for  pid=3056 comm="syz.3.1134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   74.877311][   T28] audit: type=1400 audit(2000000006.360:481): avc:  denied  { write } for  pid=3056 comm="syz.3.1134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   74.898346][   T28] audit: type=1400 audit(2000000006.360:482): avc:  denied  { nlmsg_read } for  pid=3056 comm="syz.3.1134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   74.999255][ T3078] loop0: detected capacity change from 0 to 256
[   75.006275][ T3078] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   75.017715][ T3078] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[   75.029021][ T3078] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   75.254089][ T3092] user requested TSC rate below hardware speed
[   75.329238][ T3097] loop1: detected capacity change from 0 to 256
[   75.341514][ T3097] FAT-fs (loop1): Directory bread(block 64) failed
[   75.348003][ T3097] FAT-fs (loop1): Directory bread(block 65) failed
[   75.354406][ T3097] FAT-fs (loop1): Directory bread(block 66) failed
[   75.361162][ T3097] FAT-fs (loop1): Directory bread(block 67) failed
[   75.367517][ T3097] FAT-fs (loop1): Directory bread(block 68) failed
[   75.374454][ T3097] FAT-fs (loop1): Directory bread(block 69) failed
[   75.381087][ T3097] FAT-fs (loop1): Directory bread(block 70) failed
[   75.388488][ T3097] FAT-fs (loop1): Directory bread(block 71) failed
[   75.395007][ T3097] FAT-fs (loop1): Directory bread(block 72) failed
[   75.401557][ T3097] FAT-fs (loop1): Directory bread(block 73) failed
[   75.438286][   T28] audit: type=1400 audit(2000000006.950:483): avc:  denied  { relabelfrom } for  pid=3106 comm="syz.2.1154" name="" dev="pipefs" ino=27280 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   75.598635][   T43] kworker/u4:2: attempt to access beyond end of device
[   75.598635][   T43] loop1: rw=1, sector=1224, nr_sectors = 64 limit=256
[   75.612265][   T43] kworker/u4:2: attempt to access beyond end of device
[   75.612265][   T43] loop1: rw=1, sector=1320, nr_sectors = 448 limit=256
[   75.625955][   T43] kworker/u4:2: attempt to access beyond end of device
[   75.625955][   T43] loop1: rw=1, sector=1832, nr_sectors = 96 limit=256
[   75.640960][   T43] kworker/u4:2: attempt to access beyond end of device
[   75.640960][   T43] loop1: rw=1, sector=1960, nr_sectors = 3624 limit=256
[   75.656643][   T43] kworker/u4:2: attempt to access beyond end of device
[   75.656643][   T43] loop1: rw=1, sector=5584, nr_sectors = 3016 limit=256
[   75.672084][   T43] kworker/u4:2: attempt to access beyond end of device
[   75.672084][   T43] loop1: rw=1, sector=8600, nr_sectors = 2928 limit=256
[   75.687345][   T43] kworker/u4:2: attempt to access beyond end of device
[   75.687345][   T43] loop1: rw=1, sector=11528, nr_sectors = 1088 limit=256
[   75.782931][ T3126] loop0: detected capacity change from 0 to 256
[   75.808184][ T3126] FAT-fs (loop0): Directory bread(block 64) failed
[   75.824761][ T3126] FAT-fs (loop0): Directory bread(block 65) failed
[   75.843603][ T3126] FAT-fs (loop0): Directory bread(block 66) failed
[   75.850823][ T3126] FAT-fs (loop0): Directory bread(block 67) failed
[   75.859084][ T3126] FAT-fs (loop0): Directory bread(block 68) failed
[   75.874012][ T3126] FAT-fs (loop0): Directory bread(block 69) failed
[   75.880594][ T3126] FAT-fs (loop0): Directory bread(block 70) failed
[   75.886924][ T3126] FAT-fs (loop0): Directory bread(block 71) failed
[   75.893376][ T3126] FAT-fs (loop0): Directory bread(block 72) failed
[   75.899759][ T3126] FAT-fs (loop0): Directory bread(block 73) failed
[   75.950519][  T319] hid-generic 0000:0003:0000.0011: unknown main item tag 0x0
[   75.967653][  T319] hid-generic 0000:0003:0000.0011: unknown main item tag 0x0
[   75.975620][  T319] hid-generic 0000:0003:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   75.977767][   T24] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   76.190683][   T43] kworker/u4:2: attempt to access beyond end of device
[   76.190683][   T43] loop0: rw=1, sector=1224, nr_sectors = 64 limit=256
[   76.204363][   T43] kworker/u4:2: attempt to access beyond end of device
[   76.204363][   T43] loop0: rw=1, sector=1320, nr_sectors = 448 limit=256
[   76.218245][   T43] kworker/u4:2: attempt to access beyond end of device
[   76.218245][   T43] loop0: rw=1, sector=1832, nr_sectors = 96 limit=256
[   76.232734][   T24] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   76.242889][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   76.252584][   T24] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   76.261638][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   76.269480][   T24] usb 3-1: SerialNumber: syz
[   76.317665][  T327] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   76.476258][   T24] usb 3-1: 0:2 : does not exist
[   76.482219][   T24] usb 3-1: USB disconnect, device number 6
[   76.508699][  T327] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   76.519386][  T327] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   76.528967][  T327] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   76.537849][  T327] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.546058][  T327] usb 4-1: config 0 descriptor??
[   76.995947][ T3152] input: syz1 as /devices/virtual/input/input32
[   77.043140][ T3164] device sit0 entered promiscuous mode
[   77.153369][  T327] usb 4-1: string descriptor 0 read error: -22
[   77.256877][ T3188] loop1: detected capacity change from 0 to 512
[   77.265365][ T3188] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.1.1190: corrupted xattr block 95
[   77.278155][ T3188] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.1190: bg 0: block 7: invalid block bitmap
[   77.290457][ T3188] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   77.299143][ T3188] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2925: inode #11: comm syz.1.1190: corrupted xattr block 95
[   77.310321][ T3192] loop2: detected capacity change from 0 to 512
[   77.311309][ T3188] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117)
[   77.318127][ T3192] EXT4-fs: Ignoring removed bh option
[   77.326244][ T3188] EXT4-fs (loop1): 1 orphan inode deleted
[   77.336888][ T3188] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   77.348919][ T3192] EXT4-fs error (device loop2): ext4_quota_enable:6973: comm syz.2.1191: inode #33554432: comm syz.2.1191: iget: illegal inode #
[   77.362834][ T3192] EXT4-fs (loop2): Remounting filesystem read-only
[   77.369315][ T3192] EXT4-fs error (device loop2): ext4_quota_enable:6976: comm syz.2.1191: Bad quota inode: 33554432, type: 2
[   77.371618][  T327] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0012/input/input33
[   77.381519][ T3192] EXT4-fs (loop2): Remounting filesystem read-only
[   77.393261][  T295] EXT4-fs (loop1): unmounting filesystem.
[   77.398644][ T3192] EXT4-fs warning (device loop2): ext4_enable_quotas:7017: Failed to enable quota tracking (type=2, err=-117, ino=33554432). Please run e2fsck to fix.
[   77.406746][  T327] uclogic 0003:256C:006D.0012: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[   77.420224][ T3192] EXT4-fs (loop2): mount failed
[   77.497632][   T24] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   77.586552][  T327] usb 4-1: USB disconnect, device number 8
[   77.678727][   T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   77.688843][   T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   77.698644][   T24] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   77.714403][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   77.724480][   T24] usb 1-1: SerialNumber: syz
[   77.929178][   T39] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   77.938785][   T24] usb 1-1: 0:2 : does not exist
[   77.948665][   T24] usb 1-1: USB disconnect, device number 9
[   78.014353][ T3251] loop1: detected capacity change from 0 to 512
[   78.021191][ T3251] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   78.032666][ T3251] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   78.048116][ T3251] EXT4-fs (loop1): 1 truncate cleaned up
[   78.053707][ T3251] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   78.078718][  T295] EXT4-fs (loop1): unmounting filesystem.
[   78.137660][   T39] usb 5-1: Using ep0 maxpacket: 32
[   78.143810][   T39] usb 5-1: config 0 has an invalid interface number: 136 but max is 0
[   78.152165][   T39] usb 5-1: config 0 has no interface number 0
[   78.160013][   T39] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=ee.df
[   78.169318][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.177131][   T39] usb 5-1: Product: syz
[   78.181417][   T39] usb 5-1: Manufacturer: syz
[   78.185858][   T39] usb 5-1: SerialNumber: syz
[   78.197825][   T39] usb 5-1: config 0 descriptor??
[   78.208247][   T39] usb_ehset_test: probe of 5-1:0.136 failed with error -32
[   78.262928][ T3260] device sit0 entered promiscuous mode
[   78.406454][  T319] usb 5-1: USB disconnect, device number 10
[   78.919497][ T3274] loop4: detected capacity change from 0 to 256
[   78.946989][ T3274] FAT-fs (loop4): Directory bread(block 64) failed
[   78.957822][ T3274] FAT-fs (loop4): Directory bread(block 65) failed
[   78.971891][ T3274] FAT-fs (loop4): Directory bread(block 66) failed
[   78.984861][ T3274] FAT-fs (loop4): Directory bread(block 67) failed
[   78.997368][ T3274] FAT-fs (loop4): Directory bread(block 68) failed
[   79.008430][ T3274] FAT-fs (loop4): Directory bread(block 69) failed
[   79.015108][ T3274] FAT-fs (loop4): Directory bread(block 70) failed
[   79.022709][ T3274] FAT-fs (loop4): Directory bread(block 71) failed
[   79.029437][ T3286] SELinux: security policydb version 18 (MLS) not backwards compatible
[   79.038177][ T3286] SELinux: failed to load policy
[   79.045184][ T3274] FAT-fs (loop4): Directory bread(block 72) failed
[   79.057798][ T3274] FAT-fs (loop4): Directory bread(block 73) failed
[   79.210183][ T3300] loop3: detected capacity change from 0 to 128
[   79.225532][ T3300] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[   79.227816][ T3302] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1242'.
[   79.260005][ T3300] FAT-fs (loop3): FAT read failed (blocknr 128)
[   79.279569][ T3306] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1243'.
[   79.369786][ T3316] loop4: detected capacity change from 0 to 1024
[   79.378740][ T3318] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1248'.
[   79.387817][  T319] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   79.416895][ T3316] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   79.578747][  T319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.599907][  T319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.634839][  T319] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   79.644114][  T319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.655509][  T319] usb 2-1: config 0 descriptor??
[   79.740593][ T3345] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1259'.
[   79.774544][ T3316] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   79.789998][ T3316] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[   79.802262][ T3316] EXT4-fs (loop4): This should not happen!! Data will be lost
[   79.802262][ T3316] 
[   79.811901][ T3316] EXT4-fs (loop4): Total free blocks count 0
[   79.818066][ T3316] EXT4-fs (loop4): Free/Dirty block details
[   79.823863][ T3316] EXT4-fs (loop4): free_blocks=68451041280
[   79.829660][ T3316] EXT4-fs (loop4): dirty_blocks=16
[   79.834649][ T3316] EXT4-fs (loop4): Block reservation details
[   79.840544][ T3316] EXT4-fs (loop4): i_reserved_data_blocks=1
[   79.918211][  T297] EXT4-fs (loop4): unmounting filesystem.
