last executing test programs:

3m30.132312775s ago: executing program 32 (id=1753):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000040000000700000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0x25)

3m29.486394675s ago: executing program 33 (id=1777):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003500)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4e0664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa7666b5ded16ee7025f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b3a2327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6cd28cf28fe2ee593e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c191355391771f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde34ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f2708e09ae8268dcc15411483b8506386aa0ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae4c697bfc674e03231c42f7eaaf5166bbc4653c71805f9448416e379cc1c40f8f866c9b319a849dd00ff9b84857436ed362c4632bfc3fa7357c24f15bbb07bd91893e61df7eb6dc5e071a9cc2faa7a32a91c4d982f5cfb725dca80b23874877a4980dbd70cda040b1ce527e7188159df77b493efbbd7bfe2680bf44e49eb68e5e33a0a5726072b2699d6244cd5c4a82bf18c668a3d43cec78c5fe1f12283d5dde6d0ea0b1b81ee7c065c938577e4ec93f22f1e6106f337625b7f7798011a6"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd4d, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002ec0)=@deltfilter={0x38, 0x2d, 0x1, 0xfffffffe, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xa, 0x1}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}}, 0x0)

3m29.09657306s ago: executing program 34 (id=1787):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sched_process_fork\x00', r0}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2m15.90748503s ago: executing program 35 (id=4336):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1e, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x8)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)

1m43.020905143s ago: executing program 36 (id=5645):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2000004, 0x31, 0xffffffffffffffff, 0x0)
unshare(0x6020400)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r0, 0x0, 0x0)

1m33.461325819s ago: executing program 6 (id=5921):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB='dots,check=normal,nodots,nodots,nodots,dots,nodots,quiet,nodots,nodots,nodots,dots,dots,umask=00000000000000000077777,nfs,dots,tz=UTC,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c6e6f646f74732c646f74732c646f74732c666c7573682c00b57a879187e03d3a8db8a0f227d28745173372d1261bbc26fdd7cff385a6a8a86dc78029bfe9a96cbdeabb7d32f9c318f46240623f"], 0xfd, 0x1bf, &(0x7f0000000840)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189)
write$binfmt_format(r0, &(0x7f0000000000)='1\x00', 0x2400)
write$FUSE_ATTR(r0, &(0x7f00000001c0)={0x78, 0xffffffffffffffda, 0x0, {0x40, 0x7fffffff, 0x0, {0x0, 0x219, 0xffffffff, 0xfffffffffffffff7, 0xffffffff, 0x82, 0xf, 0x6, 0xb5, 0xc000, 0x3b, 0x0, 0x0, 0x1, 0x6}}}, 0x78)

1m32.884528208s ago: executing program 6 (id=5945):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
set_robust_list(0x0, 0x0)

1m32.859419658s ago: executing program 37 (id=5945):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
set_robust_list(0x0, 0x0)

1m10.951979382s ago: executing program 3 (id=6881):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10)
readv(r0, &(0x7f0000000ac0)=[{&(0x7f0000000340)=""/253, 0xfd}], 0x1)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)

1m10.136270064s ago: executing program 3 (id=6913):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001020000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r1}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1m10.066651995s ago: executing program 3 (id=6904):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002000000000000000000000604"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r0, 0x58, &(0x7f0000003fc0)}, 0xe)

1m9.945515477s ago: executing program 3 (id=6907):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x1)

1m9.897128187s ago: executing program 3 (id=6911):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_clone(0x44004100, 0x0, 0xfffffffffffffe65, 0x0, 0x0, 0x0)

1m9.764674689s ago: executing program 3 (id=6915):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x10)
sigaltstack(0x0, 0x0)

1m9.71131534s ago: executing program 38 (id=6915):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x10)
sigaltstack(0x0, 0x0)

59.25221623s ago: executing program 4 (id=7325):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x60)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xad0c24, &(0x7f00000002c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000))
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x2)

59.199728211s ago: executing program 4 (id=7328):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="02000000000000007b01"])

59.108230412s ago: executing program 4 (id=7333):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000380)='sys_enter\x00', r1}, 0x10)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x0)

59.082979142s ago: executing program 4 (id=7335):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x1)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000000800)={'syz0\x00', {0x5, 0x0, 0x7, 0xff3e}, 0x7, [0x8, 0x2, 0x0, 0x7f98a53f, 0x8e, 0x1ff, 0x10001, 0x5, 0x1000, 0x1, 0x6, 0x1, 0x2, 0xc9, 0x9, 0x7ff, 0x6, 0x100, 0x4, 0x3, 0x6, 0x4, 0x8, 0xffffff80, 0x5, 0x9, 0x4, 0x7, 0xa37, 0x2, 0x80000000, 0x2, 0x1000100, 0x3, 0x9, 0x3, 0x1, 0x2, 0x7, 0x9, 0x134c53c9, 0x7fff, 0x3, 0x3, 0x6, 0xcf9, 0x6d35, 0x1, 0x4, 0xcc, 0x2, 0x5, 0x9, 0x63a91c24, 0x3, 0x8001, 0xfffffff8, 0xe, 0xec, 0x9, 0x0, 0x5daf2e9f, 0xf, 0x5], [0xffff56b1, 0xfffffffc, 0x4, 0x60000, 0x7, 0x4, 0xdbec, 0x81, 0x5, 0x6b52, 0x1, 0xe, 0x401, 0x6, 0x6, 0x5b6, 0x9, 0x7, 0x400, 0x0, 0x7, 0x4, 0x800, 0x5, 0x0, 0x2, 0xfffeffff, 0xec32, 0x66c, 0x64c, 0x200, 0x40, 0x2, 0x6c, 0x1, 0xd, 0xc, 0x34d1, 0x50, 0x7, 0x10, 0xffffffff, 0x7, 0x4, 0x100, 0x5, 0x3, 0xa6d7, 0x7, 0x9, 0x9, 0xab, 0x101, 0x3, 0x8, 0x6, 0xbff, 0xfff, 0x69c7f4c2, 0xc, 0x3, 0x0, 0x1, 0x9], [0x5, 0xffff, 0x57, 0x3, 0x40, 0x7f, 0x9, 0x571f, 0x7, 0x7, 0x6, 0xa, 0x6, 0x5, 0x100, 0x9, 0xcb, 0x151, 0x401, 0x3, 0x3, 0x0, 0x4, 0x7fffffff, 0x6, 0x7, 0x7, 0xeb1, 0xe, 0x100, 0x7, 0x1, 0xfffffff7, 0x3, 0x9, 0x36, 0x800, 0x1, 0x7, 0x9, 0x1, 0x101, 0x7, 0x9, 0x67b, 0x0, 0x0, 0x9, 0xffff, 0x7, 0x6, 0x4, 0x5, 0x9, 0x9, 0x1, 0x0, 0x7f, 0x101, 0x3, 0x2, 0x4, 0xf], [0xc47, 0x9, 0x0, 0x400, 0x800, 0x7, 0x0, 0x8, 0x2, 0x3, 0x1, 0x644, 0x3, 0x27, 0x401, 0x5, 0x6, 0x7, 0x0, 0x2b4d, 0x7fffffff, 0x6, 0x8000, 0x7fffffff, 0xc, 0x8001, 0x68, 0x5, 0x1, 0xfff, 0x220, 0xe, 0x8, 0x8, 0xbbe4, 0x2, 0x1, 0x43, 0x4, 0x2, 0x18038e5b, 0x9, 0x8, 0x7, 0x40, 0x4, 0x2, 0x9, 0x1, 0x8, 0x2, 0x40, 0x5, 0x0, 0x2, 0x0, 0x0, 0x9, 0x8001, 0x6, 0x4, 0x6, 0x6b, 0x80000001]}, 0x45c)

59.037062213s ago: executing program 4 (id=7340):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000005a80)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f0000000540)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x0)
fsync(r0)

58.671934128s ago: executing program 4 (id=7354):
ptrace(0x10, 0x1)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0)

44.307242864s ago: executing program 39 (id=7354):
ptrace(0x10, 0x1)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0)

15.415528229s ago: executing program 1 (id=8545):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket(0x10, 0x400000000080803, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f00000002c0)={'bridge0\x00', &(0x7f0000000480)=@ethtool_ringparam={0x8}})

15.35260031s ago: executing program 1 (id=8547):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = dup(r1)
fsetxattr$security_selinux(r2, &(0x7f0000000040), &(0x7f00000000c0)='system_u:object_r:lib_t:s0\x00', 0x1b, 0x0)

15.35234929s ago: executing program 1 (id=8548):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x7e, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000481100fe8000000000000000000000000000bbfe8000000000000000000000000000aa4e200e22"], 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
syz_emit_ethernet(0x7e, &(0x7f0000000300)={@random="2f5b02cb75db", @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x48, 0x11, 0x0, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {[], {0x4e20, 0xe22, 0x48, 0x0, @wg=@cookie={0x3, 0x1, "88c73b21f267636d01dbe5712c1c941e1cdafbbb43f09c70", "e13808ca72381f41e5fff9620915b6f78670dfaf9a2038083179cf6b7931c9b4"}}}}}}}, 0x0)

15.35215788s ago: executing program 1 (id=8549):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}, {@nolazytime}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x40, &(0x7f0000000040)={[{@upperdir={'upperdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_on}], [], 0x2c})
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x35)

15.235289971s ago: executing program 1 (id=8552):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
mlockall(0x3)

14.929836896s ago: executing program 1 (id=8557):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x18)
r2 = gettid()
rt_sigqueueinfo(r2, 0x21, &(0x7f0000000040)={0x0, 0x0, 0xfffffffb})

14.870875427s ago: executing program 40 (id=8557):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x18)
r2 = gettid()
rt_sigqueueinfo(r2, 0x21, &(0x7f0000000040)={0x0, 0x0, 0xfffffffb})

6.013642674s ago: executing program 0 (id=8925):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000340)={0xd6b, 0x1, 0x8, 0x5, 0xd, "ebffffe32391bc00"})
write(r0, &(0x7f0000000c80)="f1", 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000006c0)=0x5f)

5.969431954s ago: executing program 0 (id=8929):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000000)='.pending_reads\x00', 0x0, 0x0)
ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x80106725, 0x0)

5.947288615s ago: executing program 0 (id=8932):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000040)={0x1856, 0x0, 0x0, 0xfffffff9, 0x8, "0e80706e6c06a79874342a0e0d13343972d01f"})
write$UHID_INPUT(r1, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1010}}, 0x1b7)
read$FUSE(r1, &(0x7f0000002080)={0x2020}, 0xa38)

5.322613264s ago: executing program 0 (id=8969):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000300)={[{@acl}, {}, {@noacl}, {}, {@nouser_xattr}, {@cache_strategy_readahead}]}, 0x1, 0x177, &(0x7f0000000680)="$eJzslL9KA0EQxr/diwkROztBLAwYi1zuLio2IsEXCPgPO6M5Q/RiQnKCiZXY+gC2tr5CGsEXUSsRUlpH9naTWyV/RNAgzq+Y+/Z2dm52Dj4QBPFveX56e7x+bV0YAKaQQEy9fzHCHK7ln+XiB9OpjbvWzcPVenW20q9mp/P170cA3GcN+L2zH08n1HMLvKe3wbGo9C4YTKX3wbGjtAuGPaWPNV0R+aZ5VPJc87DiFYSwRLBFcETIfO6vfclQ0Ppj2n690TzJe55b+0Exan7tLMea1p/+v7qzsbT52eCwlc6AYVPpVcS6s5Ej0e4/EwnrG798fxIkSPw1EfpT55ZhQfOniOYfab9cTdcbzVSpnC+6RffUcTIr1pJlLTvpwIhkHOJ/8cCfJrX6EwNyoyyK87zv12wZe2tHxn6OywP/40jOy7Xw/ujAbuQ+U+dYoJLGkHSCIIixMQcWeOYInNy4GyUIgiAIgiAIgiAI4tu8BwAA//9iEXZY")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

5.286940434s ago: executing program 0 (id=8973):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000002ac0), 0x0, 0x0)
read$rfkill(r1, 0x0, 0x2e98399f)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)

5.175205506s ago: executing program 0 (id=8978):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
dup3(r0, r1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xa31e2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

5.112215927s ago: executing program 41 (id=8978):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
dup3(r0, r1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xa31e2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

3.307586033s ago: executing program 5 (id=9052):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
getgid()

3.290975553s ago: executing program 5 (id=9054):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, r2, 0xc4fc9e906872338b, 0x70bd29, 0x0, {{0x5}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

3.275372913s ago: executing program 5 (id=9055):
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x18, 0x0, 0x705, 0x70bd28, 0x4, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x18}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="01000000eaffffffd00400"])

3.116549486s ago: executing program 5 (id=9068):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000004340)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)

3.067786487s ago: executing program 5 (id=9071):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x18)

2.984731497s ago: executing program 5 (id=9073):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x2)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0200", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x96, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6002000000600600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYBLOB="8001000090"], 0x0)

2.959992898s ago: executing program 42 (id=9073):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x2)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0200", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x96, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6002000000600600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYBLOB="8001000090"], 0x0)

2.180102679s ago: executing program 8 (id=9091):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000340)='tlb_flush\x00', r0}, 0x18)

2.055751151s ago: executing program 8 (id=9093):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='percpu_create_chunk\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2.055616411s ago: executing program 6 (id=9074):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00', 0x5, 0x4, 0x3f0, 0x308, 0x0, 0x220, 0x220, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private, @empty}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @local, @private}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)

2.040508201s ago: executing program 6 (id=9094):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001440)={0x24, 0x0, 0x0, &(0x7f00000013c0)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x0, "741cb976"}]}}, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x2, @lang_id={0x0, 0x3, 0x423}}, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000200)={0x2c, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0003"], 0x0, 0x0, 0x0}, 0x0)

2.009176181s ago: executing program 8 (id=9095):
unshare(0x2040400)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000180), 0xb)
copy_file_range(r1, &(0x7f0000000080), r0, &(0x7f0000000100), 0xfffffffffffffff8, 0x0)

1.990192521s ago: executing program 8 (id=9096):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
lstat(0x0, 0x0)

1.936148112s ago: executing program 8 (id=9098):
io_setup(0x7, &(0x7f00000000c0)=<r0=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_timeval(r2, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
io_submit(r0, 0x2, &(0x7f0000000140)=[&(0x7f0000000500)={0x0, 0x4, 0x0, 0x0, 0x2, r2, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x5, 0x0, r1, 0x0, 0x0, 0x6}])

1.907159273s ago: executing program 8 (id=9099):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000180)=ANY=[@ANYBLOB="601004000000e3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000340)={0x2c, &(0x7f0000000200)={0x40, 0xf, 0x4, "66c53956"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)

911.402717ms ago: executing program 2 (id=9125):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

862.866588ms ago: executing program 2 (id=9126):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='batadv_slave_1\x00', 0x10)
sendmmsg$inet(r0, &(0x7f00000005c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000180)=';', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000780)="1e", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f00000004c0)="9bdf63766e5467dce49901318059dbdff4dff6baf5b013b2b1438503a69853a52a15669f26a6889fcd9089970589d677d53354649fcb04", 0x37}], 0x1}}], 0x3, 0x40006df)

850.022308ms ago: executing program 2 (id=9127):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)

833.717059ms ago: executing program 2 (id=9128):
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8008, &(0x7f0000000480), 0x1, 0x5505, &(0x7f000000cf00)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1a37c1, 0x42)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
write$UHID_DESTROY(r1, &(0x7f0000000000), 0x4)

601.621392ms ago: executing program 2 (id=9129):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x4)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000180)={0x0, r1})
dup2(r1, r0)

453.606594ms ago: executing program 2 (id=9130):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6, 0x24, 0x1a, 0xfffe, 0x30}}, {{0x9, 0x5, 0x81, 0x3, 0x400}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200, 0x4}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000600)={0x44, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x80, 0x1c, {0x7ff, 0x7, 0x47bf, 0x3, 0x7, 0x19, 0x4, 0x7, 0xbf, 0x70, 0x2, 0x8}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

