last executing test programs:

22m54.837968999s ago: executing program 32 (id=66):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
bind$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

22m44.201071134s ago: executing program 33 (id=84):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x4004000)
dup(0xffffffffffffffff)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@resgid}, {@debug}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
ppoll(&(0x7f00000003c0)=[{0xffffffffffffffff, 0x6400}], 0x1, &(0x7f0000000340)={0x0, 0xff}, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$key(0xf, 0x3, 0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f0000000380), 0x208e24b)

22m39.010265466s ago: executing program 34 (id=92):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20, 0x0, 0x28, 0xfffff038}, {0x6, 0x0, 0x0, 0xfff}]}, 0x10)
sendmmsg(r1, &(0x7f0000001c00), 0x400000000000159, 0x40840)

21m56.92192043s ago: executing program 35 (id=134):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
clock_gettime(0x1, &(0x7f0000000000))
ioprio_set$uid(0x3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

21m18.825832214s ago: executing program 36 (id=164):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f000067a000/0x9000)=nil)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000240)={[{@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5db, &(0x7f0000000940)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+ydOa9Hd6b7n773rx9bzaAyhpM/6lF7I2I6SSiP5lfzOuMLHNw4Xn3/v7kdPpIol5/488kkiwtf36S/ezLDu6JiJ9/SmJPx8pyZ+aunB+fmpq8nO0Pz16YHp6Zu3Lw3IXxs5NnJy+OvjR67OiRo8dGDrV1XlcL0k5ef//D/s/G3v7um3+Ske9/G0vieLyaPXHpeWyUwRhs/E6SlVl9xza6sJJ0ZO+TpS9x0llihViX/PXrioinoj864v6L1x+fvlZq5YBNVU8i6kA1HQ9/AKCi8n5Afm2//Dq4VkqvBNgKd08sDACsjP/OhbHB6GmMDey8l8TSYZ0kItobmWu2KyJu3xq7fubW2PXYpHE4oNj8tYh4uij+k0b8D0RPDDTiv9YU/2m/4FT2M01/vc3ylw8Vi3/YOgvx37Nq/EeL+H9nSfy/22b5g/c33+ttiv/edk8JAAAAAAAAKuvmiYh4sejz/9ri/J8omP/TFxHHN6D8wWX7Kz//r93ZgGKAAndPRLxSOP+3ls/+HejIth5rzAfoSs6cm5o8FBGPR8SB6NqR7o+sUsbBz/d83SpvMJv/lz/S8m9ncwGzetzp3NF8zMT47PjDnjcQcfdaxDOF83+TxfY/KWj/078H0w9Yxp7nb5xqlbd2/AObpf5txP7C9v/+XSuS1e/PMdzoDwznvYKVnv34ix9ald9u/LvFBDy8tP3fuXr8DyRL79czs/4yDs911lvltdv/707ebNxypjtL+2h8dvbySER3crIjTW1KH11/neFRlMdDHi9p/B94bvXxv6L+f29EzC/7v5O/mtcU5578t+/3VvXR/4fypPE/sa72f/0bozcGfmxV/oO1/0cabf2BLMX4Hyz4Kg/T7ub0gnDsLMra6voCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKOgFhG7IqkNLW7XakNDEX0R8UTsrE1dmpl94cylDy5OpHmN7/+v5d/027+wn+Tf/z+wZH902f7hiNgdEV929Db2h05fmpoo++QBAAAAAAAAAAAAAAAAAABgm+hrsf4/9UdH2bUDNl1n2RUASlMQ/7+UUQ9g62n/obrEP1SX+IfqEv9QXeIfqkv8Q3WJf6gu8Q8AAAAAAI+U3ftu/ppExPzLvY1HqjvL6yq1ZsBmq5VdAaA0bvED1WXqD1SXa3wgWSO/p+VBax25munTD3EwAAAAAAAAAAAAAFTO/r3W/0NVWf8P1WX9P1RXvv5/X8n1ALaea3wg1ljJX7j+f82jAAAAAAAAAAAAAICNNDN35fz41NTkZRtvbY9qtLcR0c5R9Xr9avou2C5n8T/fyKfCb5f6LNvI1/o96DsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYHv4LAAD//yMSIjU=")
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040)={{{@in=@rand_addr=0x64010102, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, {0x0, 0x1, 0x0, 0x3, 0x5, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x32}, 0xa, @in=@local, 0x0, 0x4}}, 0xe8)
ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0x40603d07, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r5 = openat(0xffffffffffffffff, &(0x7f0000000300)='./cgroup\x00', 0x200200, 0x8e)
r6 = syz_open_procfs(0x0, &(0x7f0000001240)='statm\x00')
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={0xffffffffffffffff, r5, 0x12, 0x0, @val=@iter={&(0x7f0000000000)=@task={0xffffffffffffffff, 0x0, r6}, 0x10}}, 0x20)

20m41.735295797s ago: executing program 37 (id=227):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r0, &(0x7f0000000300)="ca0e808b", 0x4)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x7], 0x0, 0x0, 0x1, 0x0, r2}}, 0x40)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

20m19.156053536s ago: executing program 9 (id=258):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1f, 0xf, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000001000000850000008d000000b700000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

20m17.951578801s ago: executing program 9 (id=261):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}}, 0x0)