[   79.950410][ T3360] loop3: detected capacity change from 0 to 512
[   79.967077][ T3360] EXT4-fs: Ignoring removed bh option
[   79.998591][ T3360] EXT4-fs error (device loop3): ext4_quota_enable:6973: comm syz.3.1265: inode #33554432: comm syz.3.1265: iget: illegal inode #
[   80.022099][ T3360] EXT4-fs (loop3): Remounting filesystem read-only
[   80.028778][ T3360] EXT4-fs error (device loop3): ext4_quota_enable:6976: comm syz.3.1265: Bad quota inode: 33554432, type: 2
[   80.040503][ T3360] EXT4-fs (loop3): Remounting filesystem read-only
[   80.046834][ T3360] EXT4-fs warning (device loop3): ext4_enable_quotas:7017: Failed to enable quota tracking (type=2, err=-117, ino=33554432). Please run e2fsck to fix.
[   80.062801][ T3360] EXT4-fs (loop3): mount failed
[   80.149179][ T3367] loop2: detected capacity change from 0 to 1024
[   80.165158][ T3367] EXT4-fs: Ignoring removed orlov option
[   80.171815][ T3367] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.214065][ T3367] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   80.276893][  T319] usb 2-1: string descriptor 0 read error: -22
[   80.355775][  T296] EXT4-fs (loop2): unmounting filesystem.
[   80.376945][ T3377] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1282'.
[   80.478901][  T319] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0013/input/input34
[   80.493781][  T319] uclogic 0003:256C:006D.0013: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[   80.541588][ T3400] loop3: detected capacity change from 0 to 256
[   80.552683][ T3400] FAT-fs (loop3): Directory bread(block 64) failed
[   80.559733][ T3400] FAT-fs (loop3): Directory bread(block 65) failed
[   80.566160][ T3400] FAT-fs (loop3): Directory bread(block 66) failed
[   80.572548][ T3400] FAT-fs (loop3): Directory bread(block 67) failed
[   80.579205][ T3400] FAT-fs (loop3): Directory bread(block 68) failed
[   80.585620][ T3400] FAT-fs (loop3): Directory bread(block 69) failed
[   80.591978][ T3400] FAT-fs (loop3): Directory bread(block 70) failed
[   80.598467][ T3400] FAT-fs (loop3): Directory bread(block 71) failed
[   80.604875][ T3400] FAT-fs (loop3): Directory bread(block 72) failed
[   80.611269][ T3400] FAT-fs (loop3): Directory bread(block 73) failed
[   80.671252][ T3398] loop2: detected capacity change from 0 to 40427
[   80.682734][   T19] usb 2-1: USB disconnect, device number 8
[   80.689907][ T3398] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[   80.696772][ T3398] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   80.705987][ T3398] F2FS-fs (loop2): invalid crc value
[   80.712561][ T3398] F2FS-fs (loop2): Found nat_bits in checkpoint
[   80.756147][ T3398] F2FS-fs (loop2): Start checkpoint disabled!
[   80.763209][ T3398] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   80.770198][ T3398] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   80.787689][  T319] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[   80.827716][   T43] bio_check_eod: 8 callbacks suppressed
[   80.827736][   T43] kworker/u4:2: attempt to access beyond end of device
[   80.827736][   T43] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   80.898021][   T43] kworker/u4:2: attempt to access beyond end of device
[   80.898021][   T43] loop3: rw=1, sector=1224, nr_sectors = 64 limit=256
[   80.911865][   T43] kworker/u4:2: attempt to access beyond end of device
[   80.911865][   T43] loop3: rw=1, sector=1320, nr_sectors = 448 limit=256
[   80.925535][   T43] kworker/u4:2: attempt to access beyond end of device
[   80.925535][   T43] loop3: rw=1, sector=1832, nr_sectors = 96 limit=256
[   80.944939][   T43] kworker/u4:2: attempt to access beyond end of device
[   80.944939][   T43] loop3: rw=1, sector=1960, nr_sectors = 10760 limit=256
[   80.967672][  T319] usb 5-1: Using ep0 maxpacket: 32
[   80.974270][  T319] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[   80.982335][  T319] usb 5-1: config 0 has no interface number 0
[   80.988245][  T319] usb 5-1: config 0 interface 184 has no altsetting 0
[   80.996292][  T319] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[   81.005257][  T319] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.013127][  T319] usb 5-1: Product: syz
[   81.017064][  T319] usb 5-1: Manufacturer: syz
[   81.021510][  T319] usb 5-1: SerialNumber: syz
[   81.026474][  T319] usb 5-1: config 0 descriptor??
[   81.031879][  T319] smsc75xx v1.0.0
[   81.235164][ T3415] syz.3.1285[3415] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.235229][ T3415] syz.3.1285[3415] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.296517][ T3419] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1287'.
[   81.346111][ T3424] futex_wake_op: syz.0.1291 tries to shift op by -1; fix this program
[   81.497656][   T19] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   81.565510][ T3440] syz.1.1299[3440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.565586][ T3440] syz.1.1299[3440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.663490][ T3446] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1302'.
[   81.687786][   T19] usb 3-1: Using ep0 maxpacket: 16
[   81.693973][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   81.715716][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   81.729646][   T19] usb 3-1: New USB device found, idVendor=056a, idProduct=0023, bcdDevice= 0.00
[   81.738905][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.750490][   T19] usb 3-1: config 0 descriptor??
[   81.757670][   T39] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[   81.807428][ T3458] loop1: detected capacity change from 0 to 128
[   81.814329][ T3458] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[   81.834543][ T3458] FAT-fs (loop1): FAT read failed (blocknr 128)
[   81.863986][ T3462] loop3: detected capacity change from 0 to 1024
[   81.873235][ T3464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1309'.
[   81.883742][ T3462] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   81.948704][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   81.959532][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   81.969372][   T39] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   81.978512][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.987276][   T39] usb 1-1: config 0 descriptor??
[   82.147345][ T3462] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   82.162335][ T3462] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[   82.174730][ T3462] EXT4-fs (loop3): This should not happen!! Data will be lost
[   82.174730][ T3462] 
[   82.182311][   T19] wacom 0003:056A:0023.0014: Unknown device_type for 'HID 056a:0023'. Assuming pen.
[   82.184973][ T3462] EXT4-fs (loop3): Total free blocks count 0
[   82.194365][   T19] wacom 0003:056A:0023.0014: hidraw0: USB HID v0.00 Device [HID 056a:0023] on usb-dummy_hcd.2-1/input0
[   82.201058][ T3462] EXT4-fs (loop3): Free/Dirty block details
[   82.210989][   T19] input: Wacom Intuos 12x12 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0023.0014/input/input35
[   82.216198][ T3462] EXT4-fs (loop3): free_blocks=68451041280
[   82.233429][ T3462] EXT4-fs (loop3): dirty_blocks=16
[   82.238471][ T3462] EXT4-fs (loop3): Block reservation details
[   82.244271][ T3462] EXT4-fs (loop3): i_reserved_data_blocks=1
[   82.264037][  T319] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000044: -71
[   82.274812][  T319] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[   82.284388][  T319] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[   82.295341][  T319] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[   82.304985][  T319] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[   82.306897][  T294] EXT4-fs (loop3): unmounting filesystem.
[   82.318170][  T319] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[   82.330306][  T319] smsc75xx: probe of 5-1:0.184 failed with error -71
[   82.337679][  T319] usb 5-1: USB disconnect, device number 11
[   82.407676][   T60] usb 3-1: USB disconnect, device number 7
[   82.603173][   T39] usb 1-1: string descriptor 0 read error: -22
[   82.805432][   T39] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0015/input/input38
[   82.821005][ T3494] netem: incorrect ge model size
[   82.828598][   T39] uclogic 0003:256C:006D.0015: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.0-1/input0
[   82.842503][ T3496] loop3: detected capacity change from 0 to 512
[   82.850417][ T3496] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   82.858885][ T3496] EXT4-fs (loop3): orphan cleanup on readonly fs
[   82.865362][ T3496] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #16: comm syz.3.1323: casefold flag without casefold feature
[   82.878209][ T3496] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1323: couldn't read orphan inode 16 (err -117)
[   82.890258][ T3496] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   82.909206][  T294] EXT4-fs (loop3): unmounting filesystem.
[   83.007903][   T39] usb 1-1: USB disconnect, device number 10
[   83.531680][ T3514] loop0: detected capacity change from 0 to 1024
[   83.550115][ T3514] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   83.562740][ T3512] loop2: detected capacity change from 0 to 8192
[   83.570782][ T3512] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   83.601002][ T3521] device ip6gretap1 entered promiscuous mode
[   83.620125][ T3512] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   83.632151][ T3512] FAT-fs (loop2): Filesystem has been set read-only
[   83.639451][ T3512] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   83.649713][ T3512] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   83.660724][ T3512] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   83.669400][ T3512] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   83.678313][ T3512] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   83.686945][ T3512] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   83.695604][ T3512] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   83.704899][ T3512] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   83.713639][ T3512] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   83.758284][ T3524] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1333'.
[   83.803620][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[   83.874311][ T3514] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   83.889666][ T3514] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[   83.901994][ T3514] EXT4-fs (loop0): This should not happen!! Data will be lost
[   83.901994][ T3514] 
[   83.911530][ T3514] EXT4-fs (loop0): Total free blocks count 0
[   83.917350][ T3514] EXT4-fs (loop0): Free/Dirty block details
[   83.923164][ T3514] EXT4-fs (loop0): free_blocks=68451041280
[   83.928928][ T3514] EXT4-fs (loop0): dirty_blocks=16
[   83.933868][ T3514] EXT4-fs (loop0): Block reservation details
[   83.939798][ T3514] EXT4-fs (loop0): i_reserved_data_blocks=1
[   83.999944][  T298] EXT4-fs (loop0): unmounting filesystem.
[   84.053352][ T3544] netlink: 'syz.4.1343': attribute type 12 has an invalid length.