269.077616ms ago: executing program 7 (id=9135):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
statfs(&(0x7f0000000080)='./file0\x00', 0x0)
write$FUSE_LSEEK(r0, &(0x7f00000021c0)={0x18, 0x0, 0x0, {0x7}}, 0x18)
umount2(&(0x7f0000000180)='./file0\x00', 0xb)

229.883007ms ago: executing program 9 (id=9136):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000)

201.885148ms ago: executing program 9 (id=9137):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x18)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000180), 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0500000000bbd10d0bc11fc00000000040000000aef028c89c34dcb05408427474e1cb5e689c593e7a16dd0af4f5be2f038bc9faf7"], 0x80}}, 0x0)

172.656107ms ago: executing program 9 (id=9138):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x46)

155.678108ms ago: executing program 9 (id=9139):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000ec0)=@newqdisc={0x50, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x20, 0x2, {{0x3, 0x3, 0x1, 0x3, 0x400, 0x8}, [@TCA_NETEM_DELAY_DIST={0x4}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

155.527178ms ago: executing program 7 (id=9140):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00')
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
mount(&(0x7f0000000080)=@filename='./cgroup\x00', &(0x7f00000000c0)='./cgroup\x00', 0x0, 0x2000, 0x0)

144.216708ms ago: executing program 7 (id=9141):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000140)={0x2c, r2, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x2c}}, 0x0)

120.604798ms ago: executing program 7 (id=9142):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x5}}, @TCA_MPLS_LABEL={0x8}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500090000000000050020000100000005"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

114.969209ms ago: executing program 6 (id=9143):
r0 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_FLAGS={0x8, 0x8, 0x5c2}]}, 0x34}}, 0x0)

114.484029ms ago: executing program 9 (id=9144):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5800000010001fff000000000007000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000300012800b000100697036746e6c0000200002801400020000000000000000000000ffffac1414bb050004000500000008000a00", @ANYRES32], 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

64.614239ms ago: executing program 6 (id=9145):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LOCAL={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}]}}}, @IFLA_MASTER={0x8, 0x3, r2}]}, 0x58}}, 0x4000000)

64.34227ms ago: executing program 7 (id=9146):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0)
close(r0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@grpquota}, {@usrjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@delalloc}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")
ioctl$SIOCSIFHWADDR(r0, 0x8b2b, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})

818.16µs ago: executing program 7 (id=9147):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000a000000850000000600000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={r2, r1, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8}}, 0x30)
syz_emit_ethernet(0x6a, &(0x7f0000000180)=ANY=[], 0x0)

0s ago: executing program 9 (id=9148):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1e000000000000000c00000007"], 0x50)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)

kernel console output (not intermixed with test programs):