20m16.811536662s ago: executing program 9 (id=263):
accept$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000340)=0x1c)
r0 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @random="176f9e5cba39", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x61, 0x0, 0x0, 0x2, 0x0, @multicast2, @multicast1}, @info_reply={0x10, 0x0, 0x0, 0x0, 0x7}}}}}, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@util={0x25, "67f25efc20687643a710991d0788977c"}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0xe}], 0x1, 0x0, 0x0, 0x11000000}, 0x80)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e20, 0xfffffff0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x6}, 0x1c)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x4002)
sched_setscheduler(0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$fuse(0x0, 0x0, 0x1072080, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fd, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
faccessat2(0xffffffffffffffff, 0x0, 0x1, 0x1200)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r4)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r6=>0x0})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0b06000000000000000030000000050036000000000008000200", @ANYRES32=r6, @ANYBLOB="00003500000000000500340000000000"], 0x34}}, 0x0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000400)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000001d00)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fddbdf25070000000c0017000202aaaaaaaaaaaa0c0017000202aaaaaaaaaaaa08000100010000000a0004007770616e300000000c000600000000000000000008000300", @ANYRES32=0x0, @ANYBLOB="0c0006000000000081c49e731e095e2bc685a9314e7d000000000c0017000a00aaaaaaaaaaaa0c0006000300000003000000"], 0x78}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$exfat(&(0x7f0000006c00), &(0x7f0000001b40)='./file0\x00', 0x208008de, &(0x7f0000001b80)=ANY=[@ANYBLOB='utf8,errors=continue,namecase=1,utf8,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000000077,umask=00000000000000000005676,uid=', @ANYRESHEX=0x0, @ANYBLOB=',gid=', @ANYRESHEX=0x0, @ANYBLOB="2c000ca8768ddddc191573cbd33da79641936c9de64e264f331d1b50f4c4f54702f51dcbddb39c14c19175f07a639bb65ea608fbf6fadf5d8da30ace1281bed3e61b084526e10dbe921dad84fbcabc5791f52445cb76b789ed377aa0cd17309c4df04d525e8af05fb246b33836d90656cd2daa991b916be40df3bd607ae5672e1bb90730d0ff03000000000000c5f0cf287ea707c1fc66165f74e7d8a78c37a4b86907cec1df06da3611f616718d88770a2520ceb039bc06ef4d1183"], 0x1, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/67ove7n/a/3XnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV8/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/KRew/+/D834+v//yA55SZ/vbHczb3+Cyk8/9yN55+78fxzN55/7sbzz914/v/z1fxPzvH8czeeP2O52bX+/JmPa3tc6+8/xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGO5wzl/lRZC/Nv6WvfFGGOMMcYYY4yxv47Pe607YIwxxhhjjDHG2P97IKRQQotA5BF5RYzIJ2LFdSK/uF4UEDeIiLhRxImbREFxsygkCosioqiIF8VEcWEECitIhKKEKCmi4hZRStwqEkRpUUaUFU6UE4niNlFe3C4qiDtERXGnqCTuEpVFFVFVVBN3i+riHlFD1BS1xL2itqgj6op64j5RX9wvGogHREPxoGgkHhKNxcOiiXhENBWPimbiMdFcPC5aiCdES9FKtBZtRNv/q/yXRV/xiugn+otkMUAMFK+KQWKwGCKGimHiNTFcvC5GiDdEihgpRok3xWjxlhgj3hZjxTgxXrwjJoiJYpKYLKaIqSJVvCumiffEdPG+mCFmillitkgTc8Rc8YGYJ+aLBeJDsVB8JBaJxWKJWCrSxcciQywTmeITsVx8KrLECrFSrBKrxRqxVqwT68UGsVFsEpvFFrFVbBPbxWdih9gpdondYo/YK/aJz8V+8YU4IL4U2eKr/2L+2X/K7wUCBEiQoEFDHsgDMRADsRAL+SE/FIACEIEIxEEcFISCUAgKQREoAvEQD8WhOCAgEBCUgBIQhSiUglKQAAlQBsqAAweJkAjl4XaoABWgIlSESlAJKkMVqALVoBpUh+pQA2pALagFtaE21IW6cB/cB/dDA2gADaEhNIJG0BgaQxNoAk2hKTSDZtAcmkMLaAEtoSW0htbQFtpCO2gH7aE9dISO0Ak6QWfoDEmQBF2hK3SDbtAdukMP6AE9oSf0gt7QG16Gl+EVeAX6Q205AAbCQBgEg2AIDIWh8BoMh9fhdXgDUmAkjII34U14C8bAGRgL42A8jIfqciJMgslAciqkQipMg2kwHabDDJgJM2E2pMEcmAtzYR7Mh/nwISyEj+AjWAyLYSmkQzpkwDLIhExYDmchC1bASlgFq2ENrIZ1sB7WwUbYBBthC2yBbbANPoPPYCfshN2wG/bCXvgcPocv4AtIgWzIhoNwEA7BITgMhyEHcuAIHIGjcBSOwTE4DsfhBJyEU3ASTsNpOANn4RycgwtwAS7Ci/HfNttbekOKkFdoqWUemUfGyBgZK2NlfplfFpAFZERGZJyMkwVlQVlIFpJFZBEZL+NlcVlcokRJMpQlZIkYIYQsJUvJBJkgy8gy0kknE2WiLC/Lywqygqwo75SV5F2ysqwiO7hqspqsLju6GrKmrCVrydqyjqwr68l6sr6sLxvIBrKhbCgbyUaysXxYNpEDYAg8Kq9MprkcCS3kKGgpW8nWso18C56U7eQYaC87yI7yaTkOxkJn2c4lyWdlVzkJusnn5WR4QfaQU6GnfEn2kr1lH/my7Cvbu36yv5wBA+RAORsGycFyiBwq50EdeWVideUbMkWOlKPkm3IpvCXHyLflWDlOjpfvyAlyopwkJ8spcqpMle/KafI9OV2+L2fImXKWnC3T5Bw5V34g58n5coH8UC6UH8lFcrFcIpfKdPmxzJDLZKb8RC6Xn8osuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVuldvkdvmZ3CF3yl1yt9wj98p98nO5X34hD8gvZbb8Sh6Uf5OH5NfysPxG5shv5RH5nTwqv5fH5A/yuPxRnpAn5Sn5kzwtf5Zn5Fl5Tp6XF+Qv8qK8JC9LL4UCJZVSWgUqj8qrYlQ+FauuU/nV9aqAukFF1I0qTt2kCqqbVSFVWBVRRVW8KqaKK6NQWUUqVCVUSRVVt6hS6laVoEqrMqqscqqcSlS3qfLqdlVB3aEqqjtVJXWXqqyqqKqqmrpbVVf3qBqqpqql7lW1VR1VV9VT96n66n7VQD2gGqoHVSP1kGqsHlZN1COqqXpUNVOPqebqcdVCPaFaqlaqtWqj2qonVTv1lGqvOqiO6mnVST2jOqsuKkk9q7qq51Q39bzqrl5QPdSLqqd6SfVSvVUfdUldVl71U/1VshqgBqpX1SA1WA1RQ9Uw9Zoarl5XI9QbKkWNVKPUm2q0ekuNUW+rsWqcGq/eURPURDVJTVZT1FSVqt5V09R7arp6X81QM9UsNVulqTlqyG+VFvxT/oDfrrr/mP/ev8gf8eu7b1Pb1Wdqh9qpdqndao/aq/apfWq/2q8OqAMqW2Wrg+qgOqQOqcPqsMpROeqIOqKOqqPqmDqmjqvj6oQ6qc6rn9Rp9bM6o86qs+q8uqAuqIu/fQ2EBi210loHOo/Oq2N0Ph2rr9P59fW6gL5BR/SNOk7fpAvqm3UhXVgX0UV1vC6mi2ujUVtNOtQldEkd1bfoUvpWnaBL6zK6rHa6nE7Ut/3p/D/qr61uq9vpdrq9bq876o66k+6kO+vOOkkn6a66q+6mu+nuurvuoXvonrqn7qV76T66j+6r++p+up9O1sl6oH5VD9KD9RA9VA/Tr+nhergeoUfoFJ2iR+lRerQercfoMXqsHqvH6/F6gp6gJ+lJeoqeolN1qp6mp+nperqeoWfoWXqWTtNpeq6eq+fpeXqBXqAX6oV6kV6kl+glOl2n6wydoTN1pl6ul+ssvUKv0Kv0Kr1Gr9Hr9Dq9QW/Qm/QmvUVv0Vl6u96ud+gdepfepffoPXqf3qf36/36gD6gs3W2PqgP6kP6kD6sD+scnaOP6CP6qD6qj+ljA47r4/qEPqFP6VP6tD6tz+gz+pw+py/oC/qivqgv68tXbvsCGchABzrIE+QJYoKYIDaIDfIH+YMCQYEgEkSCuCAuKBjcHBQKCgdFgqJBfFAsKB6YAAMbUBAGJYKSQTS4JSgV3BokBKWDMkHZwAXlgsTgtqB8cHtQIbgjqBjcGVQK7goqB1WCqkG14O6genBPUCOoGdQK7g1qB3WCukG94L6gfnB/0CB4IGgYPBg0Ch4KGgcPB02CR4KmwaNBs+CxoHnweNAieCJoGbQKWgdtgrZ/aX3vzxR+yvUz/U2yGWAGmlfNIDPYDDFDzTDzmhluXjcjzBsmxYw0o8ybZrR5y4wxb5uxZpwZb94xE8xEM8lMNlPMVJNq3jXTzHtmunnfzDAzzSwz26SZOWau+cDMM/PNAvOhWWg+MovMYrPELDXp5mOTYZaZTPOJWW4+NVlmhVlpVpnVZs35G4Uw680Gs9FsMpvNFrPVbDPbzWdmh9lpdpndZo/Za/aZz81+84U5YL402eYrc9D8zRwyX5vD5huTY741R8x35qj53hwzP5jj5kdzwpw0p8xP5rT52ZwxZ805c95cML+Yi+aSuWz8lZv7K5d31KgxD+bBGIzBWIzF/JgfC2ABjGAE4zAOC2JBLISFsAgWwXiMx+JYHK8gJCyBJTCKUSyFpTABE7AMlkGHDhMxEctjeayAFbAiVsRKWAkrY2WsilXxbrwb78F7sCbWxHvxXqyDdbAe1sP6WB8bYANsiA2xETbCxtgYm2ATbIpNsRk2w+bYHFtgC2yJLbE1tsa22BbbYTtsj+2xI3bETtgJO2NnTMIk7IpdsRt2w+7YHXtgD+yJPbEX9sI+2Af7Yl/sh/0wGZNxIA7EQTgIh+AQHIbDcDgOxxE4AlMwBUfhKByNo3EMjsGxOA7H4zs4ASfiJJyMU3AqpmIqTsNpOB2n4wycgbNwFqZhGs7FuTgP5+ECXIALcSEuwkW4BJdgOqZjBmZgJmbiclyOWZiFK3ElrsbVuBbX4npcjxtxI27GzbgVt+J23I47cAfuwl24B/fgPtyH+3E/HsADmI3ZeBAP4iE8hIfxMOZgDh7BI3gUj+IxPIbH8TiewBN4Ck/haTyNZ/AMnsNzeAF/wYt4CS+jxxgrRay9zua319sC9gYbY/PZf4yL2KI23hazxa2xhWzhfxejtTbBlrZlbFnrbDmbaG/7XVzZVrFVbTV7t61u77E1fhfXt/fbBvYB29A+aOvZ+36L8/4aN7IP2cb2cdvEPmGb2la2mW1jm9vHbQv7hG1pW9nWto3tZJ+xnW0Xm2SftV3tc7+LM+wyu95usBvtJrvffmHP2fP2qP3eXrC/2H62vx1mX7PD7et2hH3DptiRv4vH23fsBDvRTrKT7RQ79XfxLDvbptk5dq79wM6z838Xp9uP7UKbaRfZxXaJXfprfKWnTPuJXW4/tVl2hV1pV9nVdo1da9f9715X2S12q91m99nP7Q670+6yu+0eu/fX+Mo+Dtgvbbb9yh6x39lD9mt72B6zOfbbX+Mr+ztmf7DH7Y/2hD1pT9mf7Gn7sz1jz/66/yt7/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB8cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cH5Af/i/0AIIX9bDxRCXL+zaM4/19xc6O/rwTK+U0QI8Wz/no/+21G7dnJy8m+vzVIiKLlYCBG5mp9HXI1XiI7iGZEkOojy/7K/wbL3BfqD+tE7hYi9WvlXseKf69/+H9R/8unxGZXCc3H/Sf3FQiSUvJqTT1yNr9av8B/UL9zuD/rP93WqEO3/ISe/uBpfrZ8onhLPiaR/90rGGGOMMcYYY+zvBsuq3f/o+fnK83m8vpqTV1yN/+j5nDHGGGOMMcYYY9feC737dHkyKalDd178iUWN/x5t8IIXf9niWv9kYowxxhhjjP3Vrt70X+tOGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx3Ov/x58Tu9Z7ZIwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxq61/xUAAP//Jlo4YA==")