[   84.201940][   T28] audit: type=1326 audit(2000000271.713:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3565 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888438d169 code=0x7ffc0000
[   84.241251][   T28] audit: type=1326 audit(2000000271.713:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3565 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f888438d169 code=0x7ffc0000
[   84.268744][   T28] audit: type=1326 audit(2000000271.713:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3565 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888438d169 code=0x7ffc0000
[   84.292062][   T28] audit: type=1326 audit(2000000271.713:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3565 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f888438d169 code=0x7ffc0000
[   84.315648][   T28] audit: type=1326 audit(2000000271.723:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3565 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8884329359 code=0x7ffc0000
[   84.338957][   T28] audit: type=1326 audit(2000000271.723:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3565 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8884329359 code=0x7ffc0000
[   84.362006][   T60] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[   84.369630][   T28] audit: type=1326 audit(2000000271.723:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3565 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8884329359 code=0x7ffc0000
[   84.393060][   T28] audit: type=1326 audit(2000000271.723:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3565 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8884329359 code=0x7ffc0000
[   84.416431][   T28] audit: type=1326 audit(2000000271.723:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3565 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8884329359 code=0x7ffc0000
[   84.439707][   T28] audit: type=1326 audit(2000000271.723:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3565 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8884329359 code=0x7ffc0000
[   84.552521][ T3574] tipc: Started in network mode
[   84.559826][ T3574] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[   84.570250][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.583761][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   84.599619][ T3574] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   84.607929][   T60] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   84.616795][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.631484][ T3576] loop1: detected capacity change from 0 to 1024
[   84.635934][   T60] usb 5-1: config 0 descriptor??
[   84.675491][ T3576] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   84.940013][ T3576] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   84.955165][ T3576] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[   84.967385][ T3576] EXT4-fs (loop1): This should not happen!! Data will be lost
[   84.967385][ T3576] 
[   84.977151][ T3576] EXT4-fs (loop1): Total free blocks count 0
[   84.983210][ T3576] EXT4-fs (loop1): Free/Dirty block details
[   84.989085][ T3576] EXT4-fs (loop1): free_blocks=68451041280
[   84.994783][ T3576] EXT4-fs (loop1): dirty_blocks=16
[   84.999915][ T3576] EXT4-fs (loop1): Block reservation details
[   85.005804][ T3576] EXT4-fs (loop1): i_reserved_data_blocks=1
[   85.081366][  T295] EXT4-fs (loop1): unmounting filesystem.
[   85.135768][ T3583] loop0: detected capacity change from 0 to 128
[   85.147265][ T3583] EXT4-fs: Ignoring removed nobh option
[   85.164112][ T3583] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   85.196520][ T3583] ext4 filesystem being mounted at /246/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   85.254367][   T60] usb 5-1: string descriptor 0 read error: -22
[   85.278220][  T298] EXT4-fs (loop0): unmounting filesystem.
[   85.419774][ T3590] loop1: detected capacity change from 0 to 40427
[   85.431419][ T3590] F2FS-fs (loop1): fault_injection options not supported
[   85.443499][ T3590] F2FS-fs (loop1): invalid crc value
[   85.456375][   T60] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0016/input/input40
[   85.458711][ T3590] F2FS-fs (loop1): Found nat_bits in checkpoint
[   85.476144][   T60] uclogic 0003:256C:006D.0016: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[   85.539944][ T3590] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   85.661127][   T60] usb 5-1: USB disconnect, device number 12
[   85.704018][ T3590] syz.1.1360: attempt to access beyond end of device
[   85.704018][ T3590] loop1: rw=2049, sector=40424, nr_sectors = 8 limit=40427
[   85.817670][  T842] Bluetooth: hci0: command 0x1003 tx timeout
[   85.817814][ T2069] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   85.859126][ T3601] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1363'.
[   86.101855][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[   86.140663][ T3608] loop1: detected capacity change from 0 to 40427
[   86.150986][ T3608] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[   86.162943][ T3608] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   86.183054][ T3608] F2FS-fs (loop1): invalid crc value
[   86.191986][ T3608] F2FS-fs (loop1): Found nat_bits in checkpoint
[   86.236421][ T3608] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   86.243380][ T3608] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[   86.316794][ T3644] loop3: detected capacity change from 0 to 256
[   86.338014][ T3644] FAT-fs (loop3): Directory bread(block 64) failed
[   86.347742][ T3644] FAT-fs (loop3): Directory bread(block 65) failed
[   86.354123][ T3644] FAT-fs (loop3): Directory bread(block 66) failed
[   86.362720][ T3644] FAT-fs (loop3): Directory bread(block 67) failed
[   86.369328][ T3644] FAT-fs (loop3): Directory bread(block 68) failed
[   86.375819][ T3644] FAT-fs (loop3): Directory bread(block 69) failed
[   86.376819][ T3650] loop1: detected capacity change from 0 to 1024
[   86.383018][ T3644] FAT-fs (loop3): Directory bread(block 70) failed
[   86.390271][ T3650] EXT4-fs: Ignoring removed orlov option
[   86.395482][ T3644] FAT-fs (loop3): Directory bread(block 71) failed
[   86.401428][ T3650] EXT4-fs: Ignoring removed nomblk_io_submit option
[   86.407127][ T3644] FAT-fs (loop3): Directory bread(block 72) failed
[   86.420122][ T3644] FAT-fs (loop3): Directory bread(block 73) failed
[   86.435384][ T3650] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   86.472955][   T43] kworker/u4:2: attempt to access beyond end of device
[   86.472955][   T43] loop3: rw=1, sector=1224, nr_sectors = 64 limit=256
[   86.547806][   T43] kworker/u4:2: attempt to access beyond end of device
[   86.547806][   T43] loop3: rw=2049, sector=1320, nr_sectors = 448 limit=256
[   86.561838][   T43] kworker/u4:2: attempt to access beyond end of device
[   86.561838][   T43] loop3: rw=2049, sector=1832, nr_sectors = 96 limit=256
[   86.580376][   T43] kworker/u4:2: attempt to access beyond end of device
[   86.580376][   T43] loop3: rw=2049, sector=1960, nr_sectors = 6648 limit=256
[   86.597672][   T60] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[   86.598670][ T3644] syz.3.1383: attempt to access beyond end of device
[   86.598670][ T3644] loop3: rw=524288, sector=1224, nr_sectors = 64 limit=256
[   86.618901][ T3644] syz.3.1383: attempt to access beyond end of device
[   86.618901][ T3644] loop3: rw=524288, sector=1320, nr_sectors = 192 limit=256
[   86.640133][ T3644] syz.3.1383: attempt to access beyond end of device
[   86.640133][ T3644] loop3: rw=0, sector=1224, nr_sectors = 8 limit=256
[   86.652572][  T295] EXT4-fs (loop1): unmounting filesystem.
[   86.653310][ T3644] syz.3.1383: attempt to access beyond end of device
[   86.653310][ T3644] loop3: rw=0, sector=1224, nr_sectors = 8 limit=256
[   86.671886][ T3644] syz.3.1383: attempt to access beyond end of device
[   86.671886][ T3644] loop3: rw=0, sector=1224, nr_sectors = 8 limit=256
[   86.685170][ T3644] syz.3.1383: attempt to access beyond end of device
[   86.685170][ T3644] loop3: rw=0, sector=1224, nr_sectors = 8 limit=256
[   86.817667][   T60] usb 5-1: Using ep0 maxpacket: 32
[   86.823719][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   86.838602][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   86.849716][   T60] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   86.858769][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.867216][   T60] usb 5-1: config 0 descriptor??
[   86.873634][   T60] hub 5-1:0.0: USB hub found
[   86.940041][ T3678] loop1: detected capacity change from 0 to 1024
[   86.946607][ T3678] EXT4-fs: Ignoring removed nomblk_io_submit option
[   86.962879][ T3678] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   86.974113][ T3678] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[   86.997115][ T3678] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #3: comm syz.1.1408: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[   87.015848][ T3678] EXT4-fs (loop1): no journal found
[   87.023061][ T3678] EXT4-fs (loop1): can't get journal size
[   87.042685][ T3678] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   87.075193][   T60] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[   87.214723][ T3690] loop3: detected capacity change from 0 to 1024
[   87.229291][ T3690] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   87.285218][   T60] hid-generic 0003:046D:C31C.0017: item fetching failed at offset 0/1
[   87.293593][   T60] hid-generic: probe of 0003:046D:C31C.0017 failed with error -22
[   87.317626][   T39] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   87.325002][  T327] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   87.449729][ T3690] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   87.464529][ T3690] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[   87.476716][ T3690] EXT4-fs (loop3): This should not happen!! Data will be lost
[   87.476716][ T3690] 
[   87.486451][ T3690] EXT4-fs (loop3): Total free blocks count 0
[   87.492373][ T3690] EXT4-fs (loop3): Free/Dirty block details
[   87.498233][ T3690] EXT4-fs (loop3): free_blocks=68451041280
[   87.503860][ T3690] EXT4-fs (loop3): dirty_blocks=16
[   87.508815][  T327] usb 2-1: Using ep0 maxpacket: 8
[   87.509097][ T3690] EXT4-fs (loop3): Block reservation details
[   87.514897][   T39] usb 3-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[   87.519583][ T3690] EXT4-fs (loop3): i_reserved_data_blocks=1
[   87.528589][  T327] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[   87.542326][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.550283][  T327] usb 2-1: config 179 has no interface number 0
[   87.556769][  T327] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[   87.568198][   T39] usb 3-1: config 0 descriptor??
[   87.573059][  T327] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[   87.584976][  T327] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 44, changing to 9
[   87.596429][  T327] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 25705, setting to 1024
[   87.597344][  T294] EXT4-fs (loop3): unmounting filesystem.
[   87.607880][  T327] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   87.626585][  T327] usb 2-1: config 179 interface 65 has no altsetting 0
[   87.633307][  T327] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[   87.642195][  T327] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.650513][   T24] usb 5-1: USB disconnect, device number 13
[   87.657510][ T3678] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[   87.666003][  T327] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input41
[   87.871928][  T327] usb 2-1: USB disconnect, device number 9
[   87.877762][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   87.886178][  T327] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   88.021582][ T3697] loop3: detected capacity change from 0 to 256
[   88.092846][ T3705] loop3: detected capacity change from 0 to 512
[   88.100323][ T3705] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   88.108829][ T3705] EXT4-fs (loop3): orphan cleanup on readonly fs
[   88.115608][ T3705] EXT4-fs error (device loop3): ext4_acquire_dquot:6782: comm syz.3.1407: Failed to acquire dquot type 1
[   88.127213][ T3705] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1407: bg 0: block 40: padding at end of block bitmap is not set
[   88.141362][  T842] Bluetooth: hci0: command 0x1003 tx timeout
[   88.147434][ T3705] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   88.147693][ T2069] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   88.162780][ T3705] EXT4-fs (loop3): 1 truncate cleaned up
[   88.173168][ T3705] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   88.205670][ T3713] input: syz0 as /devices/virtual/input/input42
[   88.213846][  T294] EXT4-fs (loop3): unmounting filesystem.
[   88.248847][ T3723] loop3: detected capacity change from 0 to 256
[   88.268487][ T3723] FAT-fs (loop3): Directory bread(block 64) failed
[   88.285018][ T3723] FAT-fs (loop3): Directory bread(block 65) failed
[   88.298162][ T3723] FAT-fs (loop3): Directory bread(block 66) failed
[   88.304848][ T3723] FAT-fs (loop3): Directory bread(block 67) failed
[   88.322564][ T3723] FAT-fs (loop3): Directory bread(block 68) failed
[   88.329252][ T3723] FAT-fs (loop3): Directory bread(block 69) failed
[   88.335862][ T3723] FAT-fs (loop3): Directory bread(block 70) failed
[   88.342441][ T3723] FAT-fs (loop3): Directory bread(block 71) failed
[   88.357681][ T3723] FAT-fs (loop3): Directory bread(block 72) failed
[   88.364455][ T3723] FAT-fs (loop3): Directory bread(block 73) failed
[   88.387435][   T39] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   88.405997][   T39] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[   88.406898][  T295] EXT4-fs (loop1): unmounting filesystem.