00000108: -71
[  252.732135][T17678] smsc95xx: probe of 10-1:0.67 failed with error -71
[  252.751165][T17678] usb 10-1: USB disconnect, device number 9
[  252.920083][ T1644] tipc: Left network mode
[  253.238073][T18468] loop9: detected capacity change from 0 to 1024
[  253.245248][T18468] EXT4-fs: Ignoring removed mblk_io_submit option
[  253.264194][T18468] EXT4-fs error (device loop9): ext4_ext_check_inode:520: inode #11: comm syz.9.7788: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  253.294648][T18468] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.7788: couldn't read orphan inode 11 (err -117)
[  253.307337][T18468] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  253.320475][T18468] EXT4-fs error (device loop9): ext4_readdir:260: inode #2: block 16: comm syz.9.7788: path /415/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  253.348932][ T1644] device bridge_slave_1 left promiscuous mode
[  253.355013][ T1644] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.355556][T13514] EXT4-fs (loop9): unmounting filesystem.
[  253.367709][ T1644] device bridge_slave_0 left promiscuous mode
[  253.373764][ T1644] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.382249][ T1644] device veth1_macvtap left promiscuous mode
[  253.388675][ T1644] device veth0_vlan left promiscuous mode
[  253.547116][T18480] netlink: 148 bytes leftover after parsing attributes in process `syz.1.7793'.
[  253.556121][T18480] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  253.607282][   T28] kauditd_printk_skb: 92 callbacks suppressed
[  253.607299][   T28] audit: type=1400 audit(262.992:4594): avc:  denied  { sqpoll } for  pid=18500 comm="syz.9.7802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  253.660698][T18478] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.667629][T18478] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.674923][T18478] device bridge_slave_0 entered promiscuous mode
[  253.681506][T18511] netlink: 'syz.1.7805': attribute type 12 has an invalid length.
[  253.689249][T18511] netlink: 'syz.1.7805': attribute type 29 has an invalid length.
[  253.696848][T18511] netlink: 148 bytes leftover after parsing attributes in process `syz.1.7805'.
[  253.712771][T18478] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.719641][T18478] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.728482][T18478] device bridge_slave_1 entered promiscuous mode
[  253.735093][T18516] netlink: 96 bytes leftover after parsing attributes in process `syz.1.7808'.
[  253.834149][   T28] audit: type=1400 audit(263.249:4595): avc:  denied  { write } for  pid=18529 comm="syz.1.7814" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  253.890471][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  253.898243][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  253.917050][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  253.925495][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  253.933668][ T1644] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.940562][ T1644] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.948312][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  253.956545][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  253.965175][ T1644] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.972038][ T1644] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.979221][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  253.988051][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  253.996824][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  254.012016][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  254.023745][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  254.032671][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  254.046173][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  254.067512][T18478] device veth0_vlan entered promiscuous mode
[  254.087793][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  254.100985][T18478] device veth1_macvtap entered promiscuous mode
[  254.109906][T18542] ªªªªªª: renamed from vlan0
[  254.125986][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  254.148392][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  254.167387][T18554] loop8: detected capacity change from 0 to 512
[  254.179821][T18558] syz.9.7827[18558] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  254.184905][T18558] syz.9.7827[18558] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  254.202561][T18554] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  254.233538][T18554] EXT4-fs error (device loop8): ext4_xattr_block_get:546: inode #15: comm syz.8.7825: corrupted xattr block 32
[  254.252275][T18554] EXT4-fs (loop8): Remounting filesystem read-only
[  254.270468][T18554] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop8 ino=15
[  254.281493][T18554] EXT4-fs error (device loop8): ext4_xattr_block_get:546: inode #15: comm syz.8.7825: corrupted xattr block 32
[  254.295654][T18554] EXT4-fs (loop8): Remounting filesystem read-only
[  254.302324][T18554] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop8 ino=15
[  254.311456][T18554] EXT4-fs error (device loop8): ext4_xattr_block_get:546: inode #15: comm syz.8.7825: corrupted xattr block 32
[  254.323809][T18554] EXT4-fs (loop8): Remounting filesystem read-only
[  254.331591][T18554] EXT4-fs error (device loop8): ext4_xattr_block_get:546: inode #15: comm syz.8.7825: corrupted xattr block 32
[  254.344059][T18554] EXT4-fs (loop8): Remounting filesystem read-only
[  254.350470][T18554] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop8 ino=15
[  254.400493][   T28] audit: type=1400 audit(263.849:4596): avc:  denied  { load_policy } for  pid=18584 comm="syz.2.7838" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  254.400533][T18585] SELinux:  policydb version 0 does not match my version range 15-33
[  254.428810][T10516] EXT4-fs (loop8): unmounting filesystem.
[  254.454248][T18585] SELinux: failed to load policy
[  254.476117][T18593] device sit0 entered promiscuous mode
[  254.481663][T18593] netlink: 'syz.0.7841': attribute type 1 has an invalid length.
[  254.489898][T18593] netlink: 1 bytes leftover after parsing attributes in process `syz.0.7841'.
[  254.645573][T18612] loop8: detected capacity change from 0 to 512
[  254.652778][T18612] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001)
[  254.665140][T18615] device veth1_macvtap left promiscuous mode
[  254.676837][T18586] loop9: detected capacity change from 0 to 40427
[  254.683801][T18586] F2FS-fs (loop9): fault_injection options not supported
[  254.691367][T18586] F2FS-fs (loop9): invalid crc value
[  254.697653][T18586] F2FS-fs (loop9): Found nat_bits in checkpoint
[  254.720570][   T28] audit: type=1400 audit(264.193:4597): avc:  denied  { append } for  pid=18618 comm="syz.0.7853" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  254.785188][T18586] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  254.801014][T18629] device sit0 entered promiscuous mode
[  254.821889][T18629] netlink: 'syz.1.7856': attribute type 1 has an invalid length.
[  254.823639][   T28] audit: type=1400 audit(264.300:4598): avc:  denied  { ioctl } for  pid=18581 comm="syz.9.7836" path="/438/file1/file0" dev="loop9" ino=10 ioctlcmd=0xf501 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  254.829623][T18629] netlink: 1 bytes leftover after parsing attributes in process `syz.1.7856'.
[  254.856479][T17678] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  254.880532][T13514] syz-executor: attempt to access beyond end of device
[  254.880532][T13514] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  255.072238][T17678] usb 3-1: config index 0 descriptor too short (expected 2340, got 36)
[  255.080700][T17678] usb 3-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  255.091618][T17678] usb 3-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.101526][T17678] usb 3-1: config 0 interface 0 has no altsetting 0
[  255.107951][T17678] usb 3-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[  255.116820][T17678] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.125515][T17678] usb 3-1: config 0 descriptor??
[  255.275673][T17675] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  255.462082][T17675] usb 10-1: Using ep0 maxpacket: 16
[  255.468223][T17675] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  255.479108][T17675] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.488844][T17675] usb 10-1: config 0 interface 0 has no altsetting 0
[  255.495396][T17675] usb 10-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  255.504362][T17675] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.513032][T17678] hid-rmi 0003:17EF:6085.003D: item fetching failed at offset 0/3
[  255.521253][T17675] usb 10-1: config 0 descriptor??
[  255.526187][T17678] hid-rmi 0003:17EF:6085.003D: parse failed
[  255.531894][T17678] hid-rmi: probe of 0003:17EF:6085.003D failed with error -22
[  255.703705][T17678] usb 3-1: USB disconnect, device number 7
[  255.766841][T18647] loop1: detected capacity change from 0 to 256
[  255.775798][   T28] audit: type=1400 audit(265.319:4599): avc:  denied  { mount } for  pid=18646 comm="syz.1.7866" name="/" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  255.810211][   T28] audit: type=1400 audit(265.351:4600): avc:  denied  { unmount } for  pid=17985 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  255.849583][T18655] loop1: detected capacity change from 0 to 512
[  255.856470][T18655] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  255.865455][T18655] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec119, mo2=0002]
[  255.873623][T18655] System zones: 1-12
[  255.878397][T18655] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2186: inode #15: comm syz.1.7869: corrupted in-inode xattr
[  255.890876][T18655] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.7869: couldn't read orphan inode 15 (err -117)
[  255.902919][T18655] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  255.923009][T17675] hid (null): unknown global tag 0xd
[  255.928192][T17675] hid (null): global environment stack underflow
[  255.934607][T17675] hid (null): unknown global tag 0xd
[  255.939814][T17675] hid (null): invalid report_size 20669
[  255.970462][T18652] loop8: detected capacity change from 0 to 40427
[  255.978024][T17985] EXT4-fs (loop1): unmounting filesystem.
[  255.978548][T18652] F2FS-fs (loop8): invalid crc value
[  255.991713][T18652] F2FS-fs (loop8): Found nat_bits in checkpoint
[  256.038208][T18652] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  256.060426][T18652] syz.8.7867: attempt to access beyond end of device
[  256.060426][T18652] loop8: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  256.089135][T10516] syz-executor: attempt to access beyond end of device
[  256.089135][T10516] loop8: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  256.104601][T17675] usb 10-1: USB disconnect, device number 10
[  256.120764][T18671] loop1: detected capacity change from 0 to 1024
[  256.127725][T18671] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  256.139190][T18671] EXT4-fs (loop1): Test dummy encryption mode enabled
[  256.148372][T18671] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  256.168799][T17985] EXT4-fs (loop1): unmounting filesystem.
[  256.419051][T18686] loop8: detected capacity change from 0 to 40427
[  256.426080][T18686] F2FS-fs (loop8): fault_injection options not supported
[  256.433696][T18686] F2FS-fs (loop8): invalid crc value
[  256.440453][T18686] F2FS-fs (loop8): Found nat_bits in checkpoint
[  256.490209][T18686] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  256.523120][   T28] audit: type=1400 audit(266.124:4601): avc:  denied  { rename } for  pid=18685 comm="syz.8.7878" name="file1" dev="loop8" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  256.544563][   T28] audit: type=1400 audit(266.124:4602): avc:  denied  { unlink } for  pid=18685 comm="syz.8.7878" name="file2" dev="loop8" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  256.547074][T18704] loop2: detected capacity change from 0 to 16
[  256.566853][T10516] syz-executor: attempt to access beyond end of device
[  256.566853][T10516] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  256.572757][T18704] erofs: (device loop2): mounted with root inode @ nid 36.
[  256.606738][   T28] audit: type=1400 audit(266.210:4603): avc:  denied  { execute } for  pid=18703 comm="syz.2.7887" name="file3" dev="loop2" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  256.607156][T18704] syz.2.7887: attempt to access beyond end of device
[  256.607156][T18704] loop2: rw=524288, sector=7864328, nr_sectors = 8 limit=16
[  256.642538][T18704] syz.2.7887: attempt to access beyond end of device
[  256.642538][T18704] loop2: rw=0, sector=7864328, nr_sectors = 8 limit=16
[  256.728324][T18715] loop9: detected capacity change from 0 to 512
[  256.736967][T18715] EXT4-fs: Ignoring removed oldalloc option
[  256.743979][T18715] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  256.758218][T18715] EXT4-fs (loop9): 1 truncate cleaned up
[  256.758942][T18719] kvm [18718]: vcpu0, guest rIP: 0xfff0 unimplemented HWCR wrmsr: 0xc201
[  256.763844][T18715] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  256.807522][T13514] EXT4-fs error (device loop9): mb_free_blocks:1815: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt.
[  256.823508][T13514] EXT4-fs (loop9): unmounting filesystem.
[  256.868167][T18730] netlink: 28 bytes leftover after parsing attributes in process `syz.8.7898'.
[  256.878984][T18731] sch_tbf: burst 0 is lower than device gretap0 mtu (1476) !
[  256.913871][T18735] loop2: detected capacity change from 0 to 512
[  256.930768][T18735] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a816c098, mo2=0002]
[  256.943139][T18735] System zones: 1-12
[  256.952459][T18735] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.7901: inode #1: comm syz.2.7901: iget: illegal inode #
[  256.981761][T18735] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.7901: error while reading EA inode 1 err=-117
[  257.000646][T18735] EXT4-fs (loop2): 1 orphan inode deleted
[  257.016180][T18735] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  257.032068][T18735] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.7901: bg 0: block 432: padding at end of block bitmap is not set
[  257.052847][T18735] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.7901: invalid indirect mapped block 234881024 (level 0)
[  257.064793][T18727] loop9: detected capacity change from 0 to 40427
[  257.073984][T18727] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  257.081689][T18727] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  257.111276][T18478] EXT4-fs (loop2): unmounting filesystem.
[  257.118136][T18727] F2FS-fs (loop9): Found nat_bits in checkpoint
[  257.171051][T18727] F2FS-fs (loop9): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  257.184144][T18727] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  257.192255][T18727] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  257.230338][T18727] syz.9.7895: attempt to access beyond end of device
[  257.230338][T18727] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  257.258195][T18762] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7911'.
[  257.261400][T18727] syz.9.7895: attempt to access beyond end of device
[  257.261400][T18727] loop9: rw=0, sector=45096, nr_sectors = 8 limit=40427
[  257.309647][T18727] syz.9.7895: attempt to access beyond end of device
[  257.309647][T18727] loop9: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  257.318282][T18768] Invalid ELF header magic: != ELF
[  257.465179][T18781] loop9: detected capacity change from 0 to 512
[  257.472011][T18781] EXT4-fs: Ignoring removed bh option
[  257.479046][T18781] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1800c018, mo2=0002]
[  257.487575][T18781] EXT4-fs (loop9): 1 truncate cleaned up
[  257.493025][T18781] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  257.503583][T18781] EXT4-fs warning (device loop9): ext4_resize_begin:74: won't resize using backup superblock at 1
[  257.520075][T13514] EXT4-fs (loop9): unmounting filesystem.
[  257.545535][T18786] loop9: detected capacity change from 0 to 512
[  257.552288][T18786] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  257.561343][T18786] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec119, mo2=0002]
[  257.569513][T18786] System zones: 1-12
[  257.573771][T18786] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2186: inode #15: comm syz.9.7922: corrupted in-inode xattr
[  257.585849][T18786] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.7922: couldn't read orphan inode 15 (err -117)
[  257.597891][T18786] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  257.624484][  T548] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  257.686324][T13514] EXT4-fs (loop9): unmounting filesystem.
[  257.801095][  T548] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.812107][  T548] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.822232][  T548] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  257.831592][  T548] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.840536][  T548] usb 3-1: config 0 descriptor??
[  257.932158][T18809] loop8: detected capacity change from 0 to 512
[  257.938609][T18809] EXT4-fs: Ignoring removed bh option
[  257.945268][T18809] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1800c018, mo2=0002]
[  257.953784][T18809] EXT4-fs (loop8): 1 truncate cleaned up
[  257.959261][T18809] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  257.970655][T18809] EXT4-fs warning (device loop8): ext4_resize_begin:74: won't resize using backup superblock at 1
[  257.988153][T10516] EXT4-fs (loop8): unmounting filesystem.
[  258.017469][T18814] loop8: detected capacity change from 0 to 512
[  258.024152][T18814] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  258.033212][T18814] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec119, mo2=0002]
[  258.041133][T18814] System zones: 1-12
[  258.045608][T18814] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2186: inode #15: comm syz.8.7934: corrupted in-inode xattr
[  258.057896][T18814] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.7934: couldn't read orphan inode 15 (err -117)
[  258.069995][T18814] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  258.163546][T10516] EXT4-fs (loop8): unmounting filesystem.
[  258.221491][  T548] playstation 0003:054C:0DF2.003F: collection stack underflow
[  258.228943][  T548] playstation 0003:054C:0DF2.003F: item 0 0 0 12 parsing failed
[  258.237018][  T548] playstation 0003:054C:0DF2.003F: Parse failed
[  258.243251][  T548] playstation: probe of 0003:054C:0DF2.003F failed with error -22
[  258.410714][T17674] usb 3-1: USB disconnect, device number 8
[  258.463333][T17675] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  258.519292][T17678] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  258.559122][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  258.559137][   T28] audit: type=1326 audit(268.313:4615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18798 comm="syz.0.7928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ae558d169 code=0x7fc00000
[  258.619256][T18829] loop0: detected capacity change from 0 to 512
[  258.633275][T18829] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  258.646118][   T28] audit: type=1400 audit(268.409:4616): avc:  denied  { create } for  pid=18828 comm="syz.0.7941" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  258.687766][T17675] usb 2-1: Using ep0 maxpacket: 16
[  258.695562][   T28] audit: type=1400 audit(268.409:4617): avc:  denied  { rename } for  pid=18828 comm="syz.0.7941" name="file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  258.697745][T14208] EXT4-fs (loop0): unmounting filesystem.
[  258.721364][T17675] usb 2-1: unable to get BOS descriptor or descriptor too short
[  258.730259][T17678] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.741050][T17678] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.751043][T17678] usb 9-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  258.760119][T17678] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.768057][T17675] usb 2-1: config 1 interface 0 altsetting 127 bulk endpoint 0x82 has invalid maxpacket 1023
[  258.778192][T17675] usb 2-1: config 1 interface 0 altsetting 127 bulk endpoint 0x3 has invalid maxpacket 32
[  258.788436][T17675] usb 2-1: config 1 interface 0 has no altsetting 0
[  258.795162][T17678] usb 9-1: config 0 descriptor??
[  258.821492][T17675] usb 2-1: string descriptor 0 read error: -22
[  258.829169][T17675] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  258.838161][T17675] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.855679][T18821] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  258.864185][T18821] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  258.892383][   T28] audit: type=1400 audit(268.667:4618): avc:  denied  { connect } for  pid=18844 comm="syz.9.7947" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  258.938650][   T28] audit: type=1400 audit(268.699:4619): avc:  denied  { setopt } for  pid=18844 comm="syz.9.7947" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  259.061625][T17675] cdc_ether: probe of 2-1:1.0 failed with error -71
[  259.066225][T18875] device pim6reg1 entered promiscuous mode
[  259.070103][T17675] usb 2-1: USB disconnect, device number 7
[  259.190689][   T39] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  259.219116][T18896] loop2: detected capacity change from 0 to 16
[  259.225777][T18896] erofs: (device loop2): mounted with root inode @ nid 36.
[  259.250193][T18900] netlink: 'syz.2.7970': attribute type 12 has an invalid length.
[  259.258199][T18900] netlink: 'syz.2.7970': attribute type 29 has an invalid length.
[  259.266377][T18900] netlink: 148 bytes leftover after parsing attributes in process `syz.2.7970'.
[  259.275344][T18900] netlink: 59 bytes leftover after parsing attributes in process `syz.2.7970'.
[  259.312714][   T28] audit: type=1400 audit(269.128:4620): avc:  denied  { relabelfrom } for  pid=18905 comm="syz.2.7973" name="TCPv6" dev="sockfs" ino=98297 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  259.312724][T18906] SELinux:  Context system_u:object_r:login_exec_t:s0 is not valid (left unmapped).
[  259.344649][   T28] audit: type=1400 audit(269.160:4621): avc:  denied  { relabelto } for  pid=18905 comm="syz.2.7973" name="TCPv6" dev="sockfs" ino=98297 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=tcp_socket permissive=1 trawcon="system_u:object_r:login_exec_t:s0"
[  259.395741][   T39] usb 10-1: Using ep0 maxpacket: 16
[  259.401937][   T39] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  259.411993][   T39] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  259.422638][   T39] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  259.431613][   T39] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.439632][   T39] usb 10-1: Product: syz
[  259.443687][   T39] usb 10-1: Manufacturer: syz
[  259.448151][   T39] usb 10-1: SerialNumber: syz
[  259.559181][T17678] uclogic 0003:256C:006D.0040: failed retrieving Huion firmware version: -71
[  259.573370][T17678] uclogic 0003:256C:006D.0040: failed probing parameters: -71
[  259.590218][T17678] uclogic: probe of 0003:256C:006D.0040 failed with error -71
[  259.608636][T17678] usb 9-1: USB disconnect, device number 10
[  259.642497][   T39] usb 10-1: 0:2 : does not exist
[  259.651262][   T39] usb 10-1: 5:0: failed to get current value for ch 0 (-22)
[  259.670819][   T39] usb 10-1: USB disconnect, device number 11
[  259.699609][   T28] audit: type=1400 audit(269.536:4622): avc:  denied  { map } for  pid=18929 comm="syz.1.7985" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=98777 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  259.723383][   T28] audit: type=1400 audit(269.536:4623): avc:  denied  { read write } for  pid=18929 comm="syz.1.7985" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=98777 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  259.747642][   T28] audit: type=1400 audit(269.536:4624): avc:  denied  { write } for  pid=18931 comm="syz.2.7984" name="usbmon0" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  259.978628][T18941] loop2: detected capacity change from 0 to 40427
[  259.985369][T18941] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  259.992972][T18941] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  260.003418][T18941] F2FS-fs (loop2): Found nat_bits in checkpoint
[  260.035943][T18941] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  260.048115][T18941] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  260.055071][T18941] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  260.090048][T18941] syz.2.7989: attempt to access beyond end of device
[  260.090048][T18941] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  260.121175][T18941] syz.2.7989: attempt to access beyond end of device
[  260.121175][T18941] loop2: rw=0, sector=45096, nr_sectors = 8 limit=40427
[  260.135652][T18950] device batadv_slave_0 entered promiscuous mode
[  260.143070][T18949] device batadv_slave_0 left promiscuous mode
[  260.174529][T18941] syz.2.7989: attempt to access beyond end of device
[  260.174529][T18941] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  260.228382][T18958] loop9: detected capacity change from 0 to 128
[  260.302716][T18964] loop8: detected capacity change from 0 to 2048
[  260.351506][T18964] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  260.365449][T18964] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  260.384866][T18964] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  260.397364][T18964] EXT4-fs (loop8): This should not happen!! Data will be lost
[  260.397364][T18964] 
[  260.412657][T18964] EXT4-fs (loop8): Total free blocks count 0
[  260.425082][T18964] EXT4-fs (loop8): Free/Dirty block details
[  260.437596][T18964] EXT4-fs (loop8): free_blocks=2415919104
[  260.443341][T18964] EXT4-fs (loop8): dirty_blocks=16
[  260.449795][T18964] EXT4-fs (loop8): Block reservation details
[  260.455728][T18964] EXT4-fs (loop8): i_reserved_data_blocks=1
[  260.471876][  T314] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  260.474184][T18985] loop9: detected capacity change from 0 to 1024
[  260.510088][T18985] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  260.715349][T19011] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8018'.
[  260.726291][T19011] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8018'.
[  260.774911][T17674] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  260.953564][T17674] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.964896][T17674] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.974797][T17674] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  260.987629][T17674] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  260.996548][T17674] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.009520][T17674] usb 2-1: config 0 descriptor??
[  261.111596][T19027] loop8: detected capacity change from 0 to 4096
[  261.120492][T19027] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  261.139218][T10516] EXT4-fs (loop8): unmounting filesystem.
[  261.261647][T13514] EXT4-fs (loop9): unmounting filesystem.
[  261.332435][T19051] loop8: detected capacity change from 0 to 512
[  261.339633][T19051] EXT4-fs (loop8): Test dummy encryption mode enabled
[  261.347853][T19051] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  261.358483][T19051] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  261.366739][T19051] System zones: 1-12
[  261.371488][T19051] EXT4-fs (loop8): 1 truncate cleaned up
[  261.377006][T19051] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  261.390797][T17674] plantronics 0003:047F:FFFF.0041: No inputs registered, leaving
[  261.408632][T17674] plantronics 0003:047F:FFFF.0041: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  261.440428][T10516] EXT4-fs (loop8): unmounting filesystem.
[  261.513528][T19068] loop2: detected capacity change from 0 to 2048
[  261.522957][T19068] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  261.535386][T19068] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  261.550232][T19068] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  261.562306][T17674] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  261.569777][T19068] EXT4-fs (loop2): This should not happen!! Data will be lost
[  261.569777][T19068] 
[  261.583892][T19068] EXT4-fs (loop2): Total free blocks count 0
[  261.589837][T19068] EXT4-fs (loop2): Free/Dirty block details
[  261.601121][T19068] EXT4-fs (loop2): free_blocks=2415919104
[  261.606766][T19068] EXT4-fs (loop2): dirty_blocks=16
[  261.611637][T19068] EXT4-fs (loop2): Block reservation details
[  261.617534][T19068] EXT4-fs (loop2): i_reserved_data_blocks=1
[  261.630342][    T8] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  261.643263][T17675] usb 2-1: USB disconnect, device number 8
[  261.783125][T17674] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.794076][T17674] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.804868][T17674] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  261.817998][T17674] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.827109][T19094] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8064'.
[  261.827710][T17674] usb 10-1: config 0 descriptor??
[  261.977225][T19096] loop2: detected capacity change from 0 to 40427
[  261.986819][T19096] F2FS-fs (loop2): Found nat_bits in checkpoint
[  262.029249][T19096] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  262.051169][T18478] syz-executor: attempt to access beyond end of device
[  262.051169][T18478] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  262.058709][T19108] netlink: 28 bytes leftover after parsing attributes in process `syz.8.8070'.
[  262.224009][T17674] keytouch 0003:0926:3333.0042: fixing up Keytouch IEC report descriptor
[  262.234028][T17674] input: HID 0926:3333 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:0926:3333.0042/input/input50
[  262.315279][T17674] keytouch 0003:0926:3333.0042: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.9-1/input0
[  262.378000][ T5231] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  262.426879][   T39] usb 10-1: USB disconnect, device number 12
[  262.510732][T19152] loop2: detected capacity change from 0 to 256
[  262.546990][ T5231] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.558240][ T5231] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.567862][ T5231] usb 9-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  262.576744][ T5231] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.585070][ T5231] usb 9-1: config 0 descriptor??
[  262.918705][T19161] loop2: detected capacity change from 0 to 512
[  262.925122][T19161] EXT4-fs: Ignoring removed oldalloc option
[  262.931365][T19161] EXT4-fs: Ignoring removed orlov option
[  262.936997][T19161] EXT4-fs: Ignoring removed bh option
[  262.942718][T19161] EXT4-fs (loop2): Test dummy encryption mode enabled
[  262.951178][T19161] EXT4-fs (loop2): 1 truncate cleaned up
[  262.956792][T19161] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  262.967991][ T5231] hid-generic 0003:258A:0036.0043: item fetching failed at offset 5/7
[  262.979371][ T5231] hid-generic: probe of 0003:258A:0036.0043 failed with error -22
[  262.993285][T18478] EXT4-fs (loop2): unmounting filesystem.
[  263.167242][T17675] usb 9-1: USB disconnect, device number 11
[  263.223749][T19179] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.230909][T19179] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.238231][T19179] device bridge_slave_0 entered promiscuous mode
[  263.247259][T19179] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.254195][T19179] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.261327][T19179] device bridge_slave_1 entered promiscuous mode
[  263.313595][T19179] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.320463][T19179] bridge0: port 2(bridge_slave_1) entered forwarding state
[  263.327536][T19179] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.334349][T19179] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.358768][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  263.366485][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.373585][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.383323][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  263.391695][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  263.399724][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.406575][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.416929][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  263.425115][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  263.433127][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.439953][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  263.455053][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  263.463035][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  263.472089][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  263.480210][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  263.493703][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  263.502174][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  263.514988][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  263.522967][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  263.530892][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  263.538365][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  263.546275][T19179] device veth0_vlan entered promiscuous mode
[  263.553035][  T314] device bridge_slave_1 left promiscuous mode
[  263.558984][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.566328][  T314] device bridge_slave_0 left promiscuous mode
[  263.572362][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.580080][  T314] device veth0_vlan left promiscuous mode
[  263.660237][T19187] loop2: detected capacity change from 0 to 512
[  263.674188][T19187] EXT4-fs (loop2): Test dummy encryption mode enabled
[  263.680873][T19187] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  263.711338][T19187] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  263.719152][T19187] System zones: 1-12
[  263.724115][T19187] EXT4-fs (loop2): 1 truncate cleaned up
[  263.729584][T19187] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  263.729637][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  263.795612][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  263.810891][T19179] device veth1_macvtap entered promiscuous mode
[  263.833525][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  263.851512][T19188] loop9: detected capacity change from 0 to 40427
[  263.852556][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  263.865761][T19188] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  263.873672][T19188] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  263.882448][T18478] EXT4-fs (loop2): unmounting filesystem.
[  263.888525][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  263.914942][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  263.923618][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  263.933151][T19188] F2FS-fs (loop9): Found nat_bits in checkpoint
[  264.014747][T19190] loop8: detected capacity change from 0 to 40427
[  264.024164][T19190] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  264.033946][T19190] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  264.045136][T19188] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  264.055488][T19188] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  264.080908][T19190] F2FS-fs (loop8): Found nat_bits in checkpoint
[  264.105640][T19211] loop2: detected capacity change from 0 to 2048
[  264.132235][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  264.132253][   T28] audit: type=1400 audit(274.299:4646): avc:  denied  { setattr } for  pid=19186 comm="syz.9.8104" name="file0" dev="loop9" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  264.133485][T19211] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  264.171684][   T28] audit: type=1400 audit(274.332:4647): avc:  denied  { map } for  pid=19210 comm="syz.2.8100" path="/88/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  264.173830][T19190] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  264.201999][T19211] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  264.217848][T19211] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  264.218170][T19190] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  264.236747][T19190] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  264.244298][T19211] EXT4-fs (loop2): This should not happen!! Data will be lost
[  264.244298][T19211] 
[  264.254383][T19211] EXT4-fs (loop2): Total free blocks count 0
[  264.260200][T19211] EXT4-fs (loop2): Free/Dirty block details
[  264.266106][T19211] EXT4-fs (loop2): free_blocks=2415919104
[  264.271918][T19211] EXT4-fs (loop2): dirty_blocks=16
[  264.276850][T19211] EXT4-fs (loop2): Block reservation details
[  264.283138][T19211] EXT4-fs (loop2): i_reserved_data_blocks=1
[  264.289567][T19211] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  264.332670][T19190] syz.8.8094: attempt to access beyond end of device
[  264.332670][T19190] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  264.373187][T19190] syz.8.8094: attempt to access beyond end of device
[  264.373187][T19190] loop8: rw=0, sector=45096, nr_sectors = 8 limit=40427
[  264.415969][T19190] syz.8.8094: attempt to access beyond end of device
[  264.415969][T19190] loop8: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  264.465371][T19234] loop2: detected capacity change from 0 to 4096
[  264.474400][T19234] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  264.498565][T18478] EXT4-fs (loop2): unmounting filesystem.
[  264.555490][T19240] loop9: detected capacity change from 0 to 512
[  264.566043][T19242] loop2: detected capacity change from 0 to 2048
[  264.572118][T19240] EXT4-fs (loop9): Test dummy encryption mode enabled
[  264.579079][T19240] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  264.599222][T19242]  loop2: p1 < > p4
[  264.606149][T19242] loop2: p4 size 8388608 extends beyond EOD, truncated
[  264.608498][T19244] loop1: detected capacity change from 0 to 1024
[  264.620476][T19240] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  264.638274][T19244] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.8115: bad orphan inode 2304
[  264.651256][T19240] System zones: 1-12
[  264.655818][T19240] EXT4-fs (loop9): 1 truncate cleaned up
[  264.660816][T19248] loop8: detected capacity change from 0 to 1024
[  264.661354][T19240] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  264.668370][T19244] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  264.693818][   T28] audit: type=1400 audit(274.890:4648): avc:  denied  { watch } for  pid=19243 comm="syz.1.8115" path="/4/bus/control" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  264.734725][T19179] EXT4-fs (loop1): unmounting filesystem.
[  264.744045][T19248] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  264.762853][T13514] EXT4-fs (loop9): unmounting filesystem.
[  264.770567][   T28] audit: type=1400 audit(274.975:4649): avc:  denied  { append } for  pid=19247 comm="syz.8.8110" name="file1" dev="loop8" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  264.826393][T10516] EXT4-fs (loop8): unmounting filesystem.
[  264.855697][T19265] loop8: detected capacity change from 0 to 128
[  264.876343][T19265] SELinux: ebitmap: map size 3122078066 does not match my size 64 (high bit was -559763655)
[  264.895179][T19265] SELinux: failed to load policy
[  264.900181][   T28] audit: type=1400 audit(275.115:4650): avc:  denied  { unmount } for  pid=19179 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  264.940108][T19273] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  264.940920][   T28] audit: type=1400 audit(275.158:4651): avc:  denied  { append } for  pid=19272 comm="syz.8.8126" name="001" dev="devtmpfs" ino=184 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  264.960366][T19273] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  265.128205][T17678] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  265.143925][T19282] loop1: detected capacity change from 0 to 512
[  265.151645][T19282] EXT4-fs (loop1): Test dummy encryption mode enabled
[  265.158315][T19282] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  265.169434][T19282] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  265.177460][T19282] System zones: 1-12
[  265.181956][T19282] EXT4-fs (loop1): 1 truncate cleaned up
[  265.187473][T19282] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  265.235600][T19179] EXT4-fs (loop1): unmounting filesystem.
[  265.305850][T17678] usb 10-1: Using ep0 maxpacket: 16
[  265.311567][T19293] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8144'.
[  265.312370][T17678] usb 10-1: unable to get BOS descriptor or descriptor too short
[  265.342346][T17678] usb 10-1: config 1 interface 0 altsetting 127 bulk endpoint 0x82 has invalid maxpacket 1023
[  265.343329][   T28] audit: type=1400 audit(275.598:4652): avc:  denied  { bind } for  pid=19296 comm="syz.0.8134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  265.353578][T17678] usb 10-1: config 1 interface 0 altsetting 127 bulk endpoint 0x3 has invalid maxpacket 32
[  265.382362][T17678] usb 10-1: config 1 interface 0 has no altsetting 0
[  265.399537][T17678] usb 10-1: string descriptor 0 read error: -22
[  265.405919][T17678] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  265.425238][T17678] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.437573][T19263] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  265.458928][T19263] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  265.512847][T19287] loop8: detected capacity change from 0 to 40427
[  265.522961][T19287] F2FS-fs (loop8): Found nat_bits in checkpoint
[  265.564887][T19287] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  265.604843][T10516] syz-executor: attempt to access beyond end of device
[  265.604843][T10516] loop8: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  265.649133][T19325] loop1: detected capacity change from 0 to 1024
[  265.656995][T17678] cdc_ether: probe of 10-1:1.0 failed with error -71
[  265.659760][T19325] EXT4-fs: Ignoring removed orlov option
[  265.665676][T17678] usb 10-1: USB disconnect, device number 13
[  265.676296][T19325] EXT4-fs (loop1): Test dummy encryption mode enabled
[  265.685022][T19325] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  265.696754][   T28] audit: type=1400 audit(275.973:4653): avc:  denied  { setattr } for  pid=19324 comm="syz.1.8148" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  265.724628][T19179] EXT4-fs (loop1): unmounting filesystem.
[  265.740073][   T28] audit: type=1400 audit(276.016:4654): avc:  denied  { bind } for  pid=19327 comm="syz.1.8149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  266.038686][   T28] audit: type=1400 audit(276.338:4655): avc:  denied  { write } for  pid=19355 comm="syz.8.8161" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  266.096817][T17675] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  266.156648][T19362] loop9: detected capacity change from 0 to 512
[  266.163830][T19362] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  266.174132][T19362] EXT4-fs (loop9): orphan cleanup on readonly fs
[  266.180991][T19362] EXT4-fs error (device loop9): ext4_acquire_dquot:6782: comm syz.9.8164: Failed to acquire dquot type 1
[  266.192861][T19362] EXT4-fs (loop9): 1 truncate cleaned up
[  266.198463][T19362] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  266.211266][T19362] netlink: 36 bytes leftover after parsing attributes in process `syz.9.8164'.
[  266.226052][T13514] EXT4-fs (loop9): unmounting filesystem.
[  266.264669][T17675] usb 2-1: Using ep0 maxpacket: 8
[  266.271365][T17675] usb 2-1: config 0 interface 0 altsetting 33 endpoint 0x81 has an invalid bInterval 126, changing to 10
[  266.296453][T17675] usb 2-1: config 0 interface 0 has no altsetting 0
[  266.313436][T17675] usb 2-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  266.329043][T19381] 9pnet_virtio: no channels available for device syz
[  266.339362][T17675] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.358185][T17675] usb 2-1: config 0 descriptor??
[  266.388073][T19387] netem: change failed
[  266.445289][T19397] SELinux:  Context system_u:object_r:iptables_unit_file_t:s0 is not valid (left unmapped).
[  266.558958][T17675] usbhid 2-1:0.0: can't add hid device: -71
[  266.565351][T17675] usbhid: probe of 2-1:0.0 failed with error -71
[  266.572649][T17675] usb 2-1: USB disconnect, device number 9
[  266.628703][T17674] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  266.650573][T19437] loop2: detected capacity change from 0 to 128
[  266.657003][T19437] EXT4-fs: Ignoring removed nobh option
[  266.807479][T17674] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.813479][T19456] loop2: detected capacity change from 0 to 1024
[  266.824832][T19456] EXT4-fs: Ignoring removed nomblk_io_submit option
[  266.824952][T17674] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.831600][T19456] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  266.847751][T17674] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  266.854017][T19456] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  266.866063][T17674] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  266.882156][T17674] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.894834][T17674] usb 9-1: config 0 descriptor??
[  266.939691][T19469] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  267.111593][T19473] loop9: detected capacity change from 0 to 40427
[  267.118332][T19473] F2FS-fs (loop9): Small segment_count (9 < 1 * 24)
[  267.124787][T19473] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  267.135004][T19473] F2FS-fs (loop9): Found nat_bits in checkpoint
[  267.172412][T19473] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  267.179334][T19473] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  267.216757][T13514] syz-executor: attempt to access beyond end of device
[  267.216757][T13514] loop9: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  267.230898][T17678] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  267.276738][T17674] plantronics 0003:047F:FFFF.0044: No inputs registered, leaving
[  267.290858][T17674] plantronics 0003:047F:FFFF.0044: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  267.358513][T19480] loop1: detected capacity change from 0 to 40427
[  267.367533][T19480] F2FS-fs (loop1): Found nat_bits in checkpoint
[  267.407063][T19480] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  267.421905][T17678] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  267.435773][T17678] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  267.444756][T17678] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  267.452623][T17678] usb 3-1: SerialNumber: syz
[  267.453074][T19179] syz-executor: attempt to access beyond end of device
[  267.453074][T19179] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  267.551878][T17674] usb 9-1: USB disconnect, device number 12
[  267.877072][T17675] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  268.021943][T17678] cdc_ether 3-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42
[  268.033470][T17673] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  268.073930][T17675] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.085345][T17675] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  268.095118][T17675] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  268.104014][T17675] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.112638][T17675] usb 2-1: config 0 descriptor??
[  268.222809][T17673] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.233615][T17673] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  268.243256][T17673] usb 10-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  268.252174][T17673] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.260608][T17673] usb 10-1: config 0 descriptor??
[  268.405501][T17678] usb 3-1: USB disconnect, device number 9
[  268.411541][T17678] cdc_ether 3-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device
[  268.493120][T17675] keytouch 0003:0926:3333.0045: fixing up Keytouch IEC report descriptor
[  268.502801][T17675] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0045/input/input51
[  268.587444][T17675] keytouch 0003:0926:3333.0045: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  268.643087][T17673] hid-generic 0003:258A:0036.0046: unknown main item tag 0x0
[  268.650335][T17673] hid-generic 0003:258A:0036.0046: unknown main item tag 0x0
[  268.657753][T17673] hid-generic 0003:258A:0036.0046: unknown main item tag 0x0
[  268.664997][T17673] hid-generic 0003:258A:0036.0046: unknown main item tag 0x0
[  268.672239][T17673] hid-generic 0003:258A:0036.0046: unknown main item tag 0x0
[  268.679376][T17673] hid-generic 0003:258A:0036.0046: unknown main item tag 0x0
[  268.686598][T17673] hid-generic 0003:258A:0036.0046: unknown main item tag 0x0
[  268.694541][T17673] hid-generic 0003:258A:0036.0046: hidraw1: USB HID v0.00 Device [HID 258a:0036] on usb-dummy_hcd.9-1/input0
[  268.706927][T17673] usb 2-1: USB disconnect, device number 10
[  268.832819][T17678] usb 10-1: USB disconnect, device number 14
[  268.897649][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  268.897666][   T28] audit: type=1400 audit(280.401:4675): avc:  denied  { ioctl } for  pid=19523 comm="syz.8.8245" path="socket:[101261]" dev="sockfs" ino=101261 ioctlcmd=0x48cb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  269.004413][T19530] loop2: detected capacity change from 0 to 512
[  269.014358][   T28] audit: type=1400 audit(280.530:4676): avc:  denied  { append } for  pid=19529 comm="syz.2.8237" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  269.036467][   T28] audit: type=1400 audit(280.530:4677): avc:  denied  { open } for  pid=19529 comm="syz.2.8237" path="/122/file0/file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  269.059758][   T28] audit: type=1400 audit(280.530:4678): avc:  denied  { read } for  pid=19529 comm="syz.2.8237" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  269.289288][T19553] netlink: 104 bytes leftover after parsing attributes in process `syz.0.8248'.
[  269.289288][   T28] audit: type=1400 audit(280.819:4679): avc:  denied  { nlmsg_read } for  pid=19552 comm="syz.0.8248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  269.339594][T19561] loop2: detected capacity change from 0 to 256
[  269.347376][T19561] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  269.365403][T19561] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  269.380605][T19561] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  269.437806][T19576] loop2: detected capacity change from 0 to 2048
[  269.460408][   T28] audit: type=1400 audit(281.002:4680): avc:  denied  { create } for  pid=19580 comm="syz.0.8263" name="file7" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  269.506729][   T28] audit: type=1400 audit(281.055:4681): avc:  denied  { append } for  pid=19575 comm="syz.2.8260" name="loop7" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  269.547341][T19592] syz.1.8265[19592] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.547424][T19592] syz.1.8265[19592] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.585685][   T28] audit: type=1400 audit(281.141:4682): avc:  denied  { ioctl } for  pid=19597 comm="syz.9.8267" path="socket:[102461]" dev="sockfs" ino=102461 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  269.666017][T19608] netlink: 104 bytes leftover after parsing attributes in process `syz.1.8273'.
[  269.821690][T19647] loop1: detected capacity change from 0 to 128
[  269.843030][   T28] audit: type=1400 audit(281.409:4683): avc:  denied  { relabelto } for  pid=19646 comm="syz.1.8290" name="bus" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  269.878025][T19654] netlink: 56 bytes leftover after parsing attributes in process `syz.2.8292'.
[  269.998769][   T28] audit: type=1400 audit(281.581:4684): avc:  denied  { connect } for  pid=19674 comm="syz.2.8302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  270.064224][T19682] netlink: 56 bytes leftover after parsing attributes in process `syz.9.8305'.
[  270.124565][T19694] netlink: 'syz.0.8308': attribute type 7 has an invalid length.
[  270.137876][T19694] netlink: 'syz.0.8308': attribute type 5 has an invalid length.
[  270.151935][T19694] netlink: 17 bytes leftover after parsing attributes in process `syz.0.8308'.
[  270.273133][T19708] loop1: detected capacity change from 0 to 256
[  270.381518][T19704] loop0: detected capacity change from 0 to 40427
[  270.388773][T19704] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[  270.394335][T19719] loop9: detected capacity change from 0 to 2048
[  270.395384][T19704] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  270.407291][T19719] EXT4-fs: Ignoring removed mblk_io_submit option
[  270.416991][T19704] F2FS-fs (loop0): Found nat_bits in checkpoint
[  270.451203][T19719] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8320'.
[  270.461032][T19730] usb usb8: usbfs: process 19730 (syz.2.8322) did not claim interface 2 before use
[  270.480886][T19704] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  270.487937][T19704] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  270.556330][T14208] syz-executor: attempt to access beyond end of device
[  270.556330][T14208] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  270.731513][T19742] loop2: detected capacity change from 0 to 40427
[  270.738273][T19748] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8330'.
[  270.747493][T19742] F2FS-fs (loop2): fault_injection options not supported
[  270.765303][T19742] F2FS-fs (loop2): invalid crc value
[  270.772543][T19752] netem: change failed
[  270.772965][T19742] F2FS-fs (loop2): Found nat_bits in checkpoint
[  270.831631][ T9312] Bluetooth: hci0: command 0x1003 tx timeout
[  270.831630][T10271] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  270.846497][T19742] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  270.863718][T19762] loop0: detected capacity change from 0 to 1024
[  270.883433][T18478] syz-executor: attempt to access beyond end of device
[  270.883433][T18478] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  270.897870][T19768] loop8: detected capacity change from 0 to 256
[  271.242320][T19815] netlink: 92 bytes leftover after parsing attributes in process `syz.0.8361'.
[  271.356722][T19827] loop0: detected capacity change from 0 to 512
[  271.376555][T19827] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.8366: bg 0: block 393: padding at end of block bitmap is not set
[  271.403795][T19809] loop2: detected capacity change from 0 to 40427
[  271.418867][T19809] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[  271.425688][T19809] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  271.430286][T19827] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  271.448189][T19809] F2FS-fs (loop2): Found nat_bits in checkpoint
[  271.485297][T19827] EXT4-fs (loop0): 2 truncates cleaned up
[  271.555184][T19831] loop9: detected capacity change from 0 to 40427
[  271.565170][T19809] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  271.568630][T19831] F2FS-fs (loop9): fault_type options not supported
[  271.573048][T19809] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  271.592507][T19831] F2FS-fs (loop9): invalid crc value
[  271.608113][T19831] F2FS-fs (loop9): Found nat_bits in checkpoint
[  271.661657][T18478] syz-executor: attempt to access beyond end of device
[  271.661657][T18478] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  271.688682][T19831] F2FS-fs (loop9): Start checkpoint disabled!
[  271.700224][T19831] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  271.805389][T19831] F2FS-fs (loop9): ino:10, start:1, end:8193, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  271.959813][   T10] kworker/u4:1: attempt to access beyond end of device
[  271.959813][   T10] loop9: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  272.032202][T19880] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8388'.
[  272.255281][T19894] loop0: detected capacity change from 0 to 40427
[  272.262395][T19894] F2FS-fs (loop0): fault_type options not supported
[  272.270270][T19894] F2FS-fs (loop0): invalid crc value
[  272.276292][T19894] F2FS-fs (loop0): Found nat_bits in checkpoint
[  272.332748][T19894] F2FS-fs (loop0): Start checkpoint disabled!
[  272.339439][T19894] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  272.351273][  T548] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  272.387526][T19894] F2FS-fs (loop0): ino:10, start:1, end:8193, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  272.460418][   T10] kworker/u4:1: attempt to access beyond end of device
[  272.460418][   T10] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  272.528015][  T548] usb 3-1: Using ep0 maxpacket: 32
[  272.534137][  T548] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  272.542475][  T548] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  272.551047][  T548] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  272.560600][  T548] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  272.570253][  T548] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  272.579939][  T548] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  272.592682][  T548] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  272.601577][  T548] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.610460][  T548] usb 3-1: config 0 descriptor??
[  272.718594][T19929] syz.9.8410[19929] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  272.718671][T19929] syz.9.8410[19929] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  272.804536][  T548] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 10 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  272.820309][T19934] 9pnet: p9_errstr2errno: server reported unknown error �@
[  272.994550][  T548] usb 3-1: USB disconnect, device number 10
[  273.002874][  T548] usblp0: removed
[  273.054519][T19942] loop1: detected capacity change from 0 to 40427
[  273.061614][T19942] F2FS-fs (loop1): fault_type options not supported
[  273.069012][T19942] F2FS-fs (loop1): invalid crc value
[  273.075646][T19942] F2FS-fs (loop1): Found nat_bits in checkpoint
[  273.120825][T19942] F2FS-fs (loop1): Start checkpoint disabled!
[  273.127666][T19942] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  273.144136][T19954] device sit0 entered promiscuous mode
[  273.173251][T19942] F2FS-fs (loop1): ino:10, start:1, end:8193, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  273.231815][   T10] kworker/u4:1: attempt to access beyond end of device
[  273.231815][   T10] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  273.430226][T19972] loop0: detected capacity change from 0 to 128
[  273.512973][T19983] netlink: 'syz.1.8433': attribute type 13 has an invalid length.
[  273.521002][T17678] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  273.531094][T19983] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  273.538781][T19983] device gretap1 entered promiscuous mode
[  273.711947][T17678] usb 9-1: Using ep0 maxpacket: 16
[  273.719649][T17678] usb 9-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  273.728343][T17678] usb 9-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  273.738495][T17678] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  273.760369][T17678] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  273.770413][T17678] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.779189][T17678] usb 9-1: Product: syz
[  273.783254][T17678] usb 9-1: Manufacturer: syz
[  273.787636][T17678] usb 9-1: SerialNumber: syz
[  273.981249][T17678] usb 9-1: 0:2 : does not exist
[  273.987141][T17678] usb 9-1: USB disconnect, device number 13
[  274.166117][T20032] loop2: detected capacity change from 0 to 128
[  274.249272][T20038] loop1: detected capacity change from 0 to 2048
[  274.333838][T20043] loop9: detected capacity change from 0 to 128
[  274.340809][T20043] EXT4-fs: Ignoring removed nobh option
[  274.351087][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  274.351125][   T28] audit: type=1400 audit(286.259:4687): avc:  denied  { setattr } for  pid=20042 comm="syz.9.8460" path="/569/mnt/file1" dev="loop9" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  274.532721][T20061] loop1: detected capacity change from 0 to 256
[  274.547916][T20061] syz.1.8466: attempt to access beyond end of device
[  274.547916][T20061] loop1: rw=2049, sector=256, nr_sectors = 12 limit=256
[  274.625480][   T28] audit: type=1400 audit(286.549:4688): avc:  denied  { write } for  pid=20070 comm="syz.9.8481" name="fib_trie" dev="proc" ino=4026532732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  274.921429][   T28] audit: type=1326 audit(286.860:4689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.9.8478" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8949b8d169 code=0x0
[  275.151858][T20114] netlink: 36 bytes leftover after parsing attributes in process `syz.1.8491'.
[  275.286020][T20127] loop1: detected capacity change from 0 to 1024
[  275.354084][T20144] netlink: 'syz.2.8503': attribute type 13 has an invalid length.
[  275.364095][T20144] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  275.371676][T20144] device gretap1 entered promiscuous mode
[  276.130031][T20152] loop1: detected capacity change from 0 to 256
[  276.136693][T20152] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  276.147341][T20152] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  276.158282][T20152] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  276.178185][   T28] audit: type=1400 audit(288.212:4690): avc:  denied  { remove_name } for  pid=20151 comm="syz.1.8506" name="file0" dev="loop1" ino=1048945 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  276.208482][   T28] audit: type=1400 audit(288.244:4691): avc:  denied  { rename } for  pid=20151 comm="syz.1.8506" name="file0" dev="loop1" ino=1048945 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  276.231063][   T28] audit: type=1400 audit(288.244:4692): avc:  denied  { rmdir } for  pid=20151 comm="syz.1.8506" name="control" dev="loop1" ino=1048944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  276.241590][T20156] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  276.257711][T20157] netlink: 52 bytes leftover after parsing attributes in process `syz.1.8508'.
[  276.271044][T20156] overlayfs: missing 'lowerdir'
[  276.290889][T20159] netlink: 148 bytes leftover after parsing attributes in process `syz.1.8509'.
[  276.340125][T17675] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  276.411054][T20175] netlink: 'syz.8.8519': attribute type 4 has an invalid length.
[  276.435085][   T28] audit: type=1400 audit(288.490:4693): avc:  denied  { bind } for  pid=20182 comm="syz.8.8523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  276.471038][   T28] audit: type=1400 audit(288.523:4694): avc:  denied  { read write } for  pid=20180 comm="syz.0.8522" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  276.520535][   T28] audit: type=1400 audit(288.523:4695): avc:  denied  { open } for  pid=20180 comm="syz.0.8522" path="/dev/loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  276.545841][T17675] usb 10-1: Using ep0 maxpacket: 16
[  276.546424][   T28] audit: type=1400 audit(288.523:4696): avc:  denied  { ioctl } for  pid=20180 comm="syz.0.8522" path="/dev/loop-control" dev="devtmpfs" ino=113 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  276.552021][T17675] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.619096][T17675] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.629652][T17675] usb 10-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  276.645031][T17675] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.662053][T17675] usb 10-1: config 0 descriptor??
[  276.713577][T20201] loop8: detected capacity change from 0 to 2048
[  276.833346][T20208] loop8: detected capacity change from 0 to 1024
[  276.914124][T20218] loop8: detected capacity change from 0 to 256
[  277.044379][T17675] apple 0003:05AC:024B.0047: unknown main item tag 0x6
[  277.072238][T17675] apple 0003:05AC:024B.0047: ignoring exceeding usage max
[  277.089381][T17675] apple 0003:05AC:024B.0047: invalid report_size 18680
[  277.098118][T17675] apple 0003:05AC:024B.0047: item 0 2 1 7 parsing failed
[  277.106721][T17675] apple 0003:05AC:024B.0047: parse failed
[  277.112468][T17675] apple: probe of 0003:05AC:024B.0047 failed with error -22
[  277.145312][T20244] SELinux:  Context system_u:object_r:lib_t:s0 is not valid (left unmapped).
[  277.178280][T20248] loop1: detected capacity change from 0 to 512
[  277.185057][T20248] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  277.195678][T20248] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  277.203585][T20248] System zones: 1-12
[  277.208782][T20248] EXT4-fs (loop1): 1 truncate cleaned up
[  277.214244][T20248] EXT4-fs mount: 26 callbacks suppressed
[  277.214262][T20248] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  277.252462][T20253] loop2: detected capacity change from 0 to 256
[  277.252864][  T548] usb 10-1: USB disconnect, device number 15
[  277.259144][T20253] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  277.275302][T20253] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  277.286365][T20253] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  277.299923][T19179] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /120/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  277.322135][T19179] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  277.342188][T19179] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /120/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  277.364027][T19179] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  277.384131][T19179] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /120/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  277.406028][T19179] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  277.426018][T19179] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /120/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  277.447891][T19179] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  277.468516][T19179] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /120/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  277.495565][T19179] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  277.591907][T19179] EXT4-fs (loop1): unmounting filesystem.
[  277.609323][T20262] syz.2.8556[20262] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  277.609403][T20262] syz.2.8556[20262] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  277.685718][T20267] loop2: detected capacity change from 0 to 256
[  277.788303][T20270] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.795605][T20270] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.802935][T20270] device bridge_slave_0 entered promiscuous mode
[  277.811517][T20270] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.818515][T20270] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.826174][T20270] device bridge_slave_1 entered promiscuous mode
[  277.889622][T20276] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8564'.
[  277.901478][T20277] loop0: detected capacity change from 0 to 512
[  277.914003][T20270] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.916556][T20277] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  277.920893][T20270] bridge0: port 2(bridge_slave_1) entered forwarding state
[  277.937635][T20270] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.944421][T20270] bridge0: port 1(bridge_slave_0) entered forwarding state
[  277.962988][T20277] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  277.981155][T20277] System zones: 1-12
[  277.986918][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  278.000736][T20277] EXT4-fs (loop0): 1 truncate cleaned up
[  278.006392][T20277] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  278.015303][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.022731][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.047407][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  278.065852][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.072753][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  278.077293][T20290] binder_alloc: binder_alloc_mmap_handler: 20289 200000ffd000-200001000000 already mapped failed -16
[  278.104094][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  278.112717][T14208] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /450/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  278.125455][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.136731][T14208] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  278.141080][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  278.161300][T14208] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /450/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  278.189577][T14208] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  278.209945][T14208] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /450/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  278.210157][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  278.231903][T14208] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  278.261208][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  278.271990][T14208] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /450/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  278.294511][T14208] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  278.306637][T20270] device veth0_vlan entered promiscuous mode
[  278.320381][T14208] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /450/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  278.321562][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  278.342400][T14208] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  278.350896][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  278.377731][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  278.385549][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  278.398607][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  278.410939][T20270] device veth1_macvtap entered promiscuous mode
[  278.422593][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  278.434017][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  278.443615][    T8] device bridge_slave_1 left promiscuous mode
[  278.449703][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.457436][    T8] device bridge_slave_0 left promiscuous mode
[  278.463566][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.472036][    T8] device veth1_macvtap left promiscuous mode
[  278.477971][    T8] device veth0_vlan left promiscuous mode
[  278.700668][T14208] EXT4-fs (loop0): unmounting filesystem.
[  278.808710][T20315] loop8: detected capacity change from 0 to 1024
[  278.834729][T20315] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  278.855520][T20315] EXT4-fs error (device loop8): __ext4_remount:6598: comm syz.8.8576: Abort forced by user
[  278.875318][T20315] EXT4-fs (loop8): re-mounted. Quota mode: writeback.
[  278.901629][T10516] EXT4-fs (loop8): unmounting filesystem.
[  278.942970][T20322] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.953356][T20322] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.960970][T20322] device bridge_slave_0 entered promiscuous mode
[  278.968197][T20322] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.975272][T20322] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.990011][T20322] device bridge_slave_1 entered promiscuous mode
[  279.007119][T20343] loop8: detected capacity change from 0 to 128
[  279.023150][T20343] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  279.042329][   T28] kauditd_printk_skb: 16 callbacks suppressed
[  279.042345][   T28] audit: type=1400 audit(291.280:4713): avc:  denied  { execute } for  pid=20342 comm="syz.8.8591" name="file1" dev="loop8" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  279.056484][T20350] loop2: detected capacity change from 0 to 512
[  279.072230][   T28] audit: type=1400 audit(291.280:4714): avc:  denied  { execute_no_trans } for  pid=20342 comm="syz.8.8591" path="/887/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop8" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  279.121557][T20350] EXT4-fs (loop2): Test dummy encryption mode enabled
[  279.124399][T10516] EXT4-fs (loop8): unmounting filesystem.
[  279.129403][T20350] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  279.159536][T20350] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2186: inode #17: comm syz.2.8594: corrupted in-inode xattr
[  279.174999][T20350] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.8594: couldn't read orphan inode 17 (err -117)
[  279.186974][T20350] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  279.207375][T18478] EXT4-fs (loop2): unmounting filesystem.
[  279.263660][T20322] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.270581][T20322] bridge0: port 2(bridge_slave_1) entered forwarding state
[  279.277698][T20322] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.284558][T20322] bridge0: port 1(bridge_slave_0) entered forwarding state
[  279.331776][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  279.346525][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.354104][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.373021][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  279.382521][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.389440][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  279.409651][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  279.418766][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.425662][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  279.447300][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  279.455468][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  279.495100][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  279.508007][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  279.516477][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  279.525046][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  279.536007][   T28] audit: type=1400 audit(291.816:4715): avc:  denied  { watch watch_reads } for  pid=20386 comm="syz.2.8610" path="/204/file0" dev="tmpfs" ino=1079 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  279.537192][T20322] device veth0_vlan entered promiscuous mode
[  279.595343][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  279.613606][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  279.623180][T20322] device veth1_macvtap entered promiscuous mode
[  279.623419][T20394] loop2: detected capacity change from 0 to 4096
[  279.646097][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  279.655162][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  279.669529][T20394] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  279.677921][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  279.695043][T20394] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #15: comm syz.2.8613: corrupted inode contents
[  279.701617][   T28] audit: type=1400 audit(291.988:4716): avc:  denied  { read } for  pid=20400 comm="syz.7.8616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  279.731313][T20394] EXT4-fs error (device loop2): ext4_dirty_inode:6091: inode #15: comm syz.2.8613: mark_inode_dirty error
[  279.752103][T20394] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #15: comm syz.2.8613: corrupted inode contents
[  279.767259][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  279.776453][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  279.781601][T20409] loop7: detected capacity change from 0 to 128
[  279.785172][T20394] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #15: comm syz.2.8613: mark_inode_dirty error
[  279.803887][T20394] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #15: comm syz.2.8613: corrupted inode contents
[  279.804770][   T28] audit: type=1400 audit(292.106:4717): avc:  denied  { setattr } for  pid=20392 comm="syz.2.8613" path="/205/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  279.815964][T20394] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #15: comm syz.2.8613: mark_inode_dirty error
[  279.849915][T20394] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #15: comm syz.2.8613: corrupted inode contents
[  279.863763][T20394] EXT4-fs error (device loop2): ext4_truncate:4313: inode #15: comm syz.2.8613: mark_inode_dirty error
[  279.875380][T20394] EXT4-fs error (device loop2) in ext4_setattr:5630: Corrupt filesystem
[  279.884299][T20409] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  279.894608][T20410] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #15: comm syz.2.8613: corrupted inode contents
[  279.908297][T20409] EXT4-fs warning (device loop7): verify_group_input:151: Cannot add at group 25 (only 1 groups)
[  279.958140][T20270] EXT4-fs (loop7): unmounting filesystem.
[  279.965949][T18478] EXT4-fs (loop2): unmounting filesystem.
[  279.994459][   T28] audit: type=1400 audit(292.310:4718): avc:  denied  { connect } for  pid=20422 comm="syz.7.8624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  280.037042][   T28] audit: type=1400 audit(292.331:4719): avc:  denied  { listen } for  pid=20422 comm="syz.7.8624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  280.133158][   T28] audit: type=1400 audit(292.449:4720): avc:  denied  { map } for  pid=20453 comm="syz.8.8637" path="socket:[106757]" dev="sockfs" ino=106757 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  280.269685][T20464] loop0: detected capacity change from 0 to 2048
[  280.284270][T20464] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  280.297463][T20464] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  280.313606][T20464] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  280.326138][T20464] EXT4-fs (loop0): This should not happen!! Data will be lost
[  280.326138][T20464] 
[  280.331379][T20460] loop7: detected capacity change from 0 to 40427
[  280.335854][T20464] EXT4-fs (loop0): Total free blocks count 0
[  280.343586][T20460] F2FS-fs (loop7): fault_injection options not supported
[  280.348266][T20464] EXT4-fs (loop0): Free/Dirty block details
[  280.356053][T20460] F2FS-fs (loop7): invalid crc value
[  280.360383][T20464] EXT4-fs (loop0): free_blocks=2415919104
[  280.368209][T20460] F2FS-fs (loop7): Found nat_bits in checkpoint
[  280.371250][T20464] EXT4-fs (loop0): dirty_blocks=64
[  280.382260][  T548] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  280.389825][T20464] EXT4-fs (loop0): Block reservation details
[  280.395734][T20464] EXT4-fs (loop0): i_reserved_data_blocks=4
[  280.424388][   T43] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  280.426602][T20460] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  280.468783][T20460] syz.7.8641: attempt to access beyond end of device
[  280.468783][T20460] loop7: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  280.494498][T20270] syz-executor: attempt to access beyond end of device
[  280.494498][T20270] loop7: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  280.563970][  T548] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  280.579790][  T548] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  280.594095][  T548] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.605342][  T548] usb 3-1: config 0 descriptor??
[  280.953575][   T28] audit: type=1400 audit(293.329:4721): avc:  denied  { write } for  pid=20509 comm="syz.9.8660" path="socket:[106332]" dev="sockfs" ino=106332 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  281.000061][  T548] keytouch 0003:0926:3333.0048: fixing up Keytouch IEC report descriptor
[  281.016752][  T548] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0048/input/input52
[  281.094448][   T28] audit: type=1400 audit(293.490:4722): avc:  denied  { read write } for  pid=20322 comm="syz-executor" name="loop0" dev="devtmpfs" ino=674 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  281.118897][  T548] keytouch 0003:0926:3333.0048: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  281.436021][T20545] loop0: detected capacity change from 0 to 40427
[  281.443757][T20545] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  281.452852][T20545] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  281.465014][T20545] F2FS-fs (loop0): Found nat_bits in checkpoint
[  281.509308][   T39] usb 3-1: USB disconnect, device number 11
[  281.548670][T20545] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  281.555734][T20545] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  281.621378][  T314] kworker/u4:3: attempt to access beyond end of device
[  281.621378][  T314] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  282.025352][T20625] loop0: detected capacity change from 0 to 512
[  282.033191][T20625] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  282.054504][T20625] EXT4-fs (loop0): 1 truncate cleaned up
[  282.059988][T20625] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  282.107486][T20322] EXT4-fs (loop0): unmounting filesystem.
[  282.132642][T20637] loop2: detected capacity change from 0 to 128
[  282.438489][T20680] netlink: 104 bytes leftover after parsing attributes in process `syz.7.8735'.
[  282.619531][T20714] loop9: detected capacity change from 0 to 512
[  282.639276][T20714] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  282.675582][T20714] EXT4-fs (loop9): 1 truncate cleaned up
[  282.687347][T20714] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  282.754075][T13514] EXT4-fs (loop9): unmounting filesystem.
[  282.785018][T20721] loop9: detected capacity change from 0 to 512
[  282.818940][T20721] EXT4-fs error (device loop9): ext4_do_update_inode:5226: inode #3: comm syz.9.8753: corrupted inode contents
[  282.848756][T20721] EXT4-fs error (device loop9): ext4_dirty_inode:6091: inode #3: comm syz.9.8753: mark_inode_dirty error
[  282.860646][T20721] EXT4-fs error (device loop9): ext4_do_update_inode:5226: inode #3: comm syz.9.8753: corrupted inode contents
[  282.872514][T20721] EXT4-fs error (device loop9): __ext4_ext_dirty:202: inode #3: comm syz.9.8753: mark_inode_dirty error
[  282.884097][T20721] EXT4-fs error (device loop9): ext4_acquire_dquot:6782: comm syz.9.8753: Failed to acquire dquot type 0
[  282.896241][T20721] EXT4-fs error (device loop9): ext4_do_update_inode:5226: inode #16: comm syz.9.8753: corrupted inode contents
[  282.908812][T20721] EXT4-fs error (device loop9): ext4_dirty_inode:6091: inode #16: comm syz.9.8753: mark_inode_dirty error
[  282.920463][T20721] EXT4-fs error (device loop9): ext4_do_update_inode:5226: inode #16: comm syz.9.8753: corrupted inode contents
[  282.939391][T20721] EXT4-fs error (device loop9): __ext4_ext_dirty:202: inode #16: comm syz.9.8753: mark_inode_dirty error
[  282.955768][T20721] EXT4-fs error (device loop9): ext4_do_update_inode:5226: inode #16: comm syz.9.8753: corrupted inode contents
[  282.967980][T20721] EXT4-fs error (device loop9) in ext4_orphan_del:305: Corrupt filesystem
[  282.976613][T20721] EXT4-fs error (device loop9): ext4_do_update_inode:5226: inode #16: comm syz.9.8753: corrupted inode contents
[  282.995045][T20721] EXT4-fs error (device loop9): ext4_truncate:4313: inode #16: comm syz.9.8753: mark_inode_dirty error
[  283.008828][T20721] EXT4-fs error (device loop9) in ext4_process_orphan:347: Corrupt filesystem
[  283.023343][T20721] EXT4-fs (loop9): 1 truncate cleaned up
[  283.029155][T20721] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  283.094787][T20757] loop8: detected capacity change from 0 to 512
[  283.101345][T20757] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  283.162717][T20757] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8770'.
[  283.174123][T13514] EXT4-fs (loop9): unmounting filesystem.
[  283.304375][T20784] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  283.405290][T17678] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  283.582770][T17678] usb 3-1: Using ep0 maxpacket: 16
[  283.590353][T17678] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  283.599352][T17678] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.607320][T17678] usb 3-1: Product: syz
[  283.611276][T17678] usb 3-1: Manufacturer: syz
[  283.615706][T17678] usb 3-1: SerialNumber: syz
[  283.625604][T17678] r8152-cfgselector 3-1: config 0 descriptor??
[  283.737861][   T28] kauditd_printk_skb: 133 callbacks suppressed
[  283.737881][   T28] audit: type=1400 audit(296.323:4854): avc:  denied  { mount } for  pid=20834 comm="syz.9.8806" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  283.819858][   T28] audit: type=1400 audit(296.419:4855): avc:  denied  { create } for  pid=20842 comm="syz.8.8810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  283.843499][T17678] r8152-cfgselector 3-1: Unknown version 0x0000
[  283.847924][   T28] audit: type=1400 audit(296.419:4856): avc:  denied  { connect } for  pid=20842 comm="syz.8.8810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  283.877546][   T28] audit: type=1400 audit(296.419:4857): avc:  denied  { write } for  pid=20842 comm="syz.8.8810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  283.896618][   T28] audit: type=1400 audit(296.441:4858): avc:  denied  { name_bind } for  pid=20838 comm="syz.9.8808" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  283.922156][   T28] audit: type=1400 audit(296.473:4859): avc:  denied  { ioctl } for  pid=20846 comm="syz.9.8812" path="socket:[108732]" dev="sockfs" ino=108732 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  283.974091][T20853] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20853 comm=syz.9.8813
[  283.976260][T20855] xt_hashlimit: size too large, truncated to 1048576
[  283.986620][   T28] audit: type=1400 audit(296.580:4860): avc:  denied  { create } for  pid=20854 comm="syz.8.8815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  284.025323][   T28] audit: type=1400 audit(296.580:4861): avc:  denied  { setopt } for  pid=20854 comm="syz.8.8815" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  284.045970][   T28] audit: type=1400 audit(296.645:4862): avc:  denied  { create } for  pid=20857 comm="syz.9.8816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  284.065788][T17678] r8152-cfgselector 3-1: Unknown version 0x0000
[  284.072452][T17678] r8152-cfgselector 3-1: USB disconnect, device number 12
[  284.080585][   T28] audit: type=1400 audit(296.645:4863): avc:  denied  { write } for  pid=20857 comm="syz.9.8816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  284.131421][T20863] loop7: detected capacity change from 0 to 2048
[  284.167800][T20863] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  284.238921][T20270] EXT4-fs (loop7): unmounting filesystem.
[  284.369521][T20873] loop7: detected capacity change from 0 to 512
[  284.383977][T20873] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  284.410930][T20873] EXT4-fs error (device loop7): ext4_acquire_dquot:6782: comm syz.7.8821: Failed to acquire dquot type 0
[  284.431211][T20873] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  284.456048][T20873] EXT4-fs (loop7): 1 truncate cleaned up
[  284.461616][T20873] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  284.486625][T20270] EXT4-fs (loop7): unmounting filesystem.
[  284.572813][T20887] loop8: detected capacity change from 0 to 256
[  284.587098][T20887] FAT-fs (loop8): Directory bread(block 64) failed
[  284.593843][T20887] FAT-fs (loop8): Directory bread(block 65) failed
[  284.601028][T20891] Invalid ELF header magic: != ELF
[  284.603282][T20887] FAT-fs (loop8): Directory bread(block 66) failed
[  284.613483][T20887] FAT-fs (loop8): Directory bread(block 67) failed
[  284.620248][T20887] FAT-fs (loop8): Directory bread(block 68) failed
[  284.627656][T20887] FAT-fs (loop8): Directory bread(block 69) failed
[  284.634166][T20887] FAT-fs (loop8): Directory bread(block 70) failed
[  284.640605][T20887] FAT-fs (loop8): Directory bread(block 71) failed
[  284.647121][T20887] FAT-fs (loop8): Directory bread(block 72) failed
[  284.653548][T20887] FAT-fs (loop8): Directory bread(block 73) failed
[  284.693510][T20900] 9p: Unknown access argument ÿ: -22
[  284.718493][   T43] kworker/u4:2: attempt to access beyond end of device
[  284.718493][   T43] loop8: rw=1, sector=1224, nr_sectors = 12 limit=256
[  284.888780][T20925] netem: change failed
[  285.077381][T20949] tipc: New replicast peer: 255.255.255.255
[  285.092505][T20949] tipc: Enabled bearer <udp:syz2>, priority 10
[  285.190212][T20940] loop9: detected capacity change from 0 to 40427
[  285.206142][T20940] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  285.216466][T20940] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  285.242472][T20940] F2FS-fs (loop9): Found nat_bits in checkpoint
[  285.335532][T20940] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  285.342980][T20940] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  285.402827][   T43] kworker/u4:2: attempt to access beyond end of device
[  285.402827][   T43] loop9: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  285.576760][T20985] netlink: 24 bytes leftover after parsing attributes in process `syz.8.8871'.
[  285.617315][T20991] netlink: 32 bytes leftover after parsing attributes in process `syz.9.8874'.
[  285.756324][T21013] loop8: detected capacity change from 0 to 512
[  285.762789][T21013] ext4: Unknown parameter 'uid'
[  285.862774][T21022] input: syz0 as /devices/virtual/input/input53
[  285.964700][T21045] device bridge0 entered promiscuous mode
[  285.971096][T21043] device bridge0 left promiscuous mode
[  286.075254][T21063] loop8: detected capacity change from 0 to 256
[  286.084037][T21063] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  286.263541][T21087] loop0: detected capacity change from 0 to 128
[  286.320022][T21095] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8920'.
[  286.328936][T21095] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8920'.
[  286.864573][T21154] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8949'.
[  287.120211][T21186] loop7: detected capacity change from 0 to 128
[  287.137169][T21186] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  287.167984][T21186] fscrypt (loop7, inode 12): Unsupported encryption modes (contents 0, filenames 0)
[  287.202488][T21197] loop0: detected capacity change from 0 to 16
[  287.216903][T21197] erofs: (device loop0): mounted with root inode @ nid 36.
[  287.226089][T20270] EXT4-fs (loop7): unmounting filesystem.
[  287.374949][T21217] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8979'.
[  287.611546][T21233] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.624035][T21233] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.636953][T21233] device bridge_slave_0 entered promiscuous mode
[  287.655890][T21228] loop7: detected capacity change from 0 to 40427
[  287.657378][T21233] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.668309][T21244] input: syz1 as /devices/virtual/input/input55
[  287.669512][T21233] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.676909][T21228] F2FS-fs (loop7): invalid crc value
[  287.684507][T21233] device bridge_slave_1 entered promiscuous mode
[  287.689106][T21228] F2FS-fs (loop7): Found nat_bits in checkpoint
[  287.743412][T21228] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  287.761704][T21228] syz.7.8985: attempt to access beyond end of device
[  287.761704][T21228] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  287.782965][T20270] syz-executor: attempt to access beyond end of device
[  287.782965][T20270] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  287.881329][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  287.899636][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  287.908145][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.915031][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.923041][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  287.938959][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.945852][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.953746][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  287.964382][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  287.973588][T21258] IPv6: sit1: Disabled Multicast RS
[  287.982707][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  287.999304][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  288.011716][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  288.020043][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  288.027328][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  288.037287][T21233] device veth0_vlan entered promiscuous mode
[  288.050572][T21260] loop8: detected capacity change from 0 to 128
[  288.065858][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  288.074088][T21260] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  288.085912][T21260] EXT4-fs warning (device loop8): verify_group_input:151: Cannot add at group 1835363691 (only 1 groups)
[  288.087171][T21233] device veth1_macvtap entered promiscuous mode
[  288.116176][T10516] EXT4-fs (loop8): unmounting filesystem.
[  288.121868][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  288.131455][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  288.236788][T21291] loop2: detected capacity change from 0 to 512
[  288.243925][   T10] device bridge_slave_1 left promiscuous mode
[  288.255652][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.265264][T21294] loop8: detected capacity change from 0 to 2048
[  288.271485][T21291] EXT4-fs (loop2): Test dummy encryption mode enabled
[  288.271541][T21291] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  288.276544][T21291] EXT4-fs (loop2): 1 truncate cleaned up
[  288.293650][   T10] device bridge_slave_0 left promiscuous mode
[  288.294527][T21291] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  288.299964][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.317238][   T10] device veth1_macvtap left promiscuous mode
[  288.323184][   T10] device veth0_vlan left promiscuous mode
[  288.332240][T21291] EXT4-fs warning (device loop2): __ext4fs_dirhash:270: inode #2: comm syz.2.9009: Siphash requires key
[  288.345571][T21294] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  288.364972][T18478] EXT4-fs (loop2): unmounting filesystem.
[  288.369416][T21294] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  288.385408][T21294] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  288.405245][T21294] EXT4-fs (loop8): This should not happen!! Data will be lost
[  288.405245][T21294] 
[  288.415876][T21294] EXT4-fs (loop8): Total free blocks count 0
[  288.422207][T21305] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  288.424017][   T28] kauditd_printk_skb: 115 callbacks suppressed
[  288.424033][   T28] audit: type=1400 audit(557.414:4977): avc:  denied  { ioctl } for  pid=21293 comm="syz.8.9012" path="/975/file2/file1" dev="loop8" ino=15 ioctlcmd=0x6611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  288.434382][T21294] EXT4-fs (loop8): Free/Dirty block details
[  288.474532][T21305] EXT4-fs (loop8): This should not happen!! Data will be lost
[  288.474532][T21305] 
[  288.484262][T21305] EXT4-fs (loop8): Total free blocks count 0
[  288.487154][T21294] EXT4-fs (loop8): free_blocks=2415919104
[  288.495758][T21294] EXT4-fs (loop8): dirty_blocks=16
[  288.529924][   T28] audit: type=1400 audit(557.521:4978): avc:  denied  { execute } for  pid=21313 comm="syz.8.9017" path="/976/cpu.stat" dev="tmpfs" ino=5128 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  288.552602][T21316] overlayfs: missing 'lowerdir'
[  288.567995][   T28] audit: type=1400 audit(557.553:4979): avc:  denied  { getopt } for  pid=21313 comm="syz.8.9017" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  288.619508][T21328] loop5: detected capacity change from 0 to 512
[  288.628766][T21328] EXT4-fs error (device loop5): ext4_clear_blocks:883: inode #13: comm syz.5.9025: attempt to clear invalid blocks 1 len 1
[  288.642857][T21328] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.9025: bg 0: block 343: padding at end of block bitmap is not set
[  288.657862][T21328] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  288.671931][T21328] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.9025: invalid indirect mapped block 1819239214 (level 0)
[  288.689599][T21328] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.9025: invalid indirect mapped block 1819239214 (level 1)
[  288.706297][T21328] EXT4-fs (loop5): 1 truncate cleaned up
[  288.715029][T21328] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  288.748034][T21233] EXT4-fs (loop5): unmounting filesystem.
[  288.759197][   T28] audit: type=1400 audit(557.778:4980): avc:  denied  { getopt } for  pid=21337 comm="syz.2.9030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  288.774227][T21340] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  288.833135][T21350] loop5: detected capacity change from 0 to 128
[  288.857103][T21350] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  288.872517][   T28] audit: type=1400 audit(557.896:4981): avc:  denied  { read } for  pid=21354 comm="syz.7.9037" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  288.915107][   T28] audit: type=1400 audit(557.929:4982): avc:  denied  { open } for  pid=21354 comm="syz.7.9037" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  288.947532][T21233] EXT4-fs (loop5): unmounting filesystem.
[  289.029763][T21368] SELinux:  Context system_u:object_r:getty_exec_t:s0 is not valid (left unmapped).
[  289.041024][   T28] audit: type=1326 audit(558.079:4983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21369 comm="syz.2.9043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc522d8d169 code=0x7ffc0000
[  289.082552][   T28] audit: type=1400 audit(558.079:4984): avc:  denied  { relabelto } for  pid=21367 comm="syz.7.9042" name="file0" dev="tmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:getty_exec_t:s0"
[  289.138175][   T28] audit: type=1400 audit(558.079:4985): avc:  denied  { associate } for  pid=21367 comm="syz.7.9042" name="file0" dev="tmpfs" ino=636 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:getty_exec_t:s0"
[  289.165778][   T28] audit: type=1326 audit(558.100:4986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21369 comm="syz.2.9043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc522d8d169 code=0x7ffc0000
[  289.652472][T21439] loop9: detected capacity change from 0 to 512
[  289.659406][T21428] loop8: detected capacity change from 0 to 40427
[  289.666926][T21428] F2FS-fs (loop8): fault_injection options not supported
[  289.676488][T21428] F2FS-fs (loop8): fault_type options not supported
[  289.683614][T21428] F2FS-fs (loop8): Image doesn't support compression
[  289.698255][T21428] F2FS-fs (loop8): Image doesn't support compression
[  289.708319][T21428] F2FS-fs (loop8): invalid crc value
[  289.717047][T21443] loop9: detected capacity change from 0 to 256
[  289.724104][T21443] FAT-fs (loop9): IO charset macromani not found
[  289.731518][T21428] F2FS-fs (loop8): Found nat_bits in checkpoint
[  289.733702][   T39] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  289.783761][T21428] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  289.813927][T10516] syz-executor: attempt to access beyond end of device
[  289.813927][T10516] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  289.828046][T21440] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.834893][T21440] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.842487][T21440] device bridge_slave_0 entered promiscuous mode
[  289.851190][T21440] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.858218][T21440] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.865600][T21440] device bridge_slave_1 entered promiscuous mode
[  289.910871][   T39] usb 3-1: Using ep0 maxpacket: 32
[  289.917023][   T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.938176][   T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  289.957444][   T39] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  289.976720][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.004106][   T39] usb 3-1: config 0 descriptor??
[  290.041946][T21440] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.048832][T21440] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.056222][T21440] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.062996][T21440] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.094699][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  290.102866][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.122817][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.147829][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  290.156411][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.163377][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.173302][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  290.182533][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.189393][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.214580][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  290.227973][T21460] loop7: detected capacity change from 0 to 40427
[  290.234723][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  290.243300][T21460] F2FS-fs (loop7): fault_type options not supported
[  290.251279][T21460] F2FS-fs (loop7): invalid crc value
[  290.258601][T21460] F2FS-fs (loop7): Found nat_bits in checkpoint
[  290.267183][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  290.279705][T21440] device veth0_vlan entered promiscuous mode
[  290.286326][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  290.298795][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  290.306983][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  290.315548][T21460] F2FS-fs (loop7): Start checkpoint disabled!
[  290.318621][T21440] device veth1_macvtap entered promiscuous mode
[  290.328671][T21460] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  290.338319][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  290.358262][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  290.369521][T21477] syz.8.9091[21477] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.369643][T21477] syz.8.9091[21477] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.392510][   T39] savu 0003:1E7D:2D5A.0049: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  290.416230][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  290.424845][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  290.472267][T21481] x_tables: unsorted entry at hook 2
[  290.509625][T21485] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  290.583391][   T10] device bridge_slave_1 left promiscuous mode
[  290.589461][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.597779][   T10] device bridge_slave_0 left promiscuous mode
[  290.604208][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.612017][   T10] device veth1_macvtap left promiscuous mode
[  290.617927][   T10] device veth0_vlan left promiscuous mode
[  290.648299][T12049] usb 3-1: USB disconnect, device number 13
[  290.750123][   T39] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  290.829149][T21511] loop7: detected capacity change from 0 to 4096
[  290.838300][T21511] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  290.872643][T20270] EXT4-fs (loop7): unmounting filesystem.
[  290.880325][ T5231] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  290.905803][T21519] xt_hashlimit: size too large, truncated to 1048576
[  290.919073][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  290.930138][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  290.939792][   T39] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  290.954245][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.980522][   T39] usb 7-1: config 0 descriptor??
[  290.995998][T17678] hid-generic 0000:0000:0000.004A: unknown main item tag 0x0
[  291.009667][T17678] hid-generic 0000:0000:0000.004A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  291.057151][ T5231] usb 9-1: Using ep0 maxpacket: 32
[  291.063165][ T5231] usb 9-1: config 0 has an invalid interface number: 184 but max is 0
[  291.071230][ T5231] usb 9-1: config 0 has no interface number 0
[  291.085107][ T5231] usb 9-1: config 0 interface 184 has no altsetting 0
[  291.102532][ T5231] usb 9-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  291.120877][ T5231] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.128973][ T5231] usb 9-1: Product: syz
[  291.133141][ T5231] usb 9-1: Manufacturer: syz
[  291.137611][ T5231] usb 9-1: SerialNumber: syz
[  291.151289][ T5231] usb 9-1: config 0 descriptor??
[  291.158648][ T5231] smsc75xx v1.0.0
[  291.269067][T21531] device pim6reg1 entered promiscuous mode
[  291.274843][T17678] usb 10-1: new full-speed USB device number 16 using dummy_hcd
[  291.315149][T21533] device ip6tnl1 entered promiscuous mode
[  291.341442][T21535] netlink: 'syz.2.9116': attribute type 7 has an invalid length.
[  291.349038][T21535] netlink: 'syz.2.9116': attribute type 8 has an invalid length.
[  291.356680][T21535] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9116'.
[  291.450543][T17678] usb 10-1: config 0 has no interfaces?
[  291.458020][T17678] usb 10-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=87.c0
[  291.467158][T17678] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.475201][T17678] usb 10-1: Product: syz
[  291.479423][T17678] usb 10-1: Manufacturer: syz
[  291.484172][T17678] usb 10-1: SerialNumber: syz
[  291.489735][T17678] usb 10-1: config 0 descriptor??
[  291.511597][T21549] SELinux: failed to load policy
[  291.531966][T21551] loop2: detected capacity change from 0 to 512
[  291.538432][T21551] EXT4-fs: Ignoring removed orlov option
[  291.546356][T21551] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.9123: casefold flag without casefold feature
[  291.559095][   T39] usb 7-1: string descriptor 0 read error: -22
[  291.559105][T21551] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.9123: couldn't read orphan inode 15 (err -117)
[  291.577883][T21551] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  291.599730][T18478] EXT4-fs (loop2): unmounting filesystem.
[  291.685872][T12049] usb 10-1: USB disconnect, device number 16
[  291.827520][T21563] loop2: detected capacity change from 0 to 40427
[  291.835501][T21563] F2FS-fs (loop2): invalid crc value
[  291.842203][T21563] F2FS-fs (loop2): Found nat_bits in checkpoint
[  291.884673][T21563] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  291.910404][T21563] syz.2.9128: attempt to access beyond end of device
[  291.910404][T21563] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  291.931338][T18478] syz-executor: attempt to access beyond end of device
[  291.931338][T18478] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  291.945364][   T39] uclogic 0003:256C:006D.004B: failed retrieving string descriptor #100: -71
[  291.954284][   T39] uclogic 0003:256C:006D.004B: failed retrieving pen parameters: -71
[  291.962264][   T39] uclogic 0003:256C:006D.004B: failed probing pen v1 parameters: -71
[  291.970130][   T39] uclogic 0003:256C:006D.004B: failed probing parameters: -71
[  291.977645][   T39] uclogic: probe of 0003:256C:006D.004B failed with error -71
[  291.985901][   T39] usb 7-1: USB disconnect, device number 13
[  292.094564][ T5231] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  292.105314][ T5231] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  292.114573][ T5231] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  292.125376][ T5231] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  292.134944][ T5231] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  292.145119][ T5231] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  292.154470][ T5231] smsc75xx: probe of 9-1:0.184 failed with error -71
[  292.161521][ T5231] usb 9-1: USB disconnect, device number 14
[  292.193081][T21577] loop9: detected capacity change from 0 to 256
[  292.210494][T21577] FAT-fs (loop9): Directory bread(block 64) failed
[  292.217221][T21577] FAT-fs (loop9): Directory bread(block 65) failed
[  292.223728][T21577] FAT-fs (loop9): Directory bread(block 66) failed
[  292.230215][T21577] FAT-fs (loop9): Directory bread(block 67) failed
[  292.237580][T21577] FAT-fs (loop9): Directory bread(block 68) failed
[  292.244033][T21577] FAT-fs (loop9): Directory bread(block 69) failed
[  292.250673][T21577] FAT-fs (loop9): Directory bread(block 70) failed
[  292.257195][T21577] FAT-fs (loop9): Directory bread(block 71) failed
[  292.264128][T21577] FAT-fs (loop9): Directory bread(block 72) failed
[  292.270645][T21577] FAT-fs (loop9): Directory bread(block 73) failed
[  292.302867][   T10] kworker/u4:1: attempt to access beyond end of device
[  292.302867][   T10] loop9: rw=1, sector=1224, nr_sectors = 12 limit=256
[  292.343656][T17678] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  292.400955][T21594] netem: change failed
[  292.429062][T21600] device ip6tnl1 entered promiscuous mode
[  292.436564][T21602] netlink: 'syz.7.9142': attribute type 7 has an invalid length.
[  292.444322][T21602] netlink: 'syz.7.9142': attribute type 8 has an invalid length.
[  292.451937][T21602] netlink: 16 bytes leftover after parsing attributes in process `syz.7.9142'.
[  292.477993][T21606] loop7: detected capacity change from 0 to 512
[  292.484756][T21606] EXT4-fs: old and new quota format mixing
[  292.517213][T17678] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.532381][T21608] ==================================================================
[  292.540420][T21608] BUG: KASAN: use-after-free in dev_map_enqueue+0x40/0x340
[  292.547441][T21608] Read of size 8 at addr ffff888115683700 by task syz.7.9147/21608
[  292.555280][T21608] 
[  292.557465][T21608] CPU: 0 PID: 21608 Comm: syz.7.9147 Not tainted 6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  292.567311][T21608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  292.577209][T21608] Call Trace:
[  292.580328][T21608]  <TASK>
[  292.583118][T21608]  dump_stack_lvl+0x151/0x1b7
[  292.587625][T21608]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  292.592914][T21608]  ? _printk+0xd1/0x111
[  292.596905][T21608]  ? __virt_addr_valid+0x242/0x2f0
[  292.601856][T21608]  print_report+0x158/0x4e0
[  292.606196][T21608]  ? __virt_addr_valid+0x242/0x2f0
[  292.611145][T21608]  ? kasan_complete_mode_report_info+0x90/0x1b0
[  292.617330][T21608]  ? dev_map_enqueue+0x40/0x340
[  292.622109][T21608]  kasan_report+0x13c/0x170
[  292.626447][T21608]  ? dev_map_enqueue+0x40/0x340
[  292.629709][T21613] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  292.631211][T21608]  __asan_report_load8_noabort+0x14/0x20
[  292.644146][T21608]  dev_map_enqueue+0x40/0x340
[  292.648663][T21608]  xdp_do_redirect+0x5ed/0xc60
[  292.653262][T21608]  tun_xdp_act+0xdb/0xc00
[  292.657425][T21608]  ? avc_denied+0x1b0/0x1b0
[  292.661765][T21608]  ? tun_flow_update+0x560/0x560
[  292.666541][T21608]  tun_get_user+0xb35/0x3a90
[  292.670966][T21608]  ? tun_get_user+0x7e6/0x3a90
[  292.675570][T21608]  ? tun_do_read+0x2000/0x2000
[  292.680160][T21608]  ? ref_tracker_alloc+0x31d/0x450
[  292.685110][T21608]  ? file_has_perm+0x508/0x6c0
[  292.689724][T21608]  ? tun_get+0xe9/0x120
[  292.693702][T21608]  tun_chr_write_iter+0x129/0x210
[  292.698565][T21608]  vfs_write+0xaf6/0xed0
[  292.702653][T21608]  ? file_end_write+0x1c0/0x1c0
[  292.707327][T21608]  ? do_futex+0x501/0x9a0
[  292.711493][T21608]  ? __fget_files+0x2cb/0x330
[  292.716010][T21608]  ? __fdget_pos+0x204/0x390
[  292.720431][T21608]  ? ksys_write+0x77/0x2c0
[  292.724685][T21608]  ksys_write+0x199/0x2c0
[  292.728850][T21608]  ? __this_cpu_preempt_check+0x13/0x20
[  292.734765][T21608]  ? xfd_validate_state+0x6f/0x170
[  292.739704][T21608]  ? __ia32_sys_read+0x90/0x90
[  292.744307][T21608]  ? fpregs_restore_userregs+0x130/0x290
[  292.749772][T21608]  __x64_sys_write+0x7b/0x90
[  292.754200][T21608]  x64_sys_call+0x2f/0x9a0
[  292.758453][T21608]  do_syscall_64+0x3b/0xb0
[  292.762705][T21608]  ? clear_bhb_loop+0x55/0xb0
[  292.767219][T21608]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  292.772946][T21608] RIP: 0033:0x7f72e998bc1f
[  292.777198][T21608] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  292.796644][T21608] RSP: 002b:00007f72ea7f0000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  292.804890][T21608] RAX: ffffffffffffffda RBX: 00007f72e9ba5fa0 RCX: 00007f72e998bc1f
[  292.812696][T21608] RDX: 000000000000006a RSI: 0000200000000180 RDI: 00000000000000c8
[  292.820508][T21608] RBP: 00007f72e9a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  292.828316][T21608] R10: 000000000000006a R11: 0000000000000293 R12: 0000000000000000
[  292.836130][T21608] R13: 0000000000000000 R14: 00007f72e9ba5fa0 R15: 00007fffa1ef77c8
[  292.843947][T21608]  </TASK>
[  292.846812][T21608] 
[  292.848978][T21608] Allocated by task 21557:
[  292.853235][T21608]  kasan_set_track+0x4b/0x70
[  292.857652][T21608]  kasan_save_alloc_info+0x1f/0x30
[  292.862600][T21608]  __kasan_kmalloc+0x9c/0xb0
[  292.867028][T21608]  __kmalloc_node+0xb4/0x1e0
[  292.871454][T21608]  kvmalloc_node+0x221/0x640
[  292.875879][T21608]  bpf_check+0xd90/0x17ed0
[  292.880130][T21608]  bpf_prog_load+0x1304/0x1bf0
[  292.884733][T21608]  __sys_bpf+0x52c/0x7f0
[  292.888812][T21608]  __x64_sys_bpf+0x7c/0x90
[  292.893073][T21608]  x64_sys_call+0x87f/0x9a0
[  292.897407][T21608]  do_syscall_64+0x3b/0xb0
[  292.901656][T21608]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  292.907388][T21608] 
[  292.909555][T21608] Freed by task 21557:
[  292.913460][T21608]  kasan_set_track+0x4b/0x70
[  292.917886][T21608]  kasan_save_free_info+0x2b/0x40
[  292.922758][T21608]  ____kasan_slab_free+0x131/0x180
[  292.927693][T21608]  __kasan_slab_free+0x11/0x20
[  292.932294][T21608]  __kmem_cache_free+0x21d/0x410
[  292.937070][T21608]  kfree+0x7a/0xf0
[  292.940631][T21608]  kvfree+0x35/0x40
[  292.944273][T21608]  bpf_check+0x14933/0x17ed0
[  292.948699][T21608]  bpf_prog_load+0x1304/0x1bf0
[  292.953300][T21608]  __sys_bpf+0x52c/0x7f0
[  292.957381][T21608]  __x64_sys_bpf+0x7c/0x90
[  292.961633][T21608]  x64_sys_call+0x87f/0x9a0
[  292.965970][T21608]  do_syscall_64+0x3b/0xb0
[  292.970223][T21608]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  292.975951][T21608] 
[  292.978124][T21608] Last potentially related work creation:
[  292.983675][T21608]  kasan_save_stack+0x3b/0x60
[  292.988191][T21608]  __kasan_record_aux_stack+0xb4/0xc0
[  292.993396][T21608]  kasan_record_aux_stack_noalloc+0xb/0x10
[  292.999041][T21608]  kvfree_call_rcu+0x9f/0x800
[  293.003553][T21608]  kernfs_unlink_open_file+0x327/0x3d0
[  293.008850][T21608]  kernfs_fop_release+0x253/0x310
[  293.013710][T21608]  __fput+0x1e5/0x870
[  293.017529][T21608]  ____fput+0x15/0x20
[  293.021347][T21608]  task_work_run+0x24d/0x2e0
[  293.025775][T21608]  exit_to_user_mode_loop+0x94/0xa0
[  293.030806][T21608]  exit_to_user_mode_prepare+0x5a/0xa0
[  293.036103][T21608]  syscall_exit_to_user_mode+0x26/0x130
[  293.041480][T21608]  do_syscall_64+0x47/0xb0
[  293.045741][T21608]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  293.051498][T21608] 
[  293.053632][T21608] Second to last potentially related work creation:
[  293.060054][T21608]  kasan_save_stack+0x3b/0x60
[  293.064567][T21608]  __kasan_record_aux_stack+0xb4/0xc0
[  293.069774][T21608]  kasan_record_aux_stack_noalloc+0xb/0x10
[  293.075418][T21608]  call_rcu+0xdc/0x10f0
[  293.079412][T21608]  replace+0x19b/0x4b0
[  293.083355][T21608]  resize+0xbaf/0x1d60
[  293.087222][T21608]  replace+0x352/0x4b0
[  293.091125][T21608]  resize+0xbaf/0x1d60
[  293.095031][T21608]  fib_insert_alias+0xb20/0x1060
[  293.099807][T21608]  fib_table_insert+0xa01/0x20a0
[  293.104591][T21608]  fib_add_ifaddr+0x43f/0x15e0
[  293.109179][T21608]  fib_inetaddr_event+0x159/0x310
[  293.114040][T21608]  blocking_notifier_call_chain+0xbb/0x140
[  293.119684][T21608]  __inet_insert_ifa+0x8fb/0xb10
[  293.124562][T21608]  inet_rtm_newaddr+0x8f7/0x1780
[  293.129338][T21608]  rtnetlink_rcv_msg+0x9a5/0xca0
[  293.134281][T21608]  netlink_rcv_skb+0x1cd/0x410
[  293.139002][T21608]  rtnetlink_rcv+0x1c/0x20
[  293.143249][T21608]  netlink_unicast+0x906/0xab0
[  293.147852][T21608]  netlink_sendmsg+0xa15/0xd30
[  293.152449][T21608]  __sys_sendto+0x480/0x600
[  293.156790][T21608]  __x64_sys_sendto+0xe5/0x100
[  293.161390][T21608]  x64_sys_call+0x15c/0x9a0
[  293.165734][T21608]  do_syscall_64+0x3b/0xb0
[  293.169979][T21608]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  293.175709][T21608] 
[  293.177879][T21608] The buggy address belongs to the object at ffff888115683700
[  293.177879][T21608]  which belongs to the cache kmalloc-96 of size 96
[  293.191592][T21608] The buggy address is located 0 bytes inside of
[  293.191592][T21608]  96-byte region [ffff888115683700, ffff888115683760)
[  293.204532][T21608] 
[  293.206694][T21608] The buggy address belongs to the physical page:
[  293.212949][T21608] page:ffffea000455a0c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x115683
[  293.223013][T21608] flags: 0x4000000000000200(slab|zone=1)
[  293.228580][T21608] raw: 4000000000000200 ffffea0004a1c280 dead000000000002 ffff888100042900
[  293.237024][T21608] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000
[  293.245410][T21608] page dumped because: kasan: bad access detected
[  293.251672][T21608] page_owner tracks the page as allocated
[  293.257212][T21608] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 111, tgid 111 (udevadm), ts 5525361964, free_ts 0
[  293.273788][T21608]  post_alloc_hook+0x213/0x220
[  293.278385][T21608]  prep_new_page+0x1b/0x110
[  293.282735][T21608]  get_page_from_freelist+0x3a98/0x3b10
[  293.288122][T21608]  __alloc_pages+0x234/0x610
[  293.292542][T21608]  alloc_slab_page+0x6c/0xf0
[  293.296966][T21608]  new_slab+0x90/0x3e0
[  293.300877][T21608]  ___slab_alloc+0x6f9/0xb80
[  293.305331][T21608]  __slab_alloc+0x5d/0xa0
[  293.309461][T21608]  __kmem_cache_alloc_node+0x207/0x2a0
[  293.314755][T21608]  kmalloc_trace+0x2a/0xa0
[  293.319137][T21608]  kernfs_fop_open+0x70e/0xb10
[  293.323730][T21608]  do_dentry_open+0x891/0x1250
[  293.328346][T21608]  vfs_open+0x73/0x80
[  293.332147][T21608]  path_openat+0x2532/0x2d60
[  293.336575][T21608]  do_filp_open+0x230/0x480
[  293.340913][T21608]  do_sys_openat2+0x151/0x870
[  293.345430][T21608] page_owner free stack trace missing
[  293.350725][T21608] 
[  293.352888][T21608] Memory state around the buggy address:
[  293.358364][T21608]  ffff888115683600: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  293.366260][T21608]  ffff888115683680: 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc
[  293.374161][T21608] >ffff888115683700: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  293.382055][T21608]                    ^
[  293.385963][T21608]  ffff888115683780: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  293.393863][T21608]  ffff888115683800: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  293.401753][T21608] ==================================================================
[  293.409708][T21608] Disabling lock debugging due to kernel taint
[  293.415737][T21608] general protection fault, probably for non-canonical address 0xe0e87c29c00004a1: 0000 [#1] PREEMPT SMP KASAN
[  293.427329][T21608] KASAN: maybe wild-memory-access in range [0x0744014e00002508-0x0744014e0000250f]
[  293.436448][T21608] CPU: 0 PID: 21608 Comm: syz.7.9147 Tainted: G    B              6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  293.447641][T21608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  293.457535][T21608] RIP: 0010:dev_map_enqueue+0x91/0x340
[  293.462831][T21608] Code: d0 00 00 00 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5f a0 25 00 bb 20 02 00 00 49 03 5d 00 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 40 a0 25 00 48 83 3b 00 0f 84 eb
[  293.482270][T21608] RSP: 0018:ffffc90000dd77a0 EFLAGS: 00010202
[  293.488168][T21608] RAX: 00e88029c00004a1 RBX: 0744014e0000250a RCX: ffffffff8197a441
[  293.495984][T21608] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff888133130318
[  293.503792][T21608] RBP: ffffc90000dd77e0 R08: ffffffff8144b443 R09: fffffbfff0f6e8fd
[  293.511605][T21608] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  293.519504][T21608] R13: ffff888133130318 R14: ffff888133130248 R15: ffff888115438000
[  293.527339][T21608] FS:  00007f72ea7f06c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  293.536081][T21608] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  293.542502][T21608] CR2: 000000110c275fdc CR3: 000000011fb15000 CR4: 00000000003506b0
[  293.550317][T21608] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  293.558126][T21608] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  293.565961][T21608] Call Trace:
[  293.569059][T21608]  <TASK>
[  293.571843][T21608]  ? __die_body+0x62/0xb0
[  293.576003][T21608]  ? die_addr+0x9f/0xd0
[  293.579994][T21608]  ? exc_general_protection+0x317/0x4c0
[  293.585383][T21608]  ? asm_exc_general_protection+0x27/0x30
[  293.591019][T21608]  ? add_taint+0x93/0xe0
[  293.595097][T21608]  ? dev_map_enqueue+0x81/0x340
[  293.599894][T21608]  ? dev_map_enqueue+0x91/0x340
[  293.604585][T21608]  xdp_do_redirect+0x5ed/0xc60
[  293.609184][T21608]  tun_xdp_act+0xdb/0xc00
[  293.613347][T21608]  ? avc_denied+0x1b0/0x1b0
[  293.617777][T21608]  ? tun_flow_update+0x560/0x560
[  293.622649][T21608]  tun_get_user+0xb35/0x3a90
[  293.627064][T21608]  ? tun_get_user+0x7e6/0x3a90
[  293.631666][T21608]  ? tun_do_read+0x2000/0x2000
[  293.636260][T21608]  ? ref_tracker_alloc+0x31d/0x450
[  293.641209][T21608]  ? file_has_perm+0x508/0x6c0
[  293.645821][T21608]  ? tun_get+0xe9/0x120
[  293.649815][T21608]  tun_chr_write_iter+0x129/0x210
[  293.654763][T21608]  vfs_write+0xaf6/0xed0
[  293.658842][T21608]  ? file_end_write+0x1c0/0x1c0
[  293.663528][T21608]  ? do_futex+0x501/0x9a0
[  293.667697][T21608]  ? __fget_files+0x2cb/0x330
[  293.672207][T21608]  ? __fdget_pos+0x204/0x390
[  293.676646][T21608]  ? ksys_write+0x77/0x2c0
[  293.680886][T21608]  ksys_write+0x199/0x2c0
[  293.685051][T21608]  ? __this_cpu_preempt_check+0x13/0x20
[  293.690432][T21608]  ? xfd_validate_state+0x6f/0x170
[  293.695395][T21608]  ? __ia32_sys_read+0x90/0x90
[  293.700000][T21608]  ? fpregs_restore_userregs+0x130/0x290
[  293.705539][T21608]  __x64_sys_write+0x7b/0x90
[  293.709965][T21608]  x64_sys_call+0x2f/0x9a0
[  293.714302][T21608]  do_syscall_64+0x3b/0xb0
[  293.718559][T21608]  ? clear_bhb_loop+0x55/0xb0
[  293.723065][T21608]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  293.728890][T21608] RIP: 0033:0x7f72e998bc1f
[  293.733144][T21608] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  293.752605][T21608] RSP: 002b:00007f72ea7f0000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  293.760960][T21608] RAX: ffffffffffffffda RBX: 00007f72e9ba5fa0 RCX: 00007f72e998bc1f
[  293.768766][T21608] RDX: 000000000000006a RSI: 0000200000000180 RDI: 00000000000000c8
[  293.776575][T21608] RBP: 00007f72e9a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  293.784383][T21608] R10: 000000000000006a R11: 0000000000000293 R12: 0000000000000000
[  293.792197][T21608] R13: 0000000000000000 R14: 00007f72e9ba5fa0 R15: 00007fffa1ef77c8
[  293.800020][T21608]  </TASK>
[  293.802869][T21608] Modules linked in:
[  293.806640][T21608] ---[ end trace 0000000000000000 ]---
[  293.811905][T21608] RIP: 0010:dev_map_enqueue+0x91/0x340
[  293.817217][T21608] Code: d0 00 00 00 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5f a0 25 00 bb 20 02 00 00 49 03 5d 00 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 40 a0 25 00 48 83 3b 00 0f 84 eb
[  293.836668][T21608] RSP: 0018:ffffc90000dd77a0 EFLAGS: 00010202
[  293.842548][T21608] RAX: 00e88029c00004a1 RBX: 0744014e0000250a RCX: ffffffff8197a441
[  293.850455][T21608] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff888133130318
[  293.858271][T21608] RBP: ffffc90000dd77e0 R08: ffffffff8144b443 R09: fffffbfff0f6e8fd
[  293.866159][T21608] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  293.873971][T21608] R13: ffff888133130318 R14: ffff888133130248 R15: ffff888115438000
[  293.881782][T21608] FS:  00007f72ea7f06c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  293.890535][T21608] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  293.896973][T21608] CR2: 000000110c275fdc CR3: 000000011fb15000 CR4: 00000000003506b0
[  293.904794][T21608] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  293.912601][T21608] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  293.920410][T21608] Kernel panic - not syncing: Fatal exception in interrupt
[  293.927735][T21608] Kernel Offset: disabled
[  293.931874][T21608] Rebooting in 86400 seconds..