last executing test programs:

7m43.615167687s ago: executing program 32 (id=477):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000080), 0x0)

7m21.788052131s ago: executing program 33 (id=1382):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000041c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x28}}, 0x0)

7m6.842359835s ago: executing program 34 (id=1866):
r0 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
pread64(r0, &(0x7f0000000080)=""/246, 0xf6, 0x1)
pread64(r0, &(0x7f00000006c0)=""/4096, 0x1000, 0x6)

6m46.165651682s ago: executing program 35 (id=2582):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001500)=ANY=[@ANYBLOB="12010000000000407d1ef62c00000000000109022400010000000009040000010300020009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000280)={0x0, 0x3, 0x7, {0x7, 0x11, "3d7da32915"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

6m31.088122487s ago: executing program 36 (id=3105):
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000014c0)=@base={0xf, 0x4, 0x8, 0xacc, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r0, &(0x7f00000001c0), 0x0}, 0x20)

6m23.955895065s ago: executing program 5 (id=3316):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
stat(0x0, 0x0)

6m23.943526865s ago: executing program 5 (id=3317):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil)

6m23.920457835s ago: executing program 5 (id=3318):
unshare(0x2000400)
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000002640)=[{&(0x7f0000000080)=""/117, 0x75}], 0x1, 0x7fffffffffffffff, 0x0)

6m23.907807675s ago: executing program 5 (id=3319):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000200)={[{@utf8}, {@gid}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@discard}, {@errors_continue}, {}, {@errors_remount}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}]}, 0x1, 0x1528, &(0x7f0000001f80)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x10, 0x0)

6m23.820164295s ago: executing program 5 (id=3321):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x80200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x6)

6m23.738158774s ago: executing program 5 (id=3322):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000080850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x14, 0x14, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

6m23.716327025s ago: executing program 37 (id=3322):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000080850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x14, 0x14, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

4m41.064965213s ago: executing program 7 (id=6137):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
personality(0x5400004)

4m41.035632393s ago: executing program 7 (id=6138):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
timer_create(0x1, 0x0, &(0x7f0000000000)=<r1=>0x0)
timer_delete(r1)

4m40.944066013s ago: executing program 7 (id=6139):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@remote, 0x200000, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000002280)={@private0, 0x200000, 0x2, 0x0, 0x1, 0xfffd, 0x245}, 0x20)

4m40.943371353s ago: executing program 7 (id=6140):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x44c, &(0x7f0000000340)="$eJzs28tvG1UXAPAzdpx++dKSUMqr5REoiIpH0qQFumABCCQWRUKCBSyjJK1C3QQ1QaJVJFIWZYUQEnvEkn+BFWwQYoXEFvaoUoWyoWVlNPZMYru2m6R2XOrfT5r23Hnk3uOZa9+ZawcwsCbSf5KI/RHxe0SM1YqNO0zU/ru+sTZ3Y2NtLolK5d2/kup+f2+szeW75seN1hciiSMt6l25eOncbLm8cCErT62e/2hq5eKlFxbPz55dOLuwNHPq1MkT0y+/NPNiV/IcjUIWvfXBV2+f/qIh/6Y8umSi08anK5UuV9dfB+riZKiPDWFHihGRnq5Stf+PRTG2Tt5YvPlZXxsH9FSlUqmMtt+8XgHuYkk0lnV5GBT5B316/5svzYOAV3s3/Oi7a6/VboDSvK9nS23L0OYTg1LT/W03TUTE++v/fJMu0ZvnEAAADX5Ixz/Pp6Od5vFfIR6o2++ebG5oPCLujYiDEXFfLMWhiLg/orrvgxHx0A7rb54kuXn8U7i6q8S2KR3/vZLNbTWO//LRX4wXs9KBav6l5MxieeF49poci9K+tDzdoY4f3/jty3bb6sd/6ZLWn48Fs3ZcHdrXeMz87Ors7eRc79rliMNDrfJPNmcCkoh4OCIO77KOxWe/e6Tdtlvn30EX5pkq30Y8Uzv/69GUfy7pPD859b8oLxyfyq+Km/3y65V32tV/W/l3QXr+/9/y+t/Mfzypn69d2XkdV/74vO09zW6v/+HkvWo8nK37ZHZ19cJ0xHByutbo+vUzW8fm5Xz/NP9jR1v3/4Ox9UociYj0In40Ih6LiMeztj8REU9GxNEO+f/8+lMfNq8b2Xb+vZXmP7+j878VDEfzmtZB8dxP3zdUOr4VZvnf6Hz+T1ajY9ma7bz/baddu7uaAQAA4L+nEBH7IylMbsaFwuRk7Tv8hyIK5eWV1efOLH+8NF/7jcB4lAr5k66xuueh09ltfa18OSJqXy3It5+IQvW58dfFkWp5cm65PN/v5GHAjbbp/6k/i/1uHdBzfq8Fg0v/h8Gl/8Pg2ln/39ezdgB7r0X/H+lHO4C91+rz/9M+tAPYe03937QfDBDP/2Bw6f8wuPR/GEgrI3HrH8l3DPK/tMvD79ogSndEM3oWROGOaIagR0F/35cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65d8AAAD//9S+3I8=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

4m40.745819742s ago: executing program 7 (id=6142):
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
poll(&(0x7f0000000000)=[{r0, 0x4105}], 0x1, 0x80006)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_DISALLOCATE(r1, 0x5608)

4m40.620062792s ago: executing program 7 (id=6143):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000080)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000ffffff80000000000000f60004000000bb7f1a00c600feff000000149500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

4m40.615311452s ago: executing program 38 (id=6143):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000080)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000ffffff80000000000000f60004000000bb7f1a00c600feff000000149500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

4m39.123288937s ago: executing program 8 (id=6198):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x32)

4m28.272076154s ago: executing program 8 (id=6301):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f00000002c0)='./file1\x00', 0x0, &(0x7f0000000480)={[{@acl}]}, 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
writev(r0, &(0x7f0000000240)=[{&(0x7f00000017c0)="a824254574423ba4eebdc83a7d77d01920286a26eb328a9ddbd98cc6063abbe2dd56917e9a1fa4d16e66b46612d25352e1d2283e7cabdffe539353921e76d583572dd0810c1f0baf8a192d61503cba03a57755de955a6f170a084590a42cdfbaa20bf0693de66e948bce759de7bd1ab2e6fa78b32fd884afab967ffad6dc64894cd0734a42b7c9f588b69f9a4f8361b87e744e894dfde23537f07a93d7857c92a634b7c9816ca568242b92effff9494acb4025d7c3440072826678a8e195a8b4df1a55365752ebab8352e0d54deb4d8d9e676f3895dbc27dc6834da63b87f213c280eac74258c16c3be2585f4e7d4beb2fd3a1dfe2d6ec36a819c6eb91a531a286ed1f5bb3543c5ecf333699e02ae48f5e30be0170b6ebb1d0a60ebe8428ae71505c27c9c6da657e1316a55749ebf93b9eec60e8e2b02cdc8d6249fdae5aa3526f2539b3e95b7cfdaa678fe48e1b37e68746151e70bc35c5565a05676d02fc1d6663e305f076318f234986a56ca07786595907f0343504dc47c05ffc2f9a014a37ac276dcd633b61994c27135aee28c7d944cd624e3ca9cecfadc8c884c81609b8b5cbcf2f5984e1ba8f155e56ac1a4679a7fb1ed532d27546165f624bc056a97c6f2bd5ad75e067d07dd54aa5287d0990c63259f49a42735128918d23d5c9ca62265fbed8920b3aff090ebe4582a72a7647bf202099cf60c3e6784e7c4db4032e783a934a8f7d6d80e2effa7f3d687554cc732ee5a826782ade9b19ae0dc15133ceaa4c477201dddcc25f831c8fbd07d470ff6e15fadb718ed62fab9be3beb7987b0e76fab903ed4da06943156b24698c942d6121c5cb4a51999bad4f044ae00aad8c8a61ab6124831f9483df3d1b1d46d089ce377b140c69af108ce0278255dcead8a110d8077342fb2771cf83ede21d60eaa419ac618ff4ecdf468a30717ff4a9c6d9815aeb33e8fc0e19053fcbbc810d94612a9f718ee9001fba8b3666bd516a10380544c75d43bcb4471f65733da3f5235aad32248cfd4f77ab2609b1cada04117410be90cb29f0c3e010848d473eb0b0adbcbac7432a799ce643c1144e5e2e10418dc602f48b55d57747c69780435350fed84a02ffd4f88bd08f27f1478fa903ca81d053a9cb0bb3e804fb9b60b8a306402809f0c7602a689a0a0ea37f87be3742c6d7661654e7367e28e7ceed8a3a5bf14ce6efab07148bfae9470daa57abefe0b55d239b7d87327cd83494a911c8aefc404c5c32ca92dd19ab8daf6c796d9950a89dfa28220e075978da6321413cd3ba523cb594d58cf9d6cb72d55d075613d4ff95aa0cf683d06d62c216f9c509c73696b720418ded647b1b025c311f641384d85b2f94d76fa68b5a02bcbf16585a456e09200e1ea3b8e3e220b0aae9cb63f0bee993bdd92563d2994fd08a0fa76660b0ba8c5f78f2b947a9278e46fd0a7fe006409c82d340d8f3925e078ef5594ce6745f3b490aeab820389e6f14f06f28fd73b8b2d27ca94230f90d30810ec202f765c343a4d25c98d6bdcdc5fd871862ded23443f0d06fe8ae1cb23819c747df58dc96372afccc35b2cbddeafc66c5cea580c954708ef60f0a3752bc6177cadad589dbd64e7a18a1e08a9a86c777bb15f56f422a39f42915f9a8689583dc79dbaf4b840f88fe52b9a23d3691fc9d4fb2cd73552a03353ecf0e42f0db62f135b73499cae0fba592312071aca321a6519329e2f7dba460227144b9371fa202a9334b00ed679844e8fc86b3dd5799aaeefa6b1e767c620a46148766d003ce0bd46f7c9d1f7887aab86ced030bcfc434d581e8ba9bee755c860bbf8674e31054916caa7f77ce8582f3fb6329f81b59f80592512a3bbd7f05be31d886abdb130913cad62f9844b021f455693aaad70a861f3613b6f58e6d95953da85b4b1504ae38c51e999a786e696d552c6f30009747d8886c1edf8ac27fd2447d79625e2e50b6c3a6f082c9286819c79f3229994c0b7a955ba6dc85a1592e00a5dc25fa3e6a7dfc3dff5f098a635dc420084ce81c4214bca286b19a637034d0e2890b241c37f840ffb363003117c039b9564f9a330ee1166d92bd665d83d80f09550556b4e9554ed4753e29a6363e3b1cd268a399109bf9dce8fa158aa64b41756016fe98d67da94ca7d40b52ee031de0f93c2d0b241ea86e12472c6f0a7b25ceb0190494cefc0c179fdbdd7c63c00226c2e3a6027567164405ae0ca6f5297e5565e6b732b1534b015b4a4adb22bea113f93656c5de6d0488bfc3561dd584c7eeb90a35e6b2ed80e7cd435406604edde6d0ea91130e2e18cc5f351c4baf4260e78a77bff5f094befdcb5a2895ad38f37c1ce8774e9d79b4375fa25446d2ab49c0ac62aba80f0d72fa1fea8158fef205be73a2238257cc5cce714350daf94c0be0d24065b064216d9938bedc9730a6e79bc074088be1059ec1c908d38e2826cb710b13b112fde8b79f49680be07524b999a3dbcdcd6ffe4bbd16a0771ecf4c38e48567ec8013ec4b4560f78313dc60ed7fabf2139be8894a1ca2d2d74091be125fd1d59f1f40dc524139f242d1023b9c977b533aaae66225ee0e7b7f3d9ed404bc5ee285a8aba8b216326d47508ff2af3232bd7f6221abbe6977d8ad5422374608e3fc04619a4de9a1a8384a00d64172caf988cf6abb33d53a83bcb8b08d6b0e645bb3fae6a57bd898442ebb9f3eaaa58adfa6d0b7fb83e6e93889d92e53df107928f8fb8161674fe4cfa452763b2714836b846d31c7452128efae5816ee3c9b600989a6d1bb1debf668e9b1ba484f787b11d3d7ad88ed8e8b78c3815b6a742360fe1ea25942a4ac8e4392303ca8f0c6fd9aa560bd8c93445d7ccf0a640e76ca96bf9e1a384b6b3b4a1d202adb7c936d40306e842f95d08ed2f6fb5af348ac42778ad00e4a942888fe80a203ef00cb7868af6b09ad005749e4fea04fc6aa1145f19dd107240034379b2c3821b67cd9f1d624017b9644a5849b1147f7ed9cd1671049315556dfcaf8663e822b9c573f183f451107298042bbfce8d4a8557cfb1023e4fe1c9e66c84a751660381b719092d04701b66f4dbcc0dd4751d5b1c8bdff0b7197d8820b468442348365fcecf5f209b07ebddaee66ef0fa725c228fb0216cd8ea16a1f1e472dee6b44b5b864cb236b4b9b9db5ffd3e94b2c853461fca93603f2d0c8c84247ea5ae5a1582e945df03f49756d3fd2f6db0b3098d903e7f1b17260454d6fcaff8e6348fd27085713343d38e3217205a73aad8d6dfb242788744081951ee850026ac790d3928a992f4803ec935bef4f33ea510753312c16cc3c837b617e0696b7f7934d0a80c5ea63abe9cd6a9e77234bf14d3ba456f103b4bd763e11828f828feae492945bd44e8a5013025ccd3edf2ae69a3815c2bc5b699fe915e4304806d284f5ee2ba6aa9018938b761fa903008bb659f1959ed6f0754cf0b2cdaa611800d3f24b8ea264a378ef32c9f1f9fa2ec9b0fc1ae1d7873332fed605b5e05727d8079747f126986a6ecc10555e0b2653f482b0aa24f54323732f7e1e45814230d76c2e7ae824730ca23316a9c387c34c283123e3bfcfac0da4d6183744f6cfa721daabaf830f142afc751cf6ce7715b5eb277e12a0131544f2743ec7dfb4dc8ff19ea3963f2744739f0385135843a7d6df8de38b112ffdffbd9046218eec9e94fbc12ee4378fd91cdccad629db1e0b9adb157362576f8f3bb4fa6b87e8a3e9e35f950f6e657fd28571f4ede5c24017601061e1dfed88a3819002dbe310a662666729673d3c05c387d3d24e551e9231a050b783953ef150bcd60a305c7e43a9383726e391124c1ab0e14c71f12e63ef079c9ce439437c3e360b8838631f47d9c42630ee7e457e2ec74c7243e70dde609ae3d4ef6bf046a2947a91b00e72fc71ee9e6a9911e34066d3b6437780d5b5cffff0b5b47f4f99ed300caea5ae82469209d16a65a648bcbba100ad8797f51ee435973182d071ab0a1741ca04be61ee965ce2da93c2c75978e1685dc0d96494b4b0793cca28cba023eda9a2f655dc2185efc0397384e440c35aeffdd9bc8fcebe947007f2c6bd3b77cbcd4e2b1c764be90a283f5d708960c6a36ff2324ea85aa8911d0c237c6a8aa75af9b2758303aa9119cad8f2b4727822d3ca94ee6e3f00f59551b830bb6e681b90c4574eb0d32528e997e3058d1604dbb467bfd89bfbf566f42a856287e8034fce6e588a8274bde57ff2812f789518cac8861e8a94305d2603abc168044102d998663588271856e4331ed8c21a119ad7bb270607cfb776fcfda4f75b2eafba30dc20a6f5442b37cdd0d2e2014221b43d651f3e7796a77c745cbacd85477dd0efeda0d7b33c774d46bc3c2e7973f70a1578e4512062c987418adf9285b7b70a7deb11e67c055ba7c58c1ca7b7b24d3eacc621c04cbadd9f6ead20e41c3353904d673108341eb25e76e06f1bb775d6d2667341ea45f9938b00d531a751fe849fa5b818adba120285e99a30c1a362a3aefd465e7ec5cec6aa8170a7ad6303e36f78df6310b67d5bde95f1577f9d684a4885f75a9a802acedec003fe0a455dfca63f90aed247c03ee5d9c58a39f4c707bb88c1c35b3d4cc38b1ef6e1d3611c0139995bcb61029b3a92c48d2d12fea509048aad6bb58ba7b949f735eaa26e010b6256aec55863851361ae342487896e7bca6a1128919823a71a3e6a6cb61c44bf60ea49ed58a296dd81409b8ca84ccbc5ac973c60e3bec11bd7e729912b9a69ba999e900a945f935e3b76dff578a468f71edd332e886751bb2ba6b542d127064c3a6fb974c66ece0070a93f18858a65ef0f324e14b8a02a3c97930d12f2ec2821e1eaa73d45a9a6e729e8e2afc5691858fc810d16d8871fa7b73562d7fae96e03c79ba7e955d4a2f04c9941aa1b314744a6ca68dc3ccc454b1a7305f849465aa3c214534685b7f775b7e8e9435c7bcfbdc349af83e120ef1be777f7d2adb55e52ae16817338df40f754a5e8ced388d495230c63efb9d0429c302815465dcd6d0d24944e05b9665ecce2328e18f02f8405e716be6d9ef35e7b7a55d9ba860f7171cb98d86ab3140ce18c9930ec9b2fb15c8929716778edd3f30384eb5df5ad8dcd9f45fe72e80ad717000a06025446ac049255c596116417095b391bd750a7532328fafed924cc928889fb7898431349bb89a08ff7eb5c164a75cd630d9dcc0835dffdd225c7f517778354cf3b8b66e3333659cef85da7722e28b4c875357d2123d5e792f492dee3c66c43520a8ead36adb08dbc67350fb1415efaba26c74e85d7920efb70115a7fa3c1fbe221afbf1c2d0935563e8b7e4b83758c1a90945bff6f627b615d3df323750481a7b8750f590d4ff574003907a6eb78c54c9531d76b440d027074a5362b2031227f94e3c618b6931cefe985e3343d8de631995d4d2c2a4578c591b45e32435440df12ae4e162cfa8c5b34a7ffd798ff827a044db830eaf6e5f4d26a142766b791b2fe5b9ab691584db0b4fd8fc4200f35f5a87155520f5a401b1ef9977878b8905da360bf221d8d3a238f714773adc7f3682fb487d3a9a6d28de7998139978b115a0b596892b5cd1b5db5e48810ef5eade5fbd6f5207dd1c6646358f006aea508a941199e743f0108161a5ce4990e6d2285233295f9701d690183d6031021ea9e123fb12c3e940ae022b4113b971736ce0dd50ed8e0fd17b1739be73265756c573ce0f9adb3fbf070923ae45c9adbaa6759a1a1e41220a8f6decad4dbf7f285ba6f68c7791b120e75dead41eb", 0xffc}, {&(0x7f0000000140)="3e69dacae6", 0x5}], 0x2)
sendfile(r0, r0, 0x0, 0x7a680000)

4m27.842156283s ago: executing program 8 (id=6307):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x63b7, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)

4m27.418562222s ago: executing program 8 (id=6329):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x44c, &(0x7f0000000340)="$eJzs28tvG1UXAPAzdpx++dKSUMqr5REoiIpH0qQFumABCCQWRUKCBSyjJK1C3QQ1QaJVJFIWZYUQEnvEkn+BFWwQYoXEFvaoUoWyoWVlNPZMYru2m6R2XOrfT5r23Hnk3uOZa9+ZawcwsCbSf5KI/RHxe0SM1YqNO0zU/ru+sTZ3Y2NtLolK5d2/kup+f2+szeW75seN1hciiSMt6l25eOncbLm8cCErT62e/2hq5eKlFxbPz55dOLuwNHPq1MkT0y+/NPNiV/IcjUIWvfXBV2+f/qIh/6Y8umSi08anK5UuV9dfB+riZKiPDWFHihGRnq5Stf+PRTG2Tt5YvPlZXxsH9FSlUqmMtt+8XgHuYkk0lnV5GBT5B316/5svzYOAV3s3/Oi7a6/VboDSvK9nS23L0OYTg1LT/W03TUTE++v/fJMu0ZvnEAAADX5Ixz/Pp6Od5vFfIR6o2++ebG5oPCLujYiDEXFfLMWhiLg/orrvgxHx0A7rb54kuXn8U7i6q8S2KR3/vZLNbTWO//LRX4wXs9KBav6l5MxieeF49poci9K+tDzdoY4f3/jty3bb6sd/6ZLWn48Fs3ZcHdrXeMz87Ors7eRc79rliMNDrfJPNmcCkoh4OCIO77KOxWe/e6Tdtlvn30EX5pkq30Y8Uzv/69GUfy7pPD859b8oLxyfyq+Km/3y65V32tV/W/l3QXr+/9/y+t/Mfzypn69d2XkdV/74vO09zW6v/+HkvWo8nK37ZHZ19cJ0xHByutbo+vUzW8fm5Xz/NP9jR1v3/4Ox9UociYj0In40Ih6LiMeztj8REU9GxNEO+f/8+lMfNq8b2Xb+vZXmP7+j878VDEfzmtZB8dxP3zdUOr4VZvnf6Hz+T1ajY9ma7bz/baddu7uaAQAA4L+nEBH7IylMbsaFwuRk7Tv8hyIK5eWV1efOLH+8NF/7jcB4lAr5k66xuueh09ltfa18OSJqXy3It5+IQvW58dfFkWp5cm65PN/v5GHAjbbp/6k/i/1uHdBzfq8Fg0v/h8Gl/8Pg2ln/39ezdgB7r0X/H+lHO4C91+rz/9M+tAPYe03937QfDBDP/2Bw6f8wuPR/GEgrI3HrH8l3DPK/tMvD79ogSndEM3oWROGOaIagR0F/35cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65d8AAAD//9S+3I8=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

4m27.149167591s ago: executing program 8 (id=6338):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000008105"])

4m27.01673747s ago: executing program 8 (id=6345):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xae, &(0x7f0000000440)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700382900000000ffffffffffff00000000000000ff020000000000000000000000000001"], 0x0)

4m27.01650899s ago: executing program 39 (id=6345):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xae, &(0x7f0000000440)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700382900000000ffffffffffff00000000000000ff020000000000000000000000000001"], 0x0)

2m26.730538625s ago: executing program 3 (id=9375):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000401e04012800000000000109022400010000000009040100010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB=' \x008'], 0x0, 0x0, 0x0, 0x0}, 0x0)

2m24.658264309s ago: executing program 3 (id=9429):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r1 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r1, 0x40603d10, &(0x7f0000000040))

2m24.649880109s ago: executing program 3 (id=9431):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004500)={0x2020}, 0x2020)

2m24.573821459s ago: executing program 3 (id=9434):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x42)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

2m24.512094078s ago: executing program 3 (id=9436):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0xec0, &(0x7f0000000140)={&(0x7f0000000340)=@setlink={0x15c, 0x10, 0x1, 0x2000000, 0x40000, {0x0, 0x0, 0x0, 0x0, 0x1000000, 0x300}, [@IFLA_MASTER={0x8}, @IFLA_PROTO_DOWN={0x5}, @IFLA_LINK={0x8}, @IFLA_IFNAME={0x14, 0x3, 'macvlan1\x00'}, @IFLA_MASTER={0x8}, @IFLA_AF_SPEC={0xe8, 0x1a, 0x0, 0x1, [@AF_INET6={0x48, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x14, 0x7, @local}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @remote}]}, @AF_INET={0x9c, 0x2, 0x0, 0x1, {0x110, 0x1, 0x0, 0x1, [{0xfffffffffffffcba, 0x0, 0x0, 0x0, 0x1000000}]}}, @AF_BRIDGE={0x4}, @AF_BRIDGE={0xffffffffffffff40}, @AF_INET={0x10, 0x2, 0x0, 0x1, {0xc, 0x1, 0x0, 0x1, [{0x8}]}}, @AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @loopback}]}, @AF_INET6={0x44, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @private2}, @IFLA_INET6_TOKEN={0x14, 0x7, @loopback}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_ADDR_GEN_MODE={0x5}]}, @AF_BRIDGE={0x4}, @AF_BRIDGE={0x4}, @AF_INET={0x10, 0x2, 0x0, 0x1, {0xc, 0x1, 0x0, 0x1, [{0x8}]}}]}, @IFLA_LINK_NETNSID={0x8}, @IFLA_NUM_RX_QUEUES={0x8}, @IFLA_EXT_MASK={0x8}, @IFLA_PROMISCUITY={0x8}]}, 0x15c}}, 0x0)

2m24.347350708s ago: executing program 3 (id=9446):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000240)={[{@nodiscard}, {@nocheckpoint_merge}, {@alloc_mode_def}, {@six_active_logs}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@acl}, {@noacl}, {@compress_cache}, {@alloc_mode_def}, {@nogc_merge}, {@compress_cache}, {@fault_type={'fault_type', 0x3d, 0x4}}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r1, 0x0, 0x400000000})

2m24.300134438s ago: executing program 40 (id=9446):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000240)={[{@nodiscard}, {@nocheckpoint_merge}, {@alloc_mode_def}, {@six_active_logs}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@acl}, {@noacl}, {@compress_cache}, {@alloc_mode_def}, {@nogc_merge}, {@compress_cache}, {@fault_type={'fault_type', 0x3d, 0x4}}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r1, 0x0, 0x400000000})

1m36.065787382s ago: executing program 1 (id=11292):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000180)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0xfe, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @private=0xa010100, @local}}}}}}, 0x0)

1m36.037505162s ago: executing program 1 (id=11294):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0xffffffffffffffb6)

1m35.985651511s ago: executing program 1 (id=11297):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9eaafdc0a00e9bfde908990817b364e51afe9c81a97f0570759f1cae63487ff68fffffffffffe8e3932e2b7185a25a4cf8a9456aa8a701c318c67edb6e9330b53c0eeba8644311ba75411890700000000000000d8e5b1dc91c5499bea0977"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000640)=ANY=[@ANYBLOB="18020000faffffff0000000000000000850000002c000000850000000700000095000000000000005447779294d413de6e0e186b1f776cf9b4ce049e4ab63fc7f3bcefe1be1b832c322dc8a824ede808c8058c886cb576c92d08045963dd704f98d6f0fb6ddad4672b27ab467a9d241f7c3572b32e0e8aa19458187edc604fc74a0aaec1b3e341a37edfd91d146c2f539a4d62eaf576744f5bc15b691b10ed56bfab678fb4489a4f62963ee8ece02c124ebcc823a1b79d077fe8e79f1f7e349a251d33106b36cda717a6bede44eae90d7cf23eb490617adb44c75a0ede4ae3b2b8ffbe70d5afff1d8c068aa640df5e503bcb6640fe8b70cf8c3435b3b669da"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0xd00, 0x0, &(0x7f0000000380)="263abd030e98ff4dc870bd6688a8640888a8", 0x0, 0x1200}, 0x28)

1m35.928211331s ago: executing program 1 (id=11301):
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000001080), 0x1, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304825, &(0x7f0000000140)='usrjquota=')

1m35.881660651s ago: executing program 1 (id=11304):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x38, 0x0, 0x1, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)

1m35.729374001s ago: executing program 1 (id=11306):
syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x1000, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f0000000180)=""/12)

1m35.729255401s ago: executing program 41 (id=11306):
syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x1000, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f0000000180)=""/12)

6.58042895s ago: executing program 2 (id=13975):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000f40)='kfree\x00', r2}, 0x18)
keyctl$restrict_keyring(0xa, r0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)='e\'.\x00')

5.296546606s ago: executing program 2 (id=13975):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000f40)='kfree\x00', r2}, 0x18)
keyctl$restrict_keyring(0xa, r0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)='e\'.\x00')

4.791678364s ago: executing program 0 (id=14024):
r0 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f00000000c0)={{0x12, 0x1, 0x150, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x70, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0xfffffffd, 0xfffd, 0x8}, {0x6, 0x24, 0x1a, 0x0, 0x8}}, {{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0xff}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x0, 0x80, 0x5}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000540)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x80, 0x1c, {0x0, 0x40, 0xfffffffc, 0x1, 0xfffe, 0xbc6, 0x2, 0x801, 0x9, 0x6, 0x7fff, 0x9}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

4.557698434s ago: executing program 2 (id=13975):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000f40)='kfree\x00', r2}, 0x18)
keyctl$restrict_keyring(0xa, r0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)='e\'.\x00')

3.38388848s ago: executing program 2 (id=13975):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000f40)='kfree\x00', r2}, 0x18)
keyctl$restrict_keyring(0xa, r0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)='e\'.\x00')

2.689933058s ago: executing program 9 (id=14063):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000040)={'bridge_slave_0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'bridge_slave_0\x00', @broadcast})

2.681717928s ago: executing program 9 (id=14064):
unshare(0x26000400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r1}, &(0x7f00000003c0), &(0x7f0000000400)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580), &(0x7f00000005c0)=r0}, 0x20)

2.638041058s ago: executing program 9 (id=14066):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000020850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd0e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x4, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5a}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x7}}, [], {{0x6, 0x1, 0x3, 0x8}, {0x6, 0x0, 0x2, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.621710148s ago: executing program 9 (id=14068):
r0 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}]}}]}}, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')

2.483335797s ago: executing program 6 (id=14072):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x29)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000005000000850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
syslog(0x3, &(0x7f0000000580)=""/63, 0x3f)

2.396127727s ago: executing program 6 (id=14073):
r0 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0xf)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000000)='rw\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

2.378391057s ago: executing program 6 (id=14074):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
statfs(&(0x7f0000000400)='./file0\x00', 0x0)

2.354144287s ago: executing program 6 (id=14075):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0xfed7, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd6002adf700383a00fe880000000000000000000000000001ff020000000000000000000000000001"], 0x0)

2.320930547s ago: executing program 6 (id=14076):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4000359, 0x0, 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.150237606s ago: executing program 2 (id=13975):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000f40)='kfree\x00', r2}, 0x18)
keyctl$restrict_keyring(0xa, r0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)='e\'.\x00')

1.479658834s ago: executing program 0 (id=14077):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
close_range(r0, 0xffffffffffffffff, 0x0)

1.475148904s ago: executing program 6 (id=14078):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x2)

1.324217644s ago: executing program 4 (id=14083):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000001000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f00000003c0)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x8, &(0x7f0000000180)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.323949284s ago: executing program 4 (id=14084):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x1a1})
r1 = epoll_create(0x651)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000300)={0x20000000})
read(r0, &(0x7f0000000240)=""/131, 0x83)

1.323789684s ago: executing program 4 (id=14085):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x4, 0x9, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x9e}, @printk={@ld}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="850000002e000000160000000000000079000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, 0xffffffffffffffff, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0xfe8e, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f)

1.308117274s ago: executing program 4 (id=14086):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
statfs(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', &(0x7f00000002c0)=""/166)

1.293197344s ago: executing program 0 (id=14087):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
utimensat(0xffffffffffffffff, &(0x7f00000000c0)='./file0/file0/file0\x00', 0x0, 0x100)
move_mount(r0, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1.249068284s ago: executing program 4 (id=14088):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000005304"], 0x14}}, 0x0)

1.248504454s ago: executing program 0 (id=14089):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x294ef98252e47195, 0x31, 0xffffffffffffffff, 0x0)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000080))

1.246046144s ago: executing program 4 (id=14090):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, 0x0, &(0x7f0000000680)={0x84, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.235350274s ago: executing program 0 (id=14091):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4000359, 0x0, 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

826.815502ms ago: executing program 2 (id=13975):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000f40)='kfree\x00', r2}, 0x18)
keyctl$restrict_keyring(0xa, r0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)='e\'.\x00')

45.52484ms ago: executing program 0 (id=14092):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')
sendfile(r1, r1, &(0x7f0000000000)=0x2eb4, 0x2000007ff)

44.4409ms ago: executing program 9 (id=14093):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc8742, 0x48006}}, 0x20}}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

0s ago: executing program 9 (id=14094):
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
writev(r0, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)

kernel console output (not intermixed with test programs):

 found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  423.442927][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  423.450854][   T39] usb 5-1: SerialNumber: syz
[  423.690519][  T319] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[  423.755221][   T39] usb 5-1: 0:2 : does not exist
[  423.759947][   T39] usb 5-1: unit 255 not found!
[  423.765778][   T39] usb 5-1: USB disconnect, device number 16
[  424.075427][  T319] usb 10-1: config 1 has an invalid descriptor of length 156, skipping remainder of the config
[  424.085584][  T319] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  424.094523][  T319] usb 10-1: config 1 has no interface number 0
[  424.100655][  T319] usb 10-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  424.278620][  T319] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  424.287660][  T319] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.296863][T27161] device bridge_slave_0 left promiscuous mode
[  424.300674][  T319] usb 10-1: Product: syz
[  424.304647][T27161] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.313802][  T319] usb 10-1: Manufacturer: syz
[  424.318728][T27161] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  424.323924][  T319] usb 10-1: SerialNumber: syz
[  424.362016][T27167] netlink: 32 bytes leftover after parsing attributes in process `syz.6.11862'.
[  424.363581][T27169] loop4: detected capacity change from 0 to 128
[  424.377651][  T319] usb 10-1: selecting invalid altsetting 1
[  424.468707][T27184] loop4: detected capacity change from 0 to 512
[  424.482214][T27184] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  424.489387][T27184] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  424.501874][T27184] EXT4-fs (loop4): 1 truncate cleaned up
[  424.507635][T27184] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,data_err=abort,barrier,,errors=continue. Quota mode: none.
[  424.553137][T27196] loop4: detected capacity change from 0 to 512
[  424.605141][T27196] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,grpid,auto_da_alloc,,errors=continue. Quota mode: writeback.
[  424.618964][T27196] ext4 filesystem being mounted at /100/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  424.633770][T27207] pim6reg0: tun_chr_ioctl cmd 2147767520
[  425.080114][  T319] cdc_ncm 10-1:1.1: SET_CRC_MODE failed
[  425.101501][  T319] usb 10-1: selecting invalid altsetting 1
[  425.107136][  T319] cdc_ncm 10-1:1.1: bind() failure
[  425.113365][  T319] usb 10-1: USB disconnect, device number 28
[  425.621530][T27226] loop4: detected capacity change from 0 to 512
[  425.637748][T27226] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  425.657017][T27226] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  425.668607][T27226] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.11887: corrupted in-inode xattr
[  425.683073][T27226] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.11887: couldn't read orphan inode 15 (err -117)
[  425.695171][T27226] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  425.763695][T27251] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11900'.
[  425.780194][T27251] netlink: 16 bytes leftover after parsing attributes in process `syz.9.11900'.
[  425.840223][T27258] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=27258 comm=syz.9.11903
[  426.009979][   T30] kauditd_printk_skb: 195 callbacks suppressed
[  426.009994][   T30] audit: type=1326 audit(2000000012.087:6675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27295 comm="syz.0.11921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  426.082389][   T30] audit: type=1326 audit(2000000012.096:6676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27295 comm="syz.0.11921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  426.138344][   T30] audit: type=1326 audit(2000000012.124:6677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27295 comm="syz.0.11921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  426.183396][   T30] audit: type=1326 audit(2000000012.124:6678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27295 comm="syz.0.11921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  426.243036][   T30] audit: type=1326 audit(2000000012.124:6679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27295 comm="syz.0.11921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  426.314635][   T30] audit: type=1326 audit(2000000012.124:6680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27295 comm="syz.0.11921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  426.359985][   T30] audit: type=1326 audit(2000000012.124:6681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27295 comm="syz.0.11921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  426.411553][   T30] audit: type=1326 audit(2000000012.124:6682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27295 comm="syz.0.11921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  426.456822][   T30] audit: type=1326 audit(2000000012.124:6683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27295 comm="syz.0.11921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  426.501713][   T30] audit: type=1326 audit(2000000012.124:6684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27295 comm="syz.0.11921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  427.030602][T27352] loop4: detected capacity change from 0 to 40427
[  427.090061][T27352] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  427.100440][T27352] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  427.120553][T27352] F2FS-fs (loop4): invalid crc value
[  427.150813][T27352] F2FS-fs (loop4): Found nat_bits in checkpoint
[  427.241189][T27352] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  427.249165][T27397] tap0: tun_chr_ioctl cmd 1074025677
[  427.255346][T27352] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  427.262706][T27397] tap0: linktype set to 825
[  427.549341][T27424] loop4: detected capacity change from 0 to 512
[  427.583254][T27424] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  427.608556][T27424] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.11980: invalid block
[  427.625330][T27424] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.11980: invalid indirect mapped block 4294967295 (level 1)
[  427.656025][T27424] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.11980: invalid indirect mapped block 4294967295 (level 1)
[  427.688458][T27424] EXT4-fs (loop4): 2 truncates cleaned up
[  427.694119][T27424] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000006,dioread_nolock,,errors=continue. Quota mode: writeback.
[  428.960792][T27513] loop6: detected capacity change from 0 to 128
[  429.022878][T27513] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  429.038541][T27513] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  429.067791][T27513] fscrypt (loop6, inode 12): Can't use IV_INO_LBLK_32 policy with contents mode other than AES-256-XTS
[  429.171237][T27509] loop4: detected capacity change from 0 to 40427
[  429.206570][T27509] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  429.214213][T27509] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  429.249662][T27509] F2FS-fs (loop4): Found nat_bits in checkpoint
[  429.296395][T27509] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  429.303354][T27509] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  429.336516][T27542] loop6: detected capacity change from 0 to 40427
[  429.360047][T27542] F2FS-fs (loop6): fault_injection options not supported
[  429.368129][T27542] F2FS-fs (loop6): invalid crc value
[  429.374335][T27542] F2FS-fs (loop6): Found nat_bits in checkpoint
[  429.406373][T27542] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  429.419761][   T20] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  429.427873][T25944] attempt to access beyond end of device
[  429.427873][T25944] loop6: rw=2049, want=45104, limit=40427
[  429.489237][T27560] loop4: detected capacity change from 0 to 128
[  429.518039][T27560] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  429.528768][T27560] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  429.548712][T27560] fscrypt (loop4, inode 12): Can't use IV_INO_LBLK_32 policy with contents mode other than AES-256-XTS
[  429.607583][T27569] loop4: detected capacity change from 0 to 128
[  429.646376][T27573] syz.6.12045[27573] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  429.646489][T27573] syz.6.12045[27573] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  429.719016][   T20] usb 3-1: Using ep0 maxpacket: 16
[  429.811602][T27582] loop6: detected capacity change from 0 to 40427
[  429.869168][T27582] F2FS-fs (loop6): Invalid Fs Meta Ino: node(1) meta(2) root(24)
[  429.876809][T27582] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  429.884982][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  429.895632][T27582] F2FS-fs (loop6): invalid crc value
[  429.901959][T27582] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  429.925702][T27582] F2FS-fs (loop6): Cannot turn on quotas: -2 on 0
[  429.932124][T27582] F2FS-fs (loop6): Start checkpoint disabled!
[  429.938987][T27582] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  429.946098][T27582] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  429.970671][    T8] attempt to access beyond end of device
[  429.970671][    T8] loop6: rw=2049, want=40976, limit=40427
[  430.093323][   T20] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  430.102791][   T20] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  430.111596][   T20] usb 3-1: Product: syz
[  430.115850][   T20] usb 3-1: Manufacturer: syz
[  430.120256][   T20] usb 3-1: SerialNumber: syz
[  430.125874][   T20] usb 3-1: config 0 descriptor??
[  430.137224][T27601] pim6reg1: tun_chr_ioctl cmd 35111
[  430.168279][   T20] hub 3-1:0.0: bad descriptor, ignoring hub
[  430.174043][   T20] hub: probe of 3-1:0.0 failed with error -5
[  430.448247][T27632] syz.9.12070[27632] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.448305][T27632] syz.9.12070[27632] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.619527][T27651] loop4: detected capacity change from 0 to 512
[  430.649414][T27651] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  430.663871][T27651] EXT4-fs error (device loop4): ext4_orphan_get:1427: comm syz.4.12079: bad orphan inode 131083
[  430.676618][T27651] EXT4-fs (loop4): mounted filesystem without journal. Opts: stripe=0x000000000000003d,init_itable,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  430.702539][T27651] EXT4-fs error (device loop4): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.4.12079: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  430.723856][T27651] EXT4-fs error (device loop4) in ext4_delete_entry:2800: Corrupt filesystem
[  430.734623][   T20] usb 3-1: reset high-speed USB device number 23 using dummy_hcd
[  430.891321][T27676] device sit0 left promiscuous mode
[  430.896973][T27676] device sit0 entered promiscuous mode
[  431.012788][T27686] netlink: 'syz.9.12095': attribute type 1 has an invalid length.
[  431.168344][T27670] loop4: detected capacity change from 0 to 131072
[  431.229140][T27670] F2FS-fs (loop4): Found nat_bits in checkpoint
[  431.266255][T27670] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b
[  431.313763][T27701] loop6: detected capacity change from 0 to 512
[  431.366126][T27701] EXT4-fs (loop6): mounted filesystem without journal. Opts: user_xattr,,errors=continue. Quota mode: writeback.
[  431.378654][T27701] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  431.525618][ T2406] usb 3-1: USB disconnect, device number 23
[  431.580024][   T30] kauditd_printk_skb: 85 callbacks suppressed
[  431.580039][   T30] audit: type=1326 audit(2000000017.307:6770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27728 comm="syz.4.12112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d37671de9 code=0x7ffc0000
[  431.611742][   T30] audit: type=1326 audit(2000000017.307:6771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27728 comm="syz.4.12112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d37671de9 code=0x7ffc0000
[  431.636986][   T30] audit: type=1326 audit(2000000017.335:6772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27728 comm="syz.4.12112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d37671de9 code=0x7ffc0000
[  431.675054][   T30] audit: type=1326 audit(2000000017.382:6773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27728 comm="syz.4.12112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d37671de9 code=0x7ffc0000
[  431.709496][   T30] audit: type=1326 audit(2000000017.382:6774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27728 comm="syz.4.12112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d37671de9 code=0x7ffc0000
[  431.733473][   T30] audit: type=1326 audit(2000000017.429:6775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27728 comm="syz.4.12112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d37671de9 code=0x7ffc0000
[  431.771288][   T30] audit: type=1326 audit(2000000017.466:6776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27728 comm="syz.4.12112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d37671de9 code=0x7ffc0000
[  431.820520][   T30] audit: type=1326 audit(2000000017.504:6777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27728 comm="syz.4.12112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d37671de9 code=0x7ffc0000
[  431.866294][   T30] audit: type=1326 audit(2000000017.504:6778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27728 comm="syz.4.12112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f3d37671de9 code=0x7ffc0000
[  431.912698][   T30] audit: type=1326 audit(2000000017.504:6779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27728 comm="syz.4.12112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d37671de9 code=0x7ffc0000
[  432.014586][T27753] loop4: detected capacity change from 0 to 512
[  432.061151][T27753] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  432.082533][T27753] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  432.099931][T27753] System zones: 1-12
[  432.108914][T27753] EXT4-fs (loop4): orphan cleanup on readonly fs
[  432.124292][T27753] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.12123: invalid indirect mapped block 12 (level 1)
[  432.137875][T27753] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.12123: invalid indirect mapped block 2 (level 2)
[  432.151356][T27753] EXT4-fs (loop4): 1 truncate cleaned up
[  432.158242][T27753] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,,errors=continue. Quota mode: none.
[  432.228464][T27718] loop6: detected capacity change from 0 to 131072
[  432.248078][T27776] SELinux: ebitmap: start bit 0 comes after start bit 0
[  432.263862][T27718] F2FS-fs (loop6): fault_type options not supported
[  432.270364][T27776] SELinux: failed to load policy
[  432.275211][T27718] F2FS-fs (loop6): Test dummy encryption mode enabled
[  432.290891][T27718] F2FS-fs (loop6): invalid crc value
[  432.301374][T27718] F2FS-fs (loop6): Found nat_bits in checkpoint
[  432.313279][T27789] overlayfs: failed to resolve './file2': -2
[  432.345354][T27718] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  432.528883][T27823] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  432.536512][T27823] SELinux: failed to load policy
[  432.559902][T27825] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12156'.
[  432.797377][  T319] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  432.970050][T27867] tun0: tun_chr_ioctl cmd 1074025680
[  433.064636][ T2406] usb 10-1: new full-speed USB device number 29 using dummy_hcd
[  433.162256][T27881] loop6: detected capacity change from 0 to 1024
[  433.223380][T27881] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:476: comm syz.6.12182: Invalid block bitmap block 0 in block_group 0
[  433.252457][T27881] EXT4-fs error (device loop6): ext4_acquire_dquot:6188: comm syz.6.12182: Failed to acquire dquot type 0
[  433.336545][T27881] EXT4-fs error (device loop6): ext4_free_blocks:6223: comm syz.6.12182: Freeing blocks not in datazone - block = 0, count = 4096
[  433.371832][T27881] EXT4-fs error (device loop6): ext4_read_inode_bitmap:140: comm syz.6.12182: Invalid inode bitmap blk 0 in block_group 0
[  433.396099][ T7371] EXT4-fs error (device loop6): ext4_release_dquot:6211: comm kworker/u4:6: Failed to release dquot type 0
[  433.417612][T27881] EXT4-fs error (device loop6) in ext4_free_inode:362: Corrupt filesystem
[  433.426434][T27881] EXT4-fs (loop6): 1 orphan inode deleted
[  433.438642][T27881] EXT4-fs (loop6): mounted filesystem without journal. Opts: €�; sysvgroups,stripe=0x0000000000000000,auto_da_alloc,quota,nogrpid,norecovery,bsddf,noinit_itable,,errors=continue. Quota mode: writeback.
[  433.513525][  T319] usb 3-1: Using ep0 maxpacket: 16
[  433.513615][ T2406] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  433.545721][ T2406] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  433.555379][ T2406] usb 10-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  433.568825][ T2406] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.580159][ T2406] usb 10-1: config 0 descriptor??
[  433.630926][T27920] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12198'.
[  433.641837][  T319] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  433.653928][  T319] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  433.783389][T27946] loop6: detected capacity change from 0 to 256
[  433.815702][T27946] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  433.847430][  T319] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  433.856722][  T319] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.864519][  T319] usb 3-1: Product: syz
[  433.868886][  T319] usb 3-1: Manufacturer: syz
[  433.876900][  T319] usb 3-1: SerialNumber: syz
[  434.018710][T27975] loop4: detected capacity change from 0 to 1024
[  434.061190][T27975] EXT4-fs (loop4): Test dummy encryption mode enabled
[  434.074820][T27975] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,bsdgroups,stripe=0x0000000000000007,noblock_validity,noinit_itable,barrier=0x0000000000000005,max_batch_time=0x0000000000000004,data_err=abort,,errors=continue. Quota mode: writeback.
[  434.113312][ T2406] isku 0003:1E7D:319C.0066: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.9-1/input0
[  434.116017][T27985] netlink: 'syz.0.12228': attribute type 3 has an invalid length.
[  434.132443][T27985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12228'.
[  434.219090][  T319] usb 3-1: 0:2 : does not exist
[  434.228458][  T319] usb 3-1: USB disconnect, device number 24
[  434.336659][ T2406] isku 0003:1E7D:319C.0066: couldn't init struct isku_device
[  434.343851][ T2406] isku 0003:1E7D:319C.0066: couldn't install keyboard
[  434.351844][T28001] loop4: detected capacity change from 0 to 40427
[  434.358670][ T2406] isku: probe of 0003:1E7D:319C.0066 failed with error -71
[  434.366466][ T2406] usb 10-1: USB disconnect, device number 29
[  434.390896][T28001] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  434.398469][T28001] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  434.408942][T28001] F2FS-fs (loop4): Found nat_bits in checkpoint
[  434.446633][T28001] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  434.453569][T28001] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  434.483765][T25949] attempt to access beyond end of device
[  434.483765][T25949] loop4: rw=2049, want=40968, limit=40427
[  434.668988][T28020] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12243'.
[  434.902075][T28053] loop4: detected capacity change from 0 to 512
[  434.925643][T28053] EXT4-fs (loop4): Journaled quota options ignored when QUOTA feature is enabled
[  434.949204][T28053] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrjquota=.,nolazytime,,errors=continue. Quota mode: writeback.
[  434.962390][T28053] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  435.123407][T28081] loop6: detected capacity change from 0 to 512
[  435.192649][T28081] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  435.204723][T28081] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  435.274004][T28072] loop4: detected capacity change from 0 to 40427
[  435.297373][T28100] netlink: 16 bytes leftover after parsing attributes in process `syz.0.12279'.
[  435.316112][T28072] F2FS-fs (loop4): invalid crc value
[  435.334941][T28072] F2FS-fs (loop4): Found nat_bits in checkpoint
[  435.379469][T28072] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[  435.386279][T28072] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  435.424980][T28072] F2FS-fs (loop4): Can't enable fs-verity on inode 10: the verity feature is not enabled on this filesystem
[  435.444568][T25949] attempt to access beyond end of device
[  435.444568][T25949] loop4: rw=2049, want=45104, limit=40427
[  435.508782][T28126] overlayfs: upper fs does not support tmpfile.
[  435.713089][T28154] syzkaller0: tun_chr_ioctl cmd 1074025673
[  435.844287][T28169] loop6: detected capacity change from 0 to 16
[  435.909089][T28169] erofs: (device loop6): mounted with root inode @ nid 36.
[  435.980631][T28183] loop6: detected capacity change from 0 to 512
[  436.032984][T28183] EXT4-fs error (device loop6): ext4_orphan_get:1401: inode #15: comm syz.6.12316: iget: bad extended attribute block 1
[  436.048422][T28183] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.12316: couldn't read orphan inode 15 (err -117)
[  436.066399][T28183] EXT4-fs (loop6): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,auto_da_alloc=0x000000000000007f,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[  436.100746][T28183] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  436.134491][T28188] tap0: tun_chr_ioctl cmd 2148553947
[  436.185910][T28194] netlink: 24 bytes leftover after parsing attributes in process `syz.9.12321'.
[  436.254935][T28203] syz.4.12325[28203] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  436.255022][T28203] syz.4.12325[28203] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  436.406541][T28192] loop6: detected capacity change from 0 to 40427
[  436.476141][T28192] F2FS-fs (loop6): invalid crc value
[  436.496552][T28192] F2FS-fs (loop6): Found nat_bits in checkpoint
[  436.536120][T28192] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  436.565599][T25944] attempt to access beyond end of device
[  436.565599][T25944] loop6: rw=2049, want=45104, limit=40427
[  436.842398][T28223] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  436.942318][T28238] netlink: 'syz.6.12340': attribute type 4 has an invalid length.
[  436.950179][T28238] netlink: 17 bytes leftover after parsing attributes in process `syz.6.12340'.
[  436.964556][   T30] kauditd_printk_skb: 184 callbacks suppressed
[  436.964568][   T30] audit: type=1400 audit(2000000022.331:6961): avc:  denied  { setopt } for  pid=28241 comm="syz.2.12342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  437.079447][   T30] audit: type=1400 audit(2000000022.444:6962): avc:  denied  { create } for  pid=28249 comm="syz.6.12346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  437.129802][   T30] audit: type=1400 audit(2000000022.462:6963): avc:  denied  { write } for  pid=28249 comm="syz.6.12346" path="socket:[127666]" dev="sockfs" ino=127666 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  437.158161][   T30] audit: type=1400 audit(2000000022.462:6964): avc:  denied  { nlmsg_read } for  pid=28249 comm="syz.6.12346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  437.222714][ T2406] usb 10-1: new high-speed USB device number 30 using dummy_hcd
[  437.479086][ T2406] usb 10-1: Using ep0 maxpacket: 8
[  437.628799][ T2406] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  437.639619][ T2406] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  437.649199][ T2406] usb 10-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  437.658238][ T2406] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  437.666683][ T2406] usb 10-1: config 0 descriptor??
[  438.174718][ T2406] steelseries_srws1 0003:1038:1410.0067: item fetching failed at offset 3/7
[  438.183353][ T2406] steelseries_srws1 0003:1038:1410.0067: parse failed
[  438.189994][ T2406] steelseries_srws1: probe of 0003:1038:1410.0067 failed with error -22
[  438.390485][ T2406] usb 10-1: USB disconnect, device number 30
[  438.875637][   T30] audit: type=1400 audit(2000000024.128:6965): avc:  denied  { block_suspend } for  pid=28261 comm="syz.2.12351" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  438.911614][T28266] netem: incorrect gi model size
[  438.916640][T28266] netem: change failed
[  438.920968][   T30] audit: type=1400 audit(2000000024.156:6966): avc:  denied  { ioctl } for  pid=28265 comm="syz.4.12353" path="socket:[127690]" dev="sockfs" ino=127690 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  438.959063][   T30] audit: type=1326 audit(2000000024.193:6967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28267 comm="syz.0.12354" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f328adb8de9 code=0x0
[  438.986903][   T30] audit: type=1400 audit(2000000024.202:6968): avc:  denied  { connect } for  pid=28269 comm="syz.2.12355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  439.008007][T28276] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  439.024004][T28276] bridge0: port 2(bridge_slave_1) entered disabled state
[  439.222633][T28285] loop4: detected capacity change from 0 to 40427
[  439.266261][T28285] F2FS-fs (loop4): fault_injection options not supported
[  439.284178][T28285] F2FS-fs (loop4): invalid crc value
[  439.302530][   T30] audit: type=1400 audit(2000000024.521:6969): avc:  denied  { connect } for  pid=28305 comm="syz.9.12370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  439.324451][T28285] F2FS-fs (loop4): Found nat_bits in checkpoint
[  439.349684][   T30] audit: type=1400 audit(2000000024.558:6970): avc:  denied  { read } for  pid=28305 comm="syz.9.12370" path="socket:[126897]" dev="sockfs" ino=126897 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  439.374704][T28285] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  439.423066][T28285] attempt to access beyond end of device
[  439.423066][T28285] loop4: rw=2049, want=80392, limit=40427
[  439.480296][T25949] attempt to access beyond end of device
[  439.480296][T25949] loop4: rw=2049, want=45104, limit=40427
[  439.834111][T28361] binfmt_misc: register: failed to install interpreter file ./file0
[  439.950247][T28371] tun0: tun_chr_ioctl cmd 1074025677
[  439.955626][T28371] tun0: linktype set to 776
[  440.240164][T28373] loop4: detected capacity change from 0 to 40427
[  440.254267][T28397] kvm [28395]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010006 data 0x0
[  440.291650][T28373] F2FS-fs (loop4): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  440.309932][T28373] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  440.326424][T28373] F2FS-fs (loop4): Fix alignment : done, start(4096) end(16896) block(12288)
[  440.338496][T28373] F2FS-fs (loop4): invalid crc value
[  440.369031][T28373] F2FS-fs (loop4): Found nat_bits in checkpoint
[  440.457477][T28373] F2FS-fs (loop4): Start checkpoint disabled!
[  440.482229][T28373] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  440.489391][T28373] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  440.557029][T28373] F2FS-fs (loop4): Skipping Checkpoint. Checkpoints currently disabled.
[  440.635316][T28446] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  440.675642][ T7371] attempt to access beyond end of device
[  440.675642][ T7371] loop4: rw=2049, want=40976, limit=40427
[  440.897782][T28450] loop6: detected capacity change from 0 to 40427
[  440.932209][T28450] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  440.942299][T28450] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  440.961095][T28450] F2FS-fs (loop6): Found nat_bits in checkpoint
[  441.006409][  T320] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  441.021206][T28450] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  441.041909][T28450] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  441.284305][  T320] usb 3-1: Using ep0 maxpacket: 8
[  441.307841][T28492] SELinux:  policydb version 0 does not match my version range 15-33
[  441.326826][T28492] SELinux: failed to load policy
[  441.400427][T28500] SELinux:  policydb version 0 does not match my version range 15-33
[  441.413039][T28500] SELinux: failed to load policy
[  441.444797][  T320] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  441.458645][  T320] usb 3-1: config 179 has no interface number 0
[  441.474003][  T320] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  441.506487][  T320] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  441.530153][  T320] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  441.554353][  T320] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  441.567688][T28506] binder: 28505:28506 ioctl c00c620f 0 returned -14
[  441.576370][  T320] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  441.604315][  T320] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  441.623921][  T320] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.643057][T28496] loop6: detected capacity change from 0 to 40427
[  441.658902][T28455] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  441.692877][T28496] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[  441.699734][T28496] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  441.715123][T28496] F2FS-fs (loop6): invalid crc value
[  441.736301][T28496] F2FS-fs (loop6): Found nat_bits in checkpoint
[  441.850996][T28496] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  441.857890][T28496] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  441.896795][T28455] UDC core: couldn't find an available UDC or it's busy: -16
[  441.913547][T28455] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  441.950245][T25944] attempt to access beyond end of device
[  441.950245][T25944] loop6: rw=2049, want=45104, limit=40427
[  442.150888][   T39] usb 3-1: USB disconnect, device number 25
[  442.160725][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  442.190247][T28559] netlink: 16 bytes leftover after parsing attributes in process `syz.6.12482'.
[  442.210459][T28559] netlink: 48 bytes leftover after parsing attributes in process `syz.6.12482'.
[  442.284265][T28569] loop6: detected capacity change from 0 to 512
[  442.311091][   T30] kauditd_printk_skb: 75 callbacks suppressed
[  442.311106][   T30] audit: type=1400 audit(2000000027.346:7046): avc:  denied  { write } for  pid=28570 comm="syz.9.12488" name="uinput" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  442.313158][T28571] input: syz0 as /devices/virtual/input/input114
[  442.317013][   T30] audit: type=1400 audit(2000000027.346:7047): avc:  denied  { open } for  pid=28570 comm="syz.9.12488" path="/dev/uinput" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  442.369952][   T30] audit: type=1400 audit(2000000027.346:7048): avc:  denied  { ioctl } for  pid=28570 comm="syz.9.12488" path="/dev/uinput" dev="devtmpfs" ino=254 ioctlcmd=0x5564 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  442.396701][T28569] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  442.400930][   T30] audit: type=1400 audit(2000000027.374:7049): avc:  denied  { read } for  pid=86 comm="acpid" name="event3" dev="devtmpfs" ino=1710 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  442.405251][T28569] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  442.432594][   T30] audit: type=1400 audit(2000000027.374:7050): avc:  denied  { open } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1710 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  442.458945][   T30] audit: type=1400 audit(2000000027.374:7051): avc:  denied  { ioctl } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1710 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  442.486198][T28569] EXT4-fs (loop6): 1 truncate cleaned up
[  442.491683][T28569] EXT4-fs (loop6): mounted filesystem without journal. Opts: i_version,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,discard,data_err=abort,,errors=continue. Quota mode: none.
[  442.571172][T28563] loop4: detected capacity change from 0 to 40427
[  442.589430][   T30] audit: type=1400 audit(2000000027.608:7052): avc:  denied  { remount } for  pid=28577 comm="syz.6.12490" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  442.609608][T28578] tmpfs: Unknown parameter 'fd'
[  442.615182][T28563] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  442.622408][T28563] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  442.632107][T28563] F2FS-fs (loop4): invalid crc value
[  442.639134][T28563] F2FS-fs (loop4): Found nat_bits in checkpoint
[  442.679890][   T30] audit: type=1326 audit(2000000027.683:7053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28584 comm="syz.6.12492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  442.703868][   T30] audit: type=1326 audit(2000000027.683:7054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28584 comm="syz.6.12492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  442.738511][T28563] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  442.738583][   T30] audit: type=1326 audit(2000000027.683:7055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28584 comm="syz.6.12492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  442.745368][T28563] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  442.841087][T25949] attempt to access beyond end of device
[  442.841087][T25949] loop4: rw=2049, want=45104, limit=40427
[  443.031614][T28629] incfs: Options parsing error. -22
[  443.036685][T28629] incfs: mount failed -22
[  443.149940][T28610] loop6: detected capacity change from 0 to 40427
[  443.163033][T28645] netlink: 104 bytes leftover after parsing attributes in process `syz.4.12520'.
[  443.210046][T28610] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  443.218361][T28610] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  443.281741][T28610] F2FS-fs (loop6): Found nat_bits in checkpoint
[  443.379506][T28610] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  443.386363][T28610] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  443.470779][T28675] loop4: detected capacity change from 0 to 1024
[  443.539784][T28675] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  443.550413][T28675] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  443.593670][T28675] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,noquota,block_validity,norecovery,mblk_io_submit,barrier,noquota,abort,nomblk_io_submit,,errors=continue. Quota mode: none.
[  443.758087][T28708] bridge_slave_0: default FDB implementation only supports local addresses
[  443.809423][T28714] loop6: detected capacity change from 0 to 256
[  443.858187][T28723] loop4: detected capacity change from 0 to 512
[  443.872318][T28723] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  443.900760][T28723] EXT4-fs (loop4): invalid journal inode
[  443.908076][T28723] EXT4-fs (loop4): can't get journal size
[  443.921781][T28723] EXT4-fs (loop4): 1 truncate cleaned up
[  443.928050][T28735] input: syz0 as /devices/virtual/input/input115
[  443.939288][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  443.941414][T28723] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  443.974819][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  443.998661][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.015305][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.045326][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.058776][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.066755][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.074295][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.095021][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.102627][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.110220][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.127121][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.135071][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.143094][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.163932][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.171526][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.179353][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.191823][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.199553][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.207479][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.215362][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.222630][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.230054][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.237607][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.244811][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.252266][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.259637][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.267186][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.275739][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.283350][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.290606][T28772] device wireguard0 entered promiscuous mode
[  444.296469][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.303626][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.312370][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.319557][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.326799][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.334096][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.341305][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.348534][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.355911][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.363290][T17213] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  444.370952][T17213] hid-generic 0000:0000:0000.0068: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  444.419877][T28777] kvm [28776]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010007 data 0x0
[  444.441479][T28779] devpts: called with bogus options
[  444.497626][T28796] netlink: 71 bytes leftover after parsing attributes in process `syz.4.12587'.
[  444.523109][T28800] netlink: 'syz.6.12588': attribute type 29 has an invalid length.
[  444.544402][T28800] netlink: 148 bytes leftover after parsing attributes in process `syz.6.12588'.
[  444.644705][T28813] loop6: detected capacity change from 0 to 4096
[  444.684524][T28813] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  444.708566][T28813] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  444.747563][T28813] EXT4-fs (loop6): Ignoring removed oldalloc option
[  444.773907][T28813] EXT4-fs (loop6): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,mblk_io_submit,auto_da_alloc,nogrpid,jqfmt=vfsold,nodelalloc,usrjquota=,oldalloc,,errors=continue. Quota mode: writeback.
[  444.974153][T28863] syz.6.12613[28863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  444.974232][T28863] syz.6.12613[28863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  445.106524][T28888] device batadv_slave_0 left promiscuous mode
[  445.129033][T28888] netlink: 'syz.9.12628': attribute type 3 has an invalid length.
[  445.200732][T28900] netlink: 'syz.6.12635': attribute type 1 has an invalid length.
[  445.209861][T28896] loop4: detected capacity change from 0 to 8192
[  445.220003][T28902] device wireguard0 entered promiscuous mode
[  445.259230][T28913] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12643'.
[  445.355782][T28935] loop4: detected capacity change from 0 to 512
[  445.382251][T28935] EXT4-fs (loop4): Test dummy encryption mode enabled
[  445.394830][T28935] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  445.411557][T28935] EXT4-fs (loop4): 1 truncate cleaned up
[  445.417075][T28935] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,journal_ioprio=0x0000000000000001,max_dir_size_kb=0x000000000000148a,,errors=continue. Quota mode: none.
[  445.448523][T28947] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12656'.
[  445.524201][T28967] loop6: detected capacity change from 0 to 512
[  445.571350][T28967] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  445.585061][T28967] EXT4-fs error (device loop6): ext4_get_branch:178: inode #11: block 4294967295: comm syz.6.12665: invalid block
[  445.597218][T28967] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.12665: invalid indirect mapped block 4294967295 (level 1)
[  445.611338][T28967] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.12665: invalid indirect mapped block 4294967295 (level 1)
[  445.625904][T28967] EXT4-fs (loop6): 2 truncates cleaned up
[  445.631488][T28967] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpjquota=,init_itable=0x0000000000000007,dioread_nolock,,errors=continue. Quota mode: writeback.
[  445.650399][T28967] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.12665: bg 0: block 5: invalid block bitmap
[  445.662864][T28967] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  445.860115][T28977] loop6: detected capacity change from 0 to 256
[  445.894710][T28977] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  446.836339][T29048] loop6: detected capacity change from 0 to 512
[  446.876274][T29048] EXT4-fs (loop6): Test dummy encryption mode enabled
[  446.882957][T29048] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  446.902734][T29048] EXT4-fs (loop6): 1 truncate cleaned up
[  446.908349][   T39] usb 10-1: new high-speed USB device number 31 using dummy_hcd
[  446.916302][T29048] EXT4-fs (loop6): mounted filesystem without journal. Opts: test_dummy_encryption,journal_ioprio=0x0000000000000001,max_dir_size_kb=0x000000000000148a,,errors=continue. Quota mode: none.
[  447.274758][T29082] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12716'.
[  447.334135][   T39] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  447.345085][   T39] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  447.354757][   T39] usb 10-1: New USB device found, idVendor=056a, idProduct=0314, bcdDevice= 0.00
[  447.364004][   T39] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.373904][   T39] usb 10-1: config 0 descriptor??
[  447.740321][   T39] usbhid 10-1:0.0: can't add hid device: -71
[  447.746256][   T39] usbhid: probe of 10-1:0.0 failed with error -71
[  447.753136][   T39] usb 10-1: USB disconnect, device number 31
[  447.897806][   T30] kauditd_printk_skb: 254 callbacks suppressed
[  447.897822][   T30] audit: type=1400 audit(2000000032.566:7310): avc:  denied  { read } for  pid=29112 comm="syz.2.12730" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  447.926832][   T30] audit: type=1400 audit(2000000032.566:7311): avc:  denied  { open } for  pid=29112 comm="syz.2.12730" path="/dev/kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  447.950036][   T30] audit: type=1400 audit(2000000032.576:7312): avc:  denied  { ioctl } for  pid=29112 comm="syz.2.12730" path="/dev/kvm" dev="devtmpfs" ino=82 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  448.006295][   T30] audit: type=1400 audit(2000000032.660:7313): avc:  denied  { create } for  pid=29116 comm="syz.2.12731" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  448.026195][   T30] audit: type=1400 audit(2000000032.688:7314): avc:  denied  { setopt } for  pid=29116 comm="syz.2.12731" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  448.047832][   T30] audit: type=1400 audit(2000000032.688:7315): avc:  denied  { write } for  pid=29116 comm="syz.2.12731" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  448.101476][T29122] SELinux: syz.2.12733 (29122) set checkreqprot to 1. This is deprecated and will be rejected in a future kernel release.
[  448.101483][   T30] audit: type=1400 audit(2000000032.753:7316): avc:  denied  { setcheckreqprot } for  pid=29121 comm="syz.2.12733" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  448.223349][   T30] audit: type=1326 audit(2000000032.875:7317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29137 comm="syz.2.12741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc3ecf1de9 code=0x7ffc0000
[  448.247958][   T30] audit: type=1326 audit(2000000032.875:7318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29137 comm="syz.2.12741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc3ecf1de9 code=0x7ffc0000
[  448.282229][   T30] audit: type=1326 audit(2000000032.894:7319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29137 comm="syz.2.12741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efc3ecf1de9 code=0x7ffc0000
[  448.425626][T29152] syz.2.12747[29152] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  448.425706][T29152] syz.2.12747[29152] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  448.525853][T29164] netlink: 24 bytes leftover after parsing attributes in process `syz.2.12753'.
[  448.819950][T29202] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12772'.
[  448.876105][T29211] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  449.175488][T29254] SELinux:  policydb version 0 does not match my version range 15-33
[  449.183853][T29254] SELinux: failed to load policy
[  449.482540][  T320] usb 10-1: new high-speed USB device number 32 using dummy_hcd
[  449.749873][  T320] usb 10-1: Using ep0 maxpacket: 32
[  449.878227][  T320] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  449.894907][  T320] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  449.915092][  T320] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  449.933271][  T320] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.950633][  T320] usb 10-1: config 0 descriptor??
[  449.996371][  T320] hub 10-1:0.0: USB hub found
[  450.092318][T29309] netlink: 76 bytes leftover after parsing attributes in process `syz.0.12822'.
[  450.112241][T29311] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12823'.
[  450.230897][  T320] hub 10-1:0.0: config failed, can't read hub descriptor (err -90)
[  450.295999][T29333] loop6: detected capacity change from 0 to 512
[  450.318656][T29333] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  450.337253][T29333] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  450.352124][T29333] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  450.545737][T29344] loop6: detected capacity change from 0 to 40427
[  450.596595][T29344] F2FS-fs (loop6): invalid crc value
[  450.631006][T29344] F2FS-fs (loop6): Found nat_bits in checkpoint
[  450.683472][T29344] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  450.739206][ T7371] attempt to access beyond end of device
[  450.739206][ T7371] loop6: rw=2049, want=45104, limit=40427
[  450.757408][T29344] VFS:Filesystem freeze failed
[  450.765412][  T320] usbhid 10-1:0.0: can't add hid device: -71
[  450.771260][  T320] usbhid: probe of 10-1:0.0 failed with error -71
[  450.818897][  T320] usb 10-1: USB disconnect, device number 32
[  451.750724][T29476] loop6: detected capacity change from 0 to 512
[  451.813827][T29476] EXT4-fs (loop6): Ignoring removed orlov option
[  451.820951][T29476] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  451.855190][T29476] EXT4-fs error (device loop6): ext4_ext_check_inode:501: inode #15: comm syz.6.12897: pblk 0 bad header/extent: invalid magic - magic 7973, entries 1402, max 27648(0), depth 25964(25964)
[  451.882694][T29476] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.12897: couldn't read orphan inode 15 (err -117)
[  451.906535][T29476] EXT4-fs (loop6): mounted filesystem without journal. Opts: orlov,nodelalloc,user_xattr,resuid=0x0000000000000000,auto_da_alloc,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[  451.950857][T29476] fscrypt (loop6, inode 18): Direct key flag not allowed with different contents and filenames modes
[  452.014263][T29503] binfmt_misc: register: failed to install interpreter file ./file0
[  452.452356][T29555] loop4: detected capacity change from 0 to 512
[  452.497968][T29555] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  452.540041][T29555] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=8003e119, mo2=0000]
[  452.553707][T29555] EXT4-fs (loop4): 1 truncate cleaned up
[  452.562700][T29555] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobarrier,noblock_validity,nombcache,norecovery,barrier=0x000000000000000c,resgid=0x000000000000ee01,nodiscard,noauto_da_alloc,resgid=0x00000000000000002,errors=continue. Quota mode: writeback.
[  452.593387][ T7371] EXT4-fs error (device loop4): ext4_release_dquot:6211: comm kworker/u4:6: Failed to release dquot type 1
[  452.659841][T29555] EXT4-fs error (device loop4): __ext4_new_inode:1286: comm syz.4.12932: failed to insert inode 15: doubly allocated?
[  452.694343][T29555] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  452.753551][T29555] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem
[  452.871284][  T313] EXT4-fs error (device loop4): ext4_release_dquot:6211: comm kworker/u4:3: Failed to release dquot type 1
[  453.063341][T13585] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  453.156225][T29597] device veth1 left promiscuous mode
[  453.193276][T29583] loop4: detected capacity change from 0 to 40427
[  453.226719][T29583] F2FS-fs (loop4): invalid crc value
[  453.237319][T29583] F2FS-fs (loop4): Found nat_bits in checkpoint
[  453.287255][T29583] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  453.341229][T13585] usb 3-1: Using ep0 maxpacket: 32
[  453.385633][ T7371] attempt to access beyond end of device
[  453.385633][ T7371] loop4: rw=2049, want=45104, limit=40427
[  453.399167][T29583] VFS:Filesystem freeze failed
[  453.469599][T13585] usb 3-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  453.491213][T13585] usb 3-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  453.533533][T13585] usb 3-1: config 0 interface 0 has no altsetting 0
[  453.539994][T13585] usb 3-1: New USB device found, idVendor=056a, idProduct=4004, bcdDevice= 0.00
[  453.557997][T13585] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.574990][T13585] usb 3-1: config 0 descriptor??
[  453.723102][   T30] kauditd_printk_skb: 223 callbacks suppressed
[  453.723120][   T30] audit: type=1400 audit(2000000038.011:7541): avc:  denied  { read write } for  pid=25949 comm="syz-executor" name="loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  453.762075][   T30] audit: type=1400 audit(2000000038.011:7542): avc:  denied  { open } for  pid=25944 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  453.786750][   T30] audit: type=1400 audit(2000000038.011:7543): avc:  denied  { ioctl } for  pid=25944 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  453.822350][   T30] audit: type=1400 audit(2000000038.030:7544): avc:  denied  { read write } for  pid=29626 comm="syz.0.12963" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  453.854199][  T320] usb 10-1: new high-speed USB device number 33 using dummy_hcd
[  453.869991][   T30] audit: type=1400 audit(2000000038.030:7545): avc:  denied  { open } for  pid=29626 comm="syz.0.12963" path="/dev/fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  453.895784][   T30] audit: type=1400 audit(2000000038.030:7546): avc:  denied  { mounton } for  pid=29626 comm="syz.0.12963" path="/2774/file0" dev="tmpfs" ino=14289 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  453.920276][T29640] loop6: detected capacity change from 0 to 512
[  453.926538][   T30] audit: type=1400 audit(2000000038.030:7547): avc:  denied  { mount } for  pid=29626 comm="syz.0.12963" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  453.952816][   T30] audit: type=1400 audit(2000000038.049:7548): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  453.975649][   T30] audit: type=1400 audit(2000000038.049:7549): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  453.997448][   T30] audit: type=1400 audit(2000000038.049:7550): avc:  denied  { append } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=12 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  454.019520][T29640] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  454.026858][T29640] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  454.042975][T29640] EXT4-fs (loop6): 1 truncate cleaned up
[  454.048612][T29640] EXT4-fs (loop6): mounted filesystem without journal. Opts: acl,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,init_itable,data_err=abort,,errors=continue. Quota mode: none.
[  454.072305][T29640] EXT4-fs error (device loop6): ext4_search_dir:1549: inode #12: block 7: comm syz.6.12968: bad entry in directory: inode out of bounds - offset=0, inode=16777215, rec_len=16, size=56 fake=0
[  454.102625][T13585] wacom 0003:056A:4004.0069: hidraw0: USB HID v0.00 Device [HID 056a:4004] on usb-dummy_hcd.2-1/input0
[  454.153574][  T320] usb 10-1: Using ep0 maxpacket: 16
[  454.281904][  T320] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  454.295805][  T320] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  454.305531][  T320] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  454.318560][  T320] usb 10-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  454.323624][  T319] usb 3-1: USB disconnect, device number 26
[  454.327513][  T320] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  454.341484][  T320] usb 10-1: config 0 descriptor??
[  454.860170][  T320] hid-led 0003:27B8:01ED.006A: unknown main item tag 0x7
[  454.867061][  T320] hid-led 0003:27B8:01ED.006A: item fetching failed at offset 1/2
[  454.874904][  T320] hid-led: probe of 0003:27B8:01ED.006A failed with error -22
[  454.893654][T29665] loop4: detected capacity change from 0 to 2048
[  454.945262][T29665] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  454.957051][T29665] EXT4-fs (loop4): mounted filesystem without journal. Opts: lazytime,usrjquota=,errors=remount-ro,auto_da_alloc,auto_da_alloc,mblk_io_submit,noblock_validity,barrier=0x0000000000000000,grpjquota=,grpquota,. Quota mode: writeback.
[  455.055658][T29675] loop4: detected capacity change from 0 to 4096
[  455.076865][T13585] usb 10-1: USB disconnect, device number 33
[  455.087460][T29675] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_dev=0x0000000000000008,nogrpid,init_itable,dioread_nolock,errors=remount-ro,. Quota mode: writeback.
[  455.190898][T29691] xt_hashlimit: max too large, truncated to 1048576
[  456.838039][T29718] binfmt_misc: register: failed to install interpreter file ./file0
[  457.158799][T29772] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13027'.
[  457.259428][T29782] SELinux:  Context : is not valid (left unmapped).
[  457.450409][T29814] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13046'.
[  457.628265][T29848] netlink: 372 bytes leftover after parsing attributes in process `syz.0.13064'.
[  457.806386][T29867] netlink: 20 bytes leftover after parsing attributes in process `syz.9.13072'.
[  458.943806][T29937] syz.9.13103 (29937): attempted to duplicate a private mapping with mremap.  This is not supported.
[  459.029067][T29945] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13107'.
[  459.085707][   T30] kauditd_printk_skb: 192 callbacks suppressed
[  459.085723][   T30] audit: type=1400 audit(2000000043.035:7743): avc:  denied  { read append } for  pid=29949 comm="syz.2.13109" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  459.118843][   T30] audit: type=1400 audit(2000000043.045:7744): avc:  denied  { open } for  pid=29949 comm="syz.2.13109" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  459.143087][T29952] binder: 29949:29952 ioctl c0306201 2000000001c0 returned -11
[  459.144074][   T30] audit: type=1400 audit(2000000043.063:7745): avc:  denied  { ioctl } for  pid=29949 comm="syz.2.13109" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  459.176899][   T30] audit: type=1400 audit(2000000043.073:7746): avc:  denied  { setopt } for  pid=29942 comm="syz.9.13106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  459.250217][   T30] audit: type=1326 audit(2000000043.185:7747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29962 comm="syz.2.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc3ecf1de9 code=0x7ffc0000
[  459.273757][   T30] audit: type=1326 audit(2000000043.185:7748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29962 comm="syz.2.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc3ecf1de9 code=0x7ffc0000
[  459.297813][   T30] audit: type=1326 audit(2000000043.194:7749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29962 comm="syz.2.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7efc3ecf1de9 code=0x7ffc0000
[  459.321698][   T30] audit: type=1326 audit(2000000043.194:7750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29962 comm="syz.2.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc3ecf1de9 code=0x7ffc0000
[  459.346846][   T30] audit: type=1326 audit(2000000043.194:7751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29962 comm="syz.2.13115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc3ecf1de9 code=0x7ffc0000
[  459.362154][T29965] device macsec4 entered promiscuous mode
[  459.370390][   T30] audit: type=1400 audit(2000000043.279:7752): avc:  denied  { create } for  pid=29964 comm="syz.2.13116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  459.458600][T29973] tap0: tun_chr_ioctl cmd 35108
[  460.046649][T29997] netlink: 24 bytes leftover after parsing attributes in process `syz.2.13130'.
[  460.055739][T29997] sch_fq: defrate 0 ignored.
[  460.060186][T29997] netlink: 100 bytes leftover after parsing attributes in process `syz.2.13130'.
[  461.325758][T13585] Bluetooth: hci0: command 0x1003 tx timeout
[  461.331659][T12926] Bluetooth: hci0: sending frame failed (-49)
[  461.932569][T30050] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13155'.
[  462.509379][T30104] netlink: 8 bytes leftover after parsing attributes in process `syz.9.13180'.
[  462.715927][T30146] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13200'.
[  462.725715][T30146] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13200'.
[  462.847500][T30161] binfmt_misc: register: failed to install interpreter file ./file0
[  462.903118][T30166] tmpfs: Bad value for 'gid'
[  463.197029][T30208] blk_update_request: I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  463.208125][T30207] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13228'.
[  463.217005][T30208] FAT-fs (loop19): unable to read boot sector
[  463.548979][  T319] Bluetooth: hci0: command 0x1001 tx timeout
[  463.554874][T12926] Bluetooth: hci0: sending frame failed (-49)
[  463.690978][T30249] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=io+mem:owns=io+mem
[  463.701375][T30249] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[  463.712093][T30249] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=none:owns=io+mem
[  464.019314][   T39] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  464.404443][   T39] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[  464.412499][   T39] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  464.422374][   T39] usb 3-1: config 0 has no interface number 0
[  464.596593][   T39] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  464.605480][   T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.613304][   T39] usb 3-1: Product: syz
[  464.617253][   T39] usb 3-1: Manufacturer: syz
[  464.621759][   T39] usb 3-1: SerialNumber: syz
[  464.627312][   T39] usb 3-1: config 0 descriptor??
[  464.885905][   T30] kauditd_printk_skb: 89 callbacks suppressed
[  464.885922][   T30] audit: type=1400 audit(2000000048.462:7842): avc:  denied  { write } for  pid=30251 comm="syz.2.13248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  464.992072][   T39] usb 3-1: Found UVC 0.08 device syz (046d:0823)
[  464.998283][   T39] usb 3-1: No valid video chain found.
[  465.004251][   T39] usb 3-1: USB disconnect, device number 27
[  465.291716][   T30] audit: type=1400 audit(2000000048.845:7843): avc:  denied  { connect } for  pid=30296 comm="syz.9.13269" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  465.348795][   T30] audit: type=1400 audit(2000000048.892:7844): avc:  denied  { name_bind } for  pid=30300 comm="syz.9.13271" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  465.478578][   T30] audit: type=1400 audit(2000000049.014:7845): avc:  denied  { connect } for  pid=30316 comm="syz.2.13278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  465.772267][T13585] Bluetooth: hci0: command 0x1009 tx timeout
[  466.191945][   T30] audit: type=1326 audit(2000000049.687:7846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30337 comm="syz.0.13287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  466.216696][   T30] audit: type=1326 audit(2000000049.687:7847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30337 comm="syz.0.13287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  466.240588][   T30] audit: type=1326 audit(2000000049.687:7848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30337 comm="syz.0.13287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  466.264614][   T30] audit: type=1326 audit(2000000049.687:7849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30337 comm="syz.0.13287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  466.290091][   T30] audit: type=1326 audit(2000000049.687:7850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30337 comm="syz.0.13287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  466.327324][T30349] syz.0.13292[30349] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  466.327405][T30349] syz.0.13292[30349] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  466.346492][   T30] audit: type=1326 audit(2000000049.809:7851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30347 comm="syz.0.13292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  466.600588][T30397] netlink: 40 bytes leftover after parsing attributes in process `syz.2.13315'.
[  466.835909][T30423] netpci0: tun_chr_ioctl cmd 1074025676
[  466.842432][T30423] netpci0: owner set to 0
[  466.999901][T30437] incfs: Backing dir is not set, filesystem can't be mounted.
[  467.007353][T30437] incfs: mount failed -2
[  468.049225][T30491] netlink: 44 bytes leftover after parsing attributes in process `syz.0.13357'.
[  468.058089][T30491] netlink: 'syz.0.13357': attribute type 3 has an invalid length.
[  468.290129][T30516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13368'.
[  469.744634][T30569] loop4: detected capacity change from 0 to 2048
[  469.796464][T30569] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsddf,data_err=ignore,max_batch_time=0x0000000000000009,sysvgroups,,errors=continue. Quota mode: none.
[  469.818158][T30569] ext4 filesystem being mounted at /358/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  469.852183][T30569] fs-verity: sha256 using implementation "sha256-avx2"
[  470.062506][T30613] loop6: detected capacity change from 0 to 1024
[  470.102260][T30613] EXT4-fs (loop6): Ignoring removed orlov option
[  470.108446][T30613] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  470.124253][T30613] EXT4-fs (loop6): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,grpquota,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: writeback.
[  470.212158][T30632] IPv6: addrconf: prefix option has invalid lifetime
[  470.218708][T30632] IPv6: addrconf: prefix option has invalid lifetime
[  470.252087][   T30] kauditd_printk_skb: 143 callbacks suppressed
[  470.252105][   T30] audit: type=1400 audit(2000000001.590:7995): avc:  denied  { write } for  pid=30634 comm="syz.0.13423" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  470.294257][   T30] audit: type=1326 audit(2000000001.627:7996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30638 comm="syz.6.13424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  470.317919][   T30] audit: type=1326 audit(2000000001.627:7997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30638 comm="syz.6.13424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  470.341761][   T30] audit: type=1326 audit(2000000001.627:7998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30638 comm="syz.6.13424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  470.380645][   T30] audit: type=1326 audit(2000000001.627:7999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30638 comm="syz.6.13424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  470.407035][   T30] audit: type=1326 audit(2000000001.627:8000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30638 comm="syz.6.13424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  470.433211][   T30] audit: type=1400 audit(2000000001.702:8001): avc:  denied  { read } for  pid=30645 comm="syz.6.13428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  470.464946][   T30] audit: type=1400 audit(2000000001.786:8002): avc:  denied  { setopt } for  pid=30654 comm="syz.0.13432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  470.517450][   T30] audit: type=1400 audit(2000000001.824:8003): avc:  denied  { execmem } for  pid=30662 comm="syz.0.13436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  470.751485][T30673] syz.9.13439[30673] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  470.751511][   T30] audit: type=1400 audit(2000000002.048:8004): avc:  denied  { integrity } for  pid=30672 comm="syz.9.13439" lockdown_reason="use of bpf to write user RAM" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[  470.751571][T30673] syz.9.13439[30673] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  470.791577][T30673] incfs: Error accessing: ./file0.
[  470.808061][T30673] incfs: mount failed -20
[  470.924789][T30686] syz.9.13445[30686] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  470.924915][T30686] syz.9.13445[30686] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  471.565683][T30738] input: syz0 as /devices/virtual/input/input120
[  471.583208][T30738] input: failed to attach handler leds to device input120, error: -6
[  472.009671][T30817] binfmt_misc: register: failed to install interpreter file ./file2
[  472.107711][T30834] netlink: 276 bytes leftover after parsing attributes in process `syz.0.13513'.
[  472.173084][T30842] ªªªªªª: renamed from vlan0
[  472.657335][T30889] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  472.758872][T30897] device macsec1 entered promiscuous mode
[  473.511020][T30964] loop4: detected capacity change from 0 to 512
[  473.533833][T30964] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  473.556998][T30964] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,grpquota,,errors=continue. Quota mode: writeback.
[  473.572696][T30964] ext4 filesystem being mounted at /366/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  474.227090][T13585] usb 10-1: new high-speed USB device number 34 using dummy_hcd
[  474.388280][T31008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13592'.
[  474.397502][T31008] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  474.456158][T31014] Invalid ELF header magic: != ELF
[  474.622675][T13585] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  474.632674][T13585] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  474.825740][T13585] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  474.834711][T13585] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  474.842747][T13585] usb 10-1: Product: syz
[  474.846813][T13585] usb 10-1: Manufacturer: syz
[  474.851419][T13585] usb 10-1: SerialNumber: syz
[  475.819811][T13585] cdc_mbim 10-1:1.0: bind() failure
[  475.825543][T13585] cdc_ncm 10-1:1.1: CDC Union missing and no IAD found
[  475.832259][T13585] cdc_ncm 10-1:1.1: bind() failure
[  475.838311][T13585] usb 10-1: USB disconnect, device number 34
[  476.406947][   T30] kauditd_printk_skb: 251 callbacks suppressed
[  476.406964][   T30] audit: type=1326 audit(2000000007.334:8256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.9.13618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  476.437018][   T30] audit: type=1326 audit(2000000007.334:8257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.9.13618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  476.462371][   T30] audit: type=1326 audit(2000000007.344:8258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.9.13618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  476.486117][   T30] audit: type=1326 audit(2000000007.344:8259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.9.13618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  476.510271][   T30] audit: type=1326 audit(2000000007.344:8260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.9.13618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  476.534697][   T30] audit: type=1326 audit(2000000007.344:8261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.9.13618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  476.561013][   T30] audit: type=1326 audit(2000000007.362:8262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.9.13618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  476.587054][   T30] audit: type=1326 audit(2000000007.372:8263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.9.13618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  476.642716][   T30] audit: type=1326 audit(2000000007.381:8264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.9.13618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  476.649855][T31076] binfmt_misc: register: failed to install interpreter file ./file2
[  476.692631][   T30] audit: type=1326 audit(2000000007.381:8265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.9.13618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  476.748971][T31084] loop6: detected capacity change from 0 to 256
[  476.880048][T31088] loop4: detected capacity change from 0 to 512
[  476.899066][T31090] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13629'.
[  476.923522][T31088] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #3: comm syz.4.13630: corrupted inode contents
[  476.936085][T31088] EXT4-fs error (device loop4): ext4_dirty_inode:6041: inode #3: comm syz.4.13630: mark_inode_dirty error
[  476.961587][T31088] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #3: comm syz.4.13630: corrupted inode contents
[  476.994849][T31088] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #3: comm syz.4.13630: mark_inode_dirty error
[  477.016683][T31088] EXT4-fs error (device loop4): ext4_acquire_dquot:6188: comm syz.4.13630: Failed to acquire dquot type 0
[  477.029502][T31088] EXT4-fs (loop4): 1 orphan inode deleted
[  477.038157][T31088] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  477.050809][T31088] ext4 filesystem being mounted at /369/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  477.279155][T31151] syz.4.13657[31151] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  477.279228][T31151] syz.4.13657[31151] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  477.469067][T31177] netlink: 8 bytes leftover after parsing attributes in process `syz.9.13668'.
[  477.522132][T31184] syz.6.13671[31184] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  477.522244][T31184] syz.6.13671[31184] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  478.271332][T31205] loop4: detected capacity change from 0 to 16
[  478.321702][T31205] erofs: (device loop4): mounted with root inode @ nid 36.
[  478.330681][T31205] erofs: (device loop4): erofs_readdir: invalid de[0].nameoff 0 @ nid 46
[  478.373018][T31201] loop6: detected capacity change from 0 to 40427
[  478.414530][T17213] kernel write not supported for file /cpuinfo (pid: 17213 comm: kworker/1:7)
[  478.424073][T31201] F2FS-fs (loop6): fault_injection options not supported
[  478.437520][T31201] F2FS-fs (loop6): invalid crc value
[  478.444067][T31201] F2FS-fs (loop6): Found nat_bits in checkpoint
[  478.484639][T31201] F2FS-fs (loop6): Start checkpoint disabled!
[  478.501936][T31201] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  478.579730][ T7371] attempt to access beyond end of device
[  478.579730][ T7371] loop6: rw=2049, want=40968, limit=40427
[  478.591105][ T7371] attempt to access beyond end of device
[  478.591105][ T7371] loop6: rw=2049, want=40984, limit=40427
[  478.647749][T31231] loop4: detected capacity change from 0 to 128
[  478.677823][T31231] EXT4-fs (loop4): mounted filesystem without journal. Opts: minixdf,nodelalloc,,errors=continue. Quota mode: none.
[  478.690032][T31231] ext4 filesystem being mounted at /388/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  478.786184][T31242] loop4: detected capacity change from 0 to 1024
[  478.814162][T31242] EXT4-fs (loop4): Ignoring removed nobh option
[  478.822152][T31242] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #11: comm syz.4.13696: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  478.841117][T31242] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.13696: couldn't read orphan inode 11 (err -117)
[  478.853085][T31242] EXT4-fs (loop4): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,noload,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback.
[  478.875553][T31242] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.13696: Invalid block bitmap block 0 in block_group 0
[  478.891250][T31242] EXT4-fs error (device loop4): ext4_acquire_dquot:6188: comm syz.4.13696: Failed to acquire dquot type 0
[  478.903939][T31242] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.13696: Invalid inode bitmap blk 137438953472 in block_group 0
[  478.925050][  T313] EXT4-fs error (device loop4): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 8589934593 in block_group 0
[  479.160905][T31262] loop6: detected capacity change from 0 to 40427
[  479.208908][T31262] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  479.216489][T31262] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  479.226245][T31262] F2FS-fs (loop6): invalid crc value
[  479.232791][T31262] F2FS-fs (loop6): Found nat_bits in checkpoint
[  479.264680][T31262] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  479.271603][T31262] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  479.649753][T31276] loop6: detected capacity change from 0 to 512
[  479.660696][T31278] EXT4-fs error (device loop9): ext4_acquire_dquot:6188: comm syz.9.13710: Failed to acquire dquot type 0
[  479.689462][T31276] EXT4-fs (loop6): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback.
[  479.705056][T31276] ext4 filesystem being mounted at /322/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  479.719146][T31276] EXT4-fs error (device loop6): ext4_do_update_inode:5205: inode #2: comm syz.6.13719: corrupted inode contents
[  479.731619][T31276] EXT4-fs error (device loop6): ext4_dirty_inode:6041: inode #2: comm syz.6.13719: mark_inode_dirty error
[  479.744696][T31276] EXT4-fs error (device loop6): ext4_do_update_inode:5205: inode #2: comm syz.6.13719: corrupted inode contents
[  479.756648][T31276] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #2: comm syz.6.13719: mark_inode_dirty error
[  480.670781][T31371] EXT4-fs error (device loop2): ext4_acquire_dquot:6188: comm syz.2.13756: Failed to acquire dquot type 0
[  480.944992][T31385] loop4: detected capacity change from 0 to 40427
[  481.016402][T31385] F2FS-fs (loop4): Found nat_bits in checkpoint
[  481.068673][T31385] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  481.119021][T25949] attempt to access beyond end of device
[  481.119021][T25949] loop4: rw=2049, want=45104, limit=40427
[  483.064105][   T30] kauditd_printk_skb: 103 callbacks suppressed
[  483.064121][   T30] audit: type=1400 audit(2000262413.564:8361): avc:  denied  { mounton } for  pid=31399 comm="syz.4.13763" path="/402/file0" dev="tmpfs" ino=2105 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  483.074697][T31406] loop6: detected capacity change from 0 to 1024
[  483.096103][T31404] incfs: Error accessing: ./file0.
[  483.104433][T31404] incfs: mount failed -20
[  483.132749][T31406] EXT4-fs (loop6): Ignoring removed nobh option
[  483.140722][T31406] EXT4-fs error (device loop6): ext4_ext_check_inode:501: inode #11: comm syz.6.13761: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  483.166397][T31406] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.13761: couldn't read orphan inode 11 (err -117)
[  483.178394][T31406] EXT4-fs (loop6): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,noload,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback.
[  483.201297][ T7371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  483.214366][T31406] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:476: comm syz.6.13761: Invalid block bitmap block 0 in block_group 0
[  483.249600][T31406] Quota error (device loop6): write_blk: dquota write failed
[  483.275603][T31406] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  483.303972][T31406] EXT4-fs error (device loop6): ext4_acquire_dquot:6188: comm syz.6.13761: Failed to acquire dquot type 0
[  483.317975][T31424] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  483.334806][T31418] EXT4-fs error (device loop6): ext4_read_inode_bitmap:140: comm syz.6.13761: Invalid inode bitmap blk 137438953472 in block_group 0
[  483.370325][   T30] audit: type=1400 audit(2000262413.854:8362): avc:  denied  { validate_trans } for  pid=31430 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  483.390924][ T7371] EXT4-fs error (device loop6): __ext4_get_inode_loc:4351: comm kworker/u4:6: Invalid inode table block 8589934593 in block_group 0
[  483.429289][T31435] netlink: 'syz.2.13777': attribute type 6 has an invalid length.
[  483.533301][   T30] audit: type=1400 audit(2000262414.003:8363): avc:  denied  { ioctl } for  pid=31451 comm="syz.6.13784" path="socket:[141794]" dev="sockfs" ino=141794 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  483.570511][   T30] audit: type=1400 audit(2000262414.031:8364): avc:  denied  { create } for  pid=31454 comm="syz.2.13785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  483.590687][   T30] audit: type=1400 audit(2000262414.031:8365): avc:  denied  { connect } for  pid=31454 comm="syz.2.13785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  483.614355][T31459] netlink: 'syz.2.13787': attribute type 298 has an invalid length.
[  483.743682][   T30] audit: type=1400 audit(2000262414.209:8366): avc:  denied  { ioctl } for  pid=31468 comm="syz.6.13793" path="/332/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  483.810388][T31471] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13792'.
[  483.835142][T31479] netlink: 88 bytes leftover after parsing attributes in process `syz.6.13797'.
[  483.844502][T31479] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13797'.
[  483.855799][   T30] audit: type=1326 audit(2000262414.312:8367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31480 comm="syz.2.13798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc3ecf1de9 code=0x7ffc0000
[  483.892691][   T30] audit: type=1326 audit(2000262414.312:8368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31480 comm="syz.2.13798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7efc3ecf1de9 code=0x7ffc0000
[  483.982238][T31491] ------------[ cut here ]------------
[  483.987576][T31491] WARNING: CPU: 1 PID: 31491 at kernel/trace/bpf_trace.c:1411 bpf_get_stack_raw_tp+0x1d3/0x220
[  483.998066][T31491] Modules linked in:
[  484.001784][T31491] CPU: 1 PID: 31491 Comm: syz.2.13804 Tainted: G        W         5.15.176-syzkaller-00066-gd1a25a6a4b3b #0
[  484.013294][T31491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  484.023312][T31491] RIP: 0010:bpf_get_stack_raw_tp+0x1d3/0x220
[  484.029118][T31491] Code: f1 45 31 c0 e8 2e 93 14 00 65 ff 0d af 3a 87 7e 4c 63 e8 4c 89 e8 48 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 6d 77 f4 ff <0f> 0b 65 ff 0d 8c 3a 87 7e 49 c7 c5 f0 ff ff ff eb d7 e8 56 77 f4
[  484.048748][T31491] RSP: 0000:ffffc90000da69b0 EFLAGS: 00010293
[  484.054674][T31491] RAX: ffffffff817bf493 RBX: 0000000000000003 RCX: ffff888126760000
[  484.062470][T31491] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000fffffffc
[  484.070355][T31491] RBP: ffffc90000da69f0 R08: ffffffff817bf353 R09: fffffbfff0e53526
[  484.078336][T31491] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000da6a08
[  484.086250][T31491] R13: 0000000000000000 R14: 0000000000000900 R15: ffff8881f7132d30
[  484.094222][T31491] FS:  000055558c95b500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  484.102978][T31491] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  484.109456][T31491] CR2: 0000001b31e1aff8 CR3: 000000010e5a2000 CR4: 00000000003506a0
[  484.117238][T31491] Call Trace:
[  484.120337][T31491]  <TASK>
[  484.123206][T31491]  ? show_regs+0x58/0x60
[  484.127508][T31491]  ? __warn+0x160/0x2f0
[  484.131805][T31491]  ? bpf_get_stack_raw_tp+0x1d3/0x220
[  484.137043][T31491]  ? report_bug+0x3d9/0x5b0
[  484.141347][T31491]  ? bpf_get_stack_raw_tp+0x1d3/0x220
[  484.146555][T31491]  ? handle_bug+0x41/0x70
[  484.150779][T31491]  ? exc_invalid_op+0x1b/0x50
[  484.155234][T31491]  ? asm_exc_invalid_op+0x1b/0x20
[  484.160320][T31491]  ? bpf_get_stack_raw_tp+0x93/0x220
[  484.165389][T31491]  ? bpf_get_stack_raw_tp+0x1d3/0x220
[  484.170635][T31491]  ? bpf_get_stack_raw_tp+0x1d3/0x220
[  484.175803][T31491]  ? strlcpy+0x88/0xd0
[  484.179845][T31491]  bpf_prog_ec3b2eefa702d8d3+0x3a/0x808
[  484.185255][T31491]  bpf_trace_run4+0x13f/0x270
[  484.189780][T31491]  ? bpf_trace_run3+0x250/0x250
[  484.194480][T31491]  ? get_mm_memcg_path+0x132/0x240
[  484.199418][T31491]  __bpf_trace_mmap_lock_acquire_returned+0x33/0x40
[  484.205943][T31491]  __mmap_lock_do_trace_acquire_returned+0x198/0x200
[  484.212441][T31491]  ? get_mm_memcg_path+0x240/0x240
[  484.217373][T31491]  ? stack_map_get_build_id_offset+0x247/0x900
[  484.223381][T31491]  ? stack_map_get_build_id_offset+0x5c9/0x900
[  484.229343][T31491]  stack_map_get_build_id_offset+0x5ec/0x900
[  484.235198][T31491]  ? __bpf_get_stackid+0x950/0x950
[  484.240290][T31491]  ? stack_trace_save+0x1c0/0x1c0
[  484.245253][T31491]  __bpf_get_stack+0x495/0x570
[  484.249767][T31491]  ? stack_map_get_build_id_offset+0x900/0x900
[  484.255951][T31491]  ? __kasan_check_write+0x14/0x20
[  484.261142][T31491]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  484.266505][T31491]  bpf_get_stack+0x31/0x40
[  484.270677][T31491]  bpf_get_stack_raw_tp+0x1b2/0x220
[  484.276090][T31491]  ? bpf_trace_run4+0x13f/0x270
[  484.280758][T31491]  ? bpf_trace_run3+0x250/0x250
[  484.285574][T31491]  ? get_mm_memcg_path+0x132/0x240
[  484.290682][T31491]  ? __bpf_trace_mmap_lock_acquire_returned+0x33/0x40
[  484.297315][T31491]  ? __mmap_lock_do_trace_acquire_returned+0x198/0x200
[  484.303943][T31491]  ? get_mm_memcg_path+0x240/0x240
[  484.309243][T31491]  ? stack_map_get_build_id_offset+0x247/0x900
[  484.315230][T31491]  ? stack_map_get_build_id_offset+0x5c9/0x900
[  484.321285][T31491]  ? stack_map_get_build_id_offset+0x5ec/0x900
[  484.327572][T31491]  ? __kasan_check_read+0x11/0x20
[  484.332562][T31491]  ? __bpf_get_stackid+0x950/0x950
[  484.337496][T31491]  ? compat_start_thread+0x20/0x20
[  484.342492][T31491]  ? kvm_sched_clock_read+0x18/0x40
[  484.347481][T31491]  ? sched_clock+0x9/0x10
[  484.351966][T31491]  ? __bpf_get_stack+0x495/0x570
[  484.356727][T31491]  ? stack_map_get_build_id_offset+0x900/0x900
[  484.362755][T31491]  ? __kasan_check_write+0x14/0x20
[  484.367660][T31491]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  484.372982][T31491]  ? bpf_get_stack+0x31/0x40
[  484.377383][T31491]  ? bpf_get_stack_raw_tp+0x1b2/0x220
[  484.382631][T31491]  ? bpf_trace_run4+0x13f/0x270
[  484.387428][T31491]  ? bpf_trace_run3+0x250/0x250
[  484.392201][T31491]  ? get_mm_memcg_path+0x132/0x240
[  484.397081][T31491]  ? __bpf_trace_mmap_lock_acquire_returned+0x33/0x40
[  484.403652][T31491]  ? __mmap_lock_do_trace_acquire_returned+0x198/0x200
[  484.410369][T31491]  ? get_mm_memcg_path+0x240/0x240
[  484.415348][T31491]  ? stack_map_get_build_id_offset+0x247/0x900
[  484.421265][T31491]  ? stack_map_get_build_id_offset+0x5c9/0x900
[  484.427412][T31491]  ? stack_map_get_build_id_offset+0x5ec/0x900
[  484.433357][T31491]  ? do_futex+0x1367/0x37f0
[  484.437824][T31491]  ? __bpf_get_stackid+0x950/0x950
[  484.442792][T31491]  ? __bpf_get_stack+0x495/0x570
[  484.447614][T31491]  ? stack_map_get_build_id_offset+0x900/0x900
[  484.453554][T31491]  ? __kasan_check_write+0x14/0x20
[  484.458527][T31491]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  484.463797][T31491]  ? bpf_get_stack+0x31/0x40
[  484.468246][T31491]  ? bpf_get_stack_raw_tp+0x1b2/0x220
[  484.473438][T31491]  ? bpf_trace_run4+0x13f/0x270
[  484.478159][T31491]  ? bpf_trace_run3+0x250/0x250
[  484.482831][T31491]  ? get_mm_memcg_path+0x132/0x240
[  484.487756][T31491]  ? __bpf_trace_mmap_lock_acquire_returned+0x33/0x40
[  484.494381][T31491]  ? __mmap_lock_do_trace_acquire_returned+0x198/0x200
[  484.501091][T31491]  ? get_mm_memcg_path+0x240/0x240
[  484.505988][T31491]  ? exc_page_fault+0x6f4/0x7f0
[  484.510732][T31491]  ? exc_page_fault+0x705/0x7f0
[  484.515388][T31491]  ? asm_exc_page_fault+0x27/0x30
[  484.520212][T31491]  ? do_handle_mm_fault+0x23d0/0x2400
[  484.525455][T31491]  ? __pmd_alloc+0x2de/0x550
[  484.529850][T31491]  </TASK>
[  484.532735][T31491] ---[ end trace 0a2d6df5e81819c7 ]---
[  484.562532][T31511] loop6: detected capacity change from 0 to 128
[  484.578723][T31516] netlink: 276 bytes leftover after parsing attributes in process `syz.4.13813'.
[  484.625332][T31511] EXT4-fs (loop6): mounted filesystem without journal. Opts: nogrpid,resuid=0x0000000000000000,,errors=continue. Quota mode: none.
[  484.654289][T31511] ext4 filesystem being mounted at /343/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  484.695976][T31511] EXT4-fs warning (device loop6): ext4_group_add:1696: No reserved GDT blocks, can't resize
[  486.489879][  T319] Bluetooth: hci0: command 0x1003 tx timeout
[  486.495866][ T2645] Bluetooth: hci0: sending frame failed (-49)
[  487.704248][T31587] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13841'.
[  487.729902][T31589] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13842'.
[  487.741747][T31589] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13842'.
[  487.846786][T31610] loop4: detected capacity change from 0 to 256
[  487.895085][T31610] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  487.905799][T31610] FAT-fs (loop4): Filesystem has been set read-only
[  488.691020][ T1454] Bluetooth: hci0: command 0x1001 tx timeout
[  488.696918][ T2645] Bluetooth: hci0: sending frame failed (-49)
[  489.194329][   T30] kauditd_printk_skb: 325 callbacks suppressed
[  489.194345][   T30] audit: type=1326 audit(2000262419.307:8694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.6.13875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  489.225617][   T30] audit: type=1326 audit(2000262419.307:8695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.6.13875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  489.249390][   T30] audit: type=1326 audit(2000262419.307:8696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.6.13875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  489.273523][   T30] audit: type=1326 audit(2000262419.335:8697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.6.13875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  489.312054][   T30] audit: type=1326 audit(2000262419.419:8698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31660 comm="syz.6.13876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  489.335775][   T30] audit: type=1326 audit(2000262419.419:8699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31660 comm="syz.6.13876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  489.359628][   T30] audit: type=1326 audit(2000262419.429:8700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31660 comm="syz.6.13876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  489.393958][   T30] audit: type=1326 audit(2000262419.429:8701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31660 comm="syz.6.13876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  489.446596][   T30] audit: type=1326 audit(2000262419.447:8702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31660 comm="syz.6.13876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52fc2dbde9 code=0x7ffc0000
[  489.540732][   T30] audit: type=1400 audit(2000262419.625:8703): avc:  denied  { audit_write } for  pid=31669 comm="syz.6.13880" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  489.986031][  T320] kernel write not supported for file [eventfd] (pid: 320 comm: kworker/0:3)
[  490.921400][ T1454] Bluetooth: hci0: command 0x1009 tx timeout
[  491.105779][T31731] loop6: detected capacity change from 0 to 8192
[  491.135225][T31741] netlink: 'syz.0.13912': attribute type 1 has an invalid length.
[  491.156354][T31731] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  491.243269][T31758] loop6: detected capacity change from 0 to 16
[  491.259766][T31758] erofs: (device loop6): mounted with root inode @ nid 36.
[  491.280943][T31764] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13923'.
[  491.314260][T31768] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13924'.
[  491.423702][T31789] loop4: detected capacity change from 0 to 4096
[  491.449954][T31789] EXT4-fs (loop4): Test dummy encryption mode enabled
[  491.466245][T31789] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  491.508435][T31789] overlayfs: './file1' not a directory
[  491.557776][T31812] syz.4.13944[31812] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  491.557829][T31812] syz.4.13944[31812] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  492.690865][T31838] overlayfs: failed to resolve './file1': -2
[  492.721650][T31840] netlink: 96 bytes leftover after parsing attributes in process `syz.2.13954'.
[  493.515434][T31849] /dev/loop0: Can't open blockdev
[  493.899592][T31882] bridge0: port 1(bridge_slave_0) entered blocking state
[  493.906428][T31882] bridge0: port 1(bridge_slave_0) entered disabled state
[  493.913948][T31882] device bridge_slave_0 entered promiscuous mode
[  493.921973][T31882] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.928803][T31882] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.936149][T31882] device bridge_slave_1 entered promiscuous mode
[  493.988154][T31882] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.995011][T31882] bridge0: port 2(bridge_slave_1) entered forwarding state
[  494.002092][T31882] bridge0: port 1(bridge_slave_0) entered blocking state
[  494.008899][T31882] bridge0: port 1(bridge_slave_0) entered forwarding state
[  494.031921][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  494.039769][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.046914][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[  494.056372][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  494.064793][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  494.071638][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  494.081979][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  494.089987][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  494.096806][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  494.109749][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  494.118906][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  494.135158][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  494.147875][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  494.156034][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  494.163253][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  494.171721][T31882] device veth0_vlan entered promiscuous mode
[  494.182511][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  494.193260][T31882] device veth1_macvtap entered promiscuous mode
[  494.202968][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  494.213102][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  494.350097][ T7371] bridge0: port 2(bridge_slave_1) entered disabled state
[  494.357531][ T7371] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.657062][   T30] kauditd_printk_skb: 57 callbacks suppressed
[  494.657079][   T30] audit: type=1326 audit(2000262424.414:8761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31893 comm="syz.0.13978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  494.735648][   T30] audit: type=1326 audit(2000262424.414:8762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31893 comm="syz.0.13978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  494.759526][   T30] audit: type=1326 audit(2000262424.414:8763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31893 comm="syz.0.13978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  494.783649][   T30] audit: type=1326 audit(2000262424.414:8764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31893 comm="syz.0.13978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  494.807710][   T30] audit: type=1326 audit(2000262424.414:8765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31893 comm="syz.0.13978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  494.859406][   T30] audit: type=1326 audit(2000262424.583:8766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31899 comm="syz.9.13982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  494.896394][T31888] bridge0: port 1(bridge_slave_0) entered blocking state
[  494.910773][T31888] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.918764][T31888] device bridge_slave_0 entered promiscuous mode
[  494.925839][   T30] audit: type=1326 audit(2000262424.583:8767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31899 comm="syz.9.13982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  494.934392][T31888] bridge0: port 2(bridge_slave_1) entered blocking state
[  494.955643][   T30] audit: type=1326 audit(2000262424.583:8768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31899 comm="syz.9.13982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  494.979649][   T30] audit: type=1326 audit(2000262424.583:8769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31899 comm="syz.9.13982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  495.003230][   T30] audit: type=1326 audit(2000262424.583:8770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31899 comm="syz.9.13982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3baadde9 code=0x7ffc0000
[  495.034440][T31888] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.042033][T31888] device bridge_slave_1 entered promiscuous mode
[  495.135010][T31938] loop4: detected capacity change from 0 to 512
[  495.198026][T31949] syz.9.14000[31949] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  495.198110][T31949] syz.9.14000[31949] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  495.214311][T31888] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.232431][T31888] bridge0: port 2(bridge_slave_1) entered forwarding state
[  495.239612][T31888] bridge0: port 1(bridge_slave_0) entered blocking state
[  495.246457][T31888] bridge0: port 1(bridge_slave_0) entered forwarding state
[  495.259037][T31938] EXT4-fs (loop4): mounted filesystem without journal. Opts: sb=0x0000000000000001,nodioread_nolock,,errors=continue. Quota mode: writeback.
[  495.275533][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  495.283677][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.292209][T31938] ext4 filesystem being mounted at /433/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  495.303206][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  495.312921][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  495.349500][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  495.358587][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  495.365455][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  495.375396][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  495.384198][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.391049][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  495.414676][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  495.422661][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  495.448565][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  495.463271][T31888] device veth0_vlan entered promiscuous mode
[  495.470716][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  495.478880][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  495.486617][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  495.504712][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  495.513745][T31888] device veth1_macvtap entered promiscuous mode
[  495.525591][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  495.541963][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  495.696750][T31989] tipc: Started in network mode
[  495.701463][T31989] tipc: Node identity 7, cluster identity 4711
[  495.708596][T31989] tipc: Node number set to 7
[  495.748781][T31987] bridge0: port 1(bridge_slave_0) entered blocking state
[  495.756771][T31987] bridge0: port 1(bridge_slave_0) entered disabled state
[  495.764230][T31987] device bridge_slave_0 entered promiscuous mode
[  495.771043][T31987] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.777882][T31987] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.785858][T31987] device bridge_slave_1 entered promiscuous mode
[  495.793570][ T7371] device bridge_slave_1 left promiscuous mode
[  495.799575][ T7371] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.807153][ T7371] device bridge_slave_0 left promiscuous mode
[  495.813262][ T7371] bridge0: port 1(bridge_slave_0) entered disabled state
[  495.821155][ T7371] device veth1_macvtap left promiscuous mode
[  495.827288][ T7371] device veth0_vlan left promiscuous mode
[  496.022670][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  496.030124][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  496.039066][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  496.047448][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  496.055506][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  496.062389][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  496.071564][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  496.081223][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  496.089578][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  496.097562][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  496.104415][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  496.118591][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  496.132000][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  496.147582][T32014] loop6: detected capacity change from 0 to 256
[  496.151764][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  496.171720][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  496.179862][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  496.188142][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  496.188296][T32014] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  496.210652][T31987] device veth0_vlan entered promiscuous mode
[  496.229252][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  496.238287][T31987] device veth1_macvtap entered promiscuous mode
[  496.247898][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  496.265041][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  496.570525][ T7371] device bridge_slave_1 left promiscuous mode
[  496.576480][ T7371] bridge0: port 2(bridge_slave_1) entered disabled state
[  496.583834][ T7371] device bridge_slave_0 left promiscuous mode
[  496.589753][ T7371] bridge0: port 1(bridge_slave_0) entered disabled state
[  496.597606][ T7371] device veth1_macvtap left promiscuous mode
[  496.603468][ T7371] device veth0_vlan left promiscuous mode
[  496.805180][   T39] hid-generic 0000:0000:0000.006B: unknown main item tag 0x0
[  496.812424][   T39] hid-generic 0000:0000:0000.006B: unknown main item tag 0x0
[  496.819749][T32033] Illegal XDP return value 4294967274, expect packet loss!
[  496.827506][   T39] hid-generic 0000:0000:0000.006B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  496.886808][T32037] netlink: 28 bytes leftover after parsing attributes in process `syz.9.14036'.
[  496.899236][T32037] netlink: 28 bytes leftover after parsing attributes in process `syz.9.14036'.
[  496.919901][T32035] bridge0: port 1(bridge_slave_0) entered blocking state
[  496.930253][T32046] loop6: detected capacity change from 0 to 512
[  496.932864][T32035] bridge0: port 1(bridge_slave_0) entered disabled state
[  496.944973][T32035] device bridge_slave_0 entered promiscuous mode
[  496.951758][T32046] EXT4-fs (loop6): Ignoring removed oldalloc option
[  496.958814][T32035] bridge0: port 2(bridge_slave_1) entered blocking state
[  496.967736][T32046] EXT4-fs (loop6): 1 truncate cleaned up
[  496.973282][T32046] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,bsdgroups,nouid32,user_xattr,errors=remount-ro,oldalloc,stripe=0x0000000000000005,. Quota mode: writeback.
[  496.976117][T32035] bridge0: port 2(bridge_slave_1) entered disabled state
[  497.003966][T32035] device bridge_slave_1 entered promiscuous mode
[  497.112787][T32055] loop6: detected capacity change from 0 to 256
[  497.148642][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  497.156240][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  497.179857][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  497.188176][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  497.197265][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  497.204132][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  497.212976][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  497.221147][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  497.229543][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  497.236416][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  497.251908][T32069] input: syz1 as /devices/virtual/input/input122
[  497.258427][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  497.273743][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  497.286592][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  497.294955][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  497.309698][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  497.327519][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  497.336951][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  497.348794][T32035] device veth0_vlan entered promiscuous mode
[  497.361550][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  497.369351][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  497.384461][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  497.392570][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  497.400450][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  497.408120][T32035] device veth1_macvtap entered promiscuous mode
[  497.420409][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  497.428908][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  497.438475][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  497.446968][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  497.597529][ T7371] device bridge_slave_1 left promiscuous mode
[  497.603467][ T7371] bridge0: port 2(bridge_slave_1) entered disabled state
[  497.611046][ T7371] device bridge_slave_0 left promiscuous mode
[  497.616963][ T7371] bridge0: port 1(bridge_slave_0) entered disabled state
[  497.624906][ T7371] device veth1_macvtap left promiscuous mode
[  497.630977][ T7371] device veth0_vlan left promiscuous mode
[  498.156763][T32095] bridge0: port 1(bridge_slave_0) entered blocking state
[  498.163837][T32095] bridge0: port 1(bridge_slave_0) entered disabled state
[  498.171103][T32095] device bridge_slave_0 entered promiscuous mode
[  498.178065][T32095] bridge0: port 2(bridge_slave_1) entered blocking state
[  498.185102][T32095] bridge0: port 2(bridge_slave_1) entered disabled state
[  498.192325][T32095] device bridge_slave_1 entered promiscuous mode
[  498.198828][T32106] device bridge_slave_0 entered promiscuous mode
[  498.307449][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  498.315273][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  498.326513][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  498.334864][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  498.342848][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  498.349704][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  498.357417][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  498.372738][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  498.381028][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  498.390559][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  498.397421][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  498.417403][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  498.434708][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  498.450203][T32095] device veth0_vlan entered promiscuous mode
[  498.459367][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  498.468230][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  498.475939][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  498.483355][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  498.501777][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  498.510294][T32095] device veth1_macvtap entered promiscuous mode
[  498.521396][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  498.539464][ T7371] device bridge_slave_1 left promiscuous mode
[  498.545621][ T7371] bridge0: port 2(bridge_slave_1) entered disabled state
[  498.553438][ T7371] device bridge_slave_0 left promiscuous mode
[  498.559931][ T7371] bridge0: port 1(bridge_slave_0) entered disabled state
[  498.567976][ T7371] device veth1_macvtap left promiscuous mode
[  498.574015][   T20] usb 10-1: new high-speed USB device number 35 using dummy_hcd
[  498.581800][ T7371] device veth0_vlan left promiscuous mode
[  498.661310][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  498.975602][   T20] usb 10-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  499.071775][   T20] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  499.080842][   T20] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  499.088999][   T20] usb 10-1: SerialNumber: syz
[  499.392985][ T7371] device bridge_slave_1 left promiscuous mode
[  499.398988][ T7371] bridge0: port 2(bridge_slave_1) entered disabled state
[  499.406437][ T7371] device bridge_slave_0 left promiscuous mode
[  499.412393][ T7371] bridge0: port 1(bridge_slave_0) entered disabled state
[  499.436476][   T45] Bluetooth: hci0: Frame reassembly failed (-84)
[  499.443565][ T7371] device veth1_macvtap left promiscuous mode
[  499.451433][ T7371] device veth0_vlan left promiscuous mode
[  499.612250][T32147] bridge0: port 1(bridge_slave_0) entered blocking state
[  499.619163][T32147] bridge0: port 1(bridge_slave_0) entered disabled state
[  499.626342][T32147] device bridge_slave_0 entered promiscuous mode
[  499.638909][T32147] bridge0: port 2(bridge_slave_1) entered blocking state
[  499.651612][T32147] bridge0: port 2(bridge_slave_1) entered disabled state
[  499.659931][T32147] device bridge_slave_1 entered promiscuous mode
[  499.745174][T32147] bridge0: port 2(bridge_slave_1) entered blocking state
[  499.752028][T32147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  499.759266][T32147] bridge0: port 1(bridge_slave_0) entered blocking state
[  499.766109][T32147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  499.793316][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  499.802215][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  499.810915][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  499.832696][   T20] cdc_ether 10-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.9-1, CDC Ethernet Device, 42:42:42:42:42:42
[  499.852970][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  499.860955][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  499.867817][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  499.878167][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  499.886650][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  499.893492][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  499.900832][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  499.908704][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  499.935027][T32147] device veth0_vlan entered promiscuous mode
[  499.942286][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  499.950817][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  499.958701][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  499.966846][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  499.982713][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  499.991573][T32147] device veth1_macvtap entered promiscuous mode
[  500.002772][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  500.017830][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  500.262595][ T1454] usb 10-1: USB disconnect, device number 35
[  500.269193][ T1454] cdc_ether 10-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.9-1, CDC Ethernet Device
[  500.601373][   T45] device bridge_slave_1 left promiscuous mode
[  500.607337][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.614890][   T45] device bridge_slave_0 left promiscuous mode
[  500.620811][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  500.628669][   T45] device veth1_macvtap left promiscuous mode
[  500.634551][   T45] device veth0_vlan left promiscuous mode
[  500.858605][   T30] kauditd_printk_skb: 74 callbacks suppressed
[  500.858623][   T30] audit: type=1326 audit(2000262430.214:8845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32176 comm="syz.0.14092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  500.869663][T32177] syz.0.14092[32177] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  500.899929][   T30] audit: type=1326 audit(2000262430.214:8846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32176 comm="syz.0.14092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  500.910608][T32177] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  500.948496][T32177] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  500.956742][T32177] CPU: 1 PID: 32177 Comm: syz.0.14092 Tainted: G        W         5.15.176-syzkaller-00066-gd1a25a6a4b3b #0
[  500.968022][T32177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  500.977918][T32177] RIP: 0010:bpf_check+0x9530/0x12c60
[  500.983036][T32177] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 fa cd 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 d2 cd 30 00 48 8b 1b 48 85 db 0f 84
[  501.002486][T32177] RSP: 0018:ffffc90000d174e0 EFLAGS: 00010246
[  501.008380][T32177] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000
[  501.016192][T32177] RDX: ffffc9000177c000 RSI: 000000000003e217 RDI: 000000000003e218
[  501.024005][T32177] RBP: ffffc90000d17bb0 R08: ffffffff817c3d7d R09: ffffc90000d16de8
[  501.031816][T32177] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000013613
[  501.039629][T32177] R13: ffff8881185dc008 R14: ffffffff817bf7e0 R15: ffffc9000009b09c
[  501.047443][T32177] FS:  00007f32894236c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  501.056206][T32177] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  501.062629][T32177] CR2: 00007ff052310890 CR3: 0000000128e97000 CR4: 00000000003506a0
[  501.070447][T32177] Call Trace:
[  501.073567][T32177]  <TASK>
[  501.076352][T32177]  ? __die_body+0x62/0xb0
[  501.080509][T32177]  ? die_addr+0x9f/0xd0
[  501.084502][T32177]  ? exc_general_protection+0x311/0x4b0
[  501.089889][T32177]  ? asm_exc_general_protection+0x27/0x30
[  501.095439][T32177]  ? tracing_prog_func_proto+0x300/0x300
[  501.100917][T32177]  ? bpf_tracing_func_proto+0x15d/0x4a0
[  501.106301][T32177]  ? bpf_check+0x9530/0x12c60
[  501.110819][T32177]  ? bpf_get_btf_vmlinux+0x60/0x60
[  501.115747][T32177]  ? arch_stack_walk+0xf3/0x140
[  501.120460][T32177]  ? stack_trace_save+0x113/0x1c0
[  501.125297][T32177]  ? stack_trace_snprint+0xf0/0xf0
[  501.130246][T32177]  ? ____kasan_kmalloc+0xed/0x110
[  501.135104][T32177]  ? ____kasan_kmalloc+0xdb/0x110
[  501.139962][T32177]  ? __kasan_kmalloc+0x9/0x10
[  501.144474][T32177]  ? kmem_cache_alloc_trace+0x11a/0x270
[  501.149857][T32177]  ? selinux_bpf_prog_alloc+0x51/0x140
[  501.155150][T32177]  ? security_bpf_prog_alloc+0x62/0x90
[  501.160445][T32177]  ? bpf_prog_load+0x9ee/0x1b50
[  501.165132][T32177]  ? __sys_bpf+0x4bc/0x760
[  501.169384][T32177]  ? __x64_sys_bpf+0x7c/0x90
[  501.173812][T32177]  ? x64_sys_call+0x87f/0x9a0
[  501.178336][T32177]  ? do_syscall_64+0x3b/0xb0
[  501.182752][T32177]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  501.188682][T32177]  ? __kasan_kmalloc+0x9/0x10
[  501.193170][T32177]  ? memset+0x35/0x40
[  501.196985][T32177]  ? bpf_obj_name_cpy+0x196/0x1e0
[  501.201858][T32177]  bpf_prog_load+0x12ac/0x1b50
[  501.206454][T32177]  ? map_freeze+0x370/0x370
[  501.210799][T32177]  ? selinux_bpf+0xcb/0x100
[  501.215128][T32177]  ? security_bpf+0x82/0xb0
[  501.219475][T32177]  __sys_bpf+0x4bc/0x760
[  501.223547][T32177]  ? bpf_link_show_fdinfo+0x300/0x300
[  501.228761][T32177]  ? __secure_computing+0xf0/0x300
[  501.233706][T32177]  __x64_sys_bpf+0x7c/0x90
[  501.237955][T32177]  x64_sys_call+0x87f/0x9a0
[  501.242297][T32177]  do_syscall_64+0x3b/0xb0
[  501.246555][T32177]  ? clear_bhb_loop+0x35/0x90
[  501.251059][T32177]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  501.256786][T32177] RIP: 0033:0x7f328adb8de9
[  501.261042][T32177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.280485][T32177] RSP: 002b:00007f3289423038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  501.288730][T32177] RAX: ffffffffffffffda RBX: 00007f328afd1fa0 RCX: 00007f328adb8de9
[  501.296539][T32177] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[  501.304350][T32177] RBP: 00007f328ae3a2a0 R08: 0000000000000000 R09: 0000000000000000
[  501.312162][T32177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  501.319974][T32177] R13: 0000000000000000 R14: 00007f328afd1fa0 R15: 00007ffd515a1488
[  501.327879][T32177]  </TASK>
[  501.330737][T32177] Modules linked in:
[  501.336717][   T30] audit: type=1326 audit(2000262430.214:8847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32176 comm="syz.0.14092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f328adb8de9 code=0x7ffc0000
[  501.364803][   T30] audit: type=1404 audit(2000262430.251:8848): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  501.380801][   T30] audit: type=1400 audit(2000262430.251:8849): avc:  denied  { integrity } for  pid=32175 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=0
[  501.391410][T32177] ---[ end trace 0a2d6df5e81819c8 ]---
[  501.403335][   T30] audit: type=1400 audit(2000262430.251:8850): avc:  denied  { integrity } for  pid=32176 comm="syz.0.14092" lockdown_reason="use of bpf to write user RAM" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=0
[  501.417366][T32177] RIP: 0010:bpf_check+0x9530/0x12c60
[  501.432296][   T30] audit: type=1400 audit(2000262430.682:8851): avc:  denied  { read write } for  pid=7361 comm="syz-executor" name="loop9" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  501.461341][T32177] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 fa cd 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 d2 cd 30 00 48 8b 1b 48 85 db 0f 84
[  501.481274][T32177] RSP: 0018:ffffc90000d174e0 EFLAGS: 00010246
[  501.487175][T32177] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000
[  501.495453][T32177] RDX: ffffc9000177c000 RSI: 000000000003e217 RDI: 000000000003e218
[  501.503439][T32177] RBP: ffffc90000d17bb0 R08: ffffffff817c3d7d R09: ffffc90000d16de8
[  501.511298][T32177] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000013613
[  501.519114][T32177] R13: ffff8881185dc008 R14: ffffffff817bf7e0 R15: ffffc9000009b09c
[  501.527115][T32177] FS:  00007f32894236c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  501.535886][T32177] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  501.542827][T32177] CR2: 000055558a5184a8 CR3: 0000000128e97000 CR4: 00000000003506b0
[  501.551384][T32177] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  501.559245][T32177] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  501.567094][T32177] Kernel panic - not syncing: Fatal exception
[  501.573184][T32177] Kernel Offset: disabled
[  501.577312][T32177] Rebooting in 86400 seconds..