last executing test programs:

19.336004382s ago: executing program 2 (id=50):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x397)
lsetxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f0000000540)={{}, {}, [], {0x4, 0x2}}, 0x24, 0x3)
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
unlinkat(r0, &(0x7f0000000280)='./file0\x00', 0x200)

19.313806003s ago: executing program 2 (id=51):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x40, 0x0)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

19.00497295s ago: executing program 2 (id=52):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000580)={0x9, 0x4, 0x1})

18.906574075s ago: executing program 2 (id=55):
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa18812, &(0x7f00000003c0)=ANY=[@ANYBLOB='dmask=00000000000000000002621,utf8,umask=00000000000000000200000,namecase=1,discard,errors=remount-ro,umask=00000000000000000200004,umask=00000000000000000003377,namecase=1,utf8,iocharset=iso8859-4,iocharset=cp874,dmask=01777777777777777777770,errors=remount-ro,uid=', @ANYRESHEX=0x0, @ANYBLOB="6a06164611dfd71ddbc3fca168c6bdc20ccdde4d70eefd6cf6127a7043ee33b2a3aec7a0b48358e6be1b2050574020784e9a1f5fed703b50d12e203e456f3b401c22c8d277af8cb7514da4716a4aa885b3b59e6a5417b1f534d5a9c13675de904e76cbecc2eeeb57328e0124cb1fffc635cea91ef6ba961330d7890aa176ceca2f7646dd25ff9027d378c2c790c90c9f139aadbec9", @ANYRESDEC=0x0, @ANYRESHEX, @ANYRESOCT, @ANYRES8=0x0, @ANYRESDEC=0x0, @ANYBLOB="49440fb4005cba20653d2326292c265c2c00e79feca4a2e1053fdd2c84e7a89aa4ee02cbb47695d7ade8fd4362d0e37fbbb365b529e3d4cfa7ec78bc709784cc24ff7cfd3accb1a53fcd27bcb1794fcc15fc6eeae6dd85887fec609d9df9eb63c1eb27e9a7e7c87e551a878ce3db471a5a29b9509986d21054cc6d2e9be1e16b9e2e6e9df5b4b95e1b"], 0x21, 0x1502, &(0x7f0000002180)="$eJzs3AvYTdX2MPAx5pyLl6Sd5D7HHIsdLyZJkkuSXJIkOZLklpAkSZJU7rckJCH3JPeQ3EJyv99yT5IkSRKSWzK/R6fz6ZzO/+uc/7//4/nOO37Ps553jr32mGvMPd7nXWvt99n72/YDK9etUqE2M8P/CP71RxcASAGAPgBwDQBEAFAiS4ksl/Zn0Njlf3YQ8ed6YMqVrkBcSdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlm2ZmvNa2dLuJu//p2Vy/v8PcqjIqC/XFbm+w7+RIv1P26T/aZv0P22T/qdt0v+0Tfqftkn/0zbpvxBp2X//vWP538F/wnalf/+EEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQqQNZ8NlBgD+Nr7SdQkhhBBCCCGEEOLPE9Jf6QqEEEIIIYQQQgjxvw9BgQYDEaSD9JACGSAjXAWZ4GrIDNdAAq6FLHAdZIXrIRtkhxyQE3JBbsgDFggcMMSQF/JBEm6A/FAAUqEgFILC4KEIFIUboRjcBMXhZigBt0BJuBVKQWkoA2XhNigHt0N5uAMqwJ1QESpBZagCd0FVuBuqwT1QHe6FGnAf1IT7oRb8BWrDA1AHHoS68BDUg4ehPjSAhtAIGv+38l+AF+El6ASdoQt0hW7QHXpAT+gFvaEPvAx9IeXX12YADITXYBC8DoPhDRgCQ2EYvAnDYQSMhFEwGsbAWHgLxsHbMB7egQkwESbBZJgCU2EavAvTYQbMhPdgFrwPs2EOzIV5MB8+gAWwEBbBh7AYPoIlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi3wMWyFbbAddsBO2AW74RPYA5/CXvgM9sHn/2b+mX/I74CAgAoVGjSYDtNhCqZgRsyImTATZsbMmMAEZsEsmBWzYjbMViAH5sBcmAvzYB4kJGRkzIt5MYlJzI/5MRVTsRAWQo8ei2JRLIY3YXEsjiWwBJbEklgKS2NpLItlsRyWw/JYHitgBayIFbEyVsa78C68G6thNayO1bEG1sCaWBMP5a6FtbE21sE6WBfrYj2sh/WxPjbEhtgYG2MTbIJNsSk2x+bYAltgS2yJrbAVtsbW2AbbYFtsi+2wHbbH9tgBn8fn8QV8AV/Cl7AzVlRdsRt2wx7YA3thb+yNL2NffAVfwVexPw7Agfgavoav42A8jUNwKA7DYVhOjcCROApZjcGxOBbH4Tgcj+NxAk7EiTgZp+BUnIbTcDrOwBn4Hs7C9/F9nINzcB7Ox/m4ABfiIlyEi/EMLsGluAyX4wpciStwNa7B1bgO1+M63IgbcTNuxo/xY9yG23AH7sBdaADwE/wUP8X+uA/34X7cjwfwAB7Eg3gID+FhPIxH8AgexaN4DI/hcTyBJ/EEnsJTeBrP4Fk8i+fxPF7AZ3N9XWdXwbX9QV1ilFHpVDqVolJURpVRZVKZVGaVWSVUQmVRWVRWlVVlU9lUDpVD5VK5VB51TpEixSpWeVVelVRJlV/lV6kqVRVShZRXXhVVRVUxVUwVV8VVCXWLKqluVaVUadXMl1VlVTnV3JdXd6gKqoKqqCqpyqqKqqKqqqqqmqqmqqvqqoaqoWqq+1Ut1RV74QPqUmfqqgFYTw3E+qqBaqgaqdfxEdVEDcamqplqrh5TQ3EItlRNfCv1pGqtRmIb9bQahc+odmoMtlfPqQ7qedVRvaBeVE19J9VZTcCuqpuajD1UT9VL9VbTsZK61LHK6lXVXw1QA9Vrah6+rgarN9QQNVQNU2+q4WqEGqlGqdFqjBqr3lLj1NtqvHpHTVAT1SQ1WU1RU9U09a6armaomeo9NUu9r2arOWqumqfmqw/UArVQLVIfqsXqI7VELVXL1HK1Qq1Uq9RqtUatVevUerVBbVSb1Ga1RX2stqptarvaoXaqXWq3+kTtUZ+qveoztU99rvarL9QB9aU6qL5Sh9TX6rD6Rh1R36qj6jt1TH2vjqsT6qT6QZ1SP6rT6ow6q86p8+ondUH9rC6qoECjVlproyOdTqfXKTqDzqiv0pn01TqzvkYn9LU6i75OZ9XX62w6u86hc+pcOrfOo60m7TTrWOfV+XRS36Dz6wI6VRfUhXRh7XURXVTfqIvpm3RxfbMuoW/RJfWtupQurcvosvo2XU7frsvrO3QFfaeuqCvpyrqKvktX1XfravoeXV3fq2vo+3RNfb+upf+ia+sHdB39oK6rH9L19MO6vm6gG+pGurF+RDfRj+qmuplurh/TLfTjuqV+QrfST+rW+indRj+t2+pndDv9rG6vn9Md9PO6o/5ZX9RBd9KddRfdVXfT3XUP3VP30r11H/2y7qtf0f30q7q/HqAH6tf0IP26Hqzf0EP0UD1Mv6mH6xF6pB6lR+sxeqx+S4/Tb+vx+h09QU/Uk/RkPUVP1b1+nWnmv5D/9j/J7/fL0TfrLfpjvVVv09v1Dr1T79K79W69R+/Re/VevU/v0/v1fn1AH9AH9UF9SB/Sh/VhfUQf0Uf1UX1MH9PH9Ql9Tv+gT+kf9Wl9Rp/R5/R5fV5f+PU1AINGGW2MiUw6k96kmAwmo7nKZDJXm8zmGpMw15os5jqT1VxvspnsJofJaXKZ3CaPsYaMM2xik9fkM0lzA/560jSFTGHjTRFT1Nz47+Sb/KaASTUF/y7/j+prbBqbJqaJaWqamuamuWlhWpiWpuVNl+pobVqbNqaNaWvamnamnWlv2psOpoPpaDqaF82LppPpZLqYLqab6W56mJ6ml+lt+piXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxAwzw8xwM9yMNCPNaDPajDVjzTgzzow3480EM8FMMpPMFDPFTDPTzHQz3cw0M80sM8vMNrPNXDPXzDfzzQKzwCwyi8xis9gsMUvNUrPcLDcrzUqz2qw2a81as96sNxvNRrMk/RazxWw1W812s93sNDvNbrPb7DF7zF6z1+wz+8x+s98cMAfMQXPQHDKHzGFz2BwxR8xRc9QcM8fMcXPcnDQnzSlzypw2p81Zc9acN+fNBXPBXDQXL132RSpSkYlMlC5KF6VEKVHGKGOUKcoUZY4yR4koEWWJskRZo+ujbFH2KEeUM8oV5Y7yRDaiyEUcxVHeKF+UjG6I8kcFotSoYFQoKhz5qEhUNLoxKhbdFBWPbo5KRLdEJaNbo1JR6ahMVDa6LSoX3R6Vj+6IKkR3RhWjSlHlqEp0V1Q1ujuqFt0TVY/ujWpE90U1o/ujWtFfotrRA1Gd6MGobvRQVC96OKofNYgaRo2ixn/q/CGczv6o72Q72y62q+1mu9setqftZXvbPvZl29e+YvvZV21/O8AOtK/ZQfZ1O9i+YYfYoXaYfdMOtyPsSDvKjrZj7Fj7lh1n37bj7Tt2gp1oJ9nJdoqdaqfZd+10O8POtO/ZWfZ9O9vOsXPtPDvffmAX2IV2kf3QLrYf2SV2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9st9mO71W6z2+0Ou9PusrvtJ3aP/dTutZ/ZffZzu99+YQ/YL+1B+5U9ZL+2h+039oj91h6139lj9nt73J6wJ+0P9pT90Z62Z+xZe86etz/ZC/Zne9GGSxf3l07vZMhQOkpHKZRCGSkjZaJMlJkyU4ISlIWyUFbKStkoG+WgHJSLclEeykOXMDHlpbyUpCTlp/yUSqlUiAqRJ09FqSgVo2JUnIpTCSpBJakklaJSVIbK0G10G91Ot9MddAfdSXdSJapEVagKVaWqVI2qUXWqTjWoBtWkmlSLalFtqk11qA7VpbpUj+pRfapPDakhNabG1ISaUFNqSs2pObWgFtSSWlIrakWtqTW1oTbUltpSO2pH7ak9daAO1JE60ov0InWiTtSFulA36kY9qAf1ol7Uh/pQX+pL/agf9af+NJAG0iAaRINpMA2hoTSM3qThNIJG0igaTWNoLI2lcTSOxtN4mkATaBJNoik0habRNJpO02kmzaRZNItm02yaS3NpPs2nBbSAFtEiWkyLaQktoWW0jFbQClpFq2gNraF1tI420AbaRJtoC22hrbSVttN22kk7aTftpj20h/bSXtpH+2g/7acDdIAO0kE6RIfoMB2mI3SEjtJROkbH6Dgdp5N0kk7RKTpNp+ksnaXz9BNdoJ/pIgVKcRlcRneVy+SudpndNe4f4xwup8vlcrs8zrpsLvvfxeScS3UFXSFX2HlXxBV1N7rUS7dUv4lLudKujCvrbnPl3O2u/O/iqu5uV83d46q7e10Vd9ffxTXcfa6me8jVcg+72q6Bq+MaubruIVfPPezquwauoWvkWrjHXUv3hGvlnnSt3VO/ixe4hW6NW+vWufVuj/vUnXXn3BH3rTvvfnKdXGfXx73s+rpXXD/3quvvBvwuHubedMPdCDfSjXKj3ZjfxZPcZDfFTXXT3Ltuupvxu3i++8DNcovcbDfHzXXzfokv1bTIfegWu4/cErfULXPL3Qq30q1yq/9vrcvdRrfJbXa73Sduq9vmtrsdbqfb9Ut8aR173Wdun/vcHXbfuAPuS3fQHXWH3Ne/xJfWd9R95465791xd8KddD+4U+5Hd9qd+WX9l9b+g/vZXXTBASMr1mw44nScnlM4A2fkqzgTX82Z+RpO8LWcha/jrHw9Z+PsnINzci7OzXnYMrFj5pjzcj5O8g2cnwtwKhfkQlyYPRfhonwjF+ObuDjfzCX4Fi7Jt3IpLs1luCzfxuX4di7Pd3AFvpMrciWuzFX4Lq7Kd3M1voer871cg+/jmnw/1+K/cG1+gOvwg1yXH+J6/DDX5wbckBtxY36Em/Cj3JSbcXN+jFvw49ySn+BW/CS35qe4DT/NbfkZbsfPcnt+jjvw89yRX+AX+SXuxJ25C3flbtyde3BP7sW9uQ+/zH35Fe7Hr3J/HsAD+TUexK/zYH6Dh/BQHsZv8nAewSN5FI/mMTyW3+Jx/DaP53d4Ak/kSTyZp/BUnsbv8nSewTP5PZ7F7/NsnsNzeR7P5w94AS/kRfwhL+aPeAkv5WW8nFfwSl7Fq3kNr+V1vJ438EbexJt5C3/MW3kbb+cdvJN38W7+hPfwp7yXP+N9/Dnv5y/4AH/JB/krPsRf82H+ho/wt3yUv+Nj/D0f5xN8kn/gU/wjn+YzfJbP8Xn+iS/wz3yRA0OMsYp1bOIoThenj1PiDHHG+Ko4U3x1nDm+Jk7E18ZZ4uvirPH1cbY4e5wjzhnninPHeWIbU+xijuM4b5wvTsY3xPnjAnFqXDAuFBeOfVwkLhrfGBeLb4qLxzfHJeJb4pLxrXGpuHT80L1l49vicvHtcfn4jrhCfGdcMa4UV46rxHfFVeO742rxPXH1+N64eHxfXDO+P4ZfP69SJ34wrhs/FNeLH47rxw3ihnGjuHH8SNwkfjRuGjeLm8ePxS3ix+OW8RNxq/jJuHX81B/u7xJ3jbvF3ePucQj36LnJecn5yQ+SC5ILk4uSHyYXJz9KLkkuTS5LLk+uSK5MrkquTq5Jrk2uS65PbkhuTG5Kbk6GUCU9ePTKa2985NP59D7FZ/AZ/VU+k7/aZ/bX+IS/1mfx1/ms/nqfzWf3OXxOn8vn9nm89eSdZx/7vD6fT/obfH5fwKf6gr6QL+y9L+KL+ka+sW/sm/hHfVPfzDf3j/nH/OP+cf+Ef8I/6Vv7p3wb/7Rv65/x7fyz/ln/nO/gn/cd/Qv+Rf+S7+Q7+y6+i+/mu/kevofv5Xv5Pr6P7+v7+n6+n+/v+/uBfqAf5Af5wX6wH+KH+GF+mB/uh/uRfqQf7Uf7sX6sH+fH+fF+vJ/gJ/hJfpKf4qf4aX6an+6n+5l+pp+VOsvP9rP9XD/Xz/fz/QK/wC/yi/xiv9gv8Uv8Mr/Mr/Ar/Cq/yq/xa/w6v85v8Bv8Jr/Jb/Fb/Fa/1W/32/1Ov9Pv9rv9Hr/H7/V7/T6/z+/3+/0Bf8Af9F/5Q/5rf9h/44/4b/1R/50/5r/3x/0Jf9L/4E/5H/1pf8af9ef8ef+Tv+B/9hd98GMTbyXGJd5OjE+8k5iQmJiYlJicmJKYmpiWeDcxPTEjMTPxXmJW4v3E7MScxNzEvMT8xAeJBYmFiUWJDxOLEx8lliSWJpYllidWJFYmQsi9NQ55Q76QDDeE/KFASA0FQ6FQOPhQJBQNN4Zi4aZQPNwcSoRbQslwaygVSocy4eFQPzQIDUOj0Dg8EpqER0PT0Cw0D4+FFuHx0DI8EVqFJ0Pr8FRoE54ObcMzoV14NrQPz4UOf7vjCi+FTqFz6BK6hm6he+gReoZeoXfoE14OfcMroV94NfQPA8LA8FoYFF4Pg8MbYUgYGoaFN8PwMCKMDKPC6DAmjA1vhXHh7TA+vBMmhIlhUpgcpoSpYVp4N0wPM8LM8F6YFd4Ps8OcMDfMC/PDB2FBWBgWhQ/D4vBRWBKWhmVheVgRVoZVYXVYE9aGdWF92BA2hk1hc9gSPg5bw7awPewIO8OusDt8EvaET8Pe8FnYFz4P+8MX4UD4MhwMX4VD4etwOHwTjoRvw9HwXTgWvg/Hw4lwMvwQToUfw+lwJpwN58L58FO4EH4OF+Uza0IIIYQQ/5Luf7C/6z95zACA+nXcDQCu3pbz0G/3awDYkO2v454qV4sEADzZuf0Df9sqVuzSpcuvz12iIco3BwAS/3CAX+Ol0Bweh1bQDIr90/p6qufP8x/Mn7wFIONvclLgcnx5/i/+i/kfeWzYgpLx2Sz/j/nnAKTmu5yTAS7HS6H5pdVAMyj+X8yfvckf1J/hy7EATX+Tkwkux5frLwqPwlPQ6u+eKYQQQgghhBBC/FVPVabtH90/X7o/z2Uu56SHy/Ef3Z8LIYQQQgghhBDiynvm+Y5PPNKqVbO2//og/b/zZBnIQAb/Pw6u9F8mIYQQQgghxJ/t8kX/5ccyXMmChBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKINOg3X/qVAQD+V75O7EqvUQghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhLjS/k8AAAD//4/5MoY=")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open$dir(&(0x7f0000000040)='./bus\x00', 0x10100, 0xc0)
mkdirat(r0, &(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK/file0\x00', 0x50)