20m11.421149804s ago: executing program 9 (id=270):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x103)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000001c0))
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f00000005c0)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000300)=""/66, 0x0, 0x2000})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/68, &(0x7f0000000880)=""/72, 0x8080000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000140)=&(0x7f00000002c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
exit(0x1)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)

20m9.991469372s ago: executing program 9 (id=272):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x18)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e000100776972656775617264"], 0x40}}, 0x0)

20m8.813299435s ago: executing program 9 (id=274):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYRES32=r2], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000005800)=ANY=[@ANYRES32=r1, @ANYRESHEX=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x81f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)

20m5.085165701s ago: executing program 4 (id=279):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1f, 0xf, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000001000000850000008d000000b700000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

20m3.755060852s ago: executing program 4 (id=280):
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
sysinfo(0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000157000/0x2000)=nil, 0x2000, &(0x7f0000000c00)=' \xeeJ\x00\x00\x00\x00\x00\x00\x00\x00')
ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz1\x00', {0x3ff, 0x3, 0x4}, 0x12, [0xd4, 0x6, 0x9, 0x8a4, 0x2, 0x2, 0x7fffffff, 0xa, 0x5, 0x1, 0x101, 0x3c6, 0x7, 0x6, 0xf70, 0x3, 0xe7, 0x7, 0x401, 0xbcde, 0x7ff, 0x1, 0x8, 0xffff, 0xe, 0x4, 0x10, 0x20000000, 0x15098855, 0x6, 0x2, 0xfffffffb, 0x6, 0xc, 0xfffffff7, 0x4, 0xe79, 0x7, 0x1ff4, 0x1, 0x1, 0x7ffffffe, 0x401, 0x9, 0xbdc7, 0xb, 0x1, 0x9, 0x3, 0x1, 0x6, 0xdaae, 0x5, 0x9, 0x6, 0x9, 0x0, 0x3a23, 0x1000, 0x8, 0x2, 0x6, 0x7ff, 0xb8547353], [0x80000000, 0xffffffff, 0x4, 0x5, 0x7fffffff, 0x1, 0x553, 0x6, 0x2, 0xfffffffc, 0x8, 0xc, 0x36, 0xa, 0x6, 0x1, 0x9, 0x98, 0x8, 0xe56d, 0xa4, 0x4, 0x99d, 0x8, 0x0, 0xd, 0x5, 0x0, 0x6e38, 0x8000, 0xa, 0x2, 0x3, 0xfffffff7, 0x8, 0x7, 0x4, 0xd, 0x9, 0xfff, 0x4, 0x0, 0x400, 0x1, 0x8, 0x5, 0x8, 0x0, 0x34f1, 0x1ff, 0x4, 0x1b2c5a17, 0x0, 0x9, 0x8, 0x0, 0xffffffff, 0x1, 0x6, 0x6, 0xac, 0x2, 0x54, 0xcfb9], [0x6, 0xdb8, 0x9, 0x4, 0x2, 0x6, 0x5, 0xfff, 0x3, 0x5, 0x0, 0xc8d3, 0x33, 0x9a45, 0x0, 0xee40000, 0x10000001, 0x1, 0x43, 0x69d, 0x8, 0xffff, 0x0, 0x0, 0x8, 0x2, 0x4, 0x800, 0x7, 0x9, 0x0, 0x0, 0x1, 0xfffffffe, 0x3, 0x0, 0x9, 0x8c0, 0x9, 0x2, 0x9, 0x7, 0x6, 0x2, 0x81, 0x8, 0xffffff20, 0x55f2, 0x5, 0xfffffffd, 0x7f, 0x9, 0x8000, 0x40, 0x3, 0x2, 0xa, 0x6, 0x2, 0xffffff00, 0xda15, 0x7f, 0x3, 0x10], [0x0, 0x897, 0x8, 0x8e8, 0x6, 0x101, 0xfffff410, 0xd, 0x7ff, 0x2, 0x4, 0x9, 0x80000001, 0x2, 0xb, 0x2, 0x7, 0x1, 0x7, 0x2, 0x7ff, 0x3ff, 0x0, 0x2, 0x6, 0x100, 0x1, 0xec9b, 0x61c8, 0x6, 0x0, 0x101, 0xff, 0x7, 0x9, 0x5, 0x7, 0x101, 0x9, 0x3000000, 0xe, 0x6, 0x7, 0x1, 0x9, 0x1, 0x4, 0x9, 0x100, 0x3, 0x3c, 0x1000, 0x3, 0x2, 0x15, 0x8000, 0x7, 0x81, 0x5, 0x7, 0xfffffffc, 0x4, 0x6, 0xeff]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)

19m59.549555956s ago: executing program 4 (id=283):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000200)={0xa0000004})