[   88.439599][   T39] asix: probe of 3-1:0.0 failed with error -71
[   88.457915][   T39] usb 3-1: USB disconnect, device number 8
[   88.482047][ T3727] loop1: detected capacity change from 0 to 1024
[   88.568175][ T3727] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   88.884750][  T315] Bluetooth: hci0: Frame reassembly failed (-84)
[   88.919966][ T3745] 9pnet: p9_errstr2errno: server reported unknown error �@b
[   88.940405][ T3727] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   88.957780][ T3727] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[   88.979979][ T3727] EXT4-fs (loop1): This should not happen!! Data will be lost
[   88.979979][ T3727] 
[   88.989749][ T3727] EXT4-fs (loop1): Total free blocks count 0
[   88.995608][ T3727] EXT4-fs (loop1): Free/Dirty block details
[   89.001456][ T3727] EXT4-fs (loop1): free_blocks=68451041280
[   89.007166][ T3727] EXT4-fs (loop1): dirty_blocks=16
[   89.012638][ T3727] EXT4-fs (loop1): Block reservation details
[   89.015848][ T3750] netlink: 'syz.0.1426': attribute type 6 has an invalid length.
[   89.018616][ T3727] EXT4-fs (loop1): i_reserved_data_blocks=1
[   89.117129][  T295] EXT4-fs (loop1): unmounting filesystem.
[   89.151082][ T3769] loop1: detected capacity change from 0 to 512
[   89.168295][ T3769] EXT4-fs: Ignoring removed oldalloc option
[   89.175914][ T3769] EXT4-fs (loop1): 1 truncate cleaned up
[   89.182197][ T3769] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   89.208583][  T295] EXT4-fs (loop1): unmounting filesystem.
[   89.253316][ T3784] syz.1.1440[3784] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   89.253418][ T3784] syz.1.1440[3784] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   89.344756][ T3795] hub 9-0:1.0: USB hub found
[   89.347450][ T3796] capability: warning: `syz.4.1445' uses 32-bit capabilities (legacy support in use)
[   89.507347][ T3795] hub 9-0:1.0: 1 port detected
[   89.652690][ T3811] loop1: detected capacity change from 0 to 2048
[   89.703788][ T3811] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   89.741997][  T295] EXT4-fs (loop1): unmounting filesystem.
[   89.838314][ T3827] loop1: detected capacity change from 0 to 512
[   89.859062][ T3827] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   89.883715][ T3817] loop2: detected capacity change from 0 to 40427
[   89.892942][   T28] kauditd_printk_skb: 4521 callbacks suppressed
[   89.892959][   T28] audit: type=1400 audit(2000000277.403:5013): avc:  denied  { setopt } for  pid=3828 comm="syz.0.1460" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   89.896234][ T3827] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   89.927258][ T3817] F2FS-fs (loop2): heap/no_heap options were deprecated
[   89.927441][ T3827] ext4 filesystem being mounted at /307/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.945372][ T3817] F2FS-fs (loop2): invalid crc value
[   89.963181][ T3817] F2FS-fs (loop2): Found nat_bits in checkpoint
[   89.971012][  T295] EXT4-fs (loop1): unmounting filesystem.
[   90.028776][ T3817] F2FS-fs (loop2): Start checkpoint disabled!
[   90.047502][ T3817] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   90.177590][ T3876] xt_bpf: check failed: parse error
[   90.269117][ T3884] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1466'.
[   90.576465][   T28] audit: type=1400 audit(2000000278.083:5014): avc:  denied  { mounton } for  pid=3917 comm="syz.2.1487" path="/300/file0" dev="tmpfs" ino=1600 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[   90.602089][ T3920] loop4: detected capacity change from 0 to 256
[   90.611279][ T3920] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[   90.628274][   T28] audit: type=1400 audit(2000000278.143:5015): avc:  denied  { mounton } for  pid=3919 comm="syz.4.1488" path="/266/file2/file0" dev="loop4" ino=1048641 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   90.652033][   T28] audit: type=1400 audit(2000000278.173:5016): avc:  denied  { rmdir } for  pid=297 comm="syz-executor" name=".index" dev="loop4" ino=1048642 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   90.937622][ T2069] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   90.937643][  T842] Bluetooth: hci0: command 0x1003 tx timeout
[   91.025834][ T3943] loop0: detected capacity change from 0 to 512
[   91.039732][ T3943] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   91.047689][   T19] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[   91.048837][ T3943] ext4 filesystem being mounted at /270/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.075378][  T298] EXT4-fs (loop0): unmounting filesystem.
[   91.228816][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.242332][ T3973] device batadv_slave_1 entered promiscuous mode
[   91.243959][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.249722][ T3972] device batadv_slave_1 left promiscuous mode
[   91.259197][   T19] usb 5-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[   91.272937][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.281481][   T19] usb 5-1: config 0 descriptor??
[   91.422862][ T3982] loop2: detected capacity change from 0 to 128
[   91.442990][ T3985] syz.3.1515[3985] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   91.443076][ T3985] syz.3.1515[3985] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   91.602364][ T4007] xt_bpf: check failed: parse error
[   91.692909][   T19] hid-led 0003:0FC5:B080.0018: item fetching failed at offset 0/3
[   91.701100][   T19] hid-led: probe of 0003:0FC5:B080.0018 failed with error -22
[   91.851475][ T4021] loop3: detected capacity change from 0 to 40427
[   91.858337][ T4021] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   91.865982][ T4021] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   91.874815][ T4021] F2FS-fs (loop3): invalid crc value
[   91.881365][ T4021] F2FS-fs (loop3): Found nat_bits in checkpoint
[   91.894887][   T39] usb 5-1: USB disconnect, device number 14
[   91.921579][ T4021] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   91.928715][ T4021] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   91.954437][   T28] audit: type=1400 audit(2000000279.463:5017): avc:  denied  { getopt } for  pid=4020 comm="syz.3.1530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   91.976376][  T315] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   91.990277][  T315] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   91.991784][ T4031] loop2: detected capacity change from 0 to 256
[   92.017757][ T4031] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[   92.021151][  T315] bio_check_eod: 14274 callbacks suppressed
[   92.021170][  T315] kworker/u4:3: attempt to access beyond end of device
[   92.021170][  T315] loop3: rw=1, sector=45096, nr_sectors = 16 limit=40427
[   92.040320][ T4031] syz.2.1533: attempt to access beyond end of device
[   92.040320][ T4031] loop2: rw=524288, sector=34359738488, nr_sectors = 3 limit=256
[   92.063465][ T4031] syz.2.1533: attempt to access beyond end of device
[   92.063465][ T4031] loop2: rw=0, sector=34359738488, nr_sectors = 3 limit=256
[   92.193109][ T4051] device ip6tnl1 entered promiscuous mode
[   92.251959][ T4070] loop2: detected capacity change from 0 to 2048
[   92.272715][ T4070] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   92.313461][  T296] EXT4-fs (loop2): unmounting filesystem.
[   92.333248][ T4089] loop2: detected capacity change from 0 to 512
[   92.350581][ T4089] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   92.367360][ T4089] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.389848][  T296] EXT4-fs (loop2): unmounting filesystem.
[   92.431171][ T4107] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1556'.
[   92.524762][ T4136] loop0: detected capacity change from 0 to 512
[   92.533722][   T28] audit: type=1326 audit(2000000280.043:5018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4137 comm="syz.3.1564" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f888438d169 code=0x0
[   92.537324][ T4136] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   92.569296][ T4136] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   92.578142][ T4136] ext4 filesystem being mounted at /287/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.607683][  T298] EXT4-fs (loop0): unmounting filesystem.
[   92.624967][ T4145] hub 9-0:1.0: USB hub found
[   92.630837][ T4145] hub 9-0:1.0: 1 port detected
[   92.651732][ T4152] loop0: detected capacity change from 0 to 256
[   92.661036][ T4152] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[   92.679757][ T4152] syz.0.1570: attempt to access beyond end of device
[   92.679757][ T4152] loop0: rw=524288, sector=34359738488, nr_sectors = 3 limit=256
[   92.694408][ T4152] syz.0.1570: attempt to access beyond end of device
[   92.694408][ T4152] loop0: rw=0, sector=34359738488, nr_sectors = 3 limit=256
[   92.739882][ T4156] loop0: detected capacity change from 0 to 512
[   92.746236][ T4156] EXT4-fs: Ignoring removed orlov option
[   92.752381][ T4156] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   92.761709][ T4156] EXT4-fs (loop0): orphan cleanup on readonly fs
[   92.768835][ T4156] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1572: bg 0: block 248: padding at end of block bitmap is not set
[   92.783804][ T4156] Quota error (device loop0): write_blk: dquota write failed
[   92.791111][ T4156] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   92.800913][ T4156] EXT4-fs error (device loop0): ext4_acquire_dquot:6782: comm syz.0.1572: Failed to acquire dquot type 1
[   92.812530][ T4156] EXT4-fs (loop0): 1 truncate cleaned up
[   92.818434][ T4156] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   92.829639][ T4156] EXT4-fs: Ignoring removed orlov option
[   92.835181][ T4156] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   92.843422][ T4156] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   92.858181][ T4156] EXT4-fs error (device loop0): __ext4_remount:6598: comm syz.0.1572: Abort forced by user
[   92.868291][ T4156] EXT4-fs (loop0): Remounting filesystem read-only
[   92.874619][ T4156] EXT4-fs (loop0): re-mounted. Quota mode: writeback.
[   92.881295][ T4156] ext4 filesystem being remounted at /290/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   92.898272][  T298] EXT4-fs (loop0): unmounting filesystem.
[   92.906099][ T4160] loop2: detected capacity change from 0 to 512
[   92.912471][ T4160] EXT4-fs: Ignoring removed oldalloc option
[   92.920300][ T4160] EXT4-fs (loop2): 1 truncate cleaned up
[   92.926093][ T4160] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   92.951576][  T296] EXT4-fs (loop2): unmounting filesystem.
[   93.101303][ T4171] loop0: detected capacity change from 0 to 40427
[   93.108447][ T4171] F2FS-fs (loop0): heap/no_heap options were deprecated
[   93.116024][ T4171] F2FS-fs (loop0): invalid crc value
[   93.122261][ T4171] F2FS-fs (loop0): Found nat_bits in checkpoint
[   93.158072][ T4171] F2FS-fs (loop0): Start checkpoint disabled!
[   93.164630][ T4171] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   93.209724][ T1610] kworker/u4:5: attempt to access beyond end of device
[   93.209724][ T1610] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   93.292753][ T4185] loop4: detected capacity change from 0 to 512
[   93.329849][ T4185] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   93.338744][ T4185] ext4 filesystem being mounted at /272/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.365936][  T297] EXT4-fs (loop4): unmounting filesystem.