18.799197061s ago: executing program 2 (id=56):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="850000002f000000840000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc"], &(0x7f0000000180)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

18.703361567s ago: executing program 2 (id=60):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f0000000640)=0x13)
poll(&(0x7f0000000200)=[{r0, 0x400}], 0x1, 0x20000004)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x5)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000001c0)={0x9, 0xfe, 0xff82, 0xa, 0x30})

18.627485821s ago: executing program 32 (id=60):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f0000000640)=0x13)
poll(&(0x7f0000000200)=[{r0, 0x400}], 0x1, 0x20000004)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x5)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000001c0)={0x9, 0xfe, 0xff82, 0xa, 0x30})

2.71662972s ago: executing program 5 (id=325):
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000000770000000800000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000280)=r0}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000440)={r2, &(0x7f00000001c0), 0x0}, 0x20)

2.705156111s ago: executing program 5 (id=326):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x51)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='iocharset=cp865,utf8=1,utf8=0,utf8=1,iocharset=utf8,sys_immutable,uni_xlate=0,uni_xlate=1,uni_xlate=1,gid=', @ANYRESHEX, @ANYBLOB='A\x00'], 0x1, 0x1bd, &(0x7f0000000440)="$eJzs2zFrE3EYB+A3NY1pHZLBSRxudApNP0GDVBADgpJBQVBsA9KTgoWADrabg1/CD+Pgqp/EMYNwklyaeCVCTU0OmudZ8nKXX+7/Xrgkb+Be3n17dHB80n/R/xb1SiU29iKJYSWasRHnzgIAuE6GWRY/syzLbp7F1pfIsqzsFQEAy+b7HwDWz9Nnzx91ut39J0lSj0g/DXqDXv6Y7+/0402kcRg70YhfMfqBMJHXDx5293eSsWZ8Tk8n+dNB70Yx345GNOfn23k+KeY3Y/vP/G404vb8/O7cfC3u1ab5zYhoxI/XcRxpHMQoO8t/bCfJ/cfdC/lb4+cBAADAddBKpsbzey2K83urVdw/m4/zfKdy6f8HLszX1bhTLbd3AFhXJ+8/HL1K08N3CxT1yWssGL9c8X07P8gSD7FwsTFqfrrl/JROt+yt4vz8a1ErrLlYbC15qdWVt1yJiCvEa1eJf42I0t/uhS7qcVHChxGwUrOrv+yVAAAAAAAAAAAAAAAAfzP3NqAY/tf7isruEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID18zsAAP//rpx/OQ==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x189800, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x40047211, &(0x7f00000000c0))

2.661308413s ago: executing program 5 (id=328):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7, 0x7fffffff}]})
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
exit(0xffff)
poll(&(0x7f0000000000)=[{r0, 0xa254}, {r0, 0x5}], 0x2, 0xfffffffb)
wait4(r1, 0x0, 0x8, 0x0)

2.223488127s ago: executing program 3 (id=344):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2a, &(0x7f0000000100)=r2, 0x4)
sendmsg$unix(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000200)="5f1a20b5bda8", 0x6}], 0x1, &(0x7f0000000300)=[@rights={{0x14, 0x1, 0x1, [r2]}}], 0x18, 0x20008000}, 0x8c0)
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x2)

2.204088739s ago: executing program 3 (id=346):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x40, r1, 0x7, 0x0, 0x40000, {}, [@ETHTOOL_A_LINKMODES_OURS={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x20}, @ETHTOOL_A_BITSET_MASK={0x4}]}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000)

2.194604969s ago: executing program 4 (id=347):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = gettid()
sendmsg$unix(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000009c0)="ec663189d3348bf13f872a468352b72482b5b2b364a29c6f0f2c4e741bf6457d1418455e157253231681a3889f39b3da6b60dbe404cb9a145d0d49cfd1668a32b96ff302975748993a8a534144d211c681ff3d91ffa436d40b9afe648ec8bde2f7553fb5d3f3b8423873903abd024284bfd01511c149b6101851f7aae4675df76e7d32d7b91659e4adcc14ddfff8a2b49d1393de72b9d970ee7f45a755c1d9f7b4d43e37e17d6eaff5fe352d507eb0424ab937980ae8fae8a9062b651a53b6543733e259ee3083a308a78ac50f0972629b74e6aadefedf2352d024d8f27d4bc8703493b08bbe75e34ee5796d0d275cae3d3c0eba179e145feee0c8acc98af7888a374dbe705e058fc565e40677890a39e6999ae47202a9237803e9eee30f368725ca8571a8f6a8ba396905f4f023a60acb644bab6b0b8964aa514c37f23509c685648d6adb0e230aca690c91e664bc49fa30ae42a2c71abc7517181d4157ef996628b3624f367519970366acca85d399e2c7703930e2abd4bdbac076230ad16368ccb350357d57626ea47a15f0fa16bd5efa8233fa3ea1183da730204a455a673c783c10a26411c5de816699f7af3401b9f38592a4cd9f3f0b7de18cd69f831eee87a3d2edb64ecf517d201f32f86b80fcd3287330f286465260370527e6116df0651001405563622e14af715f6c3dd10e1986e3b95ebf618ff42bdd7a74f0d0cc2cc8dab1048eb5fdbfb72cb16f9e2a196b512720cbfbb4696f291200a153c383cc441091c62649a88ef173a42eced93a374e4f0a078244e56c14b3c4cc9625b3e9e1853839ecb00d6cfc2d2398634935aedd9a545e4b13895a3b8b05c8fca9af2bba82762db85a449f5d9c6ff87b724f19dc1805eca58445e67782a30f03e7b1272685ab8306c255604360b0d6e53cc443b0b81bcf92b470b8734b7b7b2ccf2d51fc1a8b43d8dba290e875f35b0bdb66790a3bb4d8391c5fdde5f461b5922c56f8a858865c0fd8b39cb79e8e182342ef0398641ca3c76620482705878ff0d9fe2eaae18a8ad73313663e36feca9bae81834482bb19c651e273bc04333963f2a64d516761280db45fc4217b5c2ab73a8a04c5d2c2aced37bb2825d17f68c4d65dfcc54057a46f045bf435391b7304ee376977220e71e97919cd67e3f0f0f63e0dcee8d90d80ead12a5eda22db217bd362c1a4f9244c99da91d618c6b71b21ed80826d4df95aee10786e61b3141002e342490f2d842051305d2e8d41aca580a13cd48a850eada7dfee4bda67a5491acf4cfdd3919135e7b113a1973595b99d6ba152ae8cc63fd95c1d7d4a59b038c426ffdb949fe1a6004df2bbae2acce3f5720419dc597229f2d120c689b07a344e75f4c631d83b3130cc927412daa9607c8c0fa254cde27306360a9a5d18ff9d4d4ed38162a5202ba214db4486887b5831d727bd93e6e7cddfa4d3480cb3b4683b1de52bdff534016719324051f81bdf49a5c12dd7b389107b3eb5dc4858caebe8c0a9866ff632deebc16492f95d202ce0f454476ab77871d3188ec83fc74f2ec1055893b2a138cce27ac5553c5496cbf147002a9c55fdb202969a4802ca3556453a58d2aa8e19f40e577fa280625468d385af8659a0f3ab69fabf4fa1326f7a7ebad98a23958c91f28c4b03ff9f343b6ecdb82e820bcb7de6f51d0fcfbbcef902d21a7eed03ea125363b758085022ade27451ba5e0acd9a0044ec50571d234855448be132e14517ae38b798482cc07e1c009c1a4cdd5c42f3862dd6d4c3b18f9c41d0bf5b709d742877ef7ee6d9932c6d7a9fd09bede9f80645a5c4b97ae48734985131f948bf20e93f82b93d6e69479491158d83655244d91bb5e9dfdf103e2238a95a92f35750769b87dce1d0e8bac4e6ee5467f9800a12fe27a2c8f727bbda617899ca26d13ec3b68b4acd7200b3206852aafb13c94681413ee7d0987f4d067b4bc5fc5e01ebe9bdbfc0198232f92da3371d12023388f86a4bb4db9bd559570aef27a96812dd2583c72732922266b98c89c264311577621ceb2625dac0af0fd08f5c27a658645777cb36d687d6f0e6835587cbe65ed922cbd1190b1d60259024be61e7e32b1ecb5e72799103c3a3ea91191667418fedf79d839200ee75da4d68fd6facdd1243f30727c40c6a7c4ffa3d937f4c21b076d146f439d8961258526d56336f7d94e945f90053ef865dd9f939b12d8b6b72b1f20a050b69b8a3b8bc88584766bf9783116c8fc8c4883f8dca31dbfd2775675d868136e5f5e16e3508986750fa8825231fed43ae2b444f5992011f0b80b1f3b0e397ff98fe81da3bd00593329f3014315fb4828fdfec77c8f3c8a92278866f7d299f9a0818e36d1bbad629a61345e01e495dfc4412fcc8b64eac5259de21dae5f5b34c06ee81c0e46b12203b639cfef7f12871287abca6b2f70ffa2cb225585bfbf2c0cd010bdd1b2b3f560016e4db6c30a26e517b608633aa40ab1802da8e94188bad14ab007e415ec41c3dabf4d2817a43a082313529e4a80596807b785af9391117f780db637f2214bb8082373303da889ffd89fa43f4cca427b43e3c17942d314a577112cfb31e841ae40fd18220e9aaa24e382936c0b859a3a425c2018b093e42648b7517dcce9af1366dc5ea8fd575001cbe880ddbb0a768033ee3802c68c4b2fc290fcb84f1e33318543fd2ddf065503c0767c86fcde6931797f275ee4c149d616ff02a9a019c223c16cfd6e618b07c7bd8009d3201a92b91a0944ff21d71ffc53c39b7a318c6451d80b05f9d9c81fd1a78ef35e14cbebc1b4e2de28039301042c0fa09ad2e43d5f78ab4104218bab2da5034050bbf625c6803496dd3d77b574aed51badd3e9967548014b8b318dfb2e0a6ce6637cee786806ec06b359d6569c65df2e538b43862be27d4ddb2710447ed7e56cb4a02779c8767e11056cfaca1ab1aea20d4198a050e98695ae3f2a0aadb5b34b6b945379b81259ebe7abe6d3ca23cae048429b6c850813706f59231034fce07c4111961193d581e3bbbd6c9afd8b3d1e0604807dbd880d2ccc5266818a18287e8c4bda311be83c6f1c5e7f571b9f5ab1f84f8252df9d62f75865adcdd61eaaf7df4cbdd994ab17d2d5d684f95715d4636a6cb69fa2619c6b76ee060202a0a8c934aa537d2c5cf736142349b19fb9b532b05e6dff05c4c635f4134bcc0ef2e38c3fd75d8664d7dfa3139e1b2c2cbbdbe4fc0e2e80870ade368b730d4c06946b608088991f346765afaad6765e5a16267b2d249ee22ea1c6cb85d5d0f8ee48204a5dc48ae6415e3802fd8a431d249f95c72f6895978b36c424e40f83dfe1d0ca01dca14c4a308e926fe726ea0b456dcd976147e61744675f81f38bd5ef06ed76692ac8ac03744c8dc313f06aa28832a3286e626d5e29c748c21164475c739d3f6c6ad046fbb1a149867faf770c089b3513a0649d787208f06e7db6f8a44a9e32c6bd8dd9cca53bcd8ba7ec49d4068d7018b4c8fbd13070f9b0d02d3686b54f96a21e74e346c380a99f21f33925d4a39d510842ed84f2605a15051a784d8216364c2f8ec79f7884ec151ac56d11e30e058d2c49998147c1d54e04aea5d2e9bcc5bf051690d7aa905fdd68528309afda3fd5920cecfae73f6d5f8962e647f5e909748ff9105097118feecf28d6d514ede8cb2d4201da6efc9f3c24893570b227dfe673158e6c17bfcd91625bc4f87eb6fc67e5b647b18231da1da165220815b24431144fc05e1e207e12dbd9e26254d61bc9f47e4ec7e5e19a58ea2444e97a6daf57c895ec35c497d84e2f0c2e520e123f3cadf380a7e54836f7b5a9ba24b1bbe690b7f3de459adbe4d80a648ac2d8158e8b0948ea6ec4b8ac3ce4dafc8ed0f709c13a5ada9fa6c254b57e3cc83411e26dacb6aee290ced0bd65f18884b33dfd1229acd273f97d3edf7673747193ececc83e9ba1e1a73ceb8c347ac88333308df5e4d9ea133e2c6fa4bb1489980cf8ce20201bbba6334936fbc6bb7e6495ba48a3648fe57a0957de758182d3248601ab2bc9d2edf826255d5774021ae4d5d7f87a18927ac866b24e9fa2ca4fb5623c9e0ccbe491a61566f5f649047f97db9cea177ce08ec58c28e7e174f427b38c2e3c2d7165b321eeffe4fc03e8acc2c0ba7520699e8f6480261de487e33d3169790024cec06e3d776c98ccbc5da2ec0032c8241bedea3db12687a82e1eafa4ff828f5347e8ae0b22bcfa5de853d05381a04e8eb953a54c5ebb528bc03d4f7d74b1741f7833a7b90456ff847619b5893bd1515ed87cfd9aa44208572d1578849d5e7310b29e4a5af6026d9d5d2d6c18cc222fa375bc756e86d30a673420c4ac99c0b0a6baadd5bb53bf161074e85b105d5c8f704ea4fef269b3e2d62dc9e494393957a9aba76d7a7c79a1f37a9c0b20a69c47f74b489a8d60bb017272497f2cc7e3dd85a6622c0c1038978ca44170229f1ef25d11d2757940a5b6d35eab977937a5cccfb979dd79accb86476ae7da6fa96527a0ad6a7613c9008fd3cb2cbf81d7be93304dab9059c38cb54a191118bdf39148f6a7e44eca45272a3a2f1812ab6ac72f3009c235abcfe300a5599340b7baa1d6b07797a8fc29533b1d39b24642a867cc188327927d224045bb65e47238f7e260dbe81e2fdd8dac3f3da3724817975e008e0ccbfd958fec78f01cd6cf9d46594513d8a67c9ff5d1f745a7b1b82ee0d1b0babcbea6d4334f8f474c0f1d438d80da71e1158865621613cb9eb1b08f224fca3c26ed879fb13a7148d7a65ea7d2364b71568e2b56e7ab492866ff1d9f0d83647682fd3a31ca4c3735ed4accb26d45e9b26f80856a287fdd42a12de98d1b5d4f2278dd78a8b287a18d8edd003d338049214faef3d6c17b3117da3e1c60715480e1739b52ac39265803d5d6019559d028bbc2c874071c021c581458c67aea919e14db399a54314b1d734eaeafee4844ee9c208887b1c4b7c475997146ccd5f6df48262ab997fc0e5f3ef5e68506fd1d9835b7028c22933024dd9ea325dbb1f8172f9c564b973a1668fb8b566e484a6f821c7bf709aecc0794a71ecc8bcf2fd5ac8d0c76b19f4ce02fefa9780549df3f606a0e520b059f95cb4f749b8c9204f1a052a588ce8ccc519a89e5444aec50739e92a914782bd1c991ae6e403aec0655570e1f90d921695548a645c317d9c13d36da32f86bb104d4b36b66b1e766731dfca460354bd9194e90523afc4e36d9aadd8dc777cfe26c955dcf57736139668b29f4c8ad197050737ebba3d55eb30cc94bdc3a1e28c3573a98ca4d5502d9893755cf2dfec4843fa39eb0a9948b6589eceebfe750b2db0", 0x8ec0}, {0x0, 0x803e}, {&(0x7f0000000140)="bd", 0x1}], 0x3, &(0x7f0000000780)=[@cred={{0x1c, 0x1, 0x2, {r1, 0x0, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r0, r2, r0]}}, @cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xee01}}}], 0x60}, 0x0)

2.17821362s ago: executing program 3 (id=348):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f0000000140)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000800)=[{&(0x7f00000029c0)="a2d557", 0x3}], 0x1, 0x0, 0x0, 0x20004005}, 0x0)
recvmmsg(r1, &(0x7f0000000600)=[{{&(0x7f0000000240)=@alg, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000440)=""/158, 0x9e}, {&(0x7f00000001c0)=""/62, 0x3e}], 0x2, 0x0, 0x2e}, 0x4}], 0x1, 0x40000040, &(0x7f0000000700))

2.17597844s ago: executing program 4 (id=349):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)

2.162330631s ago: executing program 3 (id=350):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3000046, &(0x7f0000000bc0)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@nojournal_checksum}, {@errors_remount}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@nombcache}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x1c3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
r1 = open(&(0x7f0000000000)='./file1\x00', 0x143142, 0x80)
ftruncate(r1, 0x2007ffb)

2.157117441s ago: executing program 4 (id=351):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x10000000000000cf, 0x0, [{}]})

2.091278845s ago: executing program 3 (id=352):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x80340, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448dd, &(0x7f0000000040))

2.068344666s ago: executing program 4 (id=353):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000c40)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000001400), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000280)=""/194)

1.914993125s ago: executing program 1 (id=354):
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006, 0x0, 0xfe, 0x7}]}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f00000001c0)=@add_del={0x2, &(0x7f0000000080)='wlan1\x00'})

1.896157585s ago: executing program 1 (id=355):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_deladdrlabel={0x38, 0x48, 0x1, 0x70bd24, 0x25dfdbfc, {0xa, 0x0, 0x80, 0x0, 0x0, 0xa}, [@IFAL_ADDRESS={0x14, 0x1, @loopback}, @IFAL_LABEL={0x8, 0x2, 0x9}]}, 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x20040000)
unshare(0x2000680)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r1, 0x0, 0x0}, 0x10)

1.882617566s ago: executing program 4 (id=356):
setregid(0xee00, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, 0x0, r1)
sendmmsg$unix(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, r1}}}], 0x20}}], 0x2, 0x0)

1.868633747s ago: executing program 1 (id=357):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x2}, 0x80, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="120000000000000029000000", @ANYRES64=r0], 0x108}}], 0x2, 0xc040)

1.839502228s ago: executing program 1 (id=358):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x1008490, &(0x7f0000000a40)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000a80)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x3, 0x1, 0x246, 0x7fffffffffffffff, 0xfffffffffffffffa, 0xffffffffffffffff, 0x0, 0x7fff, 0x9b})
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x1038410, 0x0, 0x6, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
lchown(&(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, 0x0)

1.81555985s ago: executing program 4 (id=359):
r0 = syz_usb_connect(0x2, 0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="120100006df57108e2042414ebc7010203010902380003960000000904cc070002596105052406000105240006000d240f01900800000000070008060600000011090401"], 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000000400)={0x14, 0x0, &(0x7f00000003c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41f}}}, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f00000001c0)={0x14, &(0x7f0000000080)=ANY=[], 0x0}, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)

1.80540805s ago: executing program 5 (id=360):
r0 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000480)={{0x7f, 0x45, 0x4c, 0x46, 0x82, 0x1, 0x1, 0x6, 0x80000000000, 0x3, 0x3e, 0x9, 0x100, 0x40, 0x2001df, 0x0, 0x3e, 0x38, 0x1, 0x7, 0x2, 0x1}, [{0x3, 0x0, 0x6, 0x5, 0x9, 0xb8, 0x7, 0x1}]}, 0x78)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x2, [@var, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}, @func={0x0, 0x0, 0x0, 0xc, 0x20}, @volatile, @volatile, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}]}}, 0x0, 0x96}, 0x20)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80)

1.774146232s ago: executing program 5 (id=361):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x23ba, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r0, &(0x7f00000009c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x80000000}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/27, 0x1b}, 0x3}], 0x1, 0x12023, 0x0)

1.752021433s ago: executing program 5 (id=362):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000407d1ef62c00000400000109022400010000000009040000010300020009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00!\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001500)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="200103"], 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)

1.744765754s ago: executing program 1 (id=363):
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x5}}, 0x1c)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x5}}, 0x1c)

1.661538109s ago: executing program 0 (id=364):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f00000005c0)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1, 0x0, 0x3}}, 0x2e)

1.632075251s ago: executing program 0 (id=365):
unshare(0x22020400)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000600001e95"], &(0x7f0000000bc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1b, 0x3, 0x0, 0x0, 0x4}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r1}, &(0x7f0000000400), &(0x7f0000000440)=r0}, 0x20)

1.600981032s ago: executing program 0 (id=366):
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x400000003)
r0 = syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRESDEC], 0x0, 0x1cc, &(0x7f00000006c0)="$eJzsmD/v0kAYx793LeVPjImLg4smkogJlLaocXHAV2AC/tskUglawEAHIHEgLi6+DN+CA5ODm5urDmpi4iCjk8OZa4/25J8yEIm/55Pw9Nu7567PPTTfoSAI4sTy5fOPTy9vXm+WAZxCEVk1/s1Ic7iW/zGnxIdXb/unn81X92N7Pt8E8KZuIFT3QgihzxfVtQme6NvguKz0XTDYSj8Axx2lfTDcV/qxpgd5JQLffjgI2o+6ge/I4MrgyVBbrW8xY2gDkEcXxu/1jybTJ60g8IerIiOWz1mb2lf8oX/mos5xQ+uf/L/uvXg+k/fL3jha/1xwuErXwNBY9gRZ2LadtkQ7/zkz3d/4m/MfgzhT2ZVT3r3857+p2VKNPZYe/oeCaSN5KaRpJSNnF/N366u+HrKwC4c9MpRnr029LxzwXU39U9rLJc2fTJiJf1TD3tPqaDKtdHutjt/x+55Xu+ZccZyrXjUyojju8L9c5E8Fbf/MllyLWRi3wnDojoFw6Cb3Xhw1x228HnyP1vDI/zhKF+M95KtixVa5EaZ+PLpKVTK2Fk8QBEEQBEEQBEEQBEEQBLEX58Gir6BCCKY+iG7CuxVl/woAAP//vphcsA==")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x5, 0x8031, 0xffffffffffffffff, 0x9000)
getgroups(0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000040)=ANY=[])

1.480591149s ago: executing program 1 (id=367):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x25, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0xa00}])

1.45115514s ago: executing program 33 (id=367):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x25, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0xa00}])

1.413448922s ago: executing program 0 (id=369):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xa0000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x29c}]})

1.27021579s ago: executing program 0 (id=370):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7, 0x7fffffff}]})
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
exit(0xffff)
poll(&(0x7f0000000000)=[{r0, 0xa254}, {r0, 0x5}], 0x2, 0xfffffffb)
wait4(r1, 0x0, 0x8, 0x0)

669.412913ms ago: executing program 6 (id=368):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000010000)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffd74, 0x40004, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

426.493027ms ago: executing program 0 (id=371):
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x6a)
close(r0)
r1 = socket$tipc(0x1e, 0x4, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x43}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0), 0x200480, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

0s ago: executing program 3 (id=372):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r0 = syz_open_procfs(0x0, &(0x7f00000005c0)='smaps_rollup\x00')
lseek(r0, 0x2000, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.149' (ED25519) to the list of known hosts.
[   19.948979][   T28] audit: type=1400 audit(1768902883.935:64): avc:  denied  { mounton } for  pid=274 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   19.952409][   T28] audit: type=1400 audit(1768902883.935:65): avc:  denied  { mount } for  pid=274 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   19.952691][  T274] cgroup: Unknown subsys name 'net'
[   19.957001][   T28] audit: type=1400 audit(1768902883.945:66): avc:  denied  { unmount } for  pid=274 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   19.959946][  T274] cgroup: Unknown subsys name 'devices'
[   20.081993][  T274] cgroup: Unknown subsys name 'hugetlb'
[   20.087696][  T274] cgroup: Unknown subsys name 'rlimit'
[   20.192420][   T28] audit: type=1400 audit(1768902884.185:67): avc:  denied  { setattr } for  pid=274 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   20.215715][   T28] audit: type=1400 audit(1768902884.185:68): avc:  denied  { mounton } for  pid=274 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   20.240498][   T28] audit: type=1400 audit(1768902884.185:69): avc:  denied  { mount } for  pid=274 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   20.264192][  T276] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   20.273017][   T28] audit: type=1400 audit(1768902884.275:70): avc:  denied  { relabelto } for  pid=276 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.298461][   T28] audit: type=1400 audit(1768902884.275:71): avc:  denied  { write } for  pid=276 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.332107][   T28] audit: type=1400 audit(1768902884.325:72): avc:  denied  { read } for  pid=274 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.333086][  T274] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   20.358586][   T28] audit: type=1400 audit(1768902884.325:73): avc:  denied  { open } for  pid=274 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.115735][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.122830][  T285] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.130400][  T285] device bridge_slave_0 entered promiscuous mode
[   21.138335][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.145422][  T285] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.152782][  T285] device bridge_slave_1 entered promiscuous mode
[   21.162610][  T282] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.169658][  T282] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.177133][  T282] device bridge_slave_0 entered promiscuous mode
[   21.185095][  T282] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.192188][  T282] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.199556][  T282] device bridge_slave_1 entered promiscuous mode
[   21.318726][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.325814][  T283] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.333257][  T283] device bridge_slave_0 entered promiscuous mode
[   21.341781][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.349263][  T283] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.357009][  T283] device bridge_slave_1 entered promiscuous mode
[   21.400700][  T286] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.407743][  T286] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.415341][  T286] device bridge_slave_0 entered promiscuous mode
[   21.423875][  T286] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.431031][  T286] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.438358][  T286] device bridge_slave_1 entered promiscuous mode
[   21.460330][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.467460][  T284] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.475034][  T284] device bridge_slave_0 entered promiscuous mode
[   21.498442][  T282] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.505501][  T282] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.512796][  T282] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.519818][  T282] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.528817][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.535894][  T284] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.543277][  T284] device bridge_slave_1 entered promiscuous mode
[   21.604232][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.611310][  T285] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.618592][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.625647][  T285] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.642407][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.649664][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.656922][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.664278][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.672209][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   21.679646][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.711633][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.719861][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.726917][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.734262][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.743047][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.750094][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.792642][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.800927][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.809850][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   21.817555][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.856346][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.865284][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.874029][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.881099][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.895011][  T282] device veth0_vlan entered promiscuous mode
[   21.908829][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.916942][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.924569][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.932207][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.941066][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.948078][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.966583][  T282] device veth1_macvtap entered promiscuous mode
[   21.974615][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.982214][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.010972][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.019666][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.027788][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.036105][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.045106][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.052251][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.059766][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.068109][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.075190][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.082621][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.090868][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.097881][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.105301][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.113464][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.120521][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.128187][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   22.135946][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   22.166088][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.174668][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.183349][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.192048][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.200627][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.208628][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.216772][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.224884][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.232961][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.241086][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.249123][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.257294][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.277945][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.286406][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.294944][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.303424][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.315979][  T285] device veth0_vlan entered promiscuous mode
[   22.322596][  T282] request_module fs-gadgetfs succeeded, but still no fs?
[   22.331427][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.339390][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.347765][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   22.355411][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.363092][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   22.371667][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.379771][  T334] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.386828][  T334] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.394494][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.402072][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.409434][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   22.423500][  T286] device veth0_vlan entered promiscuous mode
[   22.430694][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.439087][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.448006][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   22.456833][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.465343][  T334] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.472413][  T334] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.480455][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.488397][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.498283][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.508399][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.535638][  T286] device veth1_macvtap entered promiscuous mode
[   22.546918][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.555798][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.565005][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.576078][  T341] syz.4.7 (341) used greatest stack depth: 21920 bytes left
[   22.582693][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.588449][  T343] capability: warning: `syz.4.8' uses deprecated v2 capabilities in a way that may be insecure
[   22.592664][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.620977][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.634499][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   22.643778][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.652438][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.661655][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.669568][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.678521][  T285] device veth1_macvtap entered promiscuous mode
[   22.688405][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   22.696078][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.703597][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.717525][  T283] device veth0_vlan entered promiscuous mode
[   22.724370][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.732886][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.741396][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.749615][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.766733][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.775049][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.783834][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.792178][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.801162][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.809386][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.822505][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.830415][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.840949][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.848395][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.863026][  T284] device veth0_vlan entered promiscuous mode
[   22.878583][  T283] device veth1_macvtap entered promiscuous mode
[   22.885684][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.894065][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.911835][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   22.927208][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.938194][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.954616][  T284] device veth1_macvtap entered promiscuous mode
[   22.967042][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   22.975660][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.986826][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.007954][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.016966][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.025514][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.034495][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.043803][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.052599][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.112538][  T359] loop0: detected capacity change from 0 to 2048
[   23.142198][  T364] loop2: detected capacity change from 0 to 128
[   23.176912][  T359] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   23.187741][  T364] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   23.223569][  T364] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   23.239221][  T283] EXT4-fs (loop0): unmounting filesystem.
[   23.273036][  T354] loop3: detected capacity change from 0 to 40427
[   23.287594][  T354] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   23.308465][  T284] EXT4-fs (loop2): unmounting filesystem.
[   23.314806][  T354] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   23.345285][  T354] F2FS-fs (loop3): invalid crc value
[   23.371640][  T354] F2FS-fs (loop3): Found nat_bits in checkpoint
[   23.414771][  T354] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   23.422394][  T354] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   23.455681][  T354] syz.3.10: attempt to access beyond end of device
[   23.455681][  T354] loop3: rw=2049, sector=45096, nr_sectors = 40 limit=40427
[   23.594769][  T391] loop1: detected capacity change from 0 to 40427
[   23.612033][  T391] F2FS-fs (loop1): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[   23.627328][  T391] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   23.635898][  T391] F2FS-fs (loop1): fault_type options not supported
[   23.642753][  T391] F2FS-fs (loop1): fault_injection options not supported
[   23.649908][  T391] F2FS-fs (loop1): Image doesn't support compression
[   23.658831][  T391] F2FS-fs (loop1): invalid crc value
[   23.665636][  T391] F2FS-fs (loop1): Found nat_bits in checkpoint
[   23.700916][  T391] F2FS-fs (loop1): Start checkpoint disabled!
[   23.707565][  T391] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[   23.715243][  T391] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   23.722453][  T391] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   23.774931][  T403] loop4: detected capacity change from 0 to 1024
[   23.789746][  T403] EXT4-fs: Ignoring removed mblk_io_submit option
[   23.805335][  T405] loop3: detected capacity change from 0 to 128
[   23.830528][  T403] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   23.845209][  T403] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2749: inode #15: comm syz.4.23: corrupted in-inode xattr
[   23.861396][  T403] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   23.890329][  T282] EXT4-fs (loop4): unmounting filesystem.
[   23.906918][  T413] device veth2 entered promiscuous mode
[   23.940176][    T8] kworker/u4:0: attempt to access beyond end of device
[   23.940176][    T8] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   23.960814][  T418] tipc: Started in network mode
[   23.965769][  T418] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711
[   23.969297][  T420] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   23.991207][  T418] tipc: Enabled bearer <udp:syz1>, priority 10
[   24.130468][  T427] kvm [426]: vcpu2, guest rIP: 0x912f Unhandled WRMSR(0x11e) = 0x0
[   24.150488][  T427] kvm [426]: vcpu2, guest rIP: 0x912f Unhandled WRMSR(0x187) = 0x9131
[   24.281045][  T441] loop1: detected capacity change from 0 to 4096
[   24.288652][  T441] EXT4-fs (loop1): Test dummy encryption mode enabled
[   24.297139][  T441] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[   24.310030][  T293] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   24.316593][  T441] System zones: 0-5
[   24.369319][  T441] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   24.391041][  T447] loop4: detected capacity change from 0 to 4096
[   24.414056][  T441] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   24.426818][  T447] EXT4-fs: Ignoring removed oldalloc option
[   24.442523][  T441] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   24.467756][  T447] EXT4-fs: Ignoring removed orlov option
[   24.484006][  T447] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   24.492755][  T439] loop0: detected capacity change from 0 to 40427
[   24.499535][  T439] =======================================================
[   24.499535][  T439] WARNING: The mand mount option has been deprecated and
[   24.499535][  T439]          and is ignored by this kernel. Remove the mand
[   24.499535][  T439]          option from the mount to silence this warning.
[   24.499535][  T439] =======================================================
[   24.535474][  T454] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   24.564353][  T439] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   24.565373][  T447] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   24.574606][  T293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   24.592285][  T439] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   24.616818][  T447] fs-verity: sha512 using implementation "sha512-avx2"
[   24.618162][  T293] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[   24.633193][  T293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   24.649125][  T293] usb 4-1: config 0 descriptor??
[   24.657206][  T439] F2FS-fs (loop0): invalid crc value
[   24.669562][  T282] EXT4-fs (loop4): unmounting filesystem.
[   24.678262][  T286] EXT4-fs (loop1): unmounting filesystem.
[   24.699550][  T439] F2FS-fs (loop0): Found nat_bits in checkpoint
[   24.720921][  T460] loop1: detected capacity change from 0 to 256
[   24.740487][  T460] FAT-fs (loop1): Directory bread(block 64) failed
[   24.754074][  T460] FAT-fs (loop1): Directory bread(block 65) failed
[   24.766287][  T460] FAT-fs (loop1): Directory bread(block 66) failed
[   24.778350][  T460] FAT-fs (loop1): Directory bread(block 67) failed
[   24.787449][  T460] FAT-fs (loop1): Directory bread(block 68) failed
[   24.794352][  T439] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   24.801683][  T460] FAT-fs (loop1): Directory bread(block 69) failed
[   24.808238][  T439] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   24.816420][  T460] FAT-fs (loop1): Directory bread(block 70) failed
[   24.841172][  T460] FAT-fs (loop1): Directory bread(block 71) failed
[   24.850352][  T460] FAT-fs (loop1): Directory bread(block 72) failed
[   24.856944][  T460] FAT-fs (loop1): Directory bread(block 73) failed
[   24.950679][  T283] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[   24.950700][  T283] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[   24.960243][  T283] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[   24.982410][  T283] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[   24.994151][  T466] loop1: detected capacity change from 0 to 1024
[   25.008236][  T283] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[   25.008250][  T283] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[   25.016908][  T283] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[   25.026322][  T466] EXT4-fs (loop1): unsupported inode size: 16384
[   25.040363][  T448] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   25.054130][  T466] EXT4-fs (loop1): blocksize: 1024
[   25.064503][  T293] lenovo 0003:17EF:6047.0001: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.3-1/input0
[   25.110103][   T19] tipc: Node number set to 4269801494
[   25.166014][   T28] kauditd_printk_skb: 91 callbacks suppressed
[   25.166025][   T28] audit: type=1326 audit(1768902889.155:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=467 comm="syz.1.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c5a59acb9 code=0x7ffc0000
[   25.235815][  T448] usb 5-1: Using ep0 maxpacket: 16
[   25.242063][  T448] usb 5-1: config 1 has an invalid interface number: 105 but max is 0
[   25.250369][   T28] audit: type=1326 audit(1768902889.195:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=467 comm="syz.1.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f9c5a59acb9 code=0x7ffc0000
[   25.260049][  T448] usb 5-1: config 1 has no interface number 0
[   25.289659][  T448] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[   25.299709][   T28] audit: type=1326 audit(1768902889.195:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=467 comm="syz.1.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c5a59acb9 code=0x7ffc0000
[   25.299738][   T28] audit: type=1326 audit(1768902889.195:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=467 comm="syz.1.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9c5a59acb9 code=0x7ffc0000
[   25.299762][   T28] audit: type=1326 audit(1768902889.195:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=467 comm="syz.1.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c5a59acb9 code=0x7ffc0000
[   25.299786][   T28] audit: type=1326 audit(1768902889.195:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=467 comm="syz.1.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f9c5a59acb9 code=0x7ffc0000
[   25.299811][   T28] audit: type=1326 audit(1768902889.195:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=467 comm="syz.1.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c5a59acb9 code=0x7ffc0000
[   25.299836][   T28] audit: type=1326 audit(1768902889.195:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=467 comm="syz.1.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f9c5a59acb9 code=0x7ffc0000
[   25.330974][  T448] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[   25.393035][   T28] audit: type=1326 audit(1768902889.195:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=467 comm="syz.1.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c5a59acb9 code=0x7ffc0000
[   25.415549][  T448] usb 5-1: config 1 interface 105 has no altsetting 0
[   25.489223][  T448] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[   25.498514][  T448] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   25.506798][  T448] usb 5-1: Product: syz
[   25.511169][  T448] usb 5-1: Manufacturer: syz
[   25.515789][  T448] usb 5-1: SerialNumber: syz
[   25.522449][  T462] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[   25.529634][  T462] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[   25.557142][  T477] loop0: detected capacity change from 0 to 2048
[   25.584143][  T477] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   25.592721][  T477] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   25.616182][  T477] syz.0.47 (477) used greatest stack depth: 21312 bytes left
[   25.617779][  T283] EXT4-fs (loop0): unmounting filesystem.
[   25.637227][   T28] audit: type=1400 audit(1768902889.625:174): avc:  denied  { listen } for  pid=479 comm="syz.2.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   25.689123][  T293] lenovo 0003:17EF:6047.0001: Fn-lock setting failed: -71
[   25.699858][  T293] lenovo 0003:17EF:6047.0001: Sensitivity setting failed: -71
[   25.712053][  T293] usb 4-1: USB disconnect, device number 2
[   25.829127][  T492] fido_id[492]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[   25.853085][  T484] loop0: detected capacity change from 0 to 40427
[   25.880118][  T484] F2FS-fs (loop0): invalid crc value
[   25.890510][  T484] F2FS-fs (loop0): Found nat_bits in checkpoint
[   25.900100][  T489] mmap: syz.2.51 (489) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   25.935449][  T484] F2FS-fs (loop0): Start checkpoint disabled!
[   25.942080][  T484] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[   25.949524][  T484] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   25.952940][  T462] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[   25.980144][  T462] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[   26.019573][  T484] F2FS-fs (loop0): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   26.065500][  T414] kworker/u4:5: attempt to access beyond end of device
[   26.065500][  T414] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   26.102305][  T502] loop2: detected capacity change from 0 to 256
[   26.124806][  T502] exfat: Deprecated parameter 'utf8'
[   26.140520][  T502] exfat: Deprecated parameter 'namecase'
[   26.146318][  T502] exfat: Deprecated parameter 'namecase'
[   26.152085][  T502] exfat: Deprecated parameter 'utf8'
[   26.159607][  T502] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x822ffc2e, utbl_chksum : 0xe619d30d)
[   26.293041][  T509] netlink: 80 bytes leftover after parsing attributes in process `syz.1.59'.
[   26.319877][  T509] netlink: 80 bytes leftover after parsing attributes in process `syz.1.59'.
[   26.334070][  T509] netlink: 80 bytes leftover after parsing attributes in process `syz.1.59'.
[   26.351290][  T509] syz.1.59 (509) used greatest stack depth: 20032 bytes left
[   26.394818][  T514] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=514 comm=syz.1.62
[   26.467832][  T527] sock: sock_set_timeout: `syz.1.68' (pid 527) tries to set negative timeout
[   26.573107][  T530] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.580759][  T530] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.588270][  T530] device bridge_slave_0 entered promiscuous mode
[   26.595402][  T530] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.602651][  T530] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.610043][  T448] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[   26.617259][  T530] device bridge_slave_1 entered promiscuous mode
[   26.622946][  T448] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[   26.643619][  T448] aqc111 5-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.4-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 96:74:c4:62:b1:79
[   26.658107][  T448] usb 5-1: USB disconnect, device number 2
[   26.664387][  T448] aqc111 5-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.4-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[   26.690079][  T293] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   26.719845][  T530] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.720395][  T448] aqc111 5-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[   26.726931][  T530] bridge0: port 2(bridge_slave_1) entered forwarding state
[   26.727127][  T530] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.750549][  T530] bridge0: port 1(bridge_slave_0) entered forwarding state
[   26.754432][  T448] aqc111 5-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[   26.767376][  T448] aqc111 5-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[   26.795817][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   26.803679][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.811391][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.820667][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   26.828915][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.835976][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   26.845798][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   26.854038][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.861094][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   26.870092][  T293] usb 1-1: Using ep0 maxpacket: 16
[   26.876827][  T293] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[   26.885077][  T293] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   26.895357][  T293] usb 1-1: config 0 has no interface number 0
[   26.902610][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   26.911693][  T293] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[   26.920883][  T293] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   26.928898][  T293] usb 1-1: Product: syz
[   26.933323][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   26.941258][  T293] usb 1-1: Manufacturer: syz
[   26.945861][  T293] usb 1-1: SerialNumber: syz
[   26.951463][  T293] usb 1-1: config 0 descriptor??
[   26.957564][  T293] usb 1-1: Found UVC 0.00 device syz (046d:08f3)
[   26.964010][  T293] usb 1-1: No valid video chain found.
[   26.964588][  T334] device bridge_slave_1 left promiscuous mode
[   26.976664][  T334] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.991297][  T334] device bridge_slave_0 left promiscuous mode
[   26.997832][  T334] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.005947][  T334] device veth1_macvtap left promiscuous mode
[   27.012032][  T334] device veth0_vlan left promiscuous mode
[   27.105857][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   27.117514][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   27.125679][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   27.133434][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   27.142340][  T530] device veth0_vlan entered promiscuous mode
[   27.153993][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   27.163709][  T530] device veth1_macvtap entered promiscuous mode
[   27.170570][  T448] usb 1-1: USB disconnect, device number 2
[   27.179611][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   27.190483][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.759971][    C0] sched: RT throttling activated
[   28.766253][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   29.776577][  T563] loop1: detected capacity change from 0 to 128
[   30.836531][   T28] kauditd_printk_skb: 21 callbacks suppressed
[   30.836545][   T28] audit: type=1400 audit(1768902894.825:196): avc:  denied  { create } for  pid=562 comm="syz.1.77" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   30.881674][  T563] netlink: 92 bytes leftover after parsing attributes in process `syz.1.77'.
[   30.902650][  T571] loop3: detected capacity change from 0 to 128
[   30.929625][  T571] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   30.948330][   T28] audit: type=1400 audit(1768902894.865:197): avc:  denied  { write } for  pid=562 comm="syz.1.77" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   30.972710][  T575] loop1: detected capacity change from 0 to 512
[   30.984665][  T571] ext4 filesystem being mounted at /14/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   31.061075][  T575] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   31.072033][  T581] loop5: detected capacity change from 0 to 256
[   31.090225][  T581] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[   31.103176][   T28] audit: type=1400 audit(1768902894.975:198): avc:  denied  { mount } for  pid=568 comm="syz.3.80" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   31.165090][  T286] EXT4-fs (loop1): unmounting filesystem.
[   31.170095][   T28] audit: type=1400 audit(1768902895.125:199): avc:  denied  { watch } for  pid=574 comm="syz.1.81" path="/20/file0/control" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   31.220946][  T584] input: syz1 as /devices/virtual/input/input4
[   31.230464][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   31.241004][  T285] EXT4-fs (loop3): unmounting filesystem.
[   31.251328][   T28] audit: type=1400 audit(1768902895.135:200): avc:  denied  { append } for  pid=568 comm="syz.3.80" path="/14/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/blkio.bfq.group_wait_time" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   31.339092][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   31.354479][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   31.375686][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   31.386464][   T28] audit: type=1400 audit(1768902895.135:201): avc:  denied  { append open } for  pid=579 comm="syz.5.83" path="/3/file0/keyring" dev="loop5" ino=1048611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   31.407977][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   31.413519][   T28] audit: type=1400 audit(1768902895.135:202): avc:  denied  { read } for  pid=579 comm="syz.5.83" name="keyring" dev="loop5" ino=1048611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   31.441182][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   31.458144][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   31.469895][  T598] loop4: detected capacity change from 0 to 512
[   31.484070][  T598] ext4: Bad value for 'mb_optimize_scan'
[   31.491348][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   31.500032][   T28] audit: type=1400 audit(1768902895.295:203): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=633 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   31.512534][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   31.561904][  T592] 8021q: VLANs not supported on gre0
[   31.580157][   T28] audit: type=1400 audit(1768902895.295:204): avc:  denied  { open } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=633 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   31.649259][   T28] audit: type=1400 audit(1768902895.295:205): avc:  denied  { ioctl } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=633 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   31.730788][  T610] loop4: detected capacity change from 0 to 512
[   31.776426][  T596] loop1: detected capacity change from 0 to 40427
[   31.793785][  T596] F2FS-fs (loop1): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[   31.799815][  T610] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   31.820074][  T596] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   31.827114][  T610] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   31.849318][  T596] F2FS-fs (loop1): fault_type options not supported
[   31.856278][  T596] F2FS-fs (loop1): fault_injection options not supported
[   31.863595][  T596] F2FS-fs (loop1): Image doesn't support compression
[   31.880202][  T596] F2FS-fs (loop1): invalid crc value
[   31.892036][  T596] F2FS-fs (loop1): Found nat_bits in checkpoint
[   31.971076][  T282] EXT4-fs (loop4): unmounting filesystem.
[   32.040325][  T596] F2FS-fs (loop1): Start checkpoint disabled!
[   32.060311][  T596] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[   32.073864][  T596] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   32.100080][  T596] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   32.122797][  T633] loop0: detected capacity change from 0 to 512
[   32.143691][  T633] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   32.198444][  T633] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[   32.212425][  T628] loop5: detected capacity change from 0 to 40427
[   32.219688][  T633] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.104: Corrupt directory, running e2fsck is recommended
[   32.233257][  T628] F2FS-fs (loop5): heap/no_heap options were deprecated
[   32.240942][  T633] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   32.249967][  T633] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2196: inode #15: comm syz.0.104: corrupted in-inode xattr
[   32.250087][  T628] F2FS-fs (loop5): invalid crc value
[   32.267790][  T633] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.104: couldn't read orphan inode 15 (err -117)
[   32.280852][  T628] F2FS-fs (loop5): Found nat_bits in checkpoint
[   32.299074][  T614] loop3: detected capacity change from 0 to 40427
[   32.305796][  T633] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   32.315349][  T347] kworker/u4:4: attempt to access beyond end of device
[   32.315349][  T347] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   32.334796][  T614] F2FS-fs (loop3): invalid crc value
[   32.364868][  T614] F2FS-fs (loop3): Found nat_bits in checkpoint
[   32.368806][  T633] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   32.384929][  T633] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[   32.397308][  T628] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   32.410443][  T633] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.104: Corrupt directory, running e2fsck is recommended
[   32.438404][  T633] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 3: comm syz.0.104: path /14/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   32.490072][  T633] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 8: comm syz.0.104: path /14/file0: bad entry in directory: inode out of bounds - offset=0, inode=16810477, rec_len=1024, size=1024 fake=0
[   32.535026][  T614] F2FS-fs (loop3): Start checkpoint disabled!
[   32.551066][  T614] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[   32.558912][  T283] EXT4-fs (loop0): unmounting filesystem.
[   32.568299][  T614] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   32.680031][  T614] F2FS-fs (loop3): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   32.736746][  T655] loop1: detected capacity change from 0 to 1024
[   32.745594][  T414] kworker/u4:5: attempt to access beyond end of device
[   32.745594][  T414] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   32.760892][  T655] EXT4-fs: Ignoring removed bh option
[   32.810873][  T655] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   32.848640][  T645] loop5: detected capacity change from 0 to 40427
[   32.860836][  T655] EXT4-fs error (device loop1): ext4_find_dest_de:2115: inode #12: block 7: comm syz.1.112: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[   32.863878][  T645] F2FS-fs (loop5): invalid crc value
[   32.886996][  T645] F2FS-fs (loop5): Found nat_bits in checkpoint
[   32.893409][  T655] EXT4-fs (loop1): Remounting filesystem read-only
[   32.903369][  T655] EXT4-fs error (device loop1): ext4_read_inline_dir:1601: inode #12: block 7: comm syz.1.112: path /26/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[   32.938338][  T655] EXT4-fs (loop1): Remounting filesystem read-only
[   32.952803][  T286] EXT4-fs (loop1): unmounting filesystem.
[   32.978278][  T661] loop4: detected capacity change from 0 to 512
[   32.985651][  T645] F2FS-fs (loop5): Start checkpoint disabled!
[   33.001228][  T645] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[   33.011688][  T645] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[   33.020830][  T661] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   33.029767][  T661] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   33.088568][  T661] EXT4-fs warning (device loop4): verify_group_input:151: Cannot add at group 1597403241 (only 1 groups)
[   33.094498][  T645] F2FS-fs (loop5): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   33.127417][  T282] EXT4-fs (loop4): unmounting filesystem.
[   33.168511][  T347] kworker/u4:4: attempt to access beyond end of device
[   33.168511][  T347] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   33.183665][  T674] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.191896][  T674] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   33.214391][  T676] netlink: 'syz.3.120': attribute type 12 has an invalid length.
[   33.222219][  T676] netlink: 'syz.3.120': attribute type 29 has an invalid length.
[   33.229946][  T676] netlink: 148 bytes leftover after parsing attributes in process `syz.3.120'.
[   33.244470][  T676] Zero length message leads to an empty skb
[   33.608452][  T717] loop4: detected capacity change from 0 to 1024
[   33.615173][  T293] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   33.649089][  T721] loop1: detected capacity change from 0 to 512
[   33.652920][  T724] loop0: detected capacity change from 0 to 128
[   33.661760][  T717] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   33.682261][  T721] EXT4-fs: Ignoring removed i_version option
[   33.694465][  T724] FAT-fs (loop0): Directory bread(block 32) failed
[   33.701134][  T721] EXT4-fs: Ignoring removed oldalloc option
[   33.711472][  T724] FAT-fs (loop0): Directory bread(block 33) failed
[   33.726435][  T724] FAT-fs (loop0): Directory bread(block 34) failed
[   33.742289][  T727] loop5: detected capacity change from 0 to 2048
[   33.746980][  T724] FAT-fs (loop0): Directory bread(block 35) failed
[   33.755253][  T721] EXT4-fs (loop1): Test dummy encryption mode enabled
[   33.765459][  T724] FAT-fs (loop0): Directory bread(block 36) failed
[   33.769325][  T717] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3836: comm syz.4.138: Allocating blocks 497-513 which overlap fs metadata
[   33.776523][  T724] FAT-fs (loop0): Directory bread(block 37) failed
[   33.789212][  T721] EXT4-fs (loop1): 1 truncate cleaned up
[   33.794050][  T724] FAT-fs (loop0): Directory bread(block 38) failed
[   33.801149][  T727] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   33.806300][  T724] FAT-fs (loop0): Directory bread(block 39) failed
[   33.813278][  T721] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   33.821266][  T293] usb 4-1: Using ep0 maxpacket: 32
[   33.833461][  T724] FAT-fs (loop0): Directory bread(block 40) failed
[   33.839799][  T717] EXT4-fs (loop4): Remounting filesystem read-only
[   33.840762][  T724] FAT-fs (loop0): Directory bread(block 41) failed
[   33.853952][  T293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   33.875063][  T293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   33.887651][  T293] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   33.907805][  T293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   33.911574][  T717] EXT4-fs (loop4): pa ffff8881181cf000: logic 256, phys. 385, len 8
[   33.919661][  T293] usb 4-1: config 0 descriptor??
[   33.923933][  T717] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1
[   33.940073][  T293] hub 4-1:0.0: USB hub found
[   33.955926][  T724] syz.0.140: attempt to access beyond end of device
[   33.955926][  T724] loop0: rw=0, sector=4108, nr_sectors = 4 limit=128
[   33.969194][  T724] FAT-fs (loop0): Filesystem has been set read-only
[   33.976089][  T724] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[   33.984880][  T717] EXT4-fs (loop4): Remounting filesystem read-only
[   33.986528][  T286] EXT4-fs (loop1): unmounting filesystem.
[   34.028545][  T530] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   34.043690][  T530] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6165: Corrupt filesystem
[   34.056778][  T282] EXT4-fs (loop4): unmounting filesystem.
[   34.066632][  T530] EXT4-fs (loop5): unmounting filesystem.
[   34.094922][  T733] loop1: detected capacity change from 0 to 4096
[   34.104455][  T733] EXT4-fs: Ignoring removed nomblk_io_submit option
[   34.111876][  T733] EXT4-fs (loop1): Test dummy encryption mode enabled
[   34.127226][  T733] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0002]
[   34.141351][  T293] hub 4-1:0.0: 1 port detected
[   34.169467][  T733] System zones: 0-5
[   34.177045][  T733] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   34.233923][  T286] EXT4-fs (loop1): unmounting filesystem.
[   34.245635][  T750] loop5: detected capacity change from 0 to 512
[   34.267701][  T750] EXT4-fs: Ignoring removed nobh option
[   34.280619][  T750] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[   34.288918][  T750] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.150: invalid indirect mapped block 256 (level 1)
[   34.303260][  T750] EXT4-fs (loop5): Remounting filesystem read-only
[   34.309900][  T750] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.150: invalid indirect mapped block 2683928664 (level 1)
[   34.324349][  T750] EXT4-fs (loop5): Remounting filesystem read-only
[   34.331137][  T750] EXT4-fs (loop5): 1 truncate cleaned up
[   34.336910][  T750] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   34.348453][  T293] hub 4-1:0.0: hub_hub_status failed (err = -71)
[   34.363752][  T293] hub 4-1:0.0: config failed, can't get hub status (err -71)
[   34.382521][  T293] usbhid 4-1:0.0: can't add hid device: -71
[   34.389560][  T293] usbhid: probe of 4-1:0.0 failed with error -71
[   34.396836][  T530] EXT4-fs (loop5): unmounting filesystem.
[   34.432354][  T293] usb 4-1: USB disconnect, device number 3
[   34.493357][  T762] loop1: detected capacity change from 0 to 256
[   34.507354][  T762] FAT-fs (loop1): Directory bread(block 64) failed
[   34.514085][  T762] FAT-fs (loop1): Directory bread(block 65) failed
[   34.520902][  T762] FAT-fs (loop1): Directory bread(block 66) failed
[   34.527451][  T762] FAT-fs (loop1): Directory bread(block 67) failed
[   34.534546][  T762] FAT-fs (loop1): Directory bread(block 68) failed
[   34.541223][  T762] FAT-fs (loop1): Directory bread(block 69) failed
[   34.547980][  T762] FAT-fs (loop1): Directory bread(block 70) failed
[   34.554702][  T762] FAT-fs (loop1): Directory bread(block 71) failed
[   34.563006][  T762] FAT-fs (loop1): Directory bread(block 72) failed
[   34.569550][  T762] FAT-fs (loop1): Directory bread(block 73) failed
[   34.574656][  T448] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   34.602368][  T764] ÿÿÿÿÿÿ: renamed from vlan1
[   34.752940][  T774] loop5: detected capacity change from 0 to 40427
[   34.763000][  T774] F2FS-fs (loop5): heap/no_heap options were deprecated
[   34.770165][  T774] F2FS-fs (loop5): fault_injection options not supported
[   34.778181][  T774] F2FS-fs (loop5): invalid crc value
[   34.780253][  T448] usb 5-1: Using ep0 maxpacket: 8
[   34.789676][  T774] F2FS-fs (loop5): Found nat_bits in checkpoint
[   34.792748][  T448] usb 5-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b
[   34.805506][  T448] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   34.813905][  T448] usb 5-1: Product: syz
[   34.818215][  T448] usb 5-1: Manufacturer: syz
[   34.823036][  T448] usb 5-1: SerialNumber: syz
[   34.828918][  T448] usb 5-1: config 0 descriptor??
[   34.857523][  T774] F2FS-fs (loop5): Start checkpoint disabled!
[   34.864215][  T774] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[   34.876865][  T774] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[   34.926798][  T782] loop3: detected capacity change from 0 to 512
[   34.936760][  T774] F2FS-fs (loop5): Unexpected flush for atomic writes: ino=10, npages=2
[   34.946545][  T782] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   34.946810][  T774] syz.5.160: attempt to access beyond end of device
[   34.946810][  T774] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   34.957940][  T782] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   35.012132][    T8] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   35.016278][  T334] kworker/u4:3: attempt to access beyond end of device
[   35.016278][  T334] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   35.055865][  T448] usb 5-1: USB disconnect, device number 3
[   35.520072][  T293] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[   35.636933][  T839] loop4: detected capacity change from 0 to 512
[   35.653898][  T839] EXT4-fs: Ignoring removed i_version option
[   35.664620][  T839] EXT4-fs error (device loop4): ext4_get_journal_inode:5717: comm syz.4.186: inode #196608: comm syz.4.186: iget: illegal inode #
[   35.697935][  T839] EXT4-fs (loop4): no journal found
[   35.704594][  T293] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   35.723983][  T839] EXT4-fs (loop4): can't get journal size
[   35.732150][  T293] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   35.737784][  T839] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   35.750546][  T293] usb 6-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[   35.760968][  T839] EXT4-fs (loop4): Errors on filesystem, clearing orphan list.
[   35.771552][  T839] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   35.791531][  T293] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   35.803211][  T282] EXT4-fs (loop4): unmounting filesystem.
[   35.817024][  T293] usb 6-1: config 0 descriptor??
[   35.843313][  T856] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   35.856573][  T856] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   35.886592][  T856] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   35.895438][  T856] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   35.961494][   T28] kauditd_printk_skb: 46 callbacks suppressed
[   35.961507][   T28] audit: type=1400 audit(1768902899.955:252): avc:  denied  { read } for  pid=863 comm="syz.3.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   36.083407][  T854] loop4: detected capacity change from 0 to 40427
[   36.090633][  T854] F2FS-fs (loop4): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[   36.106756][  T854] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   36.120200][  T854] F2FS-fs (loop4): fault_type options not supported
[   36.126860][  T854] F2FS-fs (loop4): fault_injection options not supported
[   36.145327][  T870] loop3: detected capacity change from 0 to 512
[   36.147633][  T854] F2FS-fs (loop4): Image doesn't support compression
[   36.166038][  T870] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   36.179831][  T870] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   36.191448][  T854] F2FS-fs (loop4): invalid crc value
[   36.198486][  T870] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.200: bad orphan inode 131083
[   36.209902][  T870] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   36.223376][  T854] F2FS-fs (loop4): Found nat_bits in checkpoint
[   36.231917][  T293] hid-generic 0003:04F3:0755.0002: unknown main item tag 0x0
[   36.239348][  T293] hid-generic 0003:04F3:0755.0002: unknown main item tag 0x0
[   36.247101][   T28] audit: type=1400 audit(1768902900.245:253): avc:  denied  { read } for  pid=869 comm="syz.3.200" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[   36.260145][  T293] hid-generic 0003:04F3:0755.0002: unknown main item tag 0x0
[   36.297910][  T293] hid-generic 0003:04F3:0755.0002: unknown main item tag 0x0
[   36.302287][  T870] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.3.200: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[   36.307519][  T293] hid-generic 0003:04F3:0755.0002: unknown main item tag 0x0
[   36.340060][  T293] hid-generic 0003:04F3:0755.0002: failed to start in urb: -90
[   36.350748][  T293] hid-generic 0003:04F3:0755.0002: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.5-1/input0
[   36.377347][  T875] loop1: detected capacity change from 0 to 1024
[   36.392091][  T877] ICMPv6: RA: ndisc_router_discovery failed to add default route
[   36.399941][  T877] ICMPv6: RA: ndisc_router_discovery failed to add default route
[   36.407831][  T877] ICMPv6: RA: ndisc_router_discovery failed to add default route
[   36.415648][  T877] ICMPv6: RA: ndisc_router_discovery failed to add default route
[   36.420564][   T28] audit: type=1400 audit(1768902900.285:254): avc:  denied  { rename } for  pid=869 comm="syz.3.200" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   36.423580][  T877] ICMPv6: RA: ndisc_router_discovery failed to add default route
[   36.447031][  T870] EXT4-fs error (device loop3) in ext4_delete_entry:2800: Corrupt filesystem
[   36.453364][  T877] ICMPv6: RA: ndisc_router_discovery failed to add default route
[   36.469757][  T877] ICMPv6: RA: ndisc_router_discovery failed to add default route
[   36.492283][   T28] audit: type=1400 audit(1768902900.285:255): avc:  denied  { unlink } for  pid=869 comm="syz.3.200" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[   36.500461][  T870] EXT4-fs warning (device loop3): ext4_rename_delete:3778: inode #2: comm syz.3.200: Deleting old file: nlink 4, error=-117
[   36.547666][   T28] audit: type=1400 audit(1768902900.365:256): avc:  denied  { create } for  pid=876 comm="syz.0.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[   36.553549][  T293] usb 6-1: USB disconnect, device number 2
[   36.583976][  T854] F2FS-fs (loop4): Start checkpoint disabled!
[   36.598629][  T875] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   36.607669][  T854] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[   36.615110][   T28] audit: type=1400 audit(1768902900.615:257): avc:  denied  { watch watch_reads } for  pid=874 comm="syz.1.201" path="/43/file1/file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   36.643512][  T854] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   36.659126][  T854] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   36.668327][  T286] EXT4-fs (loop1): unmounting filesystem.
[   36.728825][  T285] EXT4-fs (loop3): unmounting filesystem.
[   36.743855][   T28] audit: type=1400 audit(1768902900.735:258): avc:  denied  { unlink } for  pid=891 comm="syz.1.208" name="#7" dev="tmpfs" ino=261 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   36.791576][  T347] kworker/u4:4: attempt to access beyond end of device
[   36.791576][  T347] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[   36.819947][  T894] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   36.866058][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   36.875077][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   36.899229][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   36.907606][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   36.930513][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   36.940352][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   36.964433][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   36.975491][   T28] audit: type=1400 audit(1768902900.965:259): avc:  denied  { ioctl } for  pid=897 comm="syz.0.211" path="/37/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   37.010430][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   37.029582][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[   37.042986][   T28] audit: type=1400 audit(1768902901.035:260): avc:  denied  { connect } for  pid=899 comm="syz.4.209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   37.079421][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[   37.100847][   T28] audit: type=1400 audit(1768902901.075:261): avc:  denied  { shutdown } for  pid=899 comm="syz.4.209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   37.154536][  T896] loop1: detected capacity change from 0 to 40427
[   37.164947][  T896] F2FS-fs (loop1): invalid crc value
[   37.195367][  T896] F2FS-fs (loop1): Found nat_bits in checkpoint
[   37.203503][  T913] loop5: detected capacity change from 0 to 512
[   37.254501][  T915] loop4: detected capacity change from 0 to 2048
[   37.283398][  T896] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   37.305495][  T913] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.216: inode has both inline data and extents flags
[   37.329619][  T896] F2FS-fs (loop1): access invalid blkaddr:4043309056
[   37.330428][  T915] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   37.337047][  T896] CPU: 0 PID: 896 Comm: syz.1.210 Not tainted syzkaller #0
[   37.351976][  T896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   37.362068][  T896] Call Trace:
[   37.365368][  T896]  <TASK>
[   37.368340][  T896]  __dump_stack+0x21/0x24
[   37.372717][  T896]  dump_stack_lvl+0x110/0x170
[   37.377431][  T896]  ? __cfi_dump_stack_lvl+0x8/0x8
[   37.382484][  T896]  ? __cfi_f2fs_get_dnode_of_data+0x10/0x10
[   37.388435][  T896]  dump_stack+0x15/0x24
[   37.392634][  T896]  __f2fs_is_valid_blkaddr+0xda6/0x1460
[   37.398219][  T896]  f2fs_is_valid_blkaddr+0x23/0x30
[   37.400598][  T913] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.216: couldn't read orphan inode 15 (err -117)
[   37.403367][  T896]  f2fs_map_blocks+0xd43/0x3ba0
[   37.419947][  T896]  ? arch_stack_walk+0x118/0x150
[   37.424938][  T896]  ? __cfi_f2fs_map_blocks+0x10/0x10
[   37.430255][  T896]  ? __alloc_pages+0x1d9/0x480
[   37.435086][  T896]  ? __folio_alloc+0x12/0x40
[   37.439722][  T896]  ? xas_start+0x317/0x3e0
[   37.444203][  T896]  ? xas_load+0x39e/0x3b0
[   37.448570][  T896]  ? xa_load+0xad/0xd0
[   37.452698][  T896]  f2fs_mpage_readpages+0xa6c/0x1bb0
[   37.458029][  T896]  ? dquot_release_reservation_block+0xa0/0xa0
[   37.464219][  T896]  ? cgroup_rstat_updated+0xf5/0x360
[   37.467662][  T913] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   37.469542][  T896]  ? xas_nomem+0x6b/0x1f0
[   37.482746][  T896]  f2fs_readahead+0xfc/0x240
[   37.487379][  T896]  ? __cfi_f2fs_readahead+0x10/0x10
[   37.492615][  T896]  read_pages+0x1c2/0xde0
[   37.497000][  T896]  ? __cfi___filemap_add_folio+0x10/0x10
[   37.502686][  T896]  ? page_cache_ra_unbounded+0x730/0x730
[   37.508360][  T896]  ? folio_add_lru+0x26a/0x480
[   37.513173][  T896]  page_cache_ra_unbounded+0x5e5/0x730
[   37.518682][  T896]  ? __cfi_page_cache_ra_unbounded+0x10/0x10
[   37.524718][  T896]  ? __switch_to_asm+0x3a/0x60
[   37.529527][  T896]  ? __schedule+0xbae/0x1500
[   37.534141][  T896]  do_page_cache_ra+0xf2/0x110
[   37.538932][  T896]  ondemand_readahead+0xa49/0xdc0
[   37.543988][  T896]  ? page_cache_sync_ra+0x490/0x490
[   37.549217][  T896]  page_cache_sync_ra+0x41b/0x490
[   37.554267][  T896]  f2fs_readdir+0x46f/0x990
[   37.558803][  T896]  ? __cfi_f2fs_readdir+0x10/0x10
[   37.563855][  T896]  ? down_read_killable+0xbc/0x110
[   37.569001][  T896]  ? __cfi_down_read_killable+0x10/0x10
[   37.574668][  T896]  ? fsnotify_perm+0x269/0x5b0
[   37.579475][  T896]  ? security_file_permission+0x94/0xb0
[   37.585063][  T896]  iterate_dir+0x271/0x610
[   37.589497][  T896]  ? __cfi_f2fs_readdir+0x10/0x10
[   37.594545][  T896]  __se_sys_getdents64+0xf2/0x250
[   37.599607][  T896]  ? __x64_sys_getdents64+0x90/0x90
[   37.604827][  T896]  ? xfd_validate_state+0x70/0x150
[   37.610052][  T896]  ? __cfi_filldir64+0x10/0x10
[   37.614857][  T896]  ? fpregs_restore_userregs+0x128/0x260
[   37.620508][  T896]  __x64_sys_getdents64+0x7b/0x90
[   37.625548][  T896]  x64_sys_call+0x15c/0x9a0
[   37.630072][  T896]  do_syscall_64+0x4c/0xa0
[   37.634507][  T896]  ? clear_bhb_loop+0x30/0x80
[   37.639203][  T896]  ? clear_bhb_loop+0x30/0x80
[   37.643901][  T896]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   37.649812][  T896] RIP: 0033:0x7f9c5a59acb9
[   37.654261][  T896] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   37.673890][  T896] RSP: 002b:00007f9c5b3c4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   37.682338][  T896] RAX: ffffffffffffffda RBX: 00007f9c5a815fa0 RCX: 00007f9c5a59acb9
[   37.690329][  T896] RDX: 000000000000004f RSI: 0000000000000000 RDI: 0000000000000005
[   37.698320][  T896] RBP: 00007f9c5a608bf7 R08: 0000000000000000 R09: 0000000000000000
[   37.706313][  T896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   37.714307][  T896] R13: 00007f9c5a816038 R14: 00007f9c5a815fa0 R15: 00007ffef6b45a18
[   37.722310][  T896]  </TASK>
[   37.725919][   T39] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   37.738523][  T282] EXT4-fs (loop4): unmounting filesystem.
[   37.744406][  T896] F2FS-fs (loop1): access invalid blkaddr:4043309056
[   37.753068][  T896] CPU: 1 PID: 896 Comm: syz.1.210 Not tainted syzkaller #0
[   37.760322][  T896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   37.770400][  T896] Call Trace:
[   37.773707][  T896]  <TASK>
[   37.776756][  T896]  __dump_stack+0x21/0x24
[   37.781108][  T896]  dump_stack_lvl+0x110/0x170
[   37.785805][  T896]  ? __cfi_dump_stack_lvl+0x8/0x8
[   37.790855][  T896]  ? __cfi_f2fs_get_dnode_of_data+0x10/0x10
[   37.796770][  T896]  ? f2fs_lookup_read_extent_cache_block+0x257/0x460
[   37.803483][  T896]  dump_stack+0x15/0x24
[   37.807664][  T896]  __f2fs_is_valid_blkaddr+0xda6/0x1460
[   37.813255][  T896]  f2fs_is_valid_blkaddr+0x23/0x30
[   37.818397][  T896]  f2fs_get_read_data_page+0x4ef/0x850
[   37.823894][  T896]  ? __cfi_f2fs_get_read_data_page+0x10/0x10
[   37.829902][  T896]  f2fs_find_data_page+0x198/0x3a0
[   37.835039][  T896]  f2fs_readdir+0x49e/0x990
[   37.839580][  T896]  ? __cfi_f2fs_readdir+0x10/0x10
[   37.844650][  T896]  ? down_read_killable+0xbc/0x110
[   37.849788][  T896]  ? __cfi_down_read_killable+0x10/0x10
[   37.855352][  T896]  ? fsnotify_perm+0x269/0x5b0
[   37.860138][  T896]  ? security_file_permission+0x94/0xb0
[   37.865716][  T896]  iterate_dir+0x271/0x610
[   37.870147][  T896]  ? __cfi_f2fs_readdir+0x10/0x10
[   37.875186][  T896]  __se_sys_getdents64+0xf2/0x250
[   37.880225][  T896]  ? __x64_sys_getdents64+0x90/0x90
[   37.885429][  T896]  ? xfd_validate_state+0x70/0x150
[   37.890596][  T896]  ? __cfi_filldir64+0x10/0x10
[   37.895376][  T896]  ? fpregs_restore_userregs+0x128/0x260
[   37.901025][  T896]  __x64_sys_getdents64+0x7b/0x90
[   37.906052][  T896]  x64_sys_call+0x15c/0x9a0
[   37.910585][  T896]  do_syscall_64+0x4c/0xa0
[   37.915030][  T896]  ? clear_bhb_loop+0x30/0x80
[   37.919740][  T896]  ? clear_bhb_loop+0x30/0x80
[   37.924436][  T896]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   37.930352][  T896] RIP: 0033:0x7f9c5a59acb9
[   37.934777][  T896] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   37.954398][  T896] RSP: 002b:00007f9c5b3c4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   37.962826][  T896] RAX: ffffffffffffffda RBX: 00007f9c5a815fa0 RCX: 00007f9c5a59acb9
[   37.970817][  T896] RDX: 000000000000004f RSI: 0000000000000000 RDI: 0000000000000005
[   37.978793][  T896] RBP: 00007f9c5a608bf7 R08: 0000000000000000 R09: 0000000000000000
[   37.986767][  T896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   37.994741][  T896] R13: 00007f9c5a816038 R14: 00007f9c5a815fa0 R15: 00007ffef6b45a18
[   38.002729][  T896]  </TASK>
[   38.048983][  T286] syz-executor: attempt to access beyond end of device
[   38.048983][  T286] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   38.066735][  T530] EXT4-fs (loop5): unmounting filesystem.
[   38.099679][  T934] loop4: detected capacity change from 0 to 128
[   38.111063][   T39] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[   38.120918][  T934] EXT4-fs: Ignoring removed nobh option
[   38.142994][  T937] loop5: detected capacity change from 0 to 512
[   38.150743][  T934] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   38.169355][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   38.180694][  T934] ext4 filesystem being mounted at /41/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   38.191949][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   38.202682][  T937] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.226: inode has both inline data and extents flags
[   38.204862][   T39] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[   38.250484][   T39] usb 4-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[   38.250506][  T937] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.226: couldn't read orphan inode 15 (err -117)
[   38.259781][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   38.279508][  T934] fscrypt (loop4, inode 12): Unsupported encryption modes (contents 0, filenames 0)
[   38.289599][   T39] usb 4-1: config 0 descriptor??
[   38.295765][  T937] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   38.352596][  T282] EXT4-fs (loop4): unmounting filesystem.
[   38.396447][  T530] EXT4-fs (loop5): unmounting filesystem.
[   38.638560][  T942] loop0: detected capacity change from 0 to 40427
[   38.656520][  T942] F2FS-fs (loop0): fault_injection options not supported
[   38.672719][  T942] F2FS-fs (loop0): invalid crc value
[   38.677256][  T958] loop1: detected capacity change from 0 to 128
[   38.691376][  T942] F2FS-fs (loop0): Found nat_bits in checkpoint
[   38.699008][   T39] ryos 0003:1E7D:31CE.0003: unknown main item tag 0x0
[   38.716039][   T39] ryos 0003:1E7D:31CE.0003: unknown main item tag 0x0
[   38.733057][   T39] ryos 0003:1E7D:31CE.0003: unknown main item tag 0x0
[   38.750065][   T39] ryos 0003:1E7D:31CE.0003: unknown main item tag 0x0
[   38.766186][   T39] ryos 0003:1E7D:31CE.0003: unknown main item tag 0x0
[   38.783224][   T39] ryos 0003:1E7D:31CE.0003: unknown main item tag 0x0
[   38.800175][   T39] ryos 0003:1E7D:31CE.0003: unknown main item tag 0x0
[   38.800293][  T942] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   38.840993][   T39] ryos 0003:1E7D:31CE.0003: hidraw0: USB HID v0.00 Device [HID 1e7d:31ce] on usb-dummy_hcd.3-1/input0
[   38.865318][  T283] syz-executor: attempt to access beyond end of device
[   38.865318][  T283] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   38.919735][   T39] usb 4-1: USB disconnect, device number 4
[   39.250932][  T975] loop4: detected capacity change from 0 to 40427
[   39.277132][  T975] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   39.294445][  T975] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   39.310723][  T975] F2FS-fs (loop4): invalid crc value
[   39.330467][  T977] loop1: detected capacity change from 0 to 40427
[   39.344925][  T975] F2FS-fs (loop4): Found nat_bits in checkpoint
[   39.353278][  T977] F2FS-fs (loop1): heap/no_heap options were deprecated
[   39.370420][  T977] F2FS-fs (loop1): Image doesn't support compression
[   39.390065][  T977] F2FS-fs (loop1): heap/no_heap options were deprecated
[   39.407937][  T977] F2FS-fs (loop1): invalid crc value
[   39.428542][  T977] F2FS-fs (loop1): Found nat_bits in checkpoint
[   39.459203][  T975] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   39.470817][  T975] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   39.550067][  T977] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   39.598259][  T992] netlink: 'syz.3.244': attribute type 3 has an invalid length.
[   39.620125][  T992] netlink: 64 bytes leftover after parsing attributes in process `syz.3.244'.
[   39.644510][  T954] loop5: detected capacity change from 0 to 131072
[   39.648825][  T977] syz.1.242: attempt to access beyond end of device
[   39.648825][  T977] loop1: rw=2049, sector=77824, nr_sectors = 8 limit=40427
[   39.673226][  T977] syz.1.242: attempt to access beyond end of device
[   39.673226][  T977] loop1: rw=2049, sector=77840, nr_sectors = 32 limit=40427
[   39.696931][  T977] syz.1.242: attempt to access beyond end of device
[   39.696931][  T977] loop1: rw=2049, sector=77904, nr_sectors = 24 limit=40427
[   39.714934][  T954] F2FS-fs (loop5): invalid crc value
[   39.744122][  T954] F2FS-fs (loop5): Found nat_bits in checkpoint
[   39.762327][  T977] syz.1.242: attempt to access beyond end of device
[   39.762327][  T977] loop1: rw=2049, sector=77944, nr_sectors = 24 limit=40427
[   39.811491][  T977] syz.1.242: attempt to access beyond end of device
[   39.811491][  T977] loop1: rw=2049, sector=77984, nr_sectors = 8 limit=40427
[   39.847203][  T954] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   39.872677][  T286] syz-executor: attempt to access beyond end of device
[   39.872677][  T286] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   40.143200][ T1026] loop4: detected capacity change from 0 to 1024
[   40.154174][ T1026] EXT4-fs: Ignoring removed mblk_io_submit option
[   40.201533][ T1026] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   40.220261][  T448] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   40.247628][  T282] EXT4-fs (loop4): unmounting filesystem.
[   40.276168][ T1037] netlink: 4 bytes leftover after parsing attributes in process `syz.5.254'.
[   40.410049][  T448] usb 4-1: Using ep0 maxpacket: 16
[   40.416654][  T448] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   40.426888][  T448] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   40.437337][  T448] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   40.446460][  T448] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   40.454548][  T448] usb 4-1: Product: syz
[   40.461812][  T448] usb 4-1: Manufacturer: syz
[   40.466603][  T448] usb 4-1: SerialNumber: syz
[   40.560049][   T39] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   40.640986][ T1053] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   40.655526][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   40.664012][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   40.675304][  T448] usb 4-1: 0:2 : does not exist
[   40.680570][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   40.689141][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   40.697541][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   40.699207][  T448] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[   40.706346][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   40.720991][  T448] usb 4-1: USB disconnect, device number 5
[   40.730804][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   40.739081][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   40.748270][   T39] usb 5-1: config 0 has no interfaces?
[   40.754648][   T39] usb 5-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00
[   40.764149][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   40.772514][   T39] usb 5-1: SerialNumber: syz
[   40.777998][   T39] usb 5-1: config 0 descriptor??
[   40.913339][ T1088] loop0: detected capacity change from 0 to 256
[   40.920752][  T490] udevd[490]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   40.973820][ T1092] pimreg1: tun_chr_ioctl cmd 2147767520
[   40.979896][ T1092] pimreg1: tun_chr_ioctl cmd 1074025678
[   40.991187][ T1092] pimreg1: group set to 0
[   40.998069][  T448] usb 5-1: USB disconnect, device number 4
[   41.011835][   T28] kauditd_printk_skb: 21 callbacks suppressed
[   41.011851][   T28] audit: type=1400 audit(1768902905.005:283): avc:  denied  { setopt } for  pid=1093 comm="syz.5.282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   41.127723][   T28] audit: type=1400 audit(1768902905.115:284): avc:  denied  { mounton } for  pid=1106 comm="syz.1.288" path="/58/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   41.151341][ T1107] incfs: Can't find or create .index dir in ./file0
[   41.157992][ T1107] incfs: mount failed -30
[   41.223636][ T1110] loop1: detected capacity change from 0 to 256
[   41.239925][ T1113] loop3: detected capacity change from 0 to 128
[   41.294476][ T1102] loop0: detected capacity change from 0 to 40427
[   41.303450][ T1113] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   41.315353][ T1102] F2FS-fs (loop0): invalid crc value
[   41.322302][ T1120] Driver unsupported XDP return value 0 on prog  (id 35) dev N/A, expect packet loss!
[   41.324589][ T1113] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.356271][ T1102] F2FS-fs (loop0): Found nat_bits in checkpoint
[   41.394538][  T285] EXT4-fs (loop3): unmounting filesystem.
[   41.415782][ T1131] input: syz0 as /devices/virtual/input/input5
[   41.416078][ T1102] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   41.547878][   T28] audit: type=1400 audit(1768902905.535:285): avc:  denied  { map } for  pid=1101 comm="syz.0.286" path="/63/file0/freezer.parent_freezing" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   41.599215][   T28] audit: type=1400 audit(1768902905.585:286): avc:  denied  { view } for  pid=1153 comm="syz.1.306" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   41.657922][ T1162] netlink: 8 bytes leftover after parsing attributes in process `syz.4.308'.
[   41.668376][   T28] audit: type=1400 audit(1768902905.655:287): avc:  denied  { append } for  pid=1164 comm="syz.1.311" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   41.675447][ T1102] syz.0.286: attempt to access beyond end of device
[   41.675447][ T1102] loop0: rw=2049, sector=77824, nr_sectors = 2096 limit=40427
[   41.724355][ T1166] loop5: detected capacity change from 0 to 2048
[   41.744081][ T1102] syz.0.286: attempt to access beyond end of device
[   41.744081][ T1102] loop0: rw=2049, sector=79920, nr_sectors = 2000 limit=40427
[   41.752516][   T28] audit: type=1400 audit(1768902905.725:288): avc:  denied  { write } for  pid=1170 comm="syz.4.314" name="001" dev="devtmpfs" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   41.784739][   T28] audit: type=1400 audit(1768902905.785:289): avc:  denied  { map } for  pid=1170 comm="syz.4.314" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   41.808894][ T1171] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   41.810955][ T1166] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   41.837679][ T1166] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.875204][ T1178] loop1: detected capacity change from 0 to 512
[   41.895625][  T530] EXT4-fs (loop5): unmounting filesystem.
[   41.935379][ T1178] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   41.944844][ T1178] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.981767][ T1178] EXT4-fs (loop1): shut down requested (2)
[   41.990915][   T28] audit: type=1400 audit(1768902905.985:290): avc:  denied  { read } for  pid=84 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   42.016949][ T1184] loop4: detected capacity change from 0 to 1024
[   42.031593][ T1184] EXT4-fs: Ignoring removed mblk_io_submit option
[   42.038470][  T286] EXT4-fs (loop1): unmounting filesystem.
[   42.047436][   T28] audit: type=1400 audit(1768902905.985:291): avc:  denied  { search } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   42.068979][   T28] audit: type=1400 audit(1768902905.985:292): avc:  denied  { write } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   42.091973][ T1184] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   42.119380][ T1184] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2749: inode #15: comm syz.4.319: corrupted in-inode xattr
[   42.198764][  T282] EXT4-fs (loop4): unmounting filesystem.
[   42.302258][ T1204] loop5: detected capacity change from 0 to 128
[   42.308998][ T1204] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   42.361950][ T1211] SELinux:  policydb table sizes (0,538976256) do not match mine (8,7)
[   42.370399][ T1211] SELinux: failed to load policy
[   42.381636][ T1213] loop4: detected capacity change from 0 to 1024
[   42.411296][ T1213] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   42.430803][  T282] EXT4-fs (loop4): unmounting filesystem.
[   42.473536][ T1227] loop4: detected capacity change from 0 to 256
[   42.486681][ T1227] FAT-fs (loop4): Directory bread(block 64) failed
[   42.493586][ T1227] FAT-fs (loop4): Directory bread(block 65) failed
[   42.500462][ T1227] FAT-fs (loop4): Directory bread(block 66) failed
[   42.507030][ T1227] FAT-fs (loop4): Directory bread(block 67) failed
[   42.514285][ T1227] FAT-fs (loop4): Directory bread(block 68) failed
[   42.521043][ T1227] FAT-fs (loop4): Directory bread(block 69) failed
[   42.527706][ T1227] FAT-fs (loop4): Directory bread(block 70) failed
[   42.534413][ T1227] FAT-fs (loop4): Directory bread(block 71) failed
[   42.541095][ T1227] FAT-fs (loop4): Directory bread(block 72) failed
[   42.547644][ T1227] FAT-fs (loop4): Directory bread(block 73) failed
[   42.565082][ T1229] loop3: detected capacity change from 0 to 256
[   42.581938][ T1229] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x6f4cd389, utbl_chksum : 0xe619d30d)
[   42.634639][ T1231] loop4: detected capacity change from 0 to 128
[   42.643069][ T1231] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   42.654881][ T1231] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.679224][  T282] EXT4-fs (loop4): unmounting filesystem.
[   42.841387][ T1258] loop3: detected capacity change from 0 to 1024
[   42.856920][ T1258] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   42.881262][ T1258] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   42.903645][  T285] EXT4-fs (loop3): unmounting filesystem.
[   43.166865][ T1277] loop1: detected capacity change from 0 to 512
[   43.199704][ T1277] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   43.208852][ T1277] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.249440][  T286] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   43.263811][  T286] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   43.277334][  T286] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   43.290887][  T286] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   43.305251][  T286] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   43.319237][  T286] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   43.332869][  T286] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   43.348543][  T286] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   43.365544][  T286] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   43.379054][  T286] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   43.402003][ T1293] loop0: detected capacity change from 0 to 16
[   43.410750][ T1293] erofs: (device loop0): mounted with root inode @ nid 36.
[   43.442472][  T286] EXT4-fs (loop1): unmounting filesystem.
[   43.460024][   T39] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[   43.530146][  T293] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   43.656796][ T1299] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.664036][ T1299] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.671670][ T1299] device bridge_slave_0 entered promiscuous mode
[   43.674340][   T39] usb 5-1: config 150 has an invalid interface number: 204 but max is 2
[   43.686453][   T39] usb 5-1: config 150 has 2 interfaces, different from the descriptor's value: 3
[   43.695690][   T39] usb 5-1: config 150 has no interface number 0
[   43.702076][   T39] usb 5-1: config 150 interface 204 has no altsetting 0
[   43.709345][ T1299] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.716617][ T1299] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.729179][   T39] usb 5-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[   43.738414][  T293] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   43.750285][ T1299] device bridge_slave_1 entered promiscuous mode
[   43.756667][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   43.766171][  T293] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   43.775991][   T39] usb 5-1: Product: syz
[   43.780313][   T39] usb 5-1: Manufacturer: syz
[   43.785007][   T39] usb 5-1: SerialNumber: syz
[   43.790049][  T293] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   43.800097][  T293] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   43.808259][  T293] usb 6-1: Manufacturer: syz
[   43.816751][  T293] usb 6-1: config 0 descriptor??
[   43.877094][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.884807][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.895560][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   43.904195][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   43.912510][  T347] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.919570][  T347] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.927198][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   43.936008][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   43.944428][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   43.952828][  T347] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.959875][  T347] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.975713][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   43.985249][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   44.001880][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   44.016959][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   44.025495][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   44.033749][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   44.044830][ T1299] device veth0_vlan entered promiscuous mode
[   44.058486][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   44.067820][ T1299] device veth1_macvtap entered promiscuous mode
[   44.077738][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   44.091650][  T347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   44.111041][    T8] device bridge_slave_1 left promiscuous mode
[   44.117211][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.124822][    T8] device bridge_slave_0 left promiscuous mode
[   44.131254][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.139142][    T8] device veth1_macvtap left promiscuous mode
[   44.145266][    T8] device veth0_vlan left promiscuous mode
[   44.234505][  T293] pyra 0003:1E7D:2CF6.0004: unknown main item tag 0x0
[   44.241646][  T293] pyra 0003:1E7D:2CF6.0004: unknown main item tag 0x0
[   44.248444][  T293] pyra 0003:1E7D:2CF6.0004: unknown main item tag 0x0
[   44.255608][  T293] pyra 0003:1E7D:2CF6.0004: unknown main item tag 0x0
[   44.263411][  T293] pyra 0003:1E7D:2CF6.0004: unknown main item tag 0x0
[   44.270360][  T293] pyra 0003:1E7D:2CF6.0004: unknown main item tag 0x0
[   44.277197][  T293] pyra 0003:1E7D:2CF6.0004: unknown main item tag 0x0
[   44.284781][  T293] pyra 0003:1E7D:2CF6.0004: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0
[   44.834913][  T293] pyra 0003:1E7D:2CF6.0004: couldn't init struct pyra_device
[   44.842448][  T293] pyra 0003:1E7D:2CF6.0004: couldn't install mouse
[   44.849492][  T293] pyra: probe of 0003:1E7D:2CF6.0004 failed with error -71
[   44.868320][  T293] usb 6-1: USB disconnect, device number 3
[   44.880327][ T1320] fido_id[1320]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[   44.970046][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   44.971181][  T543] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   44.982909][ T1265] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[   45.050304][  T560] ==================================================================
[   45.058413][  T560] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480
[   45.065464][  T560] Write of size 8 at addr ffff888115dd0a00 by task kworker/0:4/560
[   45.073459][  T560] 
[   45.075798][  T560] CPU: 0 PID: 560 Comm: kworker/0:4 Not tainted syzkaller #0
[   45.083178][  T560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   45.093252][  T560] Workqueue: events psi_avgs_work
[   45.098311][  T560] Call Trace:
[   45.101607][  T560]  <TASK>
[   45.104557][  T560]  __dump_stack+0x21/0x24
[   45.108923][  T560]  dump_stack_lvl+0x110/0x170
[   45.113618][  T560]  ? __cfi_dump_stack_lvl+0x8/0x8
[   45.118662][  T560]  ? __cfi__printk+0x8/0x8
[   45.123094][  T560]  ? enqueue_timer+0xae/0x480
[   45.127796][  T560]  print_address_description+0x71/0x200
[   45.133360][  T560]  print_report+0x4a/0x60
[   45.137714][  T560]  kasan_report+0x122/0x150
[   45.142245][  T560]  ? enqueue_timer+0xae/0x480
[   45.146947][  T560]  __asan_report_store8_noabort+0x17/0x20
[   45.152680][  T560]  enqueue_timer+0xae/0x480
[   45.157200][  T560]  __mod_timer+0x84c/0xc00
[   45.161607][  T560]  ? __cfi_sched_clock_cpu+0x10/0x10
[   45.166893][  T560]  add_timer+0x68/0x80
[   45.170963][  T560]  __queue_delayed_work+0x173/0x200
[   45.176187][  T560]  queue_delayed_work_on+0xe7/0x160
[   45.181375][  T560]  ? __cfi_queue_delayed_work_on+0x10/0x10
[   45.187173][  T560]  psi_avgs_work+0x119/0x150
[   45.191769][  T560]  process_one_work+0x71f/0xc40
[   45.196613][  T560]  worker_thread+0xa29/0x11e0
[   45.201284][  T560]  ? _raw_spin_lock_irqsave+0xc2/0x130
[   45.206741][  T560]  kthread+0x281/0x320
[   45.210802][  T560]  ? __cfi_worker_thread+0x10/0x10
[   45.215903][  T560]  ? __cfi_kthread+0x10/0x10
[   45.220484][  T560]  ret_from_fork+0x1f/0x30
[   45.224899][  T560]  </TASK>
[   45.227915][  T560] 
[   45.230227][  T560] Allocated by task 1265:
[   45.234551][  T560]  kasan_set_track+0x4b/0x70
[   45.239138][  T560]  kasan_save_alloc_info+0x25/0x30
[   45.244248][  T560]  __kasan_kmalloc+0x95/0xb0
[   45.248830][  T560]  __kmalloc+0xb1/0x1e0
[   45.252982][  T560]  hci_alloc_dev_priv+0x27/0x1bd0
[   45.258008][  T560]  hci_uart_tty_ioctl+0x3d6/0xa20
[   45.263026][  T560]  tty_ioctl+0x8ef/0xc60
[   45.267300][  T560]  __se_sys_ioctl+0x12f/0x1b0
[   45.271969][  T560]  __x64_sys_ioctl+0x7b/0x90
[   45.276550][  T560]  x64_sys_call+0x58b/0x9a0
[   45.281048][  T560]  do_syscall_64+0x4c/0xa0
[   45.285455][  T560]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   45.291342][  T560] 
[   45.293658][  T560] Freed by task 1265:
[   45.297625][  T560]  kasan_set_track+0x4b/0x70
[   45.302298][  T560]  kasan_save_free_info+0x31/0x50
[   45.307322][  T560]  ____kasan_slab_free+0x132/0x180
[   45.312434][  T560]  __kasan_slab_free+0x11/0x20
[   45.317194][  T560]  slab_free_freelist_hook+0xc2/0x190
[   45.322566][  T560]  __kmem_cache_free+0xb7/0x1b0
[   45.327412][  T560]  kfree+0x6f/0xf0
[   45.331124][  T560]  hci_release_dev+0x12a3/0x13b0
[   45.336059][  T560]  bt_host_release+0x82/0x90
[   45.340646][  T560]  device_release+0xa4/0x1d0
[   45.345230][  T560]  kobject_put+0x19d/0x280
[   45.349640][  T560]  put_device+0x1f/0x30
[   45.353791][  T560]  hci_dev_cmd+0x279/0x740
[   45.358199][  T560]  hci_sock_ioctl+0x41e/0x7f0
[   45.362871][  T560]  sock_do_ioctl+0x114/0x330
[   45.367452][  T560]  sock_ioctl+0x4ca/0x720
[   45.371793][  T560]  __se_sys_ioctl+0x12f/0x1b0
[   45.376468][  T560]  __x64_sys_ioctl+0x7b/0x90
[   45.381058][  T560]  x64_sys_call+0x58b/0x9a0
[   45.385567][  T560]  do_syscall_64+0x4c/0xa0
[   45.389982][  T560]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   45.395877][  T560] 
[   45.398194][  T560] Last potentially related work creation:
[   45.403897][  T560]  kasan_save_stack+0x3a/0x60
[   45.408574][  T560]  __kasan_record_aux_stack+0xb6/0xc0
[   45.413947][  T560]  kasan_record_aux_stack_noalloc+0xb/0x10
[   45.419753][  T560]  insert_work+0x51/0x300
[   45.424083][  T560]  __queue_work+0x9b1/0xd30
[   45.428581][  T560]  queue_work_on+0xde/0x150
[   45.433081][  T560]  __hci_cmd_sync_sk+0xa7f/0xd30
[   45.438013][  T560]  hci_cmd_sync_status+0x53/0x120
[   45.443033][  T560]  hci_dev_cmd+0x35b/0x740
[   45.447445][  T560]  hci_sock_ioctl+0x41e/0x7f0
[   45.452120][  T560]  sock_do_ioctl+0x114/0x330
[   45.456705][  T560]  sock_ioctl+0x4ca/0x720
[   45.461035][  T560]  __se_sys_ioctl+0x12f/0x1b0
[   45.465705][  T560]  __x64_sys_ioctl+0x7b/0x90
[   45.470288][  T560]  x64_sys_call+0x58b/0x9a0
[   45.474785][  T560]  do_syscall_64+0x4c/0xa0
[   45.479195][  T560]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   45.485085][  T560] 
[   45.487401][  T560] Second to last potentially related work creation:
[   45.493970][  T560]  kasan_save_stack+0x3a/0x60
[   45.498639][  T560]  __kasan_record_aux_stack+0xb6/0xc0
[   45.504009][  T560]  kasan_record_aux_stack_noalloc+0xb/0x10
[   45.509823][  T560]  insert_work+0x51/0x300
[   45.514140][  T560]  __queue_work+0x9b1/0xd30
[   45.518634][  T560]  queue_work_on+0xde/0x150
[   45.523136][  T560]  hci_cmd_timeout+0x191/0x200
[   45.527900][  T560]  process_one_work+0x71f/0xc40
[   45.532740][  T560]  worker_thread+0xa29/0x11e0
[   45.537417][  T560]  kthread+0x281/0x320
[   45.541474][  T560]  ret_from_fork+0x1f/0x30
[   45.545885][  T560] 
[   45.548199][  T560] The buggy address belongs to the object at ffff888115dd0000
[   45.548199][  T560]  which belongs to the cache kmalloc-8k of size 8192
[   45.562283][  T560] The buggy address is located 2560 bytes inside of
[   45.562283][  T560]  8192-byte region [ffff888115dd0000, ffff888115dd2000)
[   45.575712][  T560] 
[   45.578028][  T560] The buggy address belongs to the physical page:
[   45.584432][  T560] page:ffffea0004577400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x115dd0
[   45.594658][  T560] head:ffffea0004577400 order:3 compound_mapcount:0 compound_pincount:0
[   45.602970][  T560] flags: 0x4000000000010200(slab|head|zone=1)
[   45.609041][  T560] raw: 4000000000010200 0000000000000000 dead000000000001 ffff888100043500
[   45.617611][  T560] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[   45.626176][  T560] page dumped because: kasan: bad access detected
[   45.632570][  T560] page_owner tracks the page as allocated
[   45.638271][  T560] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 418, tgid 417 (syz.3.29), ts 23990986958, free_ts 23990883602
[   45.658399][  T560]  post_alloc_hook+0x1f5/0x210
[   45.663172][  T560]  prep_new_page+0x1c/0x110
[   45.667717][  T560]  get_page_from_freelist+0x2d12/0x2d80
[   45.673249][  T560]  __alloc_pages+0x1d9/0x480
[   45.677835][  T560]  alloc_slab_page+0x6e/0xf0
[   45.682420][  T560]  new_slab+0x98/0x3d0
[   45.686568][  T560]  ___slab_alloc+0x6bd/0xb20
[   45.691190][  T560]  __slab_alloc+0x5e/0xa0
[   45.695539][  T560]  __kmem_cache_alloc_node+0x203/0x2c0
[   45.700994][  T560]  kmalloc_trace+0x29/0xb0
[   45.705399][  T560]  tipc_mon_create+0x12a/0x620
[   45.710149][  T560]  __tipc_nl_bearer_enable+0xe02/0x13b0
[   45.715687][  T560]  tipc_nl_bearer_enable+0x22/0x30
[   45.720782][  T560]  genl_family_rcv_msg_doit+0x24d/0x360
[   45.726313][  T560]  genl_rcv_msg+0x60f/0x7a0
[   45.730801][  T560]  netlink_rcv_skb+0x20f/0x460
[   45.735565][  T560] page last free stack trace:
[   45.740224][  T560]  free_unref_page_prepare+0x742/0x750
[   45.745678][  T560]  free_unref_page+0x95/0x540
[   45.750341][  T560]  __free_pages+0x67/0x100
[   45.754752][  T560]  __free_slab+0xca/0x1a0
[   45.759077][  T560]  __unfreeze_partials+0x160/0x190
[   45.764187][  T560]  put_cpu_partial+0xa9/0x100
[   45.768857][  T560]  __slab_free+0x1c4/0x280
[   45.773267][  T560]  ___cache_free+0xbf/0xd0
[   45.777681][  T560]  qlist_free_all+0xc6/0x140
[   45.782257][  T560]  kasan_quarantine_reduce+0x14a/0x170
[   45.787705][  T560]  __kasan_slab_alloc+0x24/0x80
[   45.792546][  T560]  slab_post_alloc_hook+0x4f/0x2d0
[   45.797648][  T560]  kmem_cache_alloc_lru+0x104/0x280
[   45.802837][  T560]  sock_alloc_inode+0x28/0xc0
[   45.807511][  T560]  new_inode_pseudo+0x70/0x1f0
[   45.812265][  T560]  __sock_create+0x12c/0x7c0
[   45.816848][  T560] 
[   45.819162][  T560] Memory state around the buggy address:
[   45.824800][  T560]  ffff888115dd0900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   45.832853][  T560]  ffff888115dd0980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   45.840903][  T560] >ffff888115dd0a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   45.848947][  T560]                    ^
[   45.853010][  T560]  ffff888115dd0a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   45.861093][  T560]  ffff888115dd0b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   45.869141][  T560] ==================================================================
[   45.877181][  T560] Disabling lock debugging due to kernel taint
[   46.190573][  T293] usb 5-1: USB disconnect, device number 5
[   47.050174][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[   47.061911][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   47.070335][    C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G    B              syzkaller #0
[   47.078852][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   47.088898][    C0] RIP: 0010:__queue_work+0x575/0xd30
[   47.094217][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 a8 44 29 00 4c 89 ff e8 a0 80 b7 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 3c 71 6e 00 49 8b 7d 00 e8 33 7c
[   47.113823][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046
[   47.119892][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff86e1c680
[   47.127860][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[   47.135826][    C0] RBP: ffffc90000007d08 R08: 0000000000000007 R09: fffffffffffffffb
[   47.143794][    C0] R10: dffffc0000000000 R11: ffffed1022bba139 R12: dffffc0000000000
[   47.151763][    C0] R13: 0000000000000000 R14: ffff888115dd09c8 R15: 0000000000000008
[   47.159730][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   47.168655][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   47.175241][    C0] CR2: 00007f3b099e0ad8 CR3: 000000012024c000 CR4: 00000000003506b0
[   47.183243][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   47.191236][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   47.199228][    C0] Call Trace:
[   47.202529][    C0]  <IRQ>
[   47.205373][    C0]  delayed_work_timer_fn+0x61/0x80
[   47.210499][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[   47.216325][    C0]  call_timer_fn+0x46/0x2a0
[   47.220836][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[   47.226668][    C0]  __run_timers+0x689/0x9f0
[   47.231177][    C0]  ? calc_index+0x200/0x200
[   47.235681][    C0]  ? kvm_sched_clock_read+0x18/0x40
[   47.240881][    C0]  run_timer_softirq+0x6a/0xf0
[   47.245684][    C0]  handle_softirqs+0x1d7/0x600
[   47.250456][    C0]  ? irqtime_account_irq+0xc4/0x240
[   47.255663][    C0]  __irq_exit_rcu+0x52/0xf0
[   47.260168][    C0]  irq_exit_rcu+0x9/0x10
[   47.264413][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[   47.270065][    C0]  </IRQ>
[   47.273014][    C0]  <TASK>
[   47.275945][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   47.281928][    C0] RIP: 0010:default_idle+0xf/0x20
[   47.286958][    C0] Code: b7 1c b7 fc e9 3d ff ff ff 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 53 d8 46 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[   47.306584][    C0] RSP: 0018:ffffffff86e07d58 EFLAGS: 00000257
[   47.312650][    C0] RAX: ffff8881f7000000 RBX: ffffffff86e1c680 RCX: 987bd4365deb5400
[   47.320639][    C0] RDX: 0000000000000001 RSI: ffffffff85aa6bc0 RDI: ffffffff85aa6b80
[   47.328613][    C0] RBP: ffffffff86e07d58 R08: ffff8881f70348b3 R09: 1ffff1103ee06916
[   47.336596][    C0] R10: 0000000000000000 R11: ffffffff84ff5aa0 R12: 0000000000000000
[   47.344566][    C0] R13: 0000000000000000 R14: ffffffff86e1c680 R15: dffffc0000000000
[   47.352537][    C0]  ? __cfi_default_idle+0x10/0x10
[   47.357564][    C0]  arch_cpu_idle+0x1c/0x20
[   47.362057][    C0]  default_idle_call+0x71/0x1d0
[   47.366912][    C0]  do_idle+0x1a7/0x560
[   47.370982][    C0]  ? ct_irq_exit+0x9/0x10
[   47.375308][    C0]  ? idle_inject_timer_fn+0x60/0x60
[   47.380505][    C0]  cpu_startup_entry+0x43/0x60
[   47.385281][    C0]  rest_init+0x10a/0x130
[   47.389521][    C0]  ? __cfi_x86_late_time_init+0x8/0x8
[   47.394908][    C0]  arch_call_rest_init+0xe/0x10
[   47.399757][    C0]  start_kernel+0x47e/0x4ec
[   47.404261][    C0]  x86_64_start_reservations+0x2a/0x2c
[   47.409720][    C0]  x86_64_start_kernel+0x7c/0x81
[   47.414655][    C0]  secondary_startup_64_no_verify+0xce/0xdb
[   47.420565][    C0]  </TASK>
[   47.423592][    C0] Modules linked in:
[   47.427495][    C0] ---[ end trace 0000000000000000 ]---
[   47.432966][    C0] RIP: 0010:__queue_work+0x575/0xd30
[   47.438256][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 a8 44 29 00 4c 89 ff e8 a0 80 b7 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 3c 71 6e 00 49 8b 7d 00 e8 33 7c
[   47.457859][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046
[   47.463921][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff86e1c680
[   47.471910][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[   47.479880][    C0] RBP: ffffc90000007d08 R08: 0000000000000007 R09: fffffffffffffffb
[   47.487856][    C0] R10: dffffc0000000000 R11: ffffed1022bba139 R12: dffffc0000000000
[   47.495827][    C0] R13: 0000000000000000 R14: ffff888115dd09c8 R15: 0000000000000008
[   47.503797][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   47.512730][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   47.519312][    C0] CR2: 00007f3b099e0ad8 CR3: 000000012024c000 CR4: 00000000003506b0
[   47.527289][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   47.535268][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   47.543247][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[   47.550979][    C0] Kernel Offset: disabled
[   47.555321][    C0] Rebooting in 86400 seconds..