19m58.701440559s ago: executing program 4 (id=286):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file2\x00', 0x1, &(0x7f0000000880)=ANY=[@ANYBLOB="6e6f61636c2c66617374626f6f74006e6f6c616b7974696d652c66737c6e635f6d6f64653d7374726963742c00943117d12f8dd1f756501f9b3320f59cbfb96561be7420d1d3cff9acece8a4a6a6e4ed8e7c4e791c8750448fe792dda6f215756c0b2ce2746a15156ff1c3b988522badc39d4443eb56b466b74c8325348efff88ee91189898912a9c0a46fcfa48ef117c9eb129652a6ca2216d710bc8a7dd69044934d6b3c979a31bd5b077d4cedc40ef1f54ff5dca6ab8e96552fdb07e5f8912f3bd3d0d383997e8212e4f5e0fff1a1939dee17b8d2518868575604bc51b9cbd9d2ff5f91a20bacb9e9a72a2dc5d7bd3d54ee6e2c04b9212f9b6526c7b7f93f587243a70e9f0d54e4411cb101f227a8add5021c1b121dad14f577a9807ce4bdfe6bda328bbaf25c4c250cce649974ebe565929a26f5a7b80587fdd52c00d9b91577b03bc99ad01d7761a8993455a6120e653241794c28c7c98d146ffbf125a87e64b4fb20185a10062fe8b1e5499e81770f9b0d481fc6221c053848459233a5922ebba66704cdd592d946dc2264c5971bdaff77f855617e64b8eeea0dc0f3b46cfebe178c9c6b1459b90b3ee74281b94c0b16fed4690d0b5a8576f540cc0619f06bd4b8218fdeaf45004db67caa29d01b3fd8a20282b46f891c28639ad398bba2e45d66e794b9a0566cd8abbc0025098220412b224ae69875a348cf0025bf2a5d5bf3a7376d5da45e5aaf7555620642e50b1c354f0a474970581a05ecccff3c21b6aee5213728859a4c16d5ba5bd3ad716b5a63b60077f9720e1c1ef897c4a01c785a6035ffce08fc58b43effca6e73905488836fcf5463e988ce32c837a24c4248786dfa760e0c859b6dcb3ed4986227dd07b9e7940573d76f725ebe0aba785cccef0900000010ea118dc038eb35cef2f5fe244567f3af411afd06e9c500da949123fb23fc67201ebbc30dc278c91eed0dfac998881f1484709bad9776dee56cbde8bf6d52d9dd81536be3abd682055562b2b93b33b9705fe0f5e245e9f64aa0a308ebda18a3348c9c74da3cfafb1af7415ff66b232963c4aecf4ab8052c7f95227ec000", @ANYRES64=0x0, @ANYRES32=r0], 0x3, 0x552a, &(0x7f00000069c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmz6seit6i5+YJey6sGTpkkasptkSpOmtScPHsWDR/8LUfDk0b/Bg2dv4kHxJiiZmejWD1CaNrvt7weTZ943b548byiBZ6YkgDNrPvnlp1Jci0sRMRsRVyOy81JxZNby8FxEXI+ImUeOUjH/x8T5iLgcEddGyfOcpeKpT28Ob6z++MbPX3974dyVz7/6bnq7Bqbt+Yjobufne908pq08Pijma8N2FrsrwyLmT3QfFuM0j3vNzSzDXm28rpbF5Va+Pt3e7Y/iVqdWH8VWeyub3+7lb9gftsZ5shc8qO1k40ZzM4vtfprF1kFe1/5B/t120B/keRpFvg+y9DEYjGM+39xv5vvZfpjFem9QzOd500ZzfxSHRRx/99bTTiOrY/MIH/Rj7s12b3c/GTZ3+u20l6xWqi9UqrfL1Z200Rw0V8q1buP2SrLQ6oyWlQfNWnetlaatTrNST7uLyUKrXi9Xq8nCneZmu9ZLqtXKcuVWeXWxOLuZvHrvnaTTSBZG8eV2b3fQ7vSTrXQnyV+xmCxVll9cTG5Uk7fWN5KN+3fvrm+8/d6dd++9tP76K8Wiv5WVLCzdWloqV2+Vl6qLZ2j/HxVFJzGx/cORlKZdAMCTR/8PTMPx9f879yOOv/+PY+z/i7fT/z9u/e/R+v/Pzvj+YfL+d//vggEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGnx/dwXr2Un8/n4SjH/VDH1TDEuRcRMRPz2D2bj/KGcs0WeuX9ZP/eXGr4pRZZh9B4XiuNyRKwVx69PH/enAAAAAKfXlx9e/yTv1vOH+WkXxEnKL9rMXH1/QvlKETE3/8OEss2MHp6dULLs7/tc7E8oW3YB6+KEkuWX3M5NKtt/MnsoXHwklPIwc6LlAAAAJ+JwJ3CyXQgAAAAn6eNpF8B0lGJ8K3N8Lzj7z/s/bwheOjQCAAAAnkClaRcAAAAAHLus//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzPzlLA2EcgN8WKuCfSIx7r+IOTmE8gkuXhgN4CVau6xW8AGfAuPEIBgydQsQAIWFa8pHnSfrNNy38mCGQ8M4kBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALr0s6rn37+8+3przmZ7lUlEnLyQZzYAAADAKeuqnjf/TFP/RXv+VXvqTdsvIqI8U7wP4tlR5qDNqc48vvpvDD8imoTda4za43lEvG+PP6+7fhcAAADgca0Wy1mq1tOf6b0HRJ/Sok358mOmvCIiqunvTGnlLu9tprDm8z2Mz5nSmgWscaawtOQ2zJV2lebrfli1G//TFKkpLz8/29wBAIAepUpg/3u/3yoEAACAPn269wDoyIfLl4vYb2UetgJHqWm39yZHPQAAAOAJKu49AAAAAKBzTf2/rupvv8L9/wAAAOBRpfv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KV1Vc9Xi+Xs1pzN9jZ5ZgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAX/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgze/+8n9iapxJ5l4bS88jydqpsXVq7J0bR38YX78GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J+XFAiBIIiCOeN/J33/w0qCnkGECGh4VFGLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPii3/3yf2JqnEnmThtLxyPJ2lVj66qx96Bx9GC8/RsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42Ll/37ipOADgz/b5SgqII6AbwgASAyz0ei0t3YABFDHwJyBF6bWEXvnRZqBVBcrChjJ3QWVECAkUtv4PnVupS9g63BAk5iD77JxDDuVAiR24z0d6fl9bjt/3OVGUr58vAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQGr07iZNs0xnHcXHs4c6d1ax/9Jc+c3/z8VLWsjhq1Zn1f8JCdSfqNpcIAAAA8yEqavuk2N9Ot5azPu7k9X9anpfV/PeenXxNmFL3l31Z+2ft11+evLg3WGc8TnbRK2vDwdmD6cztk4LnDj2jld/5/NlLkn9D4g82Xhil+f2Mvn3w4L12Hp6qI1sA4N84M+627xVB+fdQ1vcbzQyAedGqFN5l/Z90ms0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoA6jjfB0GUchhKXWJM482rmzOq2/v/l4qWwX797drF4zu0QaQriyNhycrXEuzUoPPePmrdvXVobDwY36g5dDCE2N/nZxc659NMPJITRyfwRHFMTFz3q9o++GYxtit5jQcSX/TghheKy/mAAAmENp0bK6fjvdWs6ORYsh7H6/v/5/rRKHGev/Jx9ffFgdq1r/92ub4cnXW7/+ee/mrdtvrF1fuTq4Ovj0zXP9t/rnL124cKmXPyvpzdcTEwAAAI5eu2jV+j9ePLj+f7oShxnr/y++639VHStR/081WfRrOhMAAID59vwrf/weTTketdvhy5X19Rv98XZv/9x420Cq/9ipolXr/2Sx6awAAACAOow2on3r/5crcZhx/f+ZH176qXrNJISwUKz/n1n9bHi5vumcaEf54eGv/+Zz8k3PEQAAgGYtFK26/p/m7//He688xCGE118dx8W/AZyp/k/e/+bH6ljV9//P1zfFEynuju9H3ndDaHWbzggAAID/s6eKlhX7v6Vby5/8fPrDtvf/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr2ZwAAAP///GE43w==")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
getdents64(r1, 0x0, 0x0)

19m50.295263342s ago: executing program 38 (id=274):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYRES32=r2], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000005800)=ANY=[@ANYRES32=r1, @ANYRESHEX=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x81f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)

19m50.086496227s ago: executing program 4 (id=294):
syz_emit_ethernet(0x16, &(0x7f00000000c0)={@multicast, @dev}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="8500000013000000350000000000ba00850000000500000095000000000000004cf12aa5cbd56806f81f06a9c7fff5e0a141d524588f32cb447f90ee60b191e2c825cd4d581c45469816b05b61a3cf5fc6dd8442230e7953f911aa1f70351718512c7ae8766b643497cbe593f90a847687a1ef1f83dd6c1023678a1086f7d0f9dce435558fe138d736209ddb7457c14bc34e6bdea4217c4b49377fad08d9a7ab69000000004f0a9c13ecee61c09a701bd5192a9e19b27de967bfb3fe241454a04080bf668ce021879c820f9b80fe233888f07f5ab2667027d4b33729d714e0e205db36aa52281c70e90b9d1615e3a833c63d335d96f51401f6f2f05e469dfd1a8d6e77a6278d708d41af3cacc0afaec2262da46ee302999f76b0e21c2f8f456701b65aafbd9ece2df9aac757664062f8b57375ecf693f041aca86e253039c8c7807f298a63f47e9b32d2712250e3ab7f90551b0459ca01571d0a0fb9b47b756f496ba7653d6b267416968d770c85f49866a3e1a41aeb3d81155bb4622e89d9f39dc296f028317e41ea24ed80c61ab29f77d7ff3d068682ef1b32a946be404088f2242644f2543c4ac1e6368c86a37616915197559167a57965e18f0c4890c183aa34a20632243aa140bfb043cf1921c3e07cc9a92e0f96983d40076892d1808962b44cb6643f9ea672d6467af76ff1a0d7a3361035fab1fb467402000000d73770732654134a75e5e9a25fa4f9816f5e37cacfc58cacd219ca7d331323bb26492bbe3f05f9e77c3296bb226d4f6637428a95735487ac1d5103f04c5a3599f5b30a1c090f6d129bf9f066dab719b53c56c9154af47449fe23c51be5d177b8e985ed29abcae6500bb81851848b81689d54bca0f0092d20880b6c266bad9886b844b5c2488aa967f9b3e7abb375579838ec8b50da959e449863f375c27e6a58a8e2789f245c083e8b33e4358df63ab4ad169bdab2c85e968d1494a5a347cc79b6b3f4c501c735ba922a690e5dd0e1"], &(0x7f0000000140)='GPL\x00', 0x0, 0x27, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0x12, 0xfffffffffffffd85, &(0x7f00000000c0)="61df712bc884fed5722780b688a8", 0x0, 0x739d, 0x0, 0x20}, 0x28)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='rss_stat\x00', r4}, 0x10)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00007fd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil)
madvise(&(0x7f00003c1000/0x1000)=nil, 0xdfc3efff, 0x15)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r5, &(0x7f0000000040)=ANY=[], 0x78)
close(r5)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

19m45.001993187s ago: executing program 4 (id=302):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@usrquota}, {@grpjquota}, {@nodelalloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
rename(&(0x7f0000006840)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000126abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3acb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x1, &(0x7f0000000740))
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x6}, {0xffff, 0xffff}, {0x6, 0x2}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x3ff, "3cfdb7e06039549e56eb7e7a85b416c4"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x40800)