[   93.444670][ T4209] loop0: detected capacity change from 0 to 512
[   93.453487][ T4209] EXT4-fs: Ignoring removed oldalloc option
[   93.466624][ T4209] EXT4-fs (loop0): 1 truncate cleaned up
[   93.472929][ T4209] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   93.517700][  T298] EXT4-fs (loop0): unmounting filesystem.
[   93.521707][ T4221] loop3: detected capacity change from 0 to 512
[   93.541073][ T4221] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   93.549925][ T4221] ext4 filesystem being mounted at /360/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.577011][  T294] EXT4-fs (loop3): unmounting filesystem.
[   93.594873][ T4234] loop3: detected capacity change from 0 to 256
[   93.605940][ T4234] FAT-fs (loop3): Directory bread(block 64) failed
[   93.613025][ T4234] FAT-fs (loop3): Directory bread(block 65) failed
[   93.620430][ T4234] FAT-fs (loop3): Directory bread(block 66) failed
[   93.622319][ T4236] device ip6tnl1 entered promiscuous mode
[   93.626808][ T4234] FAT-fs (loop3): Directory bread(block 67) failed
[   93.639082][ T4234] FAT-fs (loop3): Directory bread(block 68) failed
[   93.645413][ T4234] FAT-fs (loop3): Directory bread(block 69) failed
[   93.652061][ T4234] FAT-fs (loop3): Directory bread(block 70) failed
[   93.658832][ T4234] FAT-fs (loop3): Directory bread(block 71) failed
[   93.665259][ T4234] FAT-fs (loop3): Directory bread(block 72) failed
[   93.671782][ T4234] FAT-fs (loop3): Directory bread(block 73) failed
[   93.742343][   T28] audit: type=1400 audit(2000000281.253:5019): avc:  denied  { watch watch_reads } for  pid=4243 comm="syz.1.1609" path="/339/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[   93.915362][  T315] kworker/u4:3: attempt to access beyond end of device
[   93.915362][  T315] loop3: rw=1, sector=1224, nr_sectors = 64 limit=256
[   93.929334][  T315] kworker/u4:3: attempt to access beyond end of device
[   93.929334][  T315] loop3: rw=1, sector=1320, nr_sectors = 448 limit=256
[   93.943571][  T315] kworker/u4:3: attempt to access beyond end of device
[   93.943571][  T315] loop3: rw=1, sector=1832, nr_sectors = 96 limit=256
[   93.960587][  T315] kworker/u4:3: attempt to access beyond end of device
[   93.960587][  T315] loop3: rw=1, sector=1960, nr_sectors = 4008 limit=256
[   93.979533][ T4257] xt_bpf: check failed: parse error
[   94.003408][   T28] audit: type=1400 audit(2000000281.513:5020): avc:  denied  { getopt } for  pid=4261 comm="syz.1.1618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   94.047325][ T4268] loop3: detected capacity change from 0 to 512
[   94.053623][ T4270] loop1: detected capacity change from 0 to 512
[   94.061155][ T4268] EXT4-fs: Ignoring removed oldalloc option
[   94.067091][ T4270] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   94.079036][ T4268] EXT4-fs (loop3): 1 truncate cleaned up
[   94.095847][ T4270] EXT4-fs (loop1): 1 truncate cleaned up
[   94.180822][ T4283] loop0: detected capacity change from 0 to 256
[   94.192368][ T4283] FAT-fs (loop0): Directory bread(block 64) failed
[   94.205838][ T4283] FAT-fs (loop0): Directory bread(block 65) failed
[   94.214098][ T4283] FAT-fs (loop0): Directory bread(block 66) failed
[   94.220727][ T4283] FAT-fs (loop0): Directory bread(block 67) failed
[   94.227914][ T4283] FAT-fs (loop0): Directory bread(block 68) failed
[   94.236988][ T4287] sch_fq: defrate 0 ignored.
[   94.238763][ T4283] FAT-fs (loop0): Directory bread(block 69) failed
[   94.247919][ T4283] FAT-fs (loop0): Directory bread(block 70) failed
[   94.254304][ T4283] FAT-fs (loop0): Directory bread(block 71) failed
[   94.260797][ T4283] FAT-fs (loop0): Directory bread(block 72) failed
[   94.267448][ T4283] FAT-fs (loop0): Directory bread(block 73) failed
[   94.340363][ T4294] loop2: detected capacity change from 0 to 512
[   94.361911][ T4294] EXT4-fs error (device loop2): __ext4_iget:5057: inode #2: block 1: comm syz.2.1631: invalid block
[   94.374108][ T4294] EXT4-fs (loop2): get root inode failed
[   94.380473][ T4293] binder: 4292:4293 ioctl c0306201 4000000003c0 returned -14
[   94.387509][ T4294] EXT4-fs (loop2): mount failed
[   94.420521][ T4307] loop1: detected capacity change from 0 to 128
[   94.423291][ T4308] loop4: detected capacity change from 0 to 512
[   94.433052][ T4308] EXT4-fs: Ignoring removed oldalloc option
[   94.440711][ T4308] EXT4-fs (loop4): 1 truncate cleaned up
[   94.464454][ T4307] ext4 filesystem being mounted at /348/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   94.541543][ T4322] hub 9-0:1.0: USB hub found
[   94.546225][ T4322] hub 9-0:1.0: 1 port detected
[   94.672201][ T4336] loop1: detected capacity change from 0 to 512
[   94.679204][ T4337] loop2: detected capacity change from 0 to 256
[   94.685599][ T4336] EXT4-fs: Ignoring removed nobh option
[   94.691774][ T4337] exfat: Deprecated parameter 'utf8'
[   94.697432][ T4337] exfat: Deprecated parameter 'namecase'
[   94.704343][ T4336] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1645: casefold flag without casefold feature
[   94.717984][ T4336] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1645: couldn't read orphan inode 15 (err -117)
[   94.729841][ T4337] exfat: Deprecated parameter 'utf8'
[   94.737930][ T4337] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   95.131146][ T4351] hub 9-0:1.0: USB hub found
[   95.136240][ T4351] hub 9-0:1.0: 1 port detected
[   95.495639][ T4378] xt_bpf: check failed: parse error
[   95.500744][ T1854] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   95.635205][ T4384] hub 9-0:1.0: USB hub found
[   95.639780][ T4384] hub 9-0:1.0: 1 port detected
[   95.687672][ T1854] usb 3-1: Using ep0 maxpacket: 32
[   95.694720][ T1854] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   95.705314][ T1854] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.716639][ T1854] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.737851][ T1854] usb 3-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   95.751094][ T1854] usb 3-1: config 0 interface 0 has no altsetting 0
[   95.757904][ T1854] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[   95.766935][ T1854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.775365][ T1854] usb 3-1: config 0 descriptor??
[   95.853631][ T4405] loop0: detected capacity change from 0 to 128
[   95.862592][ T4405] ext4 filesystem being mounted at /315/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   95.930378][ T4410] loop0: detected capacity change from 0 to 512
[   95.938255][ T4410] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   95.946772][ T4410] EXT4-fs (loop0): orphan cleanup on readonly fs
[   95.953735][ T4410] __quota_error: 2 callbacks suppressed
[   95.953750][ T4410] Quota error (device loop0): find_block_dqentry: Quota for id 0 referenced but not present
[   95.969188][ T4410] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[   95.978621][ T4410] EXT4-fs error (device loop0): ext4_acquire_dquot:6782: comm syz.0.1676: Failed to acquire dquot type 1
[   95.990514][ T4410] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1676: bg 0: block 40: padding at end of block bitmap is not set
[   96.004850][ T4410] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   96.013799][ T4410] EXT4-fs (loop0): 1 truncate cleaned up
[   96.098571][ T4430] loop4: detected capacity change from 0 to 512
[   96.105200][ T4430] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   96.117317][ T4430] EXT4-fs (loop4): 1 truncate cleaned up
[   96.184497][ T4438] loop0: detected capacity change from 0 to 2048
[   96.192382][ T1854] hid-thrustmaster 0003:044F:B65D.0019: unknown main item tag 0x0
[   96.200713][ T1854] hid-thrustmaster 0003:044F:B65D.0019: unknown main item tag 0x0
[   96.201658][ T4438] EXT4-fs (loop0): bad block size 8192
[   96.208847][ T1854] hid-thrustmaster 0003:044F:B65D.0019: item fetching failed at offset 2/5
[   96.222453][ T1854] hid-thrustmaster 0003:044F:B65D.0019: parse failed with error -22
[   96.230284][ T1854] hid-thrustmaster: probe of 0003:044F:B65D.0019 failed with error -22
[   96.295702][ T4446] loop3: detected capacity change from 0 to 128
[   96.323914][ T4446] ext4 filesystem being mounted at /374/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   96.344113][ T4444] loop1: detected capacity change from 0 to 512
[   96.354877][ T4444] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   96.358122][ T4442] binder: 4441:4442 ioctl c0306201 4000000003c0 returned -14
[   96.378282][ T4444] EXT4-fs (loop1): orphan cleanup on readonly fs
[   96.388054][ T4444] Quota error (device loop1): find_block_dqentry: Quota for id 0 referenced but not present
[   96.399718][ T1854] usb 3-1: USB disconnect, device number 9
[   96.413447][ T4444] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[   96.422771][ T4444] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.1690: Failed to acquire dquot type 1
[   96.434559][ T4444] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1690: bg 0: block 40: padding at end of block bitmap is not set
[   96.449408][ T4444] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   96.460943][ T4444] EXT4-fs (loop1): 1 truncate cleaned up
[   96.493969][ T4469] loop3: detected capacity change from 0 to 512
[   96.501198][ T4469] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   96.512917][ T4469] EXT4-fs (loop3): 1 truncate cleaned up
[   96.626389][ T4479] loop3: detected capacity change from 0 to 2048
[   96.633214][ T4479] EXT4-fs (loop3): bad block size 8192
[   96.732627][ T4498] 9pnet: p9_errstr2errno: server reported unknown error ��Fc�g�KIe��B$
[   96.926598][ T4510] loop2: detected capacity change from 0 to 512
[   96.939728][ T4514] loop3: detected capacity change from 0 to 256
[   96.946419][ T4510] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   96.956533][ T4514] exfat: Deprecated parameter 'utf8'
[   96.967748][ T4514] exfat: Deprecated parameter 'namecase'
[   96.972698][ T4510] EXT4-fs (loop2): 1 truncate cleaned up
[   96.977792][ T4514] exfat: Deprecated parameter 'utf8'
[   97.005403][ T4514] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   97.114004][ T4515] loop4: detected capacity change from 0 to 40427
[   97.125344][ T4515] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   97.133318][ T4515] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   97.156244][ T4515] F2FS-fs (loop4): invalid crc value
[   97.164406][ T4522] loop2: detected capacity change from 0 to 2048
[   97.172722][ T4522] EXT4-fs (loop2): bad block size 8192
[   97.179690][ T4515] F2FS-fs (loop4): Found nat_bits in checkpoint
[   97.219161][ T4515] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   97.229215][ T4515] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   97.272762][ T4530] SELinux: failed to load policy
[   97.294753][ T1610] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   97.312701][ T1610] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   97.351610][ T1610] bio_check_eod: 6 callbacks suppressed
[   97.351629][ T1610] kworker/u4:5: attempt to access beyond end of device
[   97.351629][ T1610] loop4: rw=1, sector=45096, nr_sectors = 16 limit=40427
[   97.506053][ T4562] xt_hashlimit: size too large, truncated to 1048576
[   97.607696][  T319] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[   97.649416][ T4572] device wireguard0 entered promiscuous mode
[   97.724050][ T4575] netem: incorrect ge model size
[   97.766228][ T4579] loop0: detected capacity change from 0 to 512
[   97.790211][ T4581] 9pnet: p9_errstr2errno: server reported unknown error ��Fc�g�KIe��B$
[   97.808905][  T319] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.822883][ T4579] EXT4-fs mount: 24 callbacks suppressed
[   97.822903][ T4579] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   97.835673][  T319] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[   97.846108][ T4579] ext4 filesystem being mounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.853964][  T319] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.874186][ T4579] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #2: comm syz.0.1749: corrupted inode contents
[   97.894338][ T4579] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #2: comm syz.0.1749: mark_inode_dirty error
[   97.902116][  T319] usb 3-1: config 0 descriptor??
[   97.906269][ T4579] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #2: comm syz.0.1749: corrupted inode contents
[   97.934697][ T4579] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #2: comm syz.0.1749: corrupted inode contents
[   97.956175][ T4579] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #2: comm syz.0.1749: mark_inode_dirty error
[   97.968870][ T4579] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #2: comm syz.0.1749: corrupted inode contents
[   97.994781][ T4579] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.1749: mark_inode_dirty error
[   98.036808][ T4579] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #2: comm syz.0.1749: corrupted inode contents
[   98.052354][ T4579] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #2: comm syz.0.1749: mark_inode_dirty error
[   98.067917][ T4594] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #2: comm syz.0.1749: corrupted inode contents
[   98.085933][ T4598] Disabled LAPIC found during irq injection
[   98.101544][  T298] EXT4-fs (loop0): unmounting filesystem.
[   98.311980][ T4613] netem: incorrect ge model size
[   98.316868][ T4613] netem: change failed
[   98.328260][  T319] lg-g15 0003:046D:C222.001A: unbalanced delimiter at end of report description
[   98.347480][  T319] lg-g15: probe of 0003:046D:C222.001A failed with error -22
[   98.361697][ T4616] 9pnet: p9_errstr2errno: server reported unknown error ��Fc�g�KIe��B$
[   98.530735][  T319] usb 3-1: USB disconnect, device number 10
[   99.075684][ T4653] 9pnet: p9_errstr2errno: server reported unknown error ��Fc�g�KIe��B$
[   99.108077][   T28] audit: type=1326 audit(2000000286.623:5023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4654 comm="syz.3.1782" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f888438d169 code=0x0
[   99.231281][ T4664] loop0: detected capacity change from 0 to 512
[   99.238561][ T4664] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   99.259103][ T4664] EXT4-fs (loop0): 1 truncate cleaned up
[   99.264602][ T4664] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   99.265121][ T4666] SELinux: failed to load policy
[   99.335812][  T298] EXT4-fs (loop0): unmounting filesystem.
[   99.470512][ T4680] loop4: detected capacity change from 0 to 40427
[   99.477482][ T4680] F2FS-fs (loop4): fault_injection options not supported
[   99.485141][ T4680] F2FS-fs (loop4): invalid crc value
[   99.491517][ T4680] F2FS-fs (loop4): Found nat_bits in checkpoint
[   99.497662][   T24] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   99.529531][ T4680] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   99.567631][  T319] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[   99.630105][  T297] syz-executor: attempt to access beyond end of device
[   99.630105][  T297] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   99.677617][   T24] usb 2-1: Using ep0 maxpacket: 32
[   99.684064][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[   99.702175][   T24] usb 2-1: config 128 has an invalid interface number: 127 but max is 3
[   99.710416][   T24] usb 2-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[   99.720764][   T24] usb 2-1: config 128 has 1 interface, different from the descriptor's value: 4
[   99.729853][   T24] usb 2-1: config 128 has no interface number 0
[   99.736006][   T24] usb 2-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7
[   99.747388][   T24] usb 2-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0
[   99.757597][   T24] usb 2-1: config 128 interface 127 has no altsetting 0
[   99.757639][  T319] usb 3-1: Using ep0 maxpacket: 32
[   99.770990][   T24] usb 2-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[   99.780145][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.788180][   T24] usb 2-1: Product: syz
[   99.788192][  T319] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.792265][   T24] usb 2-1: Manufacturer: syz
[   99.807620][   T24] usb 2-1: SerialNumber: syz
[   99.812586][  T319] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.823497][  T319] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   99.832434][  T319] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.842389][  T319] usb 3-1: config 0 descriptor??
[   99.848079][  T319] hub 3-1:0.0: USB hub found
[   99.917629][ T1854] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  100.023735][   T24] usb 2-1: USB disconnect, device number 10
[  100.031610][ T4702] SELinux: failed to load policy
[  100.049996][  T319] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  100.060331][ T4704] device wireguard0 entered promiscuous mode
[  100.098764][ T1854] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.109724][   T39] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  100.117288][ T1854] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.129176][ T1854] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  100.141902][ T1854] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  100.150844][ T1854] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.159344][ T1854] usb 1-1: config 0 descriptor??
[  100.260174][  T319] hid-generic 0003:046D:C31C.001B: item fetching failed at offset 0/1
[  100.268752][  T319] hid-generic: probe of 0003:046D:C31C.001B failed with error -22
[  100.307615][   T39] usb 5-1: Using ep0 maxpacket: 32
[  100.313731][   T39] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.324051][   T39] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.334924][   T39] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.344583][   T39] usb 5-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  100.357411][   T39] usb 5-1: config 0 interface 0 has no altsetting 0
[  100.363808][   T39] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  100.372926][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.381533][   T39] usb 5-1: config 0 descriptor??
[  100.549532][ T4710] xt_hashlimit: size too large, truncated to 1048576
[  100.574365][ T1854] plantronics 0003:047F:FFFF.001C: No inputs registered, leaving
[  100.587926][  T319] usb 3-1: USB disconnect, device number 11
[  100.589196][ T1854] plantronics 0003:047F:FFFF.001C: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  100.719707][ T4712] loop3: detected capacity change from 0 to 40427
[  100.726923][ T4712] F2FS-fs (loop3): fault_injection options not supported
[  100.734667][ T4712] F2FS-fs (loop3): invalid crc value
[  100.741284][ T4712] F2FS-fs (loop3): Found nat_bits in checkpoint
[  100.788900][   T39] hid-thrustmaster 0003:044F:B65D.001D: unknown main item tag 0x0
[  100.796560][   T39] hid-thrustmaster 0003:044F:B65D.001D: unknown main item tag 0x0
[  100.808646][   T39] hid-thrustmaster 0003:044F:B65D.001D: item fetching failed at offset 2/5
[  100.817116][ T4712] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  100.824573][   T39] hid-thrustmaster 0003:044F:B65D.001D: parse failed with error -22
[  100.832418][   T39] hid-thrustmaster: probe of 0003:044F:B65D.001D failed with error -22
[  100.900568][  T319] usb 1-1: USB disconnect, device number 11
[  100.946355][  T294] syz-executor: attempt to access beyond end of device
[  100.946355][  T294] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  100.992391][   T19] usb 5-1: USB disconnect, device number 15
[  101.053960][ T4725] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1809'.
[  101.062796][ T4727] loop3: detected capacity change from 0 to 1024
[  101.067436][ T4725] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1809'.
[  101.079767][ T4727] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  101.304482][ T4727] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  101.319631][ T4727] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[  101.331880][ T4727] EXT4-fs (loop3): This should not happen!! Data will be lost
[  101.331880][ T4727] 
[  101.341485][ T4727] EXT4-fs (loop3): Total free blocks count 0
[  101.347353][ T4727] EXT4-fs (loop3): Free/Dirty block details
[  101.353110][ T4727] EXT4-fs (loop3): free_blocks=68451041280
[  101.358721][ T4727] EXT4-fs (loop3): dirty_blocks=16
[  101.363637][ T4727] EXT4-fs (loop3): Block reservation details
[  101.369697][ T4727] EXT4-fs (loop3): i_reserved_data_blocks=1
[  101.387611][ T1854] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  101.440509][  T294] EXT4-fs (loop3): unmounting filesystem.
[  101.468783][   T28] audit: type=1400 audit(2000000288.983:5024): avc:  denied  { connect } for  pid=4752 comm="syz.1.1819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  101.515776][ T4757] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1821'.
[  101.530557][ T4757] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1821'.
[  101.587648][ T1854] usb 3-1: Using ep0 maxpacket: 16
[  101.593861][ T1854] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  101.605658][ T1854] usb 3-1: config 0 has no interfaces?
[  101.611295][ T1854] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  101.626750][ T1854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.636302][ T1854] usb 3-1: config 0 descriptor??
[  101.636521][ T4767] netlink: 'syz.4.1825': attribute type 4 has an invalid length.
[  101.659609][   T28] audit: type=1400 audit(2000000289.173:5025): avc:  denied  { write } for  pid=4770 comm="syz.4.1828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  101.694561][ T4773] loop4: detected capacity change from 0 to 1024
[  101.707763][  T224] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  101.709857][ T4773] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  101.727721][   T39] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  101.844437][ T1854] usb 3-1: USB disconnect, device number 12
[  101.888778][  T224] usb 1-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  101.898210][  T224] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.906738][  T224] usb 1-1: config 0 descriptor??
[  101.912851][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.923893][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.926051][ T4773] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, 
[  101.933536][   T39] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  101.933575][   T39] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  101.941556][ T4773] block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  101.942350][ T4773] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[  101.955176][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.963587][ T4773] EXT4-fs (loop4): This should not happen!! Data will be lost
[  101.963587][ T4773] 
[  101.973375][   T39] usb 4-1: config 0 descriptor??
[  101.984356][ T4773] EXT4-fs (loop4): Total free blocks count 0
[  102.012107][ T4773] EXT4-fs (loop4): Free/Dirty block details
[  102.017796][ T4773] EXT4-fs (loop4): free_blocks=68451041280
[  102.023401][ T4773] EXT4-fs (loop4): dirty_blocks=16
[  102.028553][ T4773] EXT4-fs (loop4): Block reservation details
[  102.034270][ T4773] EXT4-fs (loop4): i_reserved_data_blocks=1
[  102.080977][  T297] EXT4-fs (loop4): unmounting filesystem.
[  102.096591][   T28] audit: type=1400 audit(2000000289.603:5026): avc:  denied  { mounton } for  pid=4777 comm="syz.4.1830" path="/324/file0" dev="tmpfs" ino=1722 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  102.162613][ T4782] device wireguard0 entered promiscuous mode
[  102.396581][   T39] plantronics 0003:047F:FFFF.001E: No inputs registered, leaving
[  102.406577][   T39] plantronics 0003:047F:FFFF.001E: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  102.567608][   T39] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  102.720751][  T319] usb 4-1: USB disconnect, device number 9
[  102.726907][  T224] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  102.736757][  T224] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[  102.747484][  T224] asix: probe of 1-1:0.0 failed with error -71
[  102.754289][  T224] usb 1-1: USB disconnect, device number 12
[  102.760134][   T39] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 255, setting to 64
[  102.772638][   T39] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  102.781527][   T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.789324][   T39] usb 2-1: Product: syz
[  102.793288][   T39] usb 2-1: Manufacturer: syz
[  102.797768][   T39] usb 2-1: SerialNumber: syz
[  103.004333][ T4787] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  103.276425][   T28] audit: type=1400 audit(2000000290.783:5027): avc:  denied  { read write } for  pid=4800 comm="syz.0.1837" name="rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  103.300817][   T28] audit: type=1400 audit(2000000290.783:5028): avc:  denied  { open } for  pid=4800 comm="syz.0.1837" path="/dev/rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  103.517691][  T319] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  103.613003][ T4787] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  103.717655][  T319] usb 4-1: Using ep0 maxpacket: 32
[  103.724126][  T319] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  103.734331][  T319] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.745393][  T319] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  103.755603][  T319] usb 4-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  103.768334][  T319] usb 4-1: config 0 interface 0 has no altsetting 0
[  103.774825][  T319] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  103.783688][  T319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.792747][  T319] usb 4-1: config 0 descriptor??
[  103.821312][   T39] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  103.827653][   T39] cdc_ncm 2-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  103.834928][   T39] cdc_ncm 2-1:1.0: setting rx_max = 2048
[  104.023843][   T39] cdc_ncm 2-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  104.036031][   T39] usb 2-1: USB disconnect, device number 11
[  104.042084][   T39] cdc_ncm 2-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[  104.200268][  T319] hid-thrustmaster 0003:044F:B65D.001F: unknown main item tag 0x0
[  104.207983][  T319] hid-thrustmaster 0003:044F:B65D.001F: unknown main item tag 0x0
[  104.215543][  T319] hid-thrustmaster 0003:044F:B65D.001F: item fetching failed at offset 2/5
[  104.224163][  T319] hid-thrustmaster 0003:044F:B65D.001F: parse failed with error -22
[  104.232042][  T319] hid-thrustmaster: probe of 0003:044F:B65D.001F failed with error -22
[  104.403027][   T39] usb 4-1: USB disconnect, device number 10
[  104.684687][ T4846] loop2: detected capacity change from 0 to 40427
[  104.693448][ T4861] loop4: detected capacity change from 0 to 1024
[  104.700712][ T4846] F2FS-fs (loop2): fault_injection options not supported
[  104.707894][ T4861] EXT4-fs: Ignoring removed nomblk_io_submit option
[  104.715282][ T4846] F2FS-fs (loop2): invalid crc value
[  104.721153][ T4861] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  104.732167][ T4861] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  104.743199][ T4846] F2FS-fs (loop2): Found nat_bits in checkpoint
[  104.758504][ T4861] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #3: comm syz.4.1872: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  104.797733][ T4861] EXT4-fs (loop4): no journal found
[  104.802854][ T4861] EXT4-fs (loop4): can't get journal size
[  104.807710][  T224] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  104.821473][ T4861] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  104.830439][ T4846] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  104.888677][ T4868] loop0: detected capacity change from 0 to 40427
[  104.895499][ T4868] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  104.903472][ T4868] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  104.912828][ T4868] F2FS-fs (loop0): invalid crc value
[  104.928546][ T4868] F2FS-fs (loop0): Found nat_bits in checkpoint
[  104.969403][  T296] syz-executor: attempt to access beyond end of device
[  104.969403][  T296] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  104.991843][ T4868] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  104.997699][  T224] usb 2-1: Using ep0 maxpacket: 32
[  104.998815][ T4868] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  105.004853][  T224] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.033805][  T224] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.043621][  T224] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  105.053178][  T224] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.062100][  T224] usb 2-1: config 0 descriptor??
[  105.071387][  T224] hub 2-1:0.0: USB hub found
[  105.117902][   T39] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  105.257753][   T60] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  105.269870][  T224] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[  105.307657][   T39] usb 5-1: Using ep0 maxpacket: 8
[  105.313840][   T39] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  105.322116][   T39] usb 5-1: config 179 has no interface number 0
[  105.328352][   T39] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  105.339462][   T39] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  105.350908][   T39] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 44, changing to 9
[  105.362056][   T39] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 25705, setting to 1024
[  105.373309][   T39] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  105.386524][   T39] usb 5-1: config 179 interface 65 has no altsetting 0
[  105.393247][   T39] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  105.402118][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.410830][ T4861] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  105.420541][   T39] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input43
[  105.449139][   T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.458901][   T60] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  105.468262][   T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.476773][   T60] usb 4-1: config 0 descriptor??
[  105.480575][  T224] hid-generic 0003:046D:C31C.0020: item fetching failed at offset 0/1
[  105.490880][  T224] hid-generic: probe of 0003:046D:C31C.0020 failed with error -22
[  105.597621][  T319] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  105.623124][  T224] usb 5-1: USB disconnect, device number 16
[  105.628906][    C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  105.637352][  T224] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  105.798691][  T319] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 255, setting to 64
[  105.809443][    T6] usb 2-1: USB disconnect, device number 12
[  105.817349][  T319] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  105.826286][  T319] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.834039][  T319] usb 3-1: Product: syz
[  105.838048][  T319] usb 3-1: Manufacturer: syz
[  105.842440][  T319] usb 3-1: SerialNumber: syz
[  105.884628][   T60] lg-g15 0003:046D:C222.0021: unbalanced delimiter at end of report description
[  105.893757][   T60] lg-g15: probe of 0003:046D:C222.0021 failed with error -22
[  106.049698][ T4889] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22
[  106.091098][   T60] usb 4-1: USB disconnect, device number 11
[  106.131524][  T297] EXT4-fs (loop4): unmounting filesystem.
[  106.273636][ T4910] loop4: detected capacity change from 0 to 256
[  106.283588][ T4910] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  106.292291][ T4912] loop0: detected capacity change from 0 to 128
[  106.304346][ T4910] incfs: Can't find or create .incomplete dir in ./bus
[  106.311368][ T4910] incfs: mount failed -28
[  106.637095][ T4931] 9pnet: p9_errstr2errno: server reported unknown error �@�΂�(����Q�N
[  106.645369][ T4933] syz.1.1890[4933] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.645444][ T4933] syz.1.1890[4933] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.661427][ T4889] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22
[  106.831740][ T4947] loop3: detected capacity change from 0 to 512
[  106.886926][   T28] audit: type=1400 audit(2000000294.393:5029): avc:  denied  { setopt } for  pid=4950 comm="syz.3.1900" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  106.907924][    T6] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  106.915392][  T319] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  106.922048][  T319] cdc_ncm 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  106.929638][  T319] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  107.107615][    T6] usb 1-1: Using ep0 maxpacket: 32
[  107.109678][ T4957] loop3: detected capacity change from 0 to 40427
[  107.116410][  T319] cdc_ncm 3-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  107.120319][ T4957] F2FS-fs (loop3): fault_injection options not supported
[  107.130790][    T6] usb 1-1: unable to get BOS descriptor or descriptor too short
[  107.138133][ T4957] F2FS-fs (loop3): invalid crc value
[  107.145367][  T319] usb 3-1: USB disconnect, device number 13
[  107.151257][ T4957] F2FS-fs (loop3): Found nat_bits in checkpoint
[  107.155530][  T319] cdc_ncm 3-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  107.169997][    T6] usb 1-1: config 128 has an invalid interface number: 127 but max is 3
[  107.187579][    T6] usb 1-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[  107.199132][    T6] usb 1-1: config 128 has 1 interface, different from the descriptor's value: 4
[  107.208311][ T4957] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  107.227264][    T6] usb 1-1: config 128 has no interface number 0
[  107.237624][    T6] usb 1-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  107.252999][    T6] usb 1-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0
[  107.263211][    T6] usb 1-1: config 128 interface 127 has no altsetting 0
[  107.271930][   T60] ==================================================================
[  107.279817][   T60] BUG: KASAN: use-after-free in worker_thread+0xa36/0x1260
[  107.286846][   T60] Read of size 8 at addr ffff888118db2ce0 by task kworker/0:2/60
[  107.294393][   T60] 
[  107.296566][   T60] CPU: 0 PID: 60 Comm: kworker/0:2 Tainted: G        W          6.1.128-syzkaller-00026-gcf7683f71956 #0
[  107.307595][   T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  107.317485][   T60] Workqueue:  0x0 (events_long)
[  107.322166][   T60] Call Trace:
[  107.325294][   T60]  <TASK>
[  107.328068][   T60]  dump_stack_lvl+0x151/0x1b7
[  107.332590][   T60]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  107.337874][   T60]  ? _printk+0xd1/0x111
[  107.341870][   T60]  ? __virt_addr_valid+0x242/0x2f0
[  107.346817][   T60]  print_report+0x158/0x4e0
[  107.351160][   T60]  ? __virt_addr_valid+0x242/0x2f0
[  107.356105][   T60]  ? kasan_complete_mode_report_info+0x90/0x1b0
[  107.362181][   T60]  ? worker_thread+0xa36/0x1260
[  107.366868][   T60]  kasan_report+0x13c/0x170
[  107.369046][ T4957] syz.3.1903: attempt to access beyond end of device
[  107.369046][ T4957] loop3: rw=2049, sector=40424, nr_sectors = 8 limit=40427
[  107.371204][   T60]  ? worker_thread+0xa36/0x1260
[  107.389434][   T60]  __asan_report_load8_noabort+0x14/0x20
[  107.394901][   T60]  worker_thread+0xa36/0x1260
[  107.399420][   T60]  kthread+0x26d/0x300
[  107.403318][   T60]  ? worker_clr_flags+0x1a0/0x1a0
[  107.408194][   T60]  ? kthread_blkcg+0xd0/0xd0
[  107.412603][   T60]  ret_from_fork+0x1f/0x30
[  107.416876][   T60]  </TASK>
[  107.419723][   T60] 
[  107.421888][   T60] Allocated by task 319:
[  107.425971][   T60]  kasan_set_track+0x4b/0x70
[  107.430394][   T60]  kasan_save_alloc_info+0x1f/0x30
[  107.435344][   T60]  __kasan_kmalloc+0x9c/0xb0
[  107.439766][   T60]  __kmalloc_node+0xb4/0x1e0
[  107.444190][   T60]  kvmalloc_node+0x221/0x640
[  107.448618][   T60]  alloc_netdev_mqs+0x8c/0xf90
[  107.453219][   T60]  alloc_etherdev_mqs+0x36/0x40
[  107.457903][   T60]  usbnet_probe+0x213/0x28a0
[  107.462334][   T60]  usb_probe_interface+0x5b6/0xa90
[  107.467278][   T60]  really_probe+0x2b8/0x920
[  107.471620][   T60]  __driver_probe_device+0x1a0/0x310
[  107.476738][   T60]  driver_probe_device+0x54/0x3d0
[  107.481599][   T60]  __device_attach_driver+0x2e3/0x490
[  107.486806][   T60]  bus_for_each_drv+0x183/0x200
[  107.491498][   T60]  __device_attach+0x312/0x510
[  107.496095][   T60]  device_initial_probe+0x1a/0x20
[  107.500952][   T60]  bus_probe_device+0xbe/0x1e0
[  107.505561][   T60]  device_add+0xb60/0xf10
[  107.509720][   T60]  usb_set_configuration+0x190f/0x1e80
[  107.515015][   T60]  usb_generic_driver_probe+0x8b/0x150
[  107.520306][   T60]  usb_probe_device+0x144/0x260
[  107.524991][   T60]  really_probe+0x2b8/0x920
[  107.529334][   T60]  __driver_probe_device+0x1a0/0x310
[  107.534634][   T60]  driver_probe_device+0x54/0x3d0
[  107.539451][   T60]  __device_attach_driver+0x2e3/0x490
[  107.544661][   T60]  bus_for_each_drv+0x183/0x200
[  107.549346][   T60]  __device_attach+0x312/0x510
[  107.553948][   T60]  device_initial_probe+0x1a/0x20
[  107.558807][   T60]  bus_probe_device+0xbe/0x1e0
[  107.563403][   T60]  device_add+0xb60/0xf10
[  107.567570][   T60]  usb_new_device+0xf2f/0x1820
[  107.572178][   T60]  hub_event+0x2db1/0x4830
[  107.576430][   T60]  process_one_work+0x73d/0xcb0
[  107.581116][   T60]  worker_thread+0xa60/0x1260
[  107.585630][   T60]  kthread+0x26d/0x300
[  107.589533][   T60]  ret_from_fork+0x1f/0x30
[  107.593799][   T60] 
[  107.595954][   T60] Freed by task 319:
[  107.599688][   T60]  kasan_set_track+0x4b/0x70
[  107.604112][   T60]  kasan_save_free_info+0x2b/0x40
[  107.608983][   T60]  ____kasan_slab_free+0x131/0x180
[  107.613921][   T60]  __kasan_slab_free+0x11/0x20
[  107.618522][   T60]  __kmem_cache_free+0x21d/0x410
[  107.623299][   T60]  kfree+0x7a/0xf0
[  107.626853][   T60]  kvfree+0x35/0x40
[  107.630495][   T60]  netdev_freemem+0x3f/0x60
[  107.634843][   T60]  netdev_release+0x7f/0xb0
[  107.639178][   T60]  device_release+0x95/0x1c0
[  107.643603][   T60]  kobject_put+0x178/0x260
[  107.647853][   T60]  put_device+0x1f/0x30
[  107.652291][   T60]  free_netdev+0x393/0x480
[  107.656547][   T60]  usbnet_disconnect+0x25f/0x3b0
[  107.661319][   T60]  usb_unbind_interface+0x1fa/0x8c0
[  107.666352][   T60]  device_release_driver_internal+0x53e/0x870
[  107.672260][   T60]  device_release_driver+0x19/0x20
[  107.677201][   T60]  bus_remove_device+0x2fa/0x360
[  107.681975][   T60]  device_del+0x663/0xe90
[  107.686140][   T60]  usb_disable_device+0x380/0x720
[  107.691001][   T60]  usb_disconnect+0x32a/0x890
[  107.695515][   T60]  hub_event+0x1ed8/0x4830
[  107.699766][   T60]  process_one_work+0x73d/0xcb0
[  107.704452][   T60]  worker_thread+0xd71/0x1260
[  107.708967][   T60]  kthread+0x26d/0x300
[  107.712870][   T60]  ret_from_fork+0x1f/0x30
[  107.717126][   T60] 
[  107.719298][   T60] Last potentially related work creation:
[  107.724850][   T60]  kasan_save_stack+0x3b/0x60
[  107.729362][   T60]  __kasan_record_aux_stack+0xb4/0xc0
[  107.734568][   T60]  kasan_record_aux_stack_noalloc+0xb/0x10
[  107.740297][   T60]  insert_work+0x56/0x310
[  107.744462][   T60]  __queue_work+0x9b6/0xd70
[  107.748802][   T60]  queue_work_on+0x105/0x170
[  107.753230][   T60]  usbnet_link_change+0x182/0x1a0
[  107.758089][   T60]  usbnet_probe+0x1e1e/0x28a0
[  107.762603][   T60]  usb_probe_interface+0x5b6/0xa90
[  107.767551][   T60]  really_probe+0x2b8/0x920
[  107.771890][   T60]  __driver_probe_device+0x1a0/0x310
[  107.777013][   T60]  driver_probe_device+0x54/0x3d0
[  107.781870][   T60]  __device_attach_driver+0x2e3/0x490
[  107.787080][   T60]  bus_for_each_drv+0x183/0x200
[  107.791764][   T60]  __device_attach+0x312/0x510
[  107.796366][   T60]  device_initial_probe+0x1a/0x20
[  107.801225][   T60]  bus_probe_device+0xbe/0x1e0
[  107.805824][   T60]  device_add+0xb60/0xf10
[  107.809993][   T60]  usb_set_configuration+0x190f/0x1e80
[  107.815285][   T60]  usb_generic_driver_probe+0x8b/0x150
[  107.820578][   T60]  usb_probe_device+0x144/0x260
[  107.825272][   T60]  really_probe+0x2b8/0x920
[  107.829612][   T60]  __driver_probe_device+0x1a0/0x310
[  107.834729][   T60]  driver_probe_device+0x54/0x3d0
[  107.839587][   T60]  __device_attach_driver+0x2e3/0x490
[  107.844813][   T60]  bus_for_each_drv+0x183/0x200
[  107.849482][   T60]  __device_attach+0x312/0x510
[  107.854081][   T60]  device_initial_probe+0x1a/0x20
[  107.858941][   T60]  bus_probe_device+0xbe/0x1e0
[  107.863542][   T60]  device_add+0xb60/0xf10
[  107.867713][   T60]  usb_new_device+0xf2f/0x1820
[  107.872307][   T60]  hub_event+0x2db1/0x4830
[  107.876560][   T60]  process_one_work+0x73d/0xcb0
[  107.881249][   T60]  worker_thread+0xa60/0x1260
[  107.885762][   T60]  kthread+0x26d/0x300
[  107.889669][   T60]  ret_from_fork+0x1f/0x30
[  107.893920][   T60] 
[  107.896088][   T60] The buggy address belongs to the object at ffff888118db2000
[  107.896088][   T60]  which belongs to the cache kmalloc-4k of size 4096
[  107.909975][   T60] The buggy address is located 3296 bytes inside of
[  107.909975][   T60]  4096-byte region [ffff888118db2000, ffff888118db3000)
[  107.923256][   T60] 
[  107.925429][   T60] The buggy address belongs to the physical page:
[  107.931686][   T60] page:ffffea0004636c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x118db0
[  107.941741][   T60] head:ffffea0004636c00 order:3 compound_mapcount:0 compound_pincount:0
[  107.949902][   T60] flags: 0x4000000000010200(slab|head|zone=1)
[  107.955807][   T60] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043380
[  107.964236][   T60] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[  107.972638][   T60] page dumped because: kasan: bad access detected
[  107.978905][   T60] page_owner tracks the page as allocated
[  107.984446][   T60] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d60c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 319, tgid 319 (kworker/0:3), ts 105848676597, free_ts 105448889649
[  108.008663][   T60]  post_alloc_hook+0x213/0x220
[  108.013258][   T60]  prep_new_page+0x1b/0x110
[  108.017596][   T60]  get_page_from_freelist+0x3a98/0x3b10
[  108.022977][   T60]  __alloc_pages+0x234/0x610
[  108.027404][   T60]  alloc_slab_page+0x6c/0xf0
[  108.031836][   T60]  new_slab+0x90/0x3e0
[  108.035751][   T60]  ___slab_alloc+0x6f9/0xb80
[  108.040163][   T60]  __slab_alloc+0x5d/0xa0
[  108.044338][   T60]  __kmem_cache_alloc_node+0x207/0x2a0
[  108.049624][   T60]  __kmalloc_node+0xa3/0x1e0
[  108.054051][   T60]  kvmalloc_node+0x221/0x640
[  108.058479][   T60]  alloc_netdev_mqs+0x8c/0xf90
[  108.063076][   T60]  alloc_etherdev_mqs+0x36/0x40
[  108.067762][   T60]  usbnet_probe+0x213/0x28a0
[  108.072188][   T60]  usb_probe_interface+0x5b6/0xa90
[  108.077133][   T60]  really_probe+0x2b8/0x920
[  108.081477][   T60] page last free stack trace:
[  108.085988][   T60]  free_unref_page_prepare+0x9f1/0xa00
[  108.091282][   T60]  free_unref_page+0xb2/0x5c0
[  108.095797][   T60]  __free_pages+0x61/0xf0
[  108.099960][   T60]  __free_slab+0xce/0x1a0
[  108.104126][   T60]  __unfreeze_partials+0x165/0x1a0
[  108.109080][   T60]  put_cpu_partial+0xa9/0x100
[  108.113589][   T60]  __slab_free+0x1c8/0x280
[  108.117842][   T60]  ___cache_free+0xc6/0xd0
[  108.122094][   T60]  qlist_free_all+0xc5/0x140
[  108.126520][   T60]  kasan_quarantine_reduce+0x15a/0x180
[  108.131994][   T60]  __kasan_slab_alloc+0x24/0x80
[  108.136672][   T60]  slab_post_alloc_hook+0x53/0x2c0
[  108.141621][   T60]  __kmem_cache_alloc_node+0x193/0x2a0
[  108.146922][   T60]  __kmalloc_node_track_caller+0xa2/0x1e0
[  108.152911][   T60]  memdup_user+0x2a/0xc0
[  108.156987][   T60]  raw_ioctl+0x1f55/0x3620
[  108.161257][   T60] 
[  108.163412][   T60] Memory state around the buggy address:
[  108.168880][   T60]  ffff888118db2b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  108.176780][   T60]  ffff888118db2c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  108.184679][   T60] >ffff888118db2c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  108.192576][   T60]                                                        ^
[  108.199621][   T60]  ffff888118db2d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  108.207506][   T60]  ffff888118db2d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  108.215402][   T60] ==================================================================
[  108.223295][   T60] Disabling lock debugging due to kernel taint
[  108.239748][    T6] usb 1-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[  108.268888][    T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.276713][    T6] usb 1-1: Product: syz
[  108.281472][    T6] usb 1-1: Manufacturer: syz
[  108.285894][    T6] usb 1-1: SerialNumber: syz
[  108.502851][    T6] usb 1-1: USB disconnect, device number 13