last executing test programs:

28.969126727s ago: executing program 1 (id=2):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
unshare(0x2040600)
r1 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r1, 0x0, 0x0)

28.472736175s ago: executing program 1 (id=7):
r0 = creat(&(0x7f00000000c0)='./file1\x00', 0x67)
close(r0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1}, 0xc)
listen(r1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

27.627415169s ago: executing program 1 (id=37):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001300), 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
creat(&(0x7f00000000c0)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x201000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)

27.534579151s ago: executing program 1 (id=41):
r0 = gettid()
r1 = eventfd2(0x0, 0x0)
r2 = dup(r1)
read$FUSE(r2, &(0x7f0000000a40)={0x2020}, 0x2020)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)

27.265883995s ago: executing program 1 (id=45):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x1400000000000000, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x15}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000001000", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

27.265676755s ago: executing program 32 (id=45):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x1400000000000000, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x15}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000001000", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.557659867s ago: executing program 5 (id=784):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sync_file_range(0xffffffffffffffff, 0x0, 0x400, 0x1)

2.503999058s ago: executing program 5 (id=786):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1808014, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461002018bbdecde39739fcd1df176dde746ec834120600000000003b048000000000000072462abc30ef5b65c70f73ecea54b5e5bec5aca9836c319f653557e79a002208ceae6dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e36868736000000f6a55493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1174e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc369c71e57fafab52f325ca91e684160191acf5ae7469c82ab4145b595b987d75912afdcc1c061835294cc0c618aba204f8adaa20c80108d356cd887ba217c8f569e6d0caf75052a77056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6ac0d90ea79b8027cf75964dd86c2ed2b5e75779677a28c76b848dd03dab190b5f02ec52830f3ff01eaae1c3df076000000000000000000000000000083a48a6b926c668b9ba42490175018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac011170182f99766e86fb125cc6799c43aa4dc708dc4a00a6decad26f0378072a571da000000aec3dfbae348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0f1415e90fd0400bad5f796374bb196e60e537b8ffca80a5ec3c5c063aab2c87a7824c4fbfab7264185e1b2e59012acbf3732abe75b848de8ec4aaba2e3c8cd14dd9bf9499952815b9fb34057a585a9c18a11f3d496825b3fcb0c8aa89e079fd78997da864b302139b2b10597100846b55f7d0b050b7b0ef7e9c897c50b53404acdd701425323201b33465fddec69c37cb13fd441a830af5ea73f4ac82d7926eb0db1141003d148473077a76c3bee7e37dc799abb47bd67cde7958c50fb2d15c9cc196e4bff1d00"/716], 0x5, 0x558b, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64auumCJWPBPEEisWPIbWMASdogFiB1SkWcmULdJC63jQPs80vjMHL8+874jK9KZiRzAU2sp/e2XJI7FoYhYiIijSeT7SblF3I44X4x9LiKOR0Tlri0p838m9kfE4Yg4Nile1EzKtz47OT5x9uc3f/362wP7jnz+1Xd7unBgTz0fEf31Yv9mv4hZJw93Fsp8Y9zNY//MuIzrUzX6WZG/2V7LK9xsbI1r5PF0pxifrd8YTuLVXqM5iZ3u1Ty/PihOOBx3tupMPpBea2zkx632Wh67wyyPnVvFeTdvFX/bbg1HRZ1WWe+jvHyMRluxyLc328V61q/nsTkYlfmibtZqb07iuIzl6aKZ9Vr5PNYe9Sr/+73VHdzYTMftjWE3G6Rna/UXavVz1fpG1mqP2meqjX7r3Jl0udObDKuO2o3++U6WdXrtWjPrr6TLnWazWq+nyxfaa93GIK3Xa6drp6pnV8q9k+lrl99Le610eRJf6Q5ujLq9YXo120iLT6ykq7XTL66kJ+rpO5eupFfevnjx0pV3P7jw/uWXL73xajnovmmly6unVler9VPV1frKU7T+j8tJ/4P1J9unf/j+8S4bFHb4ggGws/v6/7i3/w/9PzBzD+j/49pD+v/+9fJ4d/r/2Lb/r0z3/zHL/n/SUun/H97/Vvag/10M/f8urh8ey6P1//tnPg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObux8UvXs93lorjI2X+f2XqmfI4iYhKRNzZxkLsn6q5UNZZ3GH84j1z+CaJvMLkHAfK7XBEnC+33/+/21cBAAAAnlxf3j7+adGtFy9Lez0h5qm4aVM5+uGM6iURsbj004yqVSYvz86oWP793hebM6qW38A6OKNixS23fbOq9rcsTIWDd4WkCJW5TgcAAJiL6U5gvl0IAAAA8/TJA999aW7zYM6S2HqUufUsOP/P+78eCB6aeg8AAAD4D0r2egIAAADArsv7f7//BwAAAE+24vf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YOd+ctMGojgAPxsM/auiqvtepTs4Ro/QZZeFA/QSHIGeoFIvwBmolEWOkIQIe4LkBKRIjHGCvk+ynRlHP88AmzeWBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu/a9Wsz+/vv4+Mebv7fY0maYDAAAAHLCpVrP6j0nTfp/6P6auz6ldREQZEYdq90GMWpmDlFMd+f/q0Rj+RdQJu/5xOt5FxLd03Hzq+lMAAACAy7VeLKdNtd6c0hLAVb+j4kyaRZvyw/dMeUVEVJPrTGnl7vQlU1j9+x7Gz0xp9QLWm0xhzZLb8PC9Ua6HtA1al4eZzOsvsW6V3TwXAADoU7sSOFKFAAAAcAF+9D0AzuFpaV/sT/v3jOPmkl4Ivm21AAAAgFeo6HsAAAAAQOfq+v8l7f9X2P8PAAAAsmv2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLm2o1Wy+W02P358/MudueJt+MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB79ucdBUIgDMJg7/rOZO5/WGnQ0NikCoSPvzEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYt2PfNqowAOCffbbbFBAhoEgEUJE6wEJTt7R0RQgUMfAnIEWpUwIuhTYDrSJKFjaUuQuCESEkUNjyP3RupC5l65AhSEwMQXe+S8+JoVFp79zm95Oe3+fz9b3vna0qn98ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCw9W682szjJH2YHMTFsdvbKwtpv7mnT22s3ZlJWxo3Ks77CfBa+cnx6foSAQAA4PBIivo+Iu621+fSvjmZ1f/t4py05v/huUFc1PN76/7N7ZWj+UszRf3/+2/3XtqdaDLJ5kkHXVzq907tT6X1mJY49p5/4Bmt7Mpn370k2RvS/HD1xa12dj0b39269X4nC49UkS0A8DBOFn0eFH8PpX23zsQAODRapcK7qP+TyXpzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjC1mo8U8SNiJhp3Y9Tm9srC6P6b9buzGzk7dzNm2vlMdMh2hGxuNTvnapwLeOruJrXP5vv93tXrl6rOjgeESNeunGwf57k6f/rOZ2IGDpy4uUR43x8gLn2jLMvyD+eUe01nEjX98CTG0NHGvsu+Hs7A3V8AKoKmvn7My75PMqg+Ow9+pEr/u8IAICnXjtvaSV6t70+lx5rTEXs/Dhc/79RimOo7t+5MTgyeL5Rqv/vfXLudnmucv3frWh9T4LZ5UtfzF69dv2tpUvzF3sXe5+/fbr7TvfM+bNnz89m35XMLkbTNyYAAAD8D528lev/5tT+/f9jpTj+Y/+/XP9/+X336/Jcifp/pPubfnVnAgAAcBh1dqMXXv/rz8aIMxqdTnw1v7x8pTt43H1+evBYaboP6UjeyvV/MlV3VgAAAEAVtlYbQ/v/F0pxHHD//9mfXvmlPGYSERMRlyOid3Lhcv9CdcsZa1X8UDmbqFP3SgEAAKjLRN7K+//t7P7/5u4tD82IePNExN/5b/jjgPV/8sG3P5fnKt//f6bSVY6f5vTgemT9dERruu6MAAAAeJodzVta7P/RXp/79NdjH3Xc/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQtX8CAAD//4ztMoY=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x141842, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x7ffff000)
rename(&(0x7f00000001c0)='./bus\x00', &(0x7f00000000c0)='./file0\x00')

1.618668603s ago: executing program 5 (id=814):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x7, 0x1, 0x6, 0xfffa}, 0x2, [0x5, 0xc95a, 0xfffffff3, 0x80000006, 0x9, 0x2, 0x1, 0x7f, 0x6, 0xf, 0xfffffff2, 0x5f, 0xa, 0x7, 0xffff2d33, 0x8, 0x6, 0xa, 0x0, 0x80000001, 0xca, 0x7, 0x5, 0x3c5b, 0x6, 0x22, 0x2, 0xfffffffe, 0x1f461e2c, 0x2, 0x727, 0x4, 0x3, 0x0, 0x107fff, 0x4c74, 0x9, 0x0, 0xd, 0xa, 0x0, 0x71, 0x7, 0x2000007, 0x103, 0x0, 0x3, 0x39, 0x2, 0x6, 0x5c, 0x3, 0x5, 0x0, 0x8, 0xe1, 0x7f, 0x9, 0x5, 0x5, 0xa, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x10, 0x10, 0x129432e6, 0xcb, 0x2, 0xd, 0x22d8, 0x1, 0x9, 0xfffffffc, 0x8, 0xfffffffe, 0x7, 0x5, 0x2f, 0xe, 0x8, 0x78, 0xea4, 0x7ffffffc, 0x4, 0x0, 0x8000, 0x9, 0x400, 0x1, 0x3, 0xfffffffd, 0xff, 0x1005, 0x801, 0x7, 0x4, 0x2009, 0x106, 0x2, 0x1ff, 0x27, 0x9, 0x8, 0x9, 0x8000, 0x5, 0x0, 0x2, 0x8000, 0xffff, 0x2, 0x83, 0x9, 0x5, 0x74ec1f9b, 0x4, 0x2, 0x7, 0xd, 0x9, 0x48c93690, 0x802, 0xff], [0x7, 0x4, 0x0, 0x652, 0xfffffdfe, 0xd, 0x8ce, 0x9, 0x387d, 0x7fff, 0x0, 0x5, 0xc, 0x4, 0x5, 0x76, 0x0, 0x1ef, 0x5, 0x7, 0x86, 0x3, 0x10000009, 0x3e7, 0xb, 0x1, 0xb7, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x7, 0x9, 0x3, 0x200, 0x80000000, 0x3, 0xb, 0x2, 0x10000, 0xa2, 0x7, 0x53cf6b7b, 0x5, 0x6, 0x54fe12d5, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x5, 0x5, 0x5, 0x6, 0xffbffffb, 0x4, 0x3, 0x8, 0x9, 0x8, 0x3], [0x10009, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0xfffffffc, 0x9, 0xce5, 0x1fd, 0x7669b26d, 0x5, 0x5, 0x40000003, 0x101, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x8, 0x60a7, 0x6, 0x6, 0xffffffff, 0x7ffffffb, 0x5, 0x8, 0xc8, 0x3, 0x4, 0x82ffff, 0x200003, 0xfffffff9, 0x7fffffff, 0x9602, 0xa, 0x8, 0x4, 0xffffffff, 0x1, 0x10002, 0x5, 0x8, 0x2b95, 0x7, 0x7, 0x9, 0x1, 0x6c1b, 0x3, 0x4, 0x5, 0xb1c, 0x1, 0x99f5, 0xffff3441, 0xfff]}, 0x45c)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x82c}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x40894)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r1)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="c0000000", @ANYRES16=r2, @ANYBLOB="01"], 0xc0}}, 0x0)

1.559958024s ago: executing program 4 (id=816):
open(&(0x7f0000000100)='./file0\x00', 0x101bff, 0x0)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./bus\x00', 0x1612c2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x200)
open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
fcntl$setlease(r0, 0x400, 0x1)

1.559511644s ago: executing program 4 (id=817):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000a00)=ANY=[@ANYBLOB="b0000000000000ab"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})

1.512139785s ago: executing program 4 (id=819):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2, 0x8, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89e0, 0x0)
fsopen(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.292632799s ago: executing program 5 (id=826):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x8000, &(0x7f0000000080)=ANY=[], 0x1, 0x5521, &(0x7f0000005a80)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs/MmzfPPO9QCs9MSAAX1lzyy0+luBlXI2I6Im5EZPulYsus5eG5iLgVEVNPbKVi/I+BSxFxLSJujpLnOUvFW5/dGd5e/fHNn7/+9vLM9c+/+m5yqwYm7fmI6G7n+3vdPKatPD4qxmvDdha7K8Mi5m90HxfHaR73mptZhr3a4bxaFpdb+fx0e7c/iludWn0UW+2tbHy7l5+wP2wd5sk+8Ki2kx03mptZbPfTLLYO8rr2D/L/bQf9QZ6nUeT7MEsfg8FhzMeb+818PduPs1jvDYrxPG/aaO6P4rCIxeminnYaWR2bx7nS/29vtXu7+8mwudNvp71ktVJ9sVK9W67upI3moLlSrnUbd1eS+VZnNK08aNa6a600bXWalXraXUjmW/V6uVpN5u81N9u1XlKtVpYri+XVhWLvTvLag3eTTiOZH8VX2r3dQbvTT7bSnST/xEKyVFl+aSG5XU3eXt9INh7ev7++8c7799578PL6G68Wk/5WVjK/tLi0VK4ulpeqCxdo/R8XRY9x/XAspUkXAHD26P+BSTi5/n/nYcTJ9/+h/x+LM9X/nr/+f++FiEmsf+Z4Vw0K+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs925vLj68X4U8XQM8VxKSKmIuK3fzAdl47knC7yzP7L/Nm/1PBNKbIMo3NcLrZrEbFWbL8+fdJXAQAAAM6vLz+69Wnerecvc5MuiNOU37SZuvHBmPKVImJ27ocxZZsavTw7pmTZ3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2zfs/HwhePXIEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOzt3k6NEEAUA+DXQgn+RGPdexR0cwyO4dGk4gJfgAC7wCl6AM+DOhTs3BiZ0VXpg0slM0n9D8n1JU1SneLzqwKKqkgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAn36Xu/XPbx+/t41zPLXTzWwAAACAJodyt67eLFP/db7/Nt96n/tFREwiomntPo0XVzGnOU55P/7H5fjyQQ6/IqoI5++Y5+tVRHzK1/93fT8FAAAAuFl/Hxuw32xXabWeXpZDZMVzkTZtJm8+p52a1oqIKJd/ughVbTYVER/q7r920c6/71l8bZ9WpXpci46CpS23WVfRnqT6u9e7douLpkjNpPFjdZKdzR0AABjQ9KoZdhUCAADAkL6MnQDjKCLqk998FDhPTT7ee3nVAwAAAG5QMXYCAAAAQO+q9X9X9f8uKwA21P87qf8HAAAA40j1/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjTodyt95vtqm2c46mdbmYDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAd+/OOAiEQBmGwd31nMvc/rDRoampSBcLH3xgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OZ3f/k/MTXOJHOvjaXnkWTt1Ng6NfbOjaM/jK9fAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzsz0sKhEAQRMGc8b+Tvv9hJUHPIEIENDyqqEUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB80e9++T8xNc4kc6eNpeORZO2qsXXV2HvQOHow3v4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzs3M9rHFUcAPDvzOxsbasYo+QQEQUPerHptrb2Jh6U4ME/QQjptsZu/dEGsaWIuXiTnHsRPYoISrz1f+i5hV7qrYc9VPCszOxMdtoGXH/NbJPPB9687w7DvO+bhZDvvJcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG381jTOisPCJE6rc7fuX1sv+tsP9YUb23eWi1bESZtJPx5eaH5IliLiaHfJAAAAcDBkdX0fEXfzndWiTxfK+j+vrylq/m+fmsRVPf9ZXbI+XP/XtX/Rfvn53nO7Ay1Mxiluem5jNDz+aCq9/2uO8+7pv7yiVz758t1LVn4h6btbz47z8nkmX9+8+Xa/DA+1kS0A8E8cq/sqqH8fKvpBl4kBcGD0GoV3Xf9nC93mBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCG8VYcreMkIpZ707hw+/619b36G9t3lut2+vr17fhyes/iFnlEnNsYDY+3Opv5dvnK1Qtro9HwUvvBixHR1ehvVtO/8P4MF0d08nwE/1GQVl/2vOTzeAQd/lACAGBfyqtW1PV3853V4lyyGPHHdw/W/6804pix/r/3welbzbGa9f+gtRnOv5XNi5+sXL5y9bWNi2vnh+eHH71+YvDG4OSZU6fOrJTvSla8MQEAAODf6VetWf+ni4+u/x9pxDFj/f/pN4MvmmNl6v89TRf9us4EAADgYHvmpd9/S/Y4n/T78fna5ualweS4+/nE5NhBqn/boao16/9sseusAAAAgDaMt5IH1v/PNuKYcf3/ye+f/7F5zywiDlfr/8fWPx6dbW86c62NPyfueo4AAAB063DVmuv/ebn/P93d8pBGxKsvT+Lq3wDOVP9n73z1Q3Os5v7/k+1NcS6lS5PnUfZLEb2lrjMCAABgP3uiakWx/2u+s/rhT0fe69v/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANC2PwMAAP//waw+aA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x183741, 0x42)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000002c0)='\b', 0x1, 0x8004c61)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f0000000140)='2', 0x1, 0x8000c61)

1.121375222s ago: executing program 2 (id=830):
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0xa, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'wg0\x00'})
syz_emit_ethernet(0x32, &(0x7f0000000100)={@local, @random="3d8be63d3f2d", @val={@val={0x88a8, 0x2, 0x1, 0x1}, {0x8100, 0x3, 0x1, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

1.117483292s ago: executing program 4 (id=832):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r2, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)

1.073167912s ago: executing program 2 (id=833):
syz_mount_image$erofs(&(0x7f0000000440), &(0x7f0000000200)='./file0\x00', 0x850410, &(0x7f0000000480)=ANY=[], 0x1, 0x1e6, &(0x7f00000006c0)="$eJzsmbGLE0EUxr+ZzW3uDhFsbC0MeKK32d1TuCZIBHshKtoZzCrRjZFkhSQgGGxsLC0EW/8BC4tUFnZ2tlqoIFiY0k4YmdnJ7rCblSyJNr4f3Lsvb2bem3mZfYEEBEH8t3z98vPzs4uHV84COIIaqtr/3UrncGP+pxcPzzxvXHr5+uOrd/ePPppl41VL5pdp3jYtRNjRHiHM8ZqyrCJ3UdO+q+A4vSTWTXBc0zoAww2t7xq6v0gTBs6tfti53Q0DVxpPGl+aAzNmBcB8ytABsK12JwQzxofjyb12GAaDrNgSizy5obLiT/VT+2tyNJLqCSHfr+tPn0zZ43Sea9TPA4en9QEYWlofogrHcdKSGOfnLI1vrXL+jQlLChtA+eXH9svluqCEvGx/7zhriJ1NXCYSAct65N1OPMfns/f5Vd/Wz87+2SOTEapxAcgNfdiVgi0bWknY+kTL5thpf5IP1CmjP1WUN6Ye9R7Uh+PJfrfXvhMsvOdc97xfV40otrm+9yvpf9uqP+0a8bcKeqXNbIzaUTTwRkA08JLXfmyNjtt60/+h1nDV/zj2TsYxZLHU0Qo+6Jj+4+q/VHtWwXYIgiAIgiAIgiAIgiAIgiBKcgJMfQuqf6gSBfiX1ezfAQAA///GNllf")
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000400000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0d00000004d50000040000000200000040000000", @ANYRES32=r0], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a00)={{r1}, &(0x7f0000000980), &(0x7f00000009c0)=r0}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r1, &(0x7f0000000240), 0x0}, 0x20)

1.064360922s ago: executing program 4 (id=835):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x2000402)
lseek(r2, 0x0, 0x3)

1.061218012s ago: executing program 2 (id=836):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33f}, 0x1, 0x0, 0x0, 0xc0d0}, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
connect$pppl2tp(r1, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x1, @remote}, 0xa}}, 0x26)
sendmmsg$inet(r1, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

1.041300803s ago: executing program 0 (id=837):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='signal_generate\x00', r1}, 0x18)
timer_create(0x2, 0x0, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
unshare(0x64000600)

992.854614ms ago: executing program 2 (id=840):
r0 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r1 = socket$inet(0x2, 0x2, 0x1)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000380), 0x4)
r2 = socket(0x2, 0x2, 0x1)
bind$unix(r2, &(0x7f0000000000)=@abs, 0x6e)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)

927.433935ms ago: executing program 2 (id=841):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a00000200000024000180140001"], 0x64}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

926.535495ms ago: executing program 0 (id=842):
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000006c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

842.838046ms ago: executing program 0 (id=843):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_QUANTUM={0x8}]}}]}, 0x38}}, 0x48040)

842.619796ms ago: executing program 0 (id=844):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {}, {0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x10, 0xffe0}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x20000800)

741.211598ms ago: executing program 0 (id=848):
unshare(0x22020600)
getdents(0xffffffffffffffff, 0x0, 0x58)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r1 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x95}, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x32}, 0xa, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x4}}, 0xe8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

735.363458ms ago: executing program 0 (id=850):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000001340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x21}, 0x18)

700.613708ms ago: executing program 4 (id=851):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x40000000004)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040), 0x6)
close(0x3)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x17c}, 0x1, 0x0, 0x0, 0x4004}, 0x40)

634.96016ms ago: executing program 5 (id=852):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r1}, 0x10)
socketpair(0x0, 0x2, 0x0, &(0x7f00000006c0))

384.011194ms ago: executing program 5 (id=854):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sigaltstack(&(0x7f0000000480)={&(0x7f0000002340)=""/4126, 0x80000001, 0x101e}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)

142.873548ms ago: executing program 3 (id=859):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000200000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000200)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

127.282218ms ago: executing program 3 (id=860):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r3 = dup(r2)
ioctl$PTP_EXTTS_REQUEST2(r3, 0x43403d05, 0x0)

112.447508ms ago: executing program 3 (id=861):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}, 0x1, 0x0, 0x0, 0x24044010}, 0x20000000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="48000000100001047fff00"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012800900010076657468"], 0x48}, 0x1, 0x0, 0x0, 0x20010}, 0x0)
recvmmsg$unix(r0, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

95.229829ms ago: executing program 3 (id=862):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='./file0\x00')
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10)
readlinkat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000012c0)=""/168, 0xa8)

80.883599ms ago: executing program 3 (id=863):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7f4c15549df0c82e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

50.480889ms ago: executing program 3 (id=864):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = epoll_create1(0x0)
r1 = timerfd_create(0x0, 0x0)
timerfd_settime(r1, 0x0, &(0x7f0000000200)={{}, {0x0, 0x989680}}, 0x0)
epoll_pwait(r0, &(0x7f00000000c0)=[{}], 0x1, 0x7fffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000040)={0x80002003})

0s ago: executing program 2 (id=865):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_switch\x00', r1}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x4d, 0x1, 0x3}]})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.121' (ED25519) to the list of known hosts.
[   20.895063][   T30] audit: type=1400 audit(1744032562.803:66): avc:  denied  { integrity } for  pid=279 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[   20.918817][   T30] audit: type=1400 audit(1744032562.823:67): avc:  denied  { mounton } for  pid=279 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   20.920545][  T279] cgroup: Unknown subsys name 'net'
[   20.941332][   T30] audit: type=1400 audit(1744032562.823:68): avc:  denied  { mount } for  pid=279 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.968271][   T30] audit: type=1400 audit(1744032562.853:69): avc:  denied  { unmount } for  pid=279 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.968454][  T279] cgroup: Unknown subsys name 'devices'
[   21.052048][  T279] cgroup: Unknown subsys name 'hugetlb'
[   21.057598][  T279] cgroup: Unknown subsys name 'rlimit'
[   21.197603][   T30] audit: type=1400 audit(1744032563.103:70): avc:  denied  { setattr } for  pid=279 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   21.220622][   T30] audit: type=1400 audit(1744032563.103:71): avc:  denied  { mounton } for  pid=279 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   21.245308][   T30] audit: type=1400 audit(1744032563.103:72): avc:  denied  { mount } for  pid=279 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   21.252186][  T283] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   21.277116][   T30] audit: type=1400 audit(1744032563.183:73): avc:  denied  { relabelto } for  pid=283 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.302354][   T30] audit: type=1400 audit(1744032563.183:74): avc:  denied  { write } for  pid=283 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.328637][   T30] audit: type=1400 audit(1744032563.233:75): avc:  denied  { read } for  pid=279 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.329197][  T279] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   21.838692][  T289] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.845572][  T289] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.852912][  T289] device bridge_slave_0 entered promiscuous mode
[   21.860757][  T289] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.867594][  T289] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.875098][  T289] device bridge_slave_1 entered promiscuous mode
[   21.964404][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.971317][  T290] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.978382][  T290] device bridge_slave_0 entered promiscuous mode
[   21.986369][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.993253][  T290] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.000485][  T290] device bridge_slave_1 entered promiscuous mode
[   22.034225][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.041121][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.048236][  T292] device bridge_slave_0 entered promiscuous mode
[   22.065224][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.072126][  T293] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.079329][  T293] device bridge_slave_0 entered promiscuous mode
[   22.086029][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.092967][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.100171][  T292] device bridge_slave_1 entered promiscuous mode
[   22.111212][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.118047][  T293] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.125442][  T293] device bridge_slave_1 entered promiscuous mode
[   22.188010][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.194879][  T291] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.202156][  T291] device bridge_slave_0 entered promiscuous mode
[   22.209124][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.215993][  T291] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.223220][  T291] device bridge_slave_1 entered promiscuous mode
[   22.278915][  T289] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.285793][  T289] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.292918][  T289] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.299684][  T289] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.384566][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.391524][  T293] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.398606][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.405507][  T293] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.420278][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.427118][  T291] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.434248][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.441021][  T291] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.449349][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.456200][  T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.463308][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.470088][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.481993][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.488829][  T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.495958][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.502737][  T290] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.515502][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.522982][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.530497][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.537484][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.544761][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.551814][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.558823][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.565890][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.573069][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.580260][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.588178][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   22.595486][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.619317][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.627325][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.634172][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.641763][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.650166][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.657016][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.684465][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.692627][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.700436][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.708125][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.716396][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.723261][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.730532][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.738447][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.745289][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.765395][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.773687][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.781753][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.788932][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.806853][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.817901][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.826250][  T289] device veth0_vlan entered promiscuous mode
[   22.845368][  T289] device veth1_macvtap entered promiscuous mode
[   22.852120][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.859971][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.868109][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.876468][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.884711][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.891581][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.899754][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.907729][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.914581][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.921822][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.929899][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.936740][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.954835][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.962789][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.970725][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.978814][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.987463][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.995547][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.003454][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   23.011720][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.019850][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.026681][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.034516][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.042470][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.070587][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   23.078879][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.087172][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.094043][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.102302][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   23.110603][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.118536][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.125385][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.132574][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.140653][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.148365][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.156256][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.164074][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.172233][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.180374][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.188340][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.196599][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.204350][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.212515][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.220022][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.227765][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.235791][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.243901][  T290] device veth0_vlan entered promiscuous mode
[   23.257653][  T289] request_module fs-gadgetfs succeeded, but still no fs?
[   23.259776][  T290] device veth1_macvtap entered promiscuous mode
[   23.273330][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.282150][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.290075][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.314921][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.327738][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.337189][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.346078][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.354654][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.363052][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.374010][  T293] device veth0_vlan entered promiscuous mode
[   23.386443][  T292] device veth0_vlan entered promiscuous mode
[   23.399564][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.407299][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.420608][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.428796][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.437562][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.445831][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.455526][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.463014][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.470691][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.478118][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.495638][  T292] device veth1_macvtap entered promiscuous mode
[   23.507784][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.523945][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.534193][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.543304][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.552054][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.564612][  T291] device veth0_vlan entered promiscuous mode
[   23.572192][  T293] device veth1_macvtap entered promiscuous mode
[   23.586545][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.594466][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.603425][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.611846][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.620527][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.628656][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.639520][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.657035][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.696099][  T323] loop0: detected capacity change from 0 to 128
[   23.707173][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.730943][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.740397][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.750116][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.758433][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.767711][  T291] device veth1_macvtap entered promiscuous mode
[   23.788729][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.801513][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.841082][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.858448][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.880791][  T329] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=329 comm=syz.2.3
[   24.025469][  T339] device syzkaller0 entered promiscuous mode
[   24.107644][  T325] loop3: detected capacity change from 0 to 40427
[   24.154816][  T349] syz.0.15 (349) used greatest stack depth: 22048 bytes left
[   24.166834][  T356] xt_bpf: check failed: parse error
[   24.173545][  T325] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[   24.189621][  T325] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   24.203243][  T325] F2FS-fs (loop3): invalid crc value
[   24.213373][  T325] F2FS-fs (loop3): Found nat_bits in checkpoint
[   24.283300][  T366] netem: change failed
[   24.300455][  T325] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   24.309964][  T325] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   24.353412][  T325] attempt to access beyond end of device
[   24.353412][  T325] loop3: rw=2049, want=45224, limit=40427
[   24.393649][  T292] attempt to access beyond end of device
[   24.393649][  T292] loop3: rw=2049, want=45232, limit=40427
[   24.453306][  T381] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   24.516326][  T388] syz.0.31[388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   24.516398][  T388] syz.0.31[388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   24.580465][  T394] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[   24.598672][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[   24.681096][  T407] loop1: detected capacity change from 0 to 1024
[   24.702455][  T407] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   24.748219][  T289] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[   24.762588][  T289] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -117 reading directory block
[   24.776677][  T289] EXT4-fs error (device loop1): __ext4_get_inode_loc:4351: comm syz-executor: Invalid inode table block 8391460049216894068 in block_group 0
[   24.794518][  T289] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   24.807325][  T289] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #2: comm syz-executor: mark_inode_dirty error
[   24.824653][   T10] EXT4-fs error (device loop1): __ext4_get_inode_loc:4351: comm kworker/u4:1: Invalid inode table block 8391460049216894068 in block_group 0
[   24.971362][  T289] syz-executor (289) used greatest stack depth: 19680 bytes left
[   25.216518][  T428] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.230338][  T428] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.237728][  T428] device bridge_slave_0 entered promiscuous mode
[   25.257991][  T428] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.269744][  T428] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.278940][  T428] device bridge_slave_1 entered promiscuous mode
[   25.327064][  T442] netlink: 8 bytes leftover after parsing attributes in process `syz.2.53'.
[   25.408006][  T428] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.414911][  T428] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.422071][  T428] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.428907][  T428] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.456921][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   25.474758][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.482006][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.506582][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   25.519142][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.526008][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.533531][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   25.541761][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.548624][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.577791][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   25.588942][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.606202][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.614428][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   25.621757][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   25.629631][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.646157][  T428] device veth0_vlan entered promiscuous mode
[   25.669632][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.680369][  T428] device veth1_macvtap entered promiscuous mode
[   25.709292][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.721290][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.757462][  T446] loop4: detected capacity change from 0 to 40427
[   25.829454][  T446] F2FS-fs (loop4): invalid crc value
[   25.843477][  T450] loop2: detected capacity change from 0 to 40427
[   25.854283][  T446] F2FS-fs (loop4): Found nat_bits in checkpoint
[   25.862859][  T461] process 'syz.5.61' launched './file1' with NULL argv: empty string added
[   25.891289][  T450] =======================================================
[   25.891289][  T450] WARNING: The mand mount option has been deprecated and
[   25.891289][  T450]          and is ignored by this kernel. Remove the mand
[   25.891289][  T450]          option from the mount to silence this warning.
[   25.891289][  T450] =======================================================
[   25.946923][  T446] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   25.987813][   T30] kauditd_printk_skb: 172 callbacks suppressed
[   25.987829][   T30] audit: type=1400 audit(1744032567.856:248): avc:  denied  { read } for  pid=444 comm="syz.4.55" path="/15/file1/file1" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   26.028413][  T291] attempt to access beyond end of device
[   26.028413][  T291] loop4: rw=2049, want=45104, limit=40427
[   26.031370][  T450] F2FS-fs (loop2): Found nat_bits in checkpoint
[   26.118045][   T20] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   26.125668][  T450] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   26.246067][   T45] device bridge_slave_1 left promiscuous mode
[   26.260271][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.278837][   T45] device bridge_slave_0 left promiscuous mode
[   26.284789][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.309761][   T45] device veth1_macvtap left promiscuous mode
[   26.315603][   T45] device veth0_vlan left promiscuous mode
[   26.460267][  T486] netlink: 96 bytes leftover after parsing attributes in process `syz.5.71'.
[   26.496617][   T30] audit: type=1400 audit(1744032568.323:249): avc:  denied  { ioctl } for  pid=449 comm="syz.2.57" path="/15/file0/file0" dev="loop2" ino=10 ioctlcmd=0xf506 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   26.522220][  T293] attempt to access beyond end of device
[   26.522220][  T293] loop2: rw=2049, want=45112, limit=40427
[   26.535902][  T492] devpts: called with bogus options
[   26.543200][   T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   26.567659][   T20] usb 1-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[   26.580927][   T30] audit: type=1400 audit(1744032568.398:250): avc:  denied  { relabelfrom } for  pid=493 comm="syz.5.74" name="" dev="pipefs" ino=17164 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   26.603190][   T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   26.629688][   T20] usb 1-1: config 0 descriptor??
[   26.667645][   T30] audit: type=1400 audit(1744032568.482:251): avc:  denied  { write } for  pid=498 comm="syz.5.76" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   26.728290][   T30] audit: type=1326 audit(1744032568.538:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=503 comm="syz.5.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6061e1169 code=0x7ffc0000
[   26.751834][    T6] Bluetooth: hci0: command 0x1003 tx timeout
[   26.759238][  T397] Bluetooth: hci0: sending frame failed (-49)
[   26.759256][   T30] audit: type=1326 audit(1744032568.538:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=503 comm="syz.5.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6061e1169 code=0x7ffc0000
[   26.788831][   T30] audit: type=1326 audit(1744032568.538:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=503 comm="syz.5.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6061e1169 code=0x7ffc0000
[   26.812087][   T30] audit: type=1326 audit(1744032568.538:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=503 comm="syz.5.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6061e1169 code=0x7ffc0000
[   26.836563][   T30] audit: type=1326 audit(1744032568.538:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=503 comm="syz.5.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6061e1169 code=0x7ffc0000
[   26.859888][   T30] audit: type=1326 audit(1744032568.538:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=503 comm="syz.5.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6061e1169 code=0x7ffc0000
[   26.926891][  T513] bridge: RTM_NEWNEIGH with invalid ether address
[   26.983136][  T518] syz.2.83 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   27.026409][  T526] loop5: detected capacity change from 0 to 1024
[   27.125895][  T526] EXT4-fs (loop5): Test dummy encryption mode enabled
[   27.135197][  T526] EXT4-fs (loop5): Ignoring removed orlov option
[   27.149358][  T526] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,nodioread_nolock,orlov,barrier=0x0000000000000005,min_batch_time=0x0000000000000005,i_version,,errors=continue. Quota mode: writeback.
[   27.187828][   T20] wacom 0003:056A:00F0.0001: hidraw0: USB HID v0.00 Device [HID 056a:00f0] on usb-dummy_hcd.0-1/input0
[   27.210125][  T526] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   27.253828][  T526] syz.5.87 (526) used greatest stack depth: 19264 bytes left
[   27.278572][  T538] netlink: 96 bytes leftover after parsing attributes in process `syz.2.92'.
[   27.327974][  T548] syz.2.96[548] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   27.328046][  T548] syz.2.96[548] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   27.403743][   T20] usb 1-1: USB disconnect, device number 2
[   27.759604][  T584] loop2: detected capacity change from 0 to 40427
[   27.769598][  T584] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   27.777799][  T584] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   27.786766][  T584] F2FS-fs (loop2): invalid crc value
[   27.793283][  T584] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[   27.809417][  T584] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   27.844092][  T604] loop4: detected capacity change from 0 to 2048
[   27.851132][  T584] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   27.858007][  T584] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   27.886831][  T584] attempt to access beyond end of device
[   27.886831][  T584] loop2: rw=2049, want=45112, limit=40427
[   27.907941][  T604] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   27.918741][  T604] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   27.938058][  T604] EXT4-fs (loop4): shut down requested (1)
[   27.994173][  T611] netlink: 'syz.0.123': attribute type 13 has an invalid length.
[   28.123335][  T630] device veth1_macvtap left promiscuous mode
[   28.131366][  T632] loop4: detected capacity change from 0 to 512
[   28.132634][  T630] device macsec0 entered promiscuous mode
[   28.160939][  T632] EXT4-fs (loop4): ea_inode feature is not supported for Hurd
[   28.253160][  T647] netlink: 96 bytes leftover after parsing attributes in process `syz.0.137'.
[   28.367717][  T664] Zero length message leads to an empty skb
[   28.472527][  T681] loop2: detected capacity change from 0 to 512
[   28.491070][  T681] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,quota,,errors=continue. Quota mode: writeback.
[   28.507097][  T681] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   28.520887][  T681] capability: warning: `syz.2.153' uses 32-bit capabilities (legacy support in use)
[   28.683631][  T701] capability: warning: `syz.0.161' uses deprecated v2 capabilities in a way that may be insecure
[   28.837668][  T721] syz.5.170 uses obsolete (PF_INET,SOCK_PACKET)
[   28.970179][   T58] Bluetooth: hci0: command 0x1001 tx timeout
[   28.976391][  T397] Bluetooth: hci0: sending frame failed (-49)
[   29.015972][  T723] loop4: detected capacity change from 0 to 40427
[   29.078144][  T723] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   29.091542][  T723] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   29.101796][  T723] F2FS-fs (loop4): invalid crc value
[   29.118625][  T723] F2FS-fs (loop4): Found nat_bits in checkpoint
[   29.151304][  T723] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   29.158225][  T723] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   29.497975][  T723] attempt to access beyond end of device
[   29.497975][  T723] loop4: rw=2049, want=40432, limit=40427
[   29.540437][    T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   29.549670][    T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   29.600673][  T350] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   29.695043][  T763] loop4: detected capacity change from 0 to 1024
[   29.714607][  T763] EXT4-fs (loop4): Ignoring removed nobh option
[   29.720753][  T763] EXT4-fs (loop4): Ignoring removed bh option
[   29.726640][  T763] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   29.762614][  T763] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[   29.800708][   T45] EXT4-fs error (device loop4): mb_free_blocks:1865: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[   29.889314][  T350] usb 3-1: Using ep0 maxpacket: 16
[   29.934428][  T783] loop5: detected capacity change from 0 to 512
[   29.940210][  T779] loop4: detected capacity change from 0 to 1024
[   29.955530][  T783] EXT4-fs (loop5): Invalid commit interval 2147483647, must be smaller than 21474836
[   29.971293][  T779] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[   30.017655][  T350] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[   30.041239][  T783] loop5: detected capacity change from 0 to 512
[   30.062123][  T795] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   30.075981][  T783] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[   30.094425][  T783] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   30.108411][  T783] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   30.120165][  T783] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2816: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   30.133573][  T783] EXT4-fs (loop5): 1 truncate cleaned up
[   30.139088][  T783] EXT4-fs (loop5): mounted filesystem without journal. Opts: i_version,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,discard,data_err=abort,,errors=continue. Quota mode: none.
[   30.210155][  T350] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[   30.220735][  T350] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   30.228543][  T350] usb 3-1: Product: syz
[   30.232976][  T350] usb 3-1: Manufacturer: syz
[   30.237388][  T350] usb 3-1: SerialNumber: syz
[   30.253026][  T350] usb 3-1: config 0 descriptor??
[   30.296312][  T350] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[   30.304063][  T350] usb 3-1: Detected FT232RL
[   30.413204][  T787] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   30.506962][  T829] loop5: detected capacity change from 0 to 8192
[   30.520169][  T350] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   30.798123][  T350] ftdi_sio 3-1:0.0: GPIO initialisation failed: -5
[   30.805357][  T350] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   30.851521][  T787] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   30.862384][  T787] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   30.871933][  T787] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   30.880891][  T787] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   30.889580][  T787] usb 5-1: config 0 descriptor??
[   31.014744][   T58] usb 3-1: USB disconnect, device number 2
[   31.020958][   T58] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   31.030758][   T58] ftdi_sio 3-1:0.0: device disconnected
[   31.193628][   T39] Bluetooth: hci0: command 0x1009 tx timeout
[   31.586279][  T845] loop2: detected capacity change from 0 to 512
[   31.605061][  T845] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[   31.620291][  T845] EXT4-fs (loop2): Ignoring removed bh option
[   31.626560][  T845] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   31.644197][  T845] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   31.658276][  T848] loop0: detected capacity change from 0 to 1024
[   31.665912][  T845] EXT4-fs (loop2): 1 truncate cleaned up
[   31.671484][  T845] EXT4-fs (loop2): mounted filesystem without journal. Opts: mblk_io_submit,dioread_nolock,bh,errors=continue,nouid32,quota,nogrpid,,errors=continue. Quota mode: writeback.
[   31.725393][  T848] EXT4-fs (loop0): Test dummy encryption mode enabled
[   31.751534][  T848] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,stripe=0x0000000000000007,commit=0x0000000000000005,inlinecrypt,data_err=ignore,max_batch_time=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: writeback.
[   31.783077][   T30] kauditd_printk_skb: 141 callbacks suppressed
[   31.783092][   T30] audit: type=1400 audit(1744032573.272:399): avc:  denied  { create } for  pid=858 comm="syz.2.225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   32.075180][  T876] tipc: Started in network mode
[   32.079855][  T876] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[   32.089335][  T876] tipc: Enabled bearer <udp:syz0>, priority 10
[   32.159482][   T30] audit: type=1400 audit(1744032573.627:400): avc:  denied  { unlink } for  pid=879 comm="syz.0.235" name="#1" dev="tmpfs" ino=324 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   32.244456][   T30] audit: type=1326 audit(1744032573.702:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=885 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa35a289169 code=0x7ffc0000
[   32.267704][   T30] audit: type=1326 audit(1744032573.702:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=885 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa35a289169 code=0x7ffc0000
[   32.290990][   T30] audit: type=1326 audit(1744032573.702:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=885 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa35a289169 code=0x7ffc0000
[   32.314890][   T30] audit: type=1326 audit(1744032573.702:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=885 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa35a289169 code=0x7ffc0000
[   32.338356][   T30] audit: type=1326 audit(1744032573.702:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=885 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa35a289169 code=0x7ffc0000
[   32.361449][   T30] audit: type=1326 audit(1744032573.702:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=885 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa35a289169 code=0x7ffc0000
[   32.385088][   T30] audit: type=1326 audit(1744032573.702:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=885 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa35a289169 code=0x7ffc0000
[   32.408461][   T30] audit: type=1326 audit(1744032573.702:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=885 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa35a289169 code=0x7ffc0000
[   32.409300][  T888] loop0: detected capacity change from 0 to 8192
[   32.431620][  T787] uclogic 0003:256C:006D.0002: v1 buttonpad probing failed: -71
[   32.445658][  T787] uclogic 0003:256C:006D.0002: failed probing parameters: -71
[   32.453087][  T787] uclogic: probe of 0003:256C:006D.0002 failed with error -71
[   32.461672][  T787] usb 5-1: USB disconnect, device number 2
[   32.693687][  T903] loop5: detected capacity change from 0 to 2048
[   32.746485][  T903] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   32.800366][  T917] loop2: detected capacity change from 0 to 1024
[   32.840488][  T917] EXT4-fs (loop2): Mount option "nouser_xattr" will be removed by 3.5
[   32.840488][  T917] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   32.840488][  T917] 
[   32.873393][  T917] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,jqfmt=vfsv1,barrier=0x0000000000080000,max_batch_time=0x0000000000000008,block_validity,resuid=0x0000000000000000,nouser_xattr,noauto_da_alloc,nolazytime,,errors=continue. Quota mode: none.
[   32.939411][  T922] netlink: 165 bytes leftover after parsing attributes in process `syz.4.254'.
[   32.962834][  T922] netlink: 277 bytes leftover after parsing attributes in process `syz.4.254'.
[   33.294178][   T58] tipc: Node number set to 4269801491
[   33.316484][  T957] loop5: detected capacity change from 0 to 1024
[   33.406991][  T957] EXT4-fs (loop5): Test dummy encryption mode enabled
[   33.418297][  T957] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,stripe=0x0000000000000007,commit=0x0000000000000005,inlinecrypt,data_err=ignore,max_batch_time=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: writeback.
[   33.553482][  T962] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[   33.585055][  T966] loop0: detected capacity change from 0 to 512
[   33.603133][  T964] loop4: detected capacity change from 0 to 256
[   33.635246][  T966] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   33.647145][  T964] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[   33.843240][  T984] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[   33.877005][  T984] incfs: Backing dir is not set, filesystem can't be mounted.
[   33.884372][  T984] incfs: mount failed -2
[   33.911912][  T991] loop0: detected capacity change from 0 to 128
[   33.987796][  T997] loop5: detected capacity change from 0 to 256
[   34.008857][  T997] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[   34.088879][ T1001] loop2: detected capacity change from 0 to 2048
[   34.141340][ T1001] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   34.323952][ T1019] loop2: detected capacity change from 0 to 512
[   34.401872][ T1019] EXT4-fs (loop2): ea_inode feature is not supported for Hurd
[   34.639920][ T1041] loop0: detected capacity change from 0 to 2048
[   34.695130][ T1041] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   34.700387][ T1049] loop4: detected capacity change from 0 to 512
[   34.726975][ T1049] EXT4-fs (loop4): Invalid commit interval 2147483647, must be smaller than 21474836
[   34.791569][ T1041] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   34.807797][ T1041] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 2400 with max blocks 32 with error 28
[   34.815735][ T1049] loop4: detected capacity change from 0 to 512
[   34.820304][ T1041] EXT4-fs (loop0): This should not happen!! Data will be lost
[   34.820304][ T1041] 
[   34.836225][ T1041] EXT4-fs (loop0): Total free blocks count 0
[   34.842095][ T1041] EXT4-fs (loop0): Free/Dirty block details
[   34.847855][ T1041] EXT4-fs (loop0): free_blocks=2415919104
[   34.853421][ T1041] EXT4-fs (loop0): dirty_blocks=32
[   34.853999][ T1049] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[   34.858300][ T1041] EXT4-fs (loop0): Block reservation details
[   34.871029][ T1041] EXT4-fs (loop0): i_reserved_data_blocks=2
[   34.871890][ T1049] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   34.889646][ T1049] EXT4-fs (loop4): 1 truncate cleaned up
[   34.895672][ T1049] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,discard,data_err=abort,,errors=continue. Quota mode: none.
[   34.978559][ T1054] loop5: detected capacity change from 0 to 1024
[   35.022087][ T1054] EXT4-fs (loop5): Mount option "nouser_xattr" will be removed by 3.5
[   35.022087][ T1054] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   35.022087][ T1054] 
[   35.054122][ T1054] EXT4-fs (loop5): mounted filesystem without journal. Opts: nolazytime,jqfmt=vfsv1,barrier=0x0000000000080000,max_batch_time=0x0000000000000008,block_validity,resuid=0x0000000000000000,nouser_xattr,noauto_da_alloc,nolazytime,,errors=continue. Quota mode: none.
[   35.100704][ T1064] loop0: detected capacity change from 0 to 512
[   35.149144][ T1074] loop5: detected capacity change from 0 to 512
[   35.150396][ T1064] EXT4-fs (loop0): Invalid commit interval 2147483647, must be smaller than 21474836
[   35.177693][ T1074] EXT4-fs (loop5): ea_inode feature is not supported for Hurd
[   35.185425][ T1071] kvm: emulating exchange as write
[   35.231618][ T1064] loop0: detected capacity change from 0 to 512
[   35.285810][ T1064] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[   35.301193][ T1077] loop4: detected capacity change from 0 to 512
[   35.316025][ T1064] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   35.347173][ T1064] EXT4-fs (loop0): 1 truncate cleaned up
[   35.352777][ T1064] EXT4-fs (loop0): mounted filesystem without journal. Opts: i_version,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,discard,data_err=abort,,errors=continue. Quota mode: none.
[   35.391134][ T1077] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.317: corrupted in-inode xattr
[   35.403671][ T1077] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.317: couldn't read orphan inode 15 (err -117)
[   35.415666][ T1077] EXT4-fs (loop4): mounted filesystem without journal. Opts: nouid32,dioread_lock,noquota,,errors=continue. Quota mode: writeback.
[   35.505735][ T1088] loop4: detected capacity change from 0 to 2048
[   35.590886][ T1088] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   35.648941][  T350] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   35.665410][  T350] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   35.720554][ T1088] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   35.735768][ T1088] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 640 with max blocks 32 with error 28
[   35.748153][ T1088] EXT4-fs (loop4): This should not happen!! Data will be lost
[   35.748153][ T1088] 
[   35.757893][ T1088] EXT4-fs (loop4): Total free blocks count 0
[   35.763809][ T1088] EXT4-fs (loop4): Free/Dirty block details
[   35.769474][ T1088] EXT4-fs (loop4): free_blocks=2415919104
[   35.775083][ T1088] EXT4-fs (loop4): dirty_blocks=32
[   35.779954][ T1088] EXT4-fs (loop4): Block reservation details
[   35.785903][ T1088] EXT4-fs (loop4): i_reserved_data_blocks=2
[   35.915093][ T1113] loop3: detected capacity change from 0 to 512
[   35.963322][ T1113] EXT4-fs (loop3): Invalid commit interval 2147483647, must be smaller than 21474836
[   36.046385][ T1113] loop3: detected capacity change from 0 to 512
[   36.111850][ T1113] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[   36.122016][ T1113] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   36.134040][ T1113] EXT4-fs (loop3): 1 truncate cleaned up
[   36.139507][ T1113] EXT4-fs (loop3): mounted filesystem without journal. Opts: i_version,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,discard,data_err=abort,,errors=continue. Quota mode: none.
[   36.485123][ T1145] loop3: detected capacity change from 0 to 2048
[   36.517008][ T1155] loop0: detected capacity change from 0 to 512
[   36.540367][ T1145] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   36.561717][ T1155] EXT4-fs (loop0): Ignoring removed oldalloc option
[   36.578962][ T1155] EXT4-fs (loop0): orphan cleanup on readonly fs
[   36.586888][ T1155] EXT4-fs error (device loop0): ext4_acquire_dquot:6188: comm syz.0.355: Failed to acquire dquot type 1
[   36.598724][ T1155] EXT4-fs (loop0): 1 truncate cleaned up
[   36.604598][ T1155] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[   37.380674][   T30] kauditd_printk_skb: 108 callbacks suppressed
[   37.380707][   T30] audit: type=1326 audit(1744032578.500:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1165 comm="syz.0.359" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa35a289169 code=0x0
[   37.407635][ T1171] syz.3.352[1171] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   37.409137][ T1171] syz.3.352[1171] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   37.433493][ T1167] xt_hashlimit: max too large, truncated to 1048576
[   37.577793][   T30] audit: type=1400 audit(1744032578.678:516): avc:  denied  { nlmsg_write } for  pid=1187 comm="syz.5.358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   37.600227][   T30] audit: type=1107 audit(1744032578.697:517): pid=1187 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   37.629618][ T1192] netlink: 96 bytes leftover after parsing attributes in process `syz.4.362'.
[   37.767454][ T1199] device ip_vti0 entered promiscuous mode
[   37.776689][ T1199] device vlan2 entered promiscuous mode
[   37.784205][ T1199] device ip_vti0 left promiscuous mode
[   37.836799][ T1207] netlink: 'syz.5.369': attribute type 3 has an invalid length.
[   37.863285][   T30] audit: type=1400 audit(1744032578.949:518): avc:  denied  { read } for  pid=1208 comm="syz.4.370" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   37.998320][ T1190] loop3: detected capacity change from 0 to 40427
[   37.998579][   T30] audit: type=1400 audit(1744032579.080:519): avc:  denied  { sys_admin } for  pid=1220 comm="syz.5.376" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[   38.025569][ T1190] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[   38.032575][ T1190] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   38.059534][ T1190] F2FS-fs (loop3): invalid crc value
[   38.077914][   T30] audit: type=1400 audit(1744032579.108:520): avc:  denied  { checkpoint_restore } for  pid=1220 comm="syz.5.376" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   38.101802][ T1190] F2FS-fs (loop3): Found nat_bits in checkpoint
[   38.118727][ T1230] loop2: detected capacity change from 0 to 512
[   38.156990][   T30] audit: type=1400 audit(1744032579.230:521): avc:  denied  { getopt } for  pid=1234 comm="syz.4.380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   38.179746][ T1190] F2FS-fs (loop3): Start checkpoint disabled!
[   38.193827][ T1230] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   38.214938][ T1230] EXT4-fs (loop2): 1 truncate cleaned up
[   38.221042][ T1230] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   38.242513][ T1230] syz.2.378 (pid 1230) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   38.255422][ T1190] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   38.262393][ T1190] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   38.277198][ T1230] fscrypt: key with description 'fscrypt:0000111122223333' is too short (got 21 bytes, need 32+ bytes)
[   38.284250][   T30] audit: type=1400 audit(1744032579.342:522): avc:  denied  { quotaon } for  pid=1189 comm="syz.3.361" name="file1" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   38.322595][ T1230] fscrypt: key with description 'fscrypt:0000111122223333' is too short (got 21 bytes, need 32+ bytes)
[   38.333565][   T30] audit: type=1400 audit(1744032579.380:523): avc:  denied  { write } for  pid=1229 comm="syz.2.378" name="bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   38.355120][   T30] audit: type=1400 audit(1744032579.380:524): avc:  denied  { add_name } for  pid=1229 comm="syz.2.378" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   38.429358][    T8] attempt to access beyond end of device
[   38.429358][    T8] loop3: rw=2049, want=40992, limit=40427
[   38.429787][ T1249] loop4: detected capacity change from 0 to 8192
[   38.511077][ T1259] loop2: detected capacity change from 0 to 512
[   38.560121][ T1259] EXT4-fs (loop2): Ignoring removed orlov option
[   38.586709][ T1259] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.392: bg 0: block 248: padding at end of block bitmap is not set
[   38.609349][ T1259] EXT4-fs error (device loop2): ext4_acquire_dquot:6188: comm syz.2.392: Failed to acquire dquot type 1
[   38.620476][  T787] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[   38.632760][ T1259] EXT4-fs (loop2): 1 truncate cleaned up
[   38.641234][ T1259] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,journal_dev=0x0000000000800000,orlov,sysvgroups,dioread_lock,usrjquota=,,errors=continue. Quota mode: writeback.
[   38.663469][ T1259] ext4 filesystem being mounted at /80/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   38.751834][  T297] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   38.783251][ T1281] loop2: detected capacity change from 0 to 512
[   38.816397][ T1281] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   38.827694][ T1281] EXT4-fs (loop2): 1 truncate cleaned up
[   38.833315][ T1281] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   38.889006][ T1292] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=1292 comm=syz.2.404
[   38.901331][ T1292] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=1292 comm=syz.2.404
[   39.019223][  T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   39.030706][  T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   39.040264][  T787] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   39.049638][  T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   39.058729][  T787] usb 1-1: config 0 descriptor??
[   39.105233][  T787] hub 1-1:0.0: USB hub found
[   39.115365][  T350] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   39.136791][  T297] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   39.147710][  T297] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   39.156535][  T297] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   39.165194][  T297] usb 6-1: config 0 descriptor??
[   39.339877][  T787] hub 1-1:0.0: 1 port detected
[   39.371915][  T350] usb 4-1: Using ep0 maxpacket: 16
[   39.500267][  T350] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[   39.586049][ T1341] devpts: called with bogus options
[   39.640302][ T1345] loop2: detected capacity change from 0 to 8192
[   39.671275][  T350] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[   39.680123][  T350] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   39.688594][  T297] keytouch 0003:0926:3333.0004: fixing up Keytouch IEC report descriptor
[   39.698185][  T297] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0004/input/input7
[   39.709523][  T350] usb 4-1: Product: syz
[   39.714001][  T350] usb 4-1: Manufacturer: syz
[   39.716975][ T1347] loop4: detected capacity change from 0 to 512
[   39.718414][  T350] usb 4-1: SerialNumber: syz
[   39.729608][  T350] usb 4-1: config 0 descriptor??
[   39.771591][ T1347] EXT4-fs (loop4): Ignoring removed oldalloc option
[   39.779185][  T350] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[   39.786764][  T350] usb 4-1: Detected FT232RL
[   39.801982][  T297] keytouch 0003:0926:3333.0004: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[   39.813617][ T1347] EXT4-fs (loop4): orphan cleanup on readonly fs
[   39.823463][ T1347] EXT4-fs error (device loop4): ext4_acquire_dquot:6188: comm syz.4.429: Failed to acquire dquot type 1
[   39.837671][ T1347] EXT4-fs (loop4): 1 truncate cleaned up
[   39.843360][ T1347] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[   40.004122][  T350] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   40.110658][ T1386] loop2: detected capacity change from 0 to 512
[   40.199749][ T1386] EXT4-fs (loop2): Ignoring removed oldalloc option
[   40.207999][ T1386] EXT4-fs (loop2): orphan cleanup on readonly fs
[   40.229544][ T1386] EXT4-fs error (device loop2): ext4_acquire_dquot:6188: comm syz.2.444: Failed to acquire dquot type 1
[   40.241764][ T1386] EXT4-fs (loop2): 1 truncate cleaned up
[   40.252631][ T1386] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[   40.270965][  T787] hub 1-1:0.0: activate --> -90
[   40.280663][  T350] ftdi_sio 4-1:0.0: GPIO initialisation failed: -5
[   40.291195][  T350] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   40.367452][   T39] usb 6-1: USB disconnect, device number 2
[   40.376209][ T1400] loop4: detected capacity change from 0 to 512
[   40.410647][ T1402] loop2: detected capacity change from 0 to 128
[   40.456016][ T1400] EXT4-fs (loop4): Ignoring removed orlov option
[   40.475001][ T1400] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.449: bg 0: block 248: padding at end of block bitmap is not set
[   40.489553][ T1400] EXT4-fs error (device loop4): ext4_acquire_dquot:6188: comm syz.4.449: Failed to acquire dquot type 1
[   40.501961][ T1400] EXT4-fs (loop4): 1 truncate cleaned up
[   40.502095][  T350] usb 4-1: USB disconnect, device number 2
[   40.507828][ T1400] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,journal_dev=0x0000000000800000,orlov,sysvgroups,dioread_lock,usrjquota=,,errors=continue. Quota mode: writeback.
[   40.534940][  T350] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   40.547679][  T350] ftdi_sio 4-1:0.0: device disconnected
[   40.556140][ T1400] ext4 filesystem being mounted at /118/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   40.717448][ T1423] loop2: detected capacity change from 0 to 1024
[   40.727380][   T39] usb 1-1: USB disconnect, device number 3
[   40.773055][ T1423] EXT4-fs (loop2): Ignoring removed oldalloc option
[   40.779827][ T1423] EXT4-fs (loop2): Ignoring removed bh option
[   40.786422][ T1423] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   40.805753][ T1423] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,nombcache,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[   41.027789][ T1460] loop2: detected capacity change from 0 to 256
[   41.122857][ T1460] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   41.448624][ T1476] loop3: detected capacity change from 0 to 40427
[   41.515674][ T1476] F2FS-fs (loop3): Found nat_bits in checkpoint
[   41.572841][ T1518] SELinux: failed to load policy
[   41.603588][ T1476] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   42.053652][ T1563] overlayfs: failed to resolve './file0': -2
[   42.128906][ T1575] futex_wake_op: syz.4.528 tries to shift op by 32; fix this program
[   42.243099][ T1593] syz.5.536[1593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.243155][ T1593] syz.5.536[1593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.317068][ T1595] loop5: detected capacity change from 0 to 1024
[   42.390258][ T1595] EXT4-fs (loop5): Ignoring removed bh option
[   42.396261][ T1595] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   42.420313][ T1595] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,nouid32,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,sysvgroups,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[   42.457481][ T1595] EXT4-fs error (device loop5): mb_free_blocks:1865: group 0, inode 13: block 145:freeing already freed block (bit 9); block bitmap corrupt.
[   42.514827][ T1600] netlink: 96 bytes leftover after parsing attributes in process `syz.5.538'.
[   42.933442][   T30] kauditd_printk_skb: 142 callbacks suppressed
[   42.933459][   T30] audit: type=1326 audit(1744032583.701:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1642 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb835b8a169 code=0x7ffc0000
[   43.044634][   T30] audit: type=1326 audit(1744032583.701:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1642 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb835b8a169 code=0x7ffc0000
[   43.139970][   T30] audit: type=1326 audit(1744032583.701:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1642 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb835b8a169 code=0x7ffc0000
[   43.243757][   T30] audit: type=1326 audit(1744032583.701:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1642 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb835b8a169 code=0x7ffc0000
[   43.284990][ T1667] syz.2.566[1667] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.285075][ T1667] syz.2.566[1667] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.336063][   T30] audit: type=1326 audit(1744032583.701:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1642 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb835b8a169 code=0x7ffc0000
[   43.449878][ T1680] loop4: detected capacity change from 0 to 128
[   43.462433][   T30] audit: type=1326 audit(1744032583.739:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1642 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb835b8a169 code=0x7ffc0000
[   43.496486][ T1680] EXT4-fs (loop4): mounted filesystem without journal. Opts: sysvgroups,inode_readahead_blks=0x0000000000004000,,errors=continue. Quota mode: none.
[   43.521713][ T1680] ext4 filesystem being mounted at /149/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   43.568865][   T30] audit: type=1326 audit(1744032583.776:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1642 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb835b8a169 code=0x7ffc0000
[   43.592541][   T30] audit: type=1400 audit(1744032583.785:666): avc:  denied  { ioctl } for  pid=1648 comm="syz.5.569" path="socket:[21870]" dev="sockfs" ino=21870 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   43.617253][   T30] audit: type=1326 audit(1744032583.795:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1642 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb835b8a169 code=0x7ffc0000
[   43.640889][   T30] audit: type=1326 audit(1744032583.804:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1642 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb835b8a169 code=0x7ffc0000
[   43.757003][ T1696] loop4: detected capacity change from 0 to 2048
[   43.764565][ T1674] loop5: detected capacity change from 0 to 40427
[   43.787998][ T1674] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[   43.803349][ T1674] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   43.812900][ T1696] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   43.821538][ T1674] F2FS-fs (loop5): Found nat_bits in checkpoint
[   43.861310][ T1674] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   43.868321][ T1674] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   43.906905][ T1674] attempt to access beyond end of device
[   43.906905][ T1674] loop5: rw=10241, want=45104, limit=40427
[   44.065116][  T350] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   44.151001][ T1726] af_packet: tpacket_rcv: packet too big, clamped from 68 to 4294967272. macoff=96
[   44.190586][ T1730] loop4: detected capacity change from 0 to 512
[   44.250690][ T1730] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   44.251533][ T1736] loop5: detected capacity change from 0 to 8192
[   44.283223][ T1730] EXT4-fs (loop4): 1 truncate cleaned up
[   44.288689][ T1730] EXT4-fs (loop4): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,. Quota mode: writeback.
[   44.322047][  T101]  loop5: p1 p3
[   44.326195][  T101] loop5: p3 size 589824 extends beyond EOD, truncated
[   44.335229][ T1736]  loop5: p1 p3
[   44.339715][ T1736] loop5: p3 size 589824 extends beyond EOD, truncated
[   44.453233][  T353] udevd[353]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[   44.471600][  T350] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   44.490527][  T350] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   44.495514][ T1075] udevd[1075]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[   44.503056][  T353] udevd[353]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[   44.530546][  T350] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   44.543321][  T350] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   44.565539][  T350] usb 4-1: config 0 descriptor??
[   44.765525][ T1779] syz.2.613[1779] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.765600][ T1779] syz.2.613[1779] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.781206][ T1779] loop2: detected capacity change from 0 to 512
[   44.847744][ T1779] EXT4-fs (loop2): 1 orphan inode deleted
[   44.853317][ T1779] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[   44.875596][ T1779] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.891597][ T1787] loop5: detected capacity change from 0 to 256
[   44.931444][ T1787] exfat: Unknown parameter 'zero_size_dir'
[   45.081767][ T1795] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=1795 comm=syz.5.620
[   45.094092][ T1795] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=1795 comm=syz.5.620
[   45.155520][  T350] usbhid 4-1:0.0: can't add hid device: -71
[   45.161721][  T350] usbhid: probe of 4-1:0.0 failed with error -71
[   45.180581][  T350] usb 4-1: USB disconnect, device number 3
[   45.365661][ T1804] loop4: detected capacity change from 0 to 40427
[   45.459176][ T1804] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   45.472671][ T1804] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   45.515609][ T1804] F2FS-fs (loop4): invalid crc value
[   45.542778][ T1804] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[   45.568107][ T1804] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   45.569108][ T1835] syz.2.636[1835] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.595277][ T1837] loop5: detected capacity change from 0 to 128
[   45.599322][ T1835] syz.2.636[1835] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.621858][ T1804] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   45.643444][ T1804] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   45.669641][ T1837] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   45.688501][ T1804] attempt to access beyond end of device
[   45.688501][ T1804] loop4: rw=2049, want=45112, limit=40427
[   45.701437][ T1837] ext4 filesystem being mounted at /150/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   45.767606][ T1837] fscrypt: AES-128-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   45.771783][ T1849] loop2: detected capacity change from 0 to 128
[   45.805014][ T1837] fscrypt: AES-128-CBC-ESSIV using implementation "essiv(cbc-aes-aesni,sha256-avx2)"
[   45.850716][   T45] attempt to access beyond end of device
[   45.850716][   T45] loop2: rw=1, want=1041, limit=128
[   45.897323][ T1858] serio: Serial port tty31
[   46.009099][ T1871] loop3: detected capacity change from 0 to 2048
[   46.079203][ T1875] loop4: detected capacity change from 0 to 8192
[   46.144640][ T1871] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   46.177116][ T1871] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.216665][ T1871] fs-verity: sha512 using implementation "sha512-avx2"
[   46.328449][ T1898] loop3: detected capacity change from 0 to 2048
[   46.387017][ T1902] loop4: detected capacity change from 0 to 128
[   46.431776][ T1898] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   46.503734][ T1910] loop3: detected capacity change from 0 to 128
[   46.715936][ T1914] loop5: detected capacity change from 0 to 40427
[   46.755979][ T1914] F2FS-fs (loop5): invalid crc value
[   46.777858][ T1914] F2FS-fs (loop5): Found nat_bits in checkpoint
[   46.834354][ T1948] syz.4.680[1948] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   46.834422][ T1948] syz.4.680[1948] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   46.845513][ T1914] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   46.910891][  T428] attempt to access beyond end of device
[   46.910891][  T428] loop5: rw=2049, want=45104, limit=40427
[   46.980570][ T1964] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1964 comm=syz.4.687
[   47.081461][ T1973] device ip_vti0 entered promiscuous mode
[   47.090861][ T1973] device vlan2 entered promiscuous mode
[   47.133088][ T1973] device ip_vti0 left promiscuous mode
[   47.145679][ T1977] netlink: 96 bytes leftover after parsing attributes in process `syz.2.693'.
[   47.322804][ T2001] SELinux:  Context /usr/lib/telepathy/mission-control-5 is not valid (left unmapped).
[   47.347661][ T2003] overlayfs: failed to resolve './file0': -2
[   47.540375][ T2030] netlink: 104 bytes leftover after parsing attributes in process `syz.2.718'.
[   47.560880][  T350] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   47.592365][ T2033] binfmt_misc: register: failed to install interpreter file ./file2
[   47.595392][ T2034] loop4: detected capacity change from 0 to 1024
[   47.658613][ T2034] EXT4-fs (loop4): Ignoring removed oldalloc option
[   47.673486][ T2034] EXT4-fs (loop4): Ignoring removed bh option
[   47.679497][ T2034] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   47.714664][ T2034] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,nombcache,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[   47.945805][  T350] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   47.960659][ T2078] netlink: 24 bytes leftover after parsing attributes in process `syz.3.740'.
[   47.970896][ T2080] xt_hashlimit: size too large, truncated to 1048576
[   48.016894][ T2083] loop5: detected capacity change from 0 to 128
[   48.110217][ T2083] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   48.127556][ T2083] ext4 filesystem being mounted at /177/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   48.181068][  T350] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   48.190187][  T350] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   48.198990][  T350] usb 1-1: Product: syz
[   48.203269][  T350] usb 1-1: Manufacturer: syz
[   48.207802][  T350] usb 1-1: SerialNumber: syz
[   48.232611][ T2094] syz.5.746[2094] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.232700][ T2094] syz.5.746[2094] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.307792][ T2103] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.325891][ T2103] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.502936][  T350] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   48.555123][  T787] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   48.717879][  T350] usb 1-1: USB disconnect, device number 4
[   48.732562][  T350] usblp0: removed
[   48.745362][ T2121] loop5: detected capacity change from 0 to 512
[   48.762725][ T2121] EXT4-fs (loop5): Ignoring removed oldalloc option
[   48.769274][ T2121] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   48.783332][ T2121] EXT4-fs (loop5): 1 truncate cleaned up
[   48.788835][ T2121] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,oldalloc,barrier=0x0000000000000003,quota,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[   48.819481][   T30] kauditd_printk_skb: 156 callbacks suppressed
[   48.819495][   T30] audit: type=1400 audit(1744032589.201:825): avc:  denied  { unmount } for  pid=428 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   48.848604][  T428] EXT4-fs error (device loop5): mb_free_blocks:1865: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt.
[   48.854582][   T30] audit: type=1400 audit(1744032589.230:826): avc:  denied  { rmdir } for  pid=428 comm="syz-executor" name="lost+found" dev="loop5" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   48.899760][   T30] audit: type=1400 audit(1744032589.230:827): avc:  denied  { unlink } for  pid=428 comm="syz-executor" name="file1" dev="loop5" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[   48.950834][  T787] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.962771][   T30] audit: type=1400 audit(1744032589.342:828): avc:  denied  { read } for  pid=2129 comm="syz.5.758" dev="nsfs" ino=4026532690 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   48.965620][  T787] usb 5-1: New USB device found, idVendor=056a, idProduct=032b, bcdDevice= 0.00
[   48.994250][ T2130] netlink: 32 bytes leftover after parsing attributes in process `syz.5.758'.
[   49.009528][   T30] audit: type=1400 audit(1744032589.342:829): avc:  denied  { open } for  pid=2129 comm="syz.5.758" path="net:[4026532690]" dev="nsfs" ino=4026532690 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   49.012025][  T787] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.074287][   T30] audit: type=1400 audit(1744032589.342:830): avc:  denied  { create } for  pid=2129 comm="syz.5.758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   49.095668][   T30] audit: type=1400 audit(1744032589.370:831): avc:  denied  { create } for  pid=2129 comm="syz.5.758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[   49.117119][  T787] usb 5-1: config 0 descriptor??
[   49.150413][   T30] audit: type=1326 audit(1744032589.510:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2138 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8ed94f169 code=0x7ffc0000
[   49.192320][   T30] audit: type=1326 audit(1744032589.510:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2138 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8ed94f169 code=0x7ffc0000
[   49.215920][   T30] audit: type=1326 audit(1744032589.529:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2138 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8ed94f169 code=0x7ffc0000
[   49.343598][ T2154] loop5: detected capacity change from 0 to 512
[   49.389253][ T2154] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2766: inode #11: comm syz.5.771: corrupted xattr block 95
[   49.431894][ T2154] EXT4-fs (loop5): Remounting filesystem read-only
[   49.453357][ T2154] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm syz.5.771: bg 0: block 7: invalid block bitmap
[   49.487052][ T2154] EXT4-fs (loop5): Remounting filesystem read-only
[   49.493402][ T2154] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6183: Corrupt filesystem
[   49.517161][ T2154] EXT4-fs (loop5): Remounting filesystem read-only
[   49.523595][ T2154] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2932: inode #11: comm syz.5.771: corrupted xattr block 95
[   49.546252][ T2154] EXT4-fs (loop5): Remounting filesystem read-only
[   49.557032][ T2154] EXT4-fs warning (device loop5): ext4_evict_inode:303: xattr delete (err -117)
[   49.561846][ T2168] SELinux: failed to load policy
[   49.578620][ T2154] EXT4-fs (loop5): 1 orphan inode deleted
[   49.584592][ T2154] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,nodioread_nolock,. Quota mode: none.
[   49.636528][  T787] wacom 0003:056A:032B.0005: unknown main item tag 0x1
[   49.651658][  T787] wacom 0003:056A:032B.0005: hidraw0: USB HID v0.04 Device [HID 056a:032b] on usb-dummy_hcd.4-1/input0
[   49.857905][  T787] usb 5-1: USB disconnect, device number 4
[   49.961296][ T2207] netlink: 24 bytes leftover after parsing attributes in process `syz.0.796'.
[   49.961386][ T2184] loop5: detected capacity change from 0 to 40427
[   50.034463][ T2184] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[   50.050447][ T2184] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   50.062328][ T2184] F2FS-fs (loop5): invalid crc value
[   50.073942][ T2184] F2FS-fs (loop5): Found nat_bits in checkpoint
[   50.123183][ T2184] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   50.131203][ T2184] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   50.282955][ T2223] netlink: 'syz.2.800': attribute type 1 has an invalid length.
[   50.290497][ T2223] netlink: 12 bytes leftover after parsing attributes in process `syz.2.800'.
[   50.600558][ T2184] attempt to access beyond end of device
[   50.600558][ T2184] loop5: rw=2049, want=40432, limit=40427
[   50.615450][ T2247] overlayfs: missing 'lowerdir'
[   50.661896][  T340] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   50.679188][  T340] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   50.803448][ T2261] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[   50.951895][ T2271] netlink: 172 bytes leftover after parsing attributes in process `syz.5.814'.
[   50.994733][ T2278] netlink: 104 bytes leftover after parsing attributes in process `syz.3.825'.
[   51.344307][ T2313] netlink: 44 bytes leftover after parsing attributes in process `syz.2.841'.
[   51.356104][ T2313] netlink: 12 bytes leftover after parsing attributes in process `syz.2.841'.
[   51.356317][ T2280] loop5: detected capacity change from 0 to 40427
[   51.376519][ T2313] netlink: 16 bytes leftover after parsing attributes in process `syz.2.841'.
[   51.394597][ T2313] netlink: 16 bytes leftover after parsing attributes in process `syz.2.841'.
[   51.432716][ T2280] F2FS-fs (loop5): invalid crc value
[   51.459996][ T2280] F2FS-fs (loop5): Found nat_bits in checkpoint
[   51.537841][ T2280] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   51.646987][  T428] attempt to access beyond end of device
[   51.646987][  T428] loop5: rw=2049, want=45104, limit=40427
[   52.235917][    C1] ==================================================================
[   52.243817][    C1] BUG: KASAN: use-after-free in cpu_map_generic_redirect+0x1a8/0x6d0
[   52.251704][    C1] Read of size 8 at addr ffff888119bb1c18 by task syz-executor/292
[   52.259518][    C1] 
[   52.261685][    C1] CPU: 1 PID: 292 Comm: syz-executor Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[   52.271493][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   52.281399][    C1] Call Trace:
[   52.284514][    C1]  <IRQ>
[   52.287203][    C1]  dump_stack_lvl+0x151/0x1c0
[   52.291799][    C1]  ? io_uring_drop_tctx_refs+0x190/0x190
[   52.297273][    C1]  ? panic+0x760/0x760
[   52.301172][    C1]  ? x64_sys_call+0x1b0/0x9a0
[   52.305689][    C1]  print_address_description+0x87/0x3b0
[   52.311069][    C1]  kasan_report+0x179/0x1c0
[   52.315408][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[   52.320966][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[   52.326516][    C1]  __asan_report_load8_noabort+0x14/0x20
[   52.331984][    C1]  cpu_map_generic_redirect+0x1a8/0x6d0
[   52.337371][    C1]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[   52.342836][    C1]  ? cpu_map_enqueue+0x370/0x370
[   52.347606][    C1]  ? do_xdp_generic+0x499/0x7c0
[   52.352294][    C1]  ? xdp_do_generic_redirect+0x160/0xb40
[   52.357766][    C1]  xdp_do_generic_redirect+0x3df/0xb40
[   52.363167][    C1]  do_xdp_generic+0x50b/0x7c0
[   52.367675][    C1]  ? generic_xdp_tx+0x490/0x490
[   52.372369][    C1]  ? enqueue_to_backlog+0x872/0xbc0
[   52.377397][    C1]  ? migrate_disable+0xd9/0x190
[   52.382082][    C1]  __netif_receive_skb_core+0x1706/0x3640
[   52.387639][    C1]  ? get_rps_cpu+0x840/0x840
[   52.392064][    C1]  ? set_rps_cpu+0x5e0/0x5e0
[   52.396491][    C1]  ? timerqueue_add+0x250/0x270
[   52.401177][    C1]  ? enqueue_hrtimer+0xca/0x240
[   52.405864][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   52.411508][    C1]  __netif_receive_skb+0x11c/0x530
[   52.416456][    C1]  ? qdisc_watchdog_schedule_range_ns+0x163/0x1a0
[   52.422704][    C1]  ? deliver_ptype_list_skb+0x3b0/0x3b0
[   52.428082][    C1]  ? __kasan_check_write+0x14/0x20
[   52.433028][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[   52.437628][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[   52.442841][    C1]  process_backlog+0x31c/0x650
[   52.447440][    C1]  __napi_poll+0xc4/0x5a0
[   52.451605][    C1]  net_rx_action+0x47d/0xc50
[   52.456035][    C1]  ? net_tx_action+0x550/0x550
[   52.460634][    C1]  ? qdisc_run+0x114/0x2c0
[   52.464882][    C1]  ? net_tx_action+0x527/0x550
[   52.469483][    C1]  handle_softirqs+0x25e/0x5c0
[   52.474086][    C1]  __irq_exit_rcu+0x52/0xf0
[   52.478425][    C1]  irq_exit_rcu+0x9/0x10
[   52.482502][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[   52.487971][    C1]  </IRQ>
[   52.490749][    C1]  <TASK>
[   52.493523][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   52.499353][    C1] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x8/0x80
[   52.505936][    C1] Code: 0a 10 48 89 74 0a 18 4c 89 44 0a 20 49 ff c1 4c 89 09 5d c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 55 48 89 e5 4c 8b 45 08 <65> 48 8b 0d 80 fc 91 7e 65 8b 05 81 fc 91 7e 25 00 01 ff 00 74 10
[   52.525374][    C1] RSP: 0018:ffffc90000a67650 EFLAGS: 00000246
[   52.531279][    C1] RAX: ffff888125dcfb90 RBX: 00007f70f5d72000 RCX: ffff88810a8e3b40
[   52.539096][    C1] RDX: 0000000000000000 RSI: 8000000120d27007 RDI: 0000000000000000
[   52.546929][    C1] RBP: ffffc90000a67650 R08: ffffffff81a722cb R09: fffff94000906931
[   52.554712][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881404cbb90
[   52.562612][    C1] R13: dffffc0000000000 R14: ffff888125dbf4f0 R15: 8000000120d27007
[   52.570577][    C1]  ? copy_page_range+0x10ab/0x2e20
[   52.575498][    C1]  copy_page_range+0x10ab/0x2e20
[   52.580276][    C1]  ? pfn_valid+0x1e0/0x1e0
[   52.584528][    C1]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[   52.590077][    C1]  ? __rb_insert_augmented+0x5de/0x610
[   52.595379][    C1]  copy_mm+0xc7e/0x13e0
[   52.599369][    C1]  ? copy_signal+0x610/0x610
[   52.603792][    C1]  ? __init_rwsem+0xfe/0x1d0
[   52.608232][    C1]  ? copy_signal+0x4e3/0x610
[   52.612642][    C1]  copy_process+0x1149/0x3290
[   52.617160][    C1]  ? __kasan_check_read+0x11/0x20
[   52.622021][    C1]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   52.626963][    C1]  ? vfs_read+0x704/0xd40
[   52.631130][    C1]  kernel_clone+0x21e/0x9e0
[   52.635468][    C1]  ? create_io_thread+0x1e0/0x1e0
[   52.640332][    C1]  ? debug_smp_processor_id+0x17/0x20
[   52.645540][    C1]  __x64_sys_clone+0x23f/0x290
[   52.650143][    C1]  ? __do_sys_vfork+0x130/0x130
[   52.654826][    C1]  x64_sys_call+0x1b0/0x9a0
[   52.659248][    C1]  do_syscall_64+0x3b/0xb0
[   52.663522][    C1]  ? clear_bhb_loop+0x35/0x90
[   52.668016][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   52.673743][    C1] RIP: 0033:0x7f70f64c89d3
[   52.678031][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[   52.697439][    C1] RSP: 002b:00007ffd31e34ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   52.705684][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f70f64c89d3
[   52.713497][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[   52.721304][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
[   52.729119][    C1] R10: 00005555605177d0 R11: 0000000000000246 R12: 0000000000000001
[   52.736928][    C1] R13: 00000000000927c0 R14: 000000000000c51e R15: 00007ffd31e35060
[   52.744747][    C1]  </TASK>
[   52.747604][    C1] 
[   52.749777][    C1] Allocated by task 2348:
[   52.753941][    C1]  ____kasan_kmalloc+0xdb/0x110
[   52.758721][    C1]  __kasan_kmalloc+0x9/0x10
[   52.763080][    C1]  __kmalloc+0x13f/0x2c0
[   52.767147][    C1]  bpf_map_kmalloc_node+0xdb/0x160
[   52.772084][    C1]  cpu_map_update_elem+0x26c/0xea0
[   52.777025][    C1]  bpf_map_update_value+0x1a3/0x3c0
[   52.782060][    C1]  map_update_elem+0x644/0x770
[   52.786659][    C1]  __sys_bpf+0x405/0x760
[   52.790739][    C1]  __x64_sys_bpf+0x7c/0x90
[   52.794994][    C1]  x64_sys_call+0x87f/0x9a0
[   52.799335][    C1]  do_syscall_64+0x3b/0xb0
[   52.803586][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   52.809315][    C1] 
[   52.811482][    C1] Freed by task 2351:
[   52.815300][    C1]  kasan_set_track+0x4b/0x70
[   52.819737][    C1]  kasan_set_free_info+0x23/0x40
[   52.824501][    C1]  ____kasan_slab_free+0x126/0x160
[   52.829450][    C1]  __kasan_slab_free+0x11/0x20
[   52.834048][    C1]  slab_free_freelist_hook+0xbd/0x190
[   52.839257][    C1]  kfree+0xcc/0x270
[   52.842902][    C1]  put_cpu_map_entry+0x6dd/0x750
[   52.847677][    C1]  cpu_map_kthread_run+0x22d0/0x2390
[   52.852795][    C1]  kthread+0x421/0x510
[   52.856699][    C1]  ret_from_fork+0x1f/0x30
[   52.860953][    C1] 
[   52.863128][    C1] Last potentially related work creation:
[   52.868677][    C1]  kasan_save_stack+0x3b/0x60
[   52.873194][    C1]  __kasan_record_aux_stack+0xd3/0xf0
[   52.878400][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[   52.884040][    C1]  insert_work+0x56/0x320
[   52.888206][    C1]  __queue_work+0x92a/0xcd0
[   52.892548][    C1]  queue_work_on+0x105/0x170
[   52.896972][    C1]  cpu_map_free+0x1e7/0x2c0
[   52.901316][    C1]  bpf_map_free_deferred+0x10d/0x1e0
[   52.906434][    C1]  process_one_work+0x6bb/0xc10
[   52.911121][    C1]  worker_thread+0xad5/0x12a0
[   52.915634][    C1]  kthread+0x421/0x510
[   52.919544][    C1]  ret_from_fork+0x1f/0x30
[   52.923794][    C1] 
[   52.925963][    C1] Second to last potentially related work creation:
[   52.932388][    C1]  kasan_save_stack+0x3b/0x60
[   52.936898][    C1]  __kasan_record_aux_stack+0xd3/0xf0
[   52.942109][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[   52.947747][    C1]  call_rcu+0x123/0x10b0
[   52.951827][    C1]  cpu_map_free+0x109/0x2c0
[   52.956165][    C1]  bpf_map_free_deferred+0x10d/0x1e0
[   52.961285][    C1]  process_one_work+0x6bb/0xc10
[   52.965976][    C1]  worker_thread+0xad5/0x12a0
[   52.970486][    C1]  kthread+0x421/0x510
[   52.974392][    C1]  ret_from_fork+0x1f/0x30
[   52.978644][    C1] 
[   52.980817][    C1] The buggy address belongs to the object at ffff888119bb1c00
[   52.980817][    C1]  which belongs to the cache kmalloc-192 of size 192
[   52.994702][    C1] The buggy address is located 24 bytes inside of
[   52.994702][    C1]  192-byte region [ffff888119bb1c00, ffff888119bb1cc0)
[   53.007724][    C1] The buggy address belongs to the page:
[   53.013204][    C1] page:ffffea000466ec40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x119bb1
[   53.023262][    C1] flags: 0x4000000000000200(slab|zone=1)
[   53.028736][    C1] raw: 4000000000000200 ffffea00042abc40 0000000c00000002 ffff888100042c00
[   53.037153][    C1] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   53.045565][    C1] page dumped because: kasan: bad access detected
[   53.051829][    C1] page_owner tracks the page as allocated
[   53.057370][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 101, ts 30049007486, free_ts 30014836444
[   53.073079][    C1]  post_alloc_hook+0x1a3/0x1b0
[   53.077692][    C1]  prep_new_page+0x1b/0x110
[   53.082032][    C1]  get_page_from_freelist+0x3550/0x35d0
[   53.087397][    C1]  __alloc_pages+0x27e/0x8f0
[   53.091821][    C1]  new_slab+0x9a/0x4e0
[   53.095736][    C1]  ___slab_alloc+0x39e/0x830
[   53.100155][    C1]  __slab_alloc+0x4a/0x90
[   53.104323][    C1]  kmem_cache_alloc_trace+0x147/0x270
[   53.109528][    C1]  kernfs_fop_open+0x324/0xab0
[   53.114138][    C1]  do_dentry_open+0x81c/0xfd0
[   53.118641][    C1]  vfs_open+0x73/0x80
[   53.122461][    C1]  path_openat+0x26f0/0x2f40
[   53.126888][    C1]  do_filp_open+0x21c/0x460
[   53.131235][    C1]  do_sys_openat2+0x13f/0x820
[   53.135740][    C1]  __x64_sys_openat+0x243/0x290
[   53.140429][    C1]  x64_sys_call+0x6bf/0x9a0
[   53.144769][    C1] page last free stack trace:
[   53.149279][    C1]  free_unref_page_prepare+0x7c8/0x7d0
[   53.154573][    C1]  free_unref_page_list+0x14b/0xa60
[   53.159605][    C1]  release_pages+0x1310/0x1370
[   53.164207][    C1]  free_pages_and_swap_cache+0x8a/0xa0
[   53.169502][    C1]  tlb_finish_mmu+0x177/0x320
[   53.174021][    C1]  exit_mmap+0x484/0x990
[   53.178094][    C1]  __mmput+0x95/0x310
[   53.181912][    C1]  mmput+0x5b/0x170
[   53.185561][    C1]  do_exit+0xb9c/0x2ca0
[   53.189559][    C1]  do_group_exit+0x141/0x310
[   53.194063][    C1]  __x64_sys_exit_group+0x3f/0x40
[   53.198923][    C1]  x64_sys_call+0x610/0x9a0
[   53.203264][    C1]  do_syscall_64+0x3b/0xb0
[   53.207519][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   53.213247][    C1] 
[   53.215414][    C1] Memory state around the buggy address:
[   53.220885][    C1]  ffff888119bb1b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   53.228784][    C1]  ffff888119bb1b80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   53.236683][    C1] >ffff888119bb1c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   53.244578][    C1]                             ^
[   53.249270][    C1]  ffff888119bb1c80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   53.257165][    C1]  ffff888119bb1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   53.265169][    C1] ==================================================================
[   53.273067][    C1] Disabling lock debugging due to kernel taint
[   53.279143][    C1] ================================================================================
[   53.288215][    C1] UBSAN: array-index-out-of-bounds in kernel/locking/qspinlock.c:130:9
[   53.296269][    C1] index 16382 is out of range for type 'unsigned long[8]'
[   53.303218][    C1] CPU: 1 PID: 292 Comm: syz-executor Tainted: G    B             5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[   53.314385][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   53.324275][    C1] Call Trace:
[   53.327406][    C1]  <IRQ>
[   53.330092][    C1]  dump_stack_lvl+0x151/0x1c0
[   53.334607][    C1]  ? io_uring_drop_tctx_refs+0x190/0x190
[   53.340070][    C1]  ? kvm_sched_clock_read+0x18/0x40
[   53.345104][    C1]  ? sched_clock+0x9/0x10
[   53.349277][    C1]  dump_stack+0x15/0x20
[   53.353286][    C1]  __ubsan_handle_out_of_bounds+0x118/0x140
[   53.358998][    C1]  __pv_queued_spin_lock_slowpath+0xb9d/0xc40
[   53.364893][    C1]  ? sysvec_apic_timer_interrupt+0x64/0xc0
[   53.370536][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   53.376527][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[   53.382791][    C1]  ? kasan_check_range+0x293/0x2a0
[   53.387722][    C1]  _raw_spin_lock+0x139/0x1b0
[   53.392322][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[   53.397528][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[   53.403084][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[   53.408639][    C1]  cpu_map_generic_redirect+0x1d5/0x6d0
[   53.414018][    C1]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[   53.419485][    C1]  ? cpu_map_enqueue+0x370/0x370
[   53.424263][    C1]  ? do_xdp_generic+0x499/0x7c0
[   53.428947][    C1]  ? xdp_do_generic_redirect+0x160/0xb40
[   53.434418][    C1]  xdp_do_generic_redirect+0x3df/0xb40
[   53.439717][    C1]  do_xdp_generic+0x50b/0x7c0
[   53.444225][    C1]  ? generic_xdp_tx+0x490/0x490
[   53.448911][    C1]  ? enqueue_to_backlog+0x872/0xbc0
[   53.453943][    C1]  ? migrate_disable+0xd9/0x190
[   53.458629][    C1]  __netif_receive_skb_core+0x1706/0x3640
[   53.464184][    C1]  ? get_rps_cpu+0x840/0x840
[   53.468616][    C1]  ? set_rps_cpu+0x5e0/0x5e0
[   53.473036][    C1]  ? timerqueue_add+0x250/0x270
[   53.477723][    C1]  ? enqueue_hrtimer+0xca/0x240
[   53.482412][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   53.488052][    C1]  __netif_receive_skb+0x11c/0x530
[   53.493013][    C1]  ? qdisc_watchdog_schedule_range_ns+0x163/0x1a0
[   53.499250][    C1]  ? deliver_ptype_list_skb+0x3b0/0x3b0
[   53.504629][    C1]  ? __kasan_check_write+0x14/0x20
[   53.509587][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[   53.514175][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[   53.519390][    C1]  process_backlog+0x31c/0x650
[   53.523993][    C1]  __napi_poll+0xc4/0x5a0
[   53.528150][    C1]  net_rx_action+0x47d/0xc50
[   53.532580][    C1]  ? net_tx_action+0x550/0x550
[   53.537179][    C1]  ? qdisc_run+0x114/0x2c0
[   53.541428][    C1]  ? net_tx_action+0x527/0x550
[   53.546033][    C1]  handle_softirqs+0x25e/0x5c0
[   53.550645][    C1]  __irq_exit_rcu+0x52/0xf0
[   53.554976][    C1]  irq_exit_rcu+0x9/0x10
[   53.559048][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[   53.564519][    C1]  </IRQ>
[   53.567296][    C1]  <TASK>
[   53.570070][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   53.575887][    C1] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x8/0x80
[   53.582484][    C1] Code: 0a 10 48 89 74 0a 18 4c 89 44 0a 20 49 ff c1 4c 89 09 5d c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 55 48 89 e5 4c 8b 45 08 <65> 48 8b 0d 80 fc 91 7e 65 8b 05 81 fc 91 7e 25 00 01 ff 00 74 10
[   53.601925][    C1] RSP: 0018:ffffc90000a67650 EFLAGS: 00000246
[   53.607824][    C1] RAX: ffff888125dcfb90 RBX: 00007f70f5d72000 RCX: ffff88810a8e3b40
[   53.615635][    C1] RDX: 0000000000000000 RSI: 8000000120d27007 RDI: 0000000000000000
[   53.623447][    C1] RBP: ffffc90000a67650 R08: ffffffff81a722cb R09: fffff94000906931
[   53.631256][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881404cbb90
[   53.639070][    C1] R13: dffffc0000000000 R14: ffff888125dbf4f0 R15: 8000000120d27007
[   53.646887][    C1]  ? copy_page_range+0x10ab/0x2e20
[   53.651832][    C1]  copy_page_range+0x10ab/0x2e20
[   53.656610][    C1]  ? pfn_valid+0x1e0/0x1e0
[   53.660855][    C1]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[   53.666423][    C1]  ? __rb_insert_augmented+0x5de/0x610
[   53.671708][    C1]  copy_mm+0xc7e/0x13e0
[   53.675699][    C1]  ? copy_signal+0x610/0x610
[   53.680122][    C1]  ? __init_rwsem+0xfe/0x1d0
[   53.684550][    C1]  ? copy_signal+0x4e3/0x610
[   53.689013][    C1]  copy_process+0x1149/0x3290
[   53.693493][    C1]  ? __kasan_check_read+0x11/0x20
[   53.698353][    C1]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   53.703297][    C1]  ? vfs_read+0x704/0xd40
[   53.707467][    C1]  kernel_clone+0x21e/0x9e0
[   53.711807][    C1]  ? create_io_thread+0x1e0/0x1e0
[   53.716663][    C1]  ? debug_smp_processor_id+0x17/0x20
[   53.722219][    C1]  __x64_sys_clone+0x23f/0x290
[   53.726915][    C1]  ? __do_sys_vfork+0x130/0x130
[   53.731597][    C1]  x64_sys_call+0x1b0/0x9a0
[   53.735932][    C1]  do_syscall_64+0x3b/0xb0
[   53.740184][    C1]  ? clear_bhb_loop+0x35/0x90
[   53.744702][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   53.750457][    C1] RIP: 0033:0x7f70f64c89d3
[   53.754682][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[   53.774121][    C1] RSP: 002b:00007ffd31e34ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   53.782366][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f70f64c89d3
[   53.790175][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[   53.797985][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
[   53.805799][    C1] R10: 00005555605177d0 R11: 0000000000000246 R12: 0000000000000001
[   53.813608][    C1] R13: 00000000000927c0 R14: 000000000000c51e R15: 00007ffd31e35060
[   53.821429][    C1]  </TASK>
[   53.824326][    C1] ================================================================================
[   53.833484][    C1] general protection fault, probably for non-canonical address 0xe010f1f79fab70e5: 0000 [#1] PREEMPT SMP KASAN
[   53.845123][    C1] KASAN: maybe wild-memory-access in range [0x0087afbcfd5b8728-0x0087afbcfd5b872f]
[   53.854323][    C1] CPU: 1 PID: 292 Comm: syz-executor Tainted: G    B             5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[   53.865604][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   53.875498][    C1] RIP: 0010:__pv_queued_spin_lock_slowpath+0x2f3/0xc40
[   53.882290][    C1] Code: 74 1e 48 89 4c 24 10 48 8b 7c 24 10 e8 c6 9e 5d 00 48 8b 4c 24 10 48 ba 00 00 00 00 00 fc ff df 4c 03 21 4c 89 e0 48 c1 e8 03 <80> 3c 10 00 74 12 4c 89 e7 e8 3f 9f 5d 00 48 ba 00 00 00 00 00 fc
[   53.901732][    C1] RSP: 0018:ffffc900001d05a0 EFLAGS: 00010203
[   53.907633][    C1] RAX: 0010f5f79fab70e5 RBX: ffff8881f7138ad4 RCX: ffffffff86286820
[   53.915529][    C1] RDX: dffffc0000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
[   53.923354][    C1] RBP: ffffc900001d0690 R08: ffffffff8141a9ab R09: 0000000000000003
[   53.931149][    C1] R10: fffffbfff0e9aa4c R11: dffffc0000000001 R12: 0087afbcfd5b872d
[   53.938961][    C1] R13: 1ffff110233762e0 R14: 1ffff1103ee27159 R15: ffff888119bb1704
[   53.943187][  T787] Bluetooth: hci0: command 0x1003 tx timeout
[   53.946773][    C1] FS:  0000555560517500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   53.946797][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   53.952723][  T397] Bluetooth: hci0: sending frame failed (-49)
[   53.961349][    C1] CR2: 00007f70f721a6c0 CR3: 0000000125dbe000 CR4: 00000000003506a0
[   53.961370][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   53.961384][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   53.961398][    C1] Call Trace:
[   54.000332][    C1]  <IRQ>
[   54.003014][    C1]  ? __die_body+0x62/0xb0
[   54.007182][    C1]  ? die_addr+0x9f/0xd0
[   54.011176][    C1]  ? exc_general_protection+0x311/0x4b0
[   54.016557][    C1]  ? asm_exc_general_protection+0x27/0x30
[   54.022107][    C1]  ? check_panic_on_warn+0x5b/0xb0
[   54.027064][    C1]  ? __pv_queued_spin_lock_slowpath+0x2f3/0xc40
[   54.033132][    C1]  ? sysvec_apic_timer_interrupt+0x64/0xc0
[   54.038786][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   54.044762][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[   54.051010][    C1]  ? kasan_check_range+0x293/0x2a0
[   54.055964][    C1]  _raw_spin_lock+0x139/0x1b0
[   54.060467][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[   54.065677][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[   54.071237][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[   54.076791][    C1]  cpu_map_generic_redirect+0x1d5/0x6d0
[   54.082170][    C1]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[   54.087636][    C1]  ? cpu_map_enqueue+0x370/0x370
[   54.092410][    C1]  ? do_xdp_generic+0x499/0x7c0
[   54.097098][    C1]  ? xdp_do_generic_redirect+0x160/0xb40
[   54.102565][    C1]  xdp_do_generic_redirect+0x3df/0xb40
[   54.107863][    C1]  do_xdp_generic+0x50b/0x7c0
[   54.112376][    C1]  ? generic_xdp_tx+0x490/0x490
[   54.117058][    C1]  ? enqueue_to_backlog+0x872/0xbc0
[   54.122098][    C1]  ? migrate_disable+0xd9/0x190
[   54.126795][    C1]  __netif_receive_skb_core+0x1706/0x3640
[   54.132337][    C1]  ? get_rps_cpu+0x840/0x840
[   54.136759][    C1]  ? set_rps_cpu+0x5e0/0x5e0
[   54.141186][    C1]  ? timerqueue_add+0x250/0x270
[   54.145872][    C1]  ? enqueue_hrtimer+0xca/0x240
[   54.150566][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   54.156201][    C1]  __netif_receive_skb+0x11c/0x530
[   54.161172][    C1]  ? qdisc_watchdog_schedule_range_ns+0x163/0x1a0
[   54.167404][    C1]  ? deliver_ptype_list_skb+0x3b0/0x3b0
[   54.172782][    C1]  ? __kasan_check_write+0x14/0x20
[   54.177727][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[   54.182329][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[   54.187532][    C1]  process_backlog+0x31c/0x650
[   54.192137][    C1]  __napi_poll+0xc4/0x5a0
[   54.196300][    C1]  net_rx_action+0x47d/0xc50
[   54.200727][    C1]  ? net_tx_action+0x550/0x550
[   54.205324][    C1]  ? qdisc_run+0x114/0x2c0
[   54.209578][    C1]  ? net_tx_action+0x527/0x550
[   54.214178][    C1]  handle_softirqs+0x25e/0x5c0
[   54.218879][    C1]  __irq_exit_rcu+0x52/0xf0
[   54.223205][    C1]  irq_exit_rcu+0x9/0x10
[   54.227283][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[   54.232751][    C1]  </IRQ>
[   54.235553][    C1]  <TASK>
[   54.238308][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   54.244122][    C1] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x8/0x80
[   54.250715][    C1] Code: 0a 10 48 89 74 0a 18 4c 89 44 0a 20 49 ff c1 4c 89 09 5d c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 55 48 89 e5 4c 8b 45 08 <65> 48 8b 0d 80 fc 91 7e 65 8b 05 81 fc 91 7e 25 00 01 ff 00 74 10
[   54.270159][    C1] RSP: 0018:ffffc90000a67650 EFLAGS: 00000246
[   54.276061][    C1] RAX: ffff888125dcfb90 RBX: 00007f70f5d72000 RCX: ffff88810a8e3b40
[   54.283887][    C1] RDX: 0000000000000000 RSI: 8000000120d27007 RDI: 0000000000000000
[   54.291684][    C1] RBP: ffffc90000a67650 R08: ffffffff81a722cb R09: fffff94000906931
[   54.299582][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881404cbb90
[   54.307394][    C1] R13: dffffc0000000000 R14: ffff888125dbf4f0 R15: 8000000120d27007
[   54.315206][    C1]  ? copy_page_range+0x10ab/0x2e20
[   54.320153][    C1]  copy_page_range+0x10ab/0x2e20
[   54.324937][    C1]  ? pfn_valid+0x1e0/0x1e0
[   54.329218][    C1]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[   54.334732][    C1]  ? __rb_insert_augmented+0x5de/0x610
[   54.340027][    C1]  copy_mm+0xc7e/0x13e0
[   54.344024][    C1]  ? copy_signal+0x610/0x610
[   54.348452][    C1]  ? __init_rwsem+0xfe/0x1d0
[   54.352875][    C1]  ? copy_signal+0x4e3/0x610
[   54.357299][    C1]  copy_process+0x1149/0x3290
[   54.361816][    C1]  ? __kasan_check_read+0x11/0x20
[   54.366671][    C1]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   54.371627][    C1]  ? vfs_read+0x704/0xd40
[   54.375789][    C1]  kernel_clone+0x21e/0x9e0
[   54.380126][    C1]  ? create_io_thread+0x1e0/0x1e0
[   54.385075][    C1]  ? debug_smp_processor_id+0x17/0x20
[   54.390288][    C1]  __x64_sys_clone+0x23f/0x290
[   54.394879][    C1]  ? __do_sys_vfork+0x130/0x130
[   54.399573][    C1]  x64_sys_call+0x1b0/0x9a0
[   54.404003][    C1]  do_syscall_64+0x3b/0xb0
[   54.408255][    C1]  ? clear_bhb_loop+0x35/0x90
[   54.412769][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   54.418496][    C1] RIP: 0033:0x7f70f64c89d3
[   54.422758][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[   54.442292][    C1] RSP: 002b:00007ffd31e34ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   54.450539][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f70f64c89d3
[   54.458434][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[   54.466246][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
[   54.474057][    C1] R10: 00005555605177d0 R11: 0000000000000246 R12: 0000000000000001
[   54.481868][    C1] R13: 00000000000927c0 R14: 000000000000c51e R15: 00007ffd31e35060
[   54.489689][    C1]  </TASK>
[   54.492543][    C1] Modules linked in:
[   54.496332][    C1] ---[ end trace 9fde2657ca4ed6a5 ]---
[   54.501596][    C1] RIP: 0010:__pv_queued_spin_lock_slowpath+0x2f3/0xc40
[   54.508254][    C1] Code: 74 1e 48 89 4c 24 10 48 8b 7c 24 10 e8 c6 9e 5d 00 48 8b 4c 24 10 48 ba 00 00 00 00 00 fc ff df 4c 03 21 4c 89 e0 48 c1 e8 03 <80> 3c 10 00 74 12 4c 89 e7 e8 3f 9f 5d 00 48 ba 00 00 00 00 00 fc
[   54.527725][    C1] RSP: 0018:ffffc900001d05a0 EFLAGS: 00010203
[   54.533614][    C1] RAX: 0010f5f79fab70e5 RBX: ffff8881f7138ad4 RCX: ffffffff86286820
[   54.541413][    C1] RDX: dffffc0000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
[   54.549250][    C1] RBP: ffffc900001d0690 R08: ffffffff8141a9ab R09: 0000000000000003
[   54.557047][    C1] R10: fffffbfff0e9aa4c R11: dffffc0000000001 R12: 0087afbcfd5b872d
[   54.564867][    C1] R13: 1ffff110233762e0 R14: 1ffff1103ee27159 R15: ffff888119bb1704
[   54.572655][    C1] FS:  0000555560517500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   54.581447][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   54.587856][    C1] CR2: 00007f70f721a6c0 CR3: 0000000125dbe000 CR4: 00000000003506a0
[   54.595682][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   54.603590][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   54.611435][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[   54.618694][    C1] Kernel Offset: disabled
[   54.622824][    C1] Rebooting in 86400 seconds..