19m25.412578382s ago: executing program 39 (id=302):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@usrquota}, {@grpjquota}, {@nodelalloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
rename(&(0x7f0000006840)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000126abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3acb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x1, &(0x7f0000000740))
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x6}, {0xffff, 0xffff}, {0x6, 0x2}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x3ff, "3cfdb7e06039549e56eb7e7a85b416c4"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x40800)

14m12.462211034s ago: executing program 0 (id=1128):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
r3 = io_uring_setup(0x7739, &(0x7f0000000680)={0x0, 0xc2d, 0x10, 0x40002, 0xfffffffc})
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000540)='.\x00', 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)

14m11.520215089s ago: executing program 0 (id=1132):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000001c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@cgroup=r3, r2, 0x12, 0x0, 0x0, @void, @value=0x0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000001200)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000500)={@cgroup=r3, r3, 0x12, 0x0, 0x0, @void, @value=0x0}, 0x20)
ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/24})
write$dsp(r1, &(0x7f0000000080), 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000240)={@broadcast, @random="1711b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @empty, {[@rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@private=0xa010104}, {@multicast2}, {@local}, {@remote}, {@private}, {@private}]}]}}}}}}}, 0x0)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000400), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)={0x30, r5, 0x1, 0x0, 0xa6ff, {{}, {0x0, 0x3}, {0x14}}}, 0x30}, 0x1, 0x0, 0x0, 0x4004018}, 0x0)
sendmsg$802154_dgram(r0, 0x0, 0x0)

14m10.922929824s ago: executing program 0 (id=1136):
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={0x1, &(0x7f0000000200)="33dc7e001f552549cde9fe42b2e7198a8566cf5f73a85f684905470f0237cad65e07fce0dde2b55f"}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b'], 0x48)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x6000)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x1d, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000140)=0x7, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000240)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000200)="89e7ee2c7cdad9b4b47380c90800", 0xe}], 0x1)

14m9.707139472s ago: executing program 0 (id=1142):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000540)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r3, 0x8b2a, &(0x7f0000000040))

14m8.881129014s ago: executing program 0 (id=1147):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)

14m8.193740002s ago: executing program 0 (id=1151):
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0x10000000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
memfd_create(0x0, 0x0)

13m52.441548992s ago: executing program 40 (id=1151):
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0x10000000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
memfd_create(0x0, 0x0)

5m44.741643244s ago: executing program 2 (id=3136):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = syz_open_pts(r0, 0x101)
r2 = epoll_create(0x2)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000001200)={0x20000001})
r3 = dup3(r1, r0, 0x0)
write$sndseq(r3, 0x0, 0x0)

5m43.11177402s ago: executing program 2 (id=3140):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="f8000000160001000000000000000000ff010000000000000000000000000001ff01000000000000000000000000000100000000000200", @ANYRES32=0x0, @ANYBLOB="fe880000000000000000000000000001000000003300000000000000000000000000ffffac141429000000000000000000000000000000000000000000000000000080"], 0xf8}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180"], 0x4c}}, 0x0)

5m41.886786951s ago: executing program 2 (id=3144):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000580)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @local}}}})
recvmmsg(0xffffffffffffffff, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}, 0x73}], 0x1, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40048d5}, 0x200041d4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10000000, 0xfffffffffffffffe, 0x100, 0x0, 0x0, 0x5]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x2, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5m39.921771446s ago: executing program 2 (id=3149):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x48, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r1}]}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x48}}, 0x8000)

5m38.806464609s ago: executing program 2 (id=3152):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$cont(0x7, r3, 0x5, 0x8)

5m36.727613814s ago: executing program 2 (id=3156):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000001cff00000014000000ff010000000000000100"], 0x0, 0x2e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f00000004c0)=ANY=[@ANYRES8=0x0, @ANYRESDEC, @ANYRES64, @ANYRES64=0x0], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d00007fffffff000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

5m19.242014307s ago: executing program 41 (id=3156):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000001cff00000014000000ff010000000000000100"], 0x0, 0x2e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f00000004c0)=ANY=[@ANYRES8=0x0, @ANYRESDEC, @ANYRES64, @ANYRES64=0x0], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d00007fffffff000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

3m13.495966275s ago: executing program 8 (id=3517):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r0)
recvmmsg(r0, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000240)=""/171, 0xab}, {&(0x7f0000001c40)=""/4096, 0x1000}], 0x2}, 0x7}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000001980)=[{&(0x7f0000000700)=""/4113, 0x1011}, {&(0x7f0000000440)=""/178, 0xb2}, {&(0x7f0000000540)=""/216, 0xd8}, {&(0x7f0000000100)=""/119, 0x77}, {&(0x7f0000003c40)=""/4092, 0xffc}, {&(0x7f00000018c0)=""/147, 0x93}], 0x6}, 0x80000000}, {{0x0, 0x0, 0x0}, 0x5}], 0x5, 0x40008062, 0x0)

3m12.751801715s ago: executing program 8 (id=3521):
r0 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0xf, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xd097}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0xa, &(0x7f0000000300), 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3m12.212632293s ago: executing program 8 (id=3524):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000300)={&(0x7f0000000200)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000480)={&(0x7f0000000240)=[0x0, 0x0, 0x0], 0x0, 0x3, r1})

3m11.391219209s ago: executing program 8 (id=3527):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000009f"])
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000300)={[{@grpquota}, {@delalloc}, {@resuid}, {@errors_remount}, {@test_dummy_encryption_v1}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x6}}, {@nomblk_io_submit}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x42, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x2, 0x0, 0x0)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0)
mount$bind(&(0x7f0000000880)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0xa00004, 0x0, 0x1, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000003c0)=0x7)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x6, 0x4, 0x1000, 0x89, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=""/103, &(0x7f0000000600), &(0x7f0000001b40), 0x80, r2, 0x0, 0x7}, 0x38)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000180)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4)
rmdir(&(0x7f0000006f40)='./file0/../file0\x00')
read$FUSE(r1, &(0x7f0000000f00)={0x2020}, 0x2020)
umount2(&(0x7f00000000c0)='./file0/../file0\x00', 0x3)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0)

3m7.999644888s ago: executing program 8 (id=3537):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000580)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @local}}}})
recvmmsg(0xffffffffffffffff, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}, 0x73}], 0x1, 0x2, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x40048d5}, 0x200041d4)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r1, 0xae9a)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10000000, 0xfffffffffffffffe, 0x100, 0x0, 0x0, 0x5]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x2, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

3m7.092449437s ago: executing program 8 (id=3543):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="316f825a3d29f96a392ea917017b4cd300000000bee700d6dd1fb41a20baf7f7343067fd40cdd4f16742e94b000000005d0200b7f3028100ae8180db94b9de7456ae62b0e61861f615947de10ae3c4fa199fb5fe7766a0842912179154a96fa88e161d861e77a486e10d1d1d0b90c8997e6917226fe4bb5d77e85706336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d186ac9b2382a75ac68920ca3d542aece1ba7920a8f39b270458224e74a22fa1db2f647b55a4f113a476c5902", 0xd0}, {&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b1", 0x6b}, {0x0}], 0x3}}], 0x1, 0x0)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

3m5.036629521s ago: executing program 42 (id=3543):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="316f825a3d29f96a392ea917017b4cd300000000bee700d6dd1fb41a20baf7f7343067fd40cdd4f16742e94b000000005d0200b7f3028100ae8180db94b9de7456ae62b0e61861f615947de10ae3c4fa199fb5fe7766a0842912179154a96fa88e161d861e77a486e10d1d1d0b90c8997e6917226fe4bb5d77e85706336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d186ac9b2382a75ac68920ca3d542aece1ba7920a8f39b270458224e74a22fa1db2f647b55a4f113a476c5902", 0xd0}, {&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b1", 0x6b}, {0x0}], 0x3}}], 0x1, 0x0)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

22.198784802s ago: executing program 5 (id=4055):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x104, 0x6000000000000000, 0x10c, 0x0, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x50)

21.587646844s ago: executing program 5 (id=4059):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, r1}}, 0x40)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

20.728520149s ago: executing program 5 (id=4061):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'veth1_macvtap\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x4b}})

20.102708067s ago: executing program 5 (id=4063):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000280)={[{@i_version}, {@nobh}, {@data_err_ignore}, {@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
open(&(0x7f0000000080)='./bus\x00', 0x62142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x8, 0xc, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "03d4c647125187429df7966d610000335263bd9bffbcc2542ded71038259c097fce47d85272036dc78388e3dc177e9b49600", "b732676c181c2082669dd06388bd21aa45a7fea61800", [0xffffffffffffffff, 0x5]})
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r2, 0x29, 0x40, &(0x7f0000000680)=ANY=[@ANYBLOB="000a00000000000007300000000000000000102dcc00001100000000007fffffff0000bfffff1f00000000000720000000000600000000000000000000000000000000000200feffff07000000000000000047d7a9"], 0x60)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000100)={0x17c04, r0, 0x1000, 0x100100001, 0x0, 0x800})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0xc001)
r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0d05640, &(0x7f0000000040)={0x1, @pix={0xfffffffe, 0x8000, 0x47425247, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}})
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x8000003d)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000005c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1294, 0x1320, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x8}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x22, 0x8, {[@global=@item_012={0x2, 0x1, 0xa, "cace"}, @global=@item_4={0x3, 0x1, 0xb, "192ccbb6"}]}}, 0x0}, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x7)
r7 = open(&(0x7f0000000280)='.\x00', 0x240082, 0x0)
fcntl$notify(r7, 0x402, 0x8000003d)
close_range(r5, r7, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0bfc0000000000000000020000000900010073797a3000000000090002"], 0x54}, 0x1, 0x0, 0x0, 0x40820}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58)
r9 = accept4(r8, 0x0, 0x0, 0x0)
sendmmsg$sock(r9, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000001c0)="74ce48", 0x3}], 0x1}}], 0x1, 0x2000c000)

16.187111123s ago: executing program 5 (id=4072):
r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d04031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e00230000690009047dbe"], 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$int_in(r1, 0x5452, &(0x7f00000000c0)=0x10001)
syz_emit_ethernet(0x101e, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_connect$uac1(0x0, 0x115, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010102000000206b1d01014000010203010902030103010fb00b0904000000010100000a24010000050201020b24050437da59a26b1512092403030001050600072408011b80091324060203060d0008000500030001000800400904010000010200000904010101010200001124020209000400f856e3573e8444f51d0b240202050009000866aa112402010001090472931dea1dad30083309240202030004000909050109100001050d0725f2ff050800090402000200000904020101010200000f24020107046f077b4b751cfbc09b0a240201000402071fb109240201070304078f072401040705000c240201090306577448a36c0b2402016502014f1ec62e09"], &(0x7f00000004c0)={0xa, &(0x7f0000000400)={0xa, 0x6, 0x201, 0xe, 0x3, 0x9, 0x20, 0x7}, 0x12, &(0x7f0000000440)={0x5, 0xf, 0x12, 0x3, [@ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x8, 0x0, 0xd, 0x2}, @ptm_cap={0x3}]}, 0x1, [{0x8, &(0x7f0000000480)=@string={0x8, 0x3, "1164aa3c61c8"}}]})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000980)={0xfffffffffffffed5, &(0x7f0000000100)=ANY=[@ANYBLOB="20089b000000010025e37bc32acc0c7baa0f5ea7534d4cd07f00dab3e89f87b04a75196fb24558741f1b6378f5fba8e0a7287c128c4c26079ecd648c413252887ef6a084cccb0ece680b05f178ebbb9f51df32cb790c000000000000835ba2648a647e34977ace1d22caa13f009c11c41e83a21ed44521b38e78f32d1c7fd64bbfd00a8677d4252fb6b253d5b0621b95211fd3eec4d82785f1c58b0f0000000000"], 0x0, 0x0})
r2 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000bc0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x300, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000000)={0x2c, &(0x7f0000000040)={0x20, 0x12, 0x7, {0x7, 0x1, "00f4000000"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setregid(0xee01, 0xee00)
setresgid(0xffffffffffffffff, 0x0, 0xee00)
setregid(0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$can_bcm(0x1d, 0x2, 0x2)
syz_usb_control_io$cdc_ecm(r0, &(0x7f00000005c0)={0x14, &(0x7f0000000500)={0x0, 0x1, 0x4d, {0x4d, 0x31, "2df55190aa799f42d02c54963d8299fc8fa59ebd52a67410436e15f246694fb1a6a0d771b4c36b703a00f359a1857378e8d093012f9be8bcecb37bc514c0b55058e881ecdd9538b1a560e3"}}, &(0x7f0000000580)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000006c0)={0x1c, &(0x7f0000000600)={0x40, 0x3, 0x1a, "cea9f29658587204c767353c16a85e3308445f6d0abfab065050"}, &(0x7f0000000640)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000000680)={0x0, 0x8, 0x1, 0x8}})
syz_usb_connect$printer(0x6, 0x36, &(0x7f0000000700)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x6a, 0x0, 0x7, [{{0x9, 0x4, 0x0, 0x31, 0x1, 0x7, 0x1, 0x2, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ef, 0x7, 0x0, 0xe}}, [{{0x9, 0x5, 0x82, 0x2, 0x20, 0x7f, 0x5, 0x3}}]}}}]}}]}}, &(0x7f0000000900)={0xa, &(0x7f0000000740)={0xa, 0x6, 0x300, 0x5, 0x3, 0x5, 0x10, 0xd}, 0x2d, &(0x7f0000000780)={0x5, 0xf, 0x2d, 0x2, [@ss_container_id={0x14, 0x10, 0x4, 0x3, "ca40f31d712253d302ad18b80f6b413e"}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "824e30feeb8b0b63d088536038088f06"}]}, 0x2, [{0xdd, &(0x7f00000007c0)=@string={0xdd, 0x3, "4de8b7a508cdd4f2eac04bdf804a723d732671d34dd72661d52caf80d88c18e925374abf44bee4a22ba0efeddac5ae9dc79e9169e117c119f8ccd5846ed986fb9bd867acc462ed168157c915d8bfb53d3237552bc9924e3cd81e567b830d14797b62bfccf8017604d5e99099f29d234f980e8338ab92aaebf4e07f7a4e9bacd80e772e26260744b5fd9de72ef20e5102b19e24378ad68c7f063255066e65b129fcc146d81afd782d3d65a2f726b7b294b6047fb4e36114aa8e077826992116362a6121fa52cb7cc6f61c91df19d51ffea411ceb3aab99de6621b3b"}}, {0x4, &(0x7f00000008c0)=@lang_id={0x4, 0x3, 0xc8e4}}]})

15.503058944s ago: executing program 5 (id=4075):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, 0x0, 0x0) (fail_nth: 1)
write$RDMA_USER_CM_CMD_DESTROY_ID(r0, 0x0, 0x0)

13.800101692s ago: executing program 43 (id=4075):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, 0x0, 0x0) (fail_nth: 1)
write$RDMA_USER_CM_CMD_DESTROY_ID(r0, 0x0, 0x0)

10.943624417s ago: executing program 3 (id=4088):
syz_usb_connect(0x3, 0xe4, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xdf, 0xee, 0x6f, 0x20, 0x403, 0xe548, 0xadd6, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xd2, 0x1, 0x0, 0x0, 0x10, 0x1, [{{0x9, 0x4, 0x97, 0x0, 0x2, 0xbe, 0xe3, 0x1d, 0x0, [], [{{0x9, 0x5, 0x8d, 0x2, 0x210, 0x2, 0xff, 0x1}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x0, 0x0, [@generic={0xa7, 0xe, "3d9983970d13966e44e04b4bd00272e934e99576b34131db75778eb5a0e3ef2c415139a59eb66c405f729d653361e8e38d1289e139114a7cc8b6801bdbe18eefced773d386bf870168fc19db92cb1c9336939e16a5239a2e58f306aa147857b901f14fb9ee90318662946aedd4e57d33214ff239e1238795e90bd53f06a385e6c54b94e6fa496e3e5868af9eeb256698b2688edbd210f92577f81b59ff0014a3dcdce80c62"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x2, 0xb}]}}]}}]}}]}}, 0x0)
syz_usb_connect$uac1(0x0, 0xb9, &(0x7f0000000140)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa7, 0x3, 0x1, 0xff, 0x80, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x2, 0xf8}, [@mixer_unit={0xa, 0x24, 0x4, 0x1, 0x80, "e100d90cc3"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xf, 0x24, 0x2, 0x2, 0x1, 0x1, 0xb5, "cee6c100d727"}, @as_header={0x7, 0x24, 0x1, 0x1, 0xb, 0x3}, @format_type_i_discrete={0x9, 0x24, 0x2, 0x1, 0x6, 0x3, 0x8, 0x4, "01"}, @format_type_i_discrete={0xf, 0x24, 0x2, 0x1, 0x9a, 0x4, 0x5, 0x2, "214efe8eafe866"}, @format_type_i_discrete={0x10, 0x24, 0x2, 0x1, 0x90, 0x3, 0xff, 0xfe, "986f19276e30c50a"}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0xf4, 0x7, 0x7, {0x7, 0x25, 0x1, 0x2, 0x58, 0x401}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x0, 0xc, 0x6, {0x7, 0x25, 0x1, 0x0, 0x0, 0x45}}}}}}}]}}, &(0x7f0000000500)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x201, 0x2c, 0x8, 0x1, 0x10, 0x80}, 0x21, &(0x7f0000000200)={0x5, 0xf, 0x21, 0x3, [@wireless={0xb, 0x10, 0x1, 0x2, 0x40, 0x80, 0xf, 0x5}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x9, 0x4, 0x9, 0x9}, @ext_cap={0x7, 0x10, 0x2, 0x14, 0x9, 0x1, 0x1}]}, 0x8, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x2009}}, {0x7, &(0x7f0000000280)=@string={0x7, 0x3, "6f86ffb0c6"}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x441}}, {0xd4, &(0x7f0000000300)=@string={0xd4, 0x3, "b2c0f1b8340825fc3ceec635999785c2f77bc85ebd7804fb367300543cf7724f331519028e157bfeb59a5c187e5a9e59b7bb4cec8e845958ed4d8dec95515d02f9e2c9cbadbdbe9c45b0b9dbe0a7821b3e562b6ad68201b50c5d0d32611b6ec48b6f518cbdf406e3d2388e63ac890edf12bca04175659294a156dbe1b530da3e517796cca3d6fcd9d213cccbd24228a72c8b142920c957faf00234824465d1be924fb80f90631f08ba6aa598e853e483d46b9d082c7f21e501635ee41cfbf87f23049e9bdc88d4a8bc5c2f676a155b0fef58"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x860}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x2001}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x420}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x280a}}]})
r0 = syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x107042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000240)={0x3920e, r1, 0xc, 0x400000000000, 0x0, 0x2000003})
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0)
iopl(0x3)
geteuid()
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
openat(r0, &(0x7f00000005c0)='./file0\x00', 0x2001, 0x71)
syz_usb_control_io$printer(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$uac1(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000380)={0x44, &(0x7f0000000580)=ANY=[@ANYBLOB="00150100903d27ec2f2736a7dbab9be3b69e5a36000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)

7.883336786s ago: executing program 7 (id=4095):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000000), 0x10)
read(r0, &(0x7f0000002500)=""/4103, 0x1007)
dup(r0)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
close(0xffffffffffffffff)
socket(0x28, 0x5, 0x0)
r3 = syz_io_uring_setup(0x16e, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000001240), &(0x7f0000001340))
io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0)
sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000440)={&(0x7f0000000140)=@can={{}, 0x0, 0x1, 0x0, 0x0, "b9fe997a1675ec25"}, 0x10}, 0x1, 0x0, 0x0, 0x10}, 0x80)

7.230858352s ago: executing program 3 (id=4097):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x30, 0x1410, 0x1, 0x70bd25, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x2}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)

6.474113172s ago: executing program 3 (id=4100):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x13, 0x0, 0x2}]}}, 0x0, 0x26, 0x0, 0xa, 0x0, 0x0, @void, @value}, 0x20)

6.304872198s ago: executing program 7 (id=4101):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x13, 0x0, 0x2}]}}, 0x0, 0x26, 0x0, 0xa, 0x0, 0x0, @void, @value}, 0x20) (fail_nth: 1)

6.302375261s ago: executing program 6 (id=4102):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x15, 0x0, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe1000040", 0x0, 0x104, 0x6000000000000000, 0x10c, 0x0, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x50)

5.985689596s ago: executing program 1 (id=4103):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000580)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @local}}}})
recvmmsg(0xffffffffffffffff, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}, 0x73}], 0x1, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40048d5}, 0x200041d4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10000000, 0xfffffffffffffffe, 0x100, 0x0, 0x0, 0x5]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x2, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5.651727197s ago: executing program 3 (id=4104):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200010, &(0x7f0000000180)={[{@iocharset={'iocharset', 0x3d, 'iso8859-15'}}, {}, {@unhide}, {@partition={'partition', 0x3d, 0x1}}, {@uid_forget}, {@longad}, {@undelete}, {@unhide}, {@unhide}]}, 0x1, 0xc43, &(0x7f0000001040)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
read$alg(r2, &(0x7f0000001740)=""/160, 0xa0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000180)=0x2, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)

5.586348207s ago: executing program 7 (id=4105):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000005c0)={0x1, @sdr={0x34565559, 0x3}})

5.136072552s ago: executing program 6 (id=4106):
r0 = io_uring_setup(0x1178, &(0x7f0000000080)={0x0, 0x5523, 0x8, 0x5, 0x13a})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000400)={0x0, 0x6fbe, 0x10100, 0x0, 0x2e0}, &(0x7f0000000140)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r2, 0x81, 0x0, 0x0, 0x2, 0x1})
io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r1)
mremap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r2, 0x18, &(0x7f0000000200)={0x80000000, r2, 0xc, {0x6, 0x7ff}, 0x9}, 0x1)
r6 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
r7 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000007fc0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
write$binfmt_script(r8, &(0x7f0000000040), 0x55af)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r8, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000340)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r8, &(0x7f0000000540)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002bbd7000ffdbdf250400000005002d00000000000a000900ffffffffffff00000800340007000000050038000000000008003b0004000000050035000000000005002f000000000008000300", @ANYRES32=r9, @ANYBLOB="08005d000800000008003400040000005a59afc927b18c9f86cf7664dc9f29ef10134d56b11dedbe2b2c"], 0x68}, 0x1, 0x0, 0x0, 0x4008004}, 0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x66, &(0x7f0000000080), &(0x7f0000000000)=0x8)
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f0000000680)={0x60, 0x0, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000780), 0x0, 0x1, 0x0, 0x0, 0x0, 0x8})
r10 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
write$binfmt_aout(r10, &(0x7f00000000c0)=ANY=[], 0xc8)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd07000000000000000000180001801b00020064756d6d793000"/38], 0x2c}, 0x1, 0x0, 0x0, 0x200088c5}, 0x2000c800)
r11 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000000), 0x2900, 0x0)
connect$bt_l2cap(r11, &(0x7f0000000100)={0x1f, 0x9, @any, 0x4}, 0xe)
r12 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_IDLE(r12, 0x103, 0x7, 0x0, &(0x7f00000003c0))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYRES32=r4], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
close_range(r0, 0xffffffffffffffff, 0x0)

5.002210315s ago: executing program 7 (id=4107):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'veth1_macvtap\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x4b, 0x8, "4b721b782a17a7b6"}})

4.952383838s ago: executing program 1 (id=4108):
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f00000022c0)={0x80000011, 0x200000c, 0xa, 0x44, 0x7263c, 0x7d3836c6cfdc7f7})
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000440)={0x34, &(0x7f00000001c0)={0x0, 0x14, 0xb, "ff02a7bb8fd19766338fc1"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f00000008c0)={0x44, &(0x7f0000000740)={0x40, 0xc, 0x4, "05cd10bd"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(0xffffffffffffffff, &(0x7f0000000100)={0x14, &(0x7f0000000080)={0x40, 0x3, 0x60, {0x60, 0x2f, "43f957a9d1e509df27f65a4f19bc34cfbc48c62946155f4821ce82c3a944bfc687ff420a0fdcba65c76b5305652adddca9ccdc0e372731a223f39b83b73286c541382449eda21d9ffbc0e6b71f95352d1722e74161332fb705ba5e42f3ec"}}, &(0x7f0000000000)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x280a}}}, &(0x7f0000000480)={0x34, &(0x7f0000000200)={0x40, 0x10, 0xc9, "87aa00a9e3714ff193c7ff981c9f136b2f1a194d8838ff181c2eadc95dc9d1096db7b7c37175711e4f9e40656393fab43225247dd33319276f6f8410e34be636d934d3bf873df63811a2c257d9319eec9c46412b80b4606cd435a42acd47d07a2f587573baf6c4dfb8c9892445d928e900e5db1c61ed8db062b70913110252591160e508d353a107a8a18e0c501e82101a0723ce4c0fb8552c1687cdb97d631f3596bea28b90e74cf9c1846d9e233866cacd6756e7a4c992ae672afad283ae0178faffb3f183d77a1f"}, &(0x7f0000000140)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000180)={0x0, 0x8, 0x1, 0x7f}, &(0x7f0000000300)={0x20, 0x0, 0x80, {0x7e, "79d5f75e545b79051b1575685d0a7fd73811ef95abf070e5bfda155f62290eb4e50ee6a48b893082fb3401d6511a3c1ba28f9575bd5eb17e2da10f2f4d439db98a61ec8af9d8abe48227dca5dae3b7db108455c63f69befad8a4c081cff68ed34b1ee9408460ad2d1f87d115536ee2e25301c343d3aa7076c3773b8b7c13"}}, &(0x7f00000003c0)={0x20, 0x1, 0x1, 0x6}, &(0x7f0000000400)={0x20, 0x0, 0x1, 0x2}})
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)

4.382035443s ago: executing program 7 (id=4109):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x30, 0x1410, 0x1, 0x70bd25, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)

4.361828873s ago: executing program 3 (id=4110):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYBLOB="08000100", @ANYRES32], 0x90}}, 0x0)

3.76735446s ago: executing program 1 (id=4111):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000000), 0x10)
read(r0, &(0x7f0000002500)=""/4103, 0x1007)
dup(r0)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
close(0xffffffffffffffff)
socket(0x28, 0x5, 0x0)
r3 = syz_io_uring_setup(0x16e, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000001240), &(0x7f0000001340))
io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0)
sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000440)={&(0x7f0000000140)=@can={{}, 0x0, 0x1, 0x0, 0x0, "b9fe997a1675ec25"}, 0x10}, 0x1, 0x0, 0x0, 0x10}, 0x80)

3.552435082s ago: executing program 7 (id=4112):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x9, 0xfffffffffffffffe}, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000005bc0)=ANY=[], 0x1, 0x550b, &(0x7f0000000540)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x22)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000100)={0xe, 0xbd5a, 0x6d, "637757cba00af4605574a61aa851"})

3.451914448s ago: executing program 3 (id=4113):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xa0}}, 0x0)
socket(0x10, 0x3, 0x0) (async)
r0 = socket(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000004000000040000000800000014100000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000001b00"/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r1, 0x0, 0x0}, 0x20) (async)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r1, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="140000000b00000003000000ffffffff80400000", @ANYRES32=r1, @ANYBLOB="ffffffff4d00000000000000ab3e465c8f773d44003f0221cc0000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000030000000200"/28], 0x50) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="140000000b00000003000000ffffffff80400000", @ANYRES32=r1, @ANYBLOB="ffffffff4d00000000000000ab3e465c8f773d44003f0221cc0000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000030000000200"/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRESOCT=r2, @ANYRES32=r0, @ANYRES32=r0], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
bind$unix(r3, &(0x7f0000000300)=@file={0x0, './file1\x00'}, 0x6e)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000380)='./file1\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYRES32=r1], 0xff, 0x594d, &(0x7f000000b480)="$eJzs3X+QXFW9IPBzu3synZlMMgnwiCCTIZD3ePA0E34V6qtn3tv39BUgFQtLCRuFQCYYTUIqCUICSnDBhQUstLQU9Q+0kFo0WlTBKpES+bEJqyjF6lJbSK3son+4hSwpgSxluc7WTN/T6bnTd25Pd09I4POpZG6f07e/53vvPX37ntM90wEAAIC3hH03bTtwwXH/8rPPjr52/b/+aNMNob88UV+NKwymy2veqAw5lHoriyeW2X7xN9d+53fDl//TT+/r+/bre9eduP7X/3zU5Q994tw9d3790VcHHvjLC0VxY3869WA5eSkJofrj/V/+3N4njx2vS0II5WRwVwgLk0WPLkwyIYb/FEJYlxYWZ+68/7Uz1o8vb7i1d1L9gsx6+vtbWzXtZzsPXH1a+M0/rr7xF0u+/72e3S/uOrhKUm3oTyHMv7Tx8T0hhLnp/3Gxt8X+GDvtqhBCX8PjzinI66QW81+eUz4+Xc5Jl/0FceL9SzPlUma9bDnqySz7CtrrVF4e7a5XZF6mnD0ZdSovz1i/MF3+MF2eOsP45fg/CaUkVOrpb0wO9pHQcNySkEwcy2q9XKof25Buf6acZMqlTLnck9muiXbTjlZOksn1cb1MfTwdV9L6ExvP1U1cmFP/tnRZTZ+or8dyyN6o6Z9yo75dE2Je+6fJ5VAoNZyDmtXXD3x6MPrTuv5k0ZTHjDUR79u7+rZl5TWP7RvMySO5L0njJ23F3/nzhfM+9t1brsq+rtfjX1pK45cy8ZOW4j9/3lMvX3zLt76WG/+OGL/cVv6nP9z30nmP37Q0d//sj/un0lb8tS88cfuSoy/bnZv/XTF+ta34K/c81Ttw4OFHcvMfiftnblvxn3vP+3577zMPvpgbP8T4fW3FX7Nny+d7hw6ckhv/kbh/+tuK//wru89+dmjo98ONDzhl4GD8p2P8gbbi37PrznffveDWc3OP76q4fwbbin/+yQ/dOO/AgyfknTuTu7r1ygnw1nRUeo11c1pud5zZqYbxwleHK7WrpHnp/4FuNpS5+BxvZ3434wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABACOGY0/7L+//XhwdfqqTl3vTGc6XaMtbPCSGZG0LYtn3t1u0bNl8x/Ikrr9q6eW567/atO4bP/LvhraNbNq7dMX7vyDvOqN2zKCS1ZXLClLZ7x8bGSoOT62J7/+bk3b9Zds7//kMII8f8aqiSm//yOzfdfXSTnxnJyrH3brrqgl+d9c10uwbTvAab5DU2NjYWcvL6Pxf9+e4v7v/dKSGM/NV0eT3x3D/8ZFJCExUH46RKvaGWUG/S1zSPetaDIfSMPyDNq7J+w8bRken37/jjyznb8W+vffFP66/5wp9r+7eaux0t7t+5K8c2lr6y+vz/95XrahVFeb1Rx71of8etiPnF/VdN9/f8dLvm52xXJWe7bvrFI8/8+LhbXt0VRiqvLJnadtF29aQdsid5W0vtxhb6koWT6qvp+vGIx8ct375py/JtO3a+Y8OmtVeMXjG6+V0rzlxx9shZZ5+1fGLLl3d5+2P7f93i9h+a/rTgU7t+GH+21p+K8iraH+N5Fe+Pxozynn99F37uS++68/ELahVF/TyuXT+fpMu+8eO8IjT0t6n7qtl2Fe2HEMJws/3w8qvnhmP/+4Ybi85DjUem8WdGsnLsyaV//OY531j897WKQ3Keb0yozfN8PeuD+Uzsr2p6PMYO0/3bG8rpdvU3zWvFk4/33LbvD5+u5zdnTrhm7fbtW1fUfs5LM52XHN80r2xt3K4lEz/LId0tod5Nm/TXcT2hll/2/BlXz+7V/vS+/mRR0+3KivftXX3bsvKax/bl7enkP9RanBsGasvk7Tlrbsw8sFxPuFn7h+vzr6h/DL3/Gw98+IEfnDmlf5xe+1m0XUnOdn3/mXu+9O0v/PsfdG+73v8PTw3+8X98fFmt4kg5r9SzTvNJGs8rp4dQ9PxbEppvR+7zr9R8e4qef9l2Dq7fPN5wptwfym09X09/uO+l8x6/aWnu83V/q8/X6yaVygXP18Ol/2SfX0llch6z9/ya1FGSlWM/vfmoXY9ev+q4WkVRv66v3axfn9HC+CNnu35y8bNDVw7/u//WvfPGd/7u/kt+vXblZ2oVk4/73Cl55R/3mEt3jns13b/VnP1bzzrNp9S4f995+ZUb19XqD9/r33RZMP6Jp5JtO3Z+cu3GjaNbt7W2Xa2+nsZ2snu53dfTeHZbVLBdpSnb1Rtv7Oj2jVb2V6vPt5j/urb31+TnW39I2npd2PnzhfM+9t1brhqc8qi0oUtLafxSW/GfP++ply++5Vtfy41/R4xfaSv+2heeuH3J0Zftzo1/V5LGr7YVf+Wep3oHDjz8SG78kZj/3LbiP/ee9/323mcefDE3fojx+9vb/6/sPvvZoaHf58Z/OknbGb9GCuH+185YXysnE/Nw1YY8eiblFbLlJFMuZcrlxnKpNtdab6CcJJPr43pp/YkNuTTzkZz6eBVWXVxbvh7LIXtj+vrDTanh3N+svug6FQDgzS6+/x+vQeP7/6PphVL+TAMc1Ok4bHFO3DgOOzifM2fS/YvT+PHxcR5w6J1hZHx5w3DtQn+m7yPE50N2njO2c8pJk2O0O89ZNP++NFOOedXmyysN49DU1HFNJbQw/z61nenn3zObXzw/PnzzlLSGG+atssevJ50xa/Z5h0y+lfEIef0jOy8WP88xND+smmivxf6R/RxNPA7Zz9HEdo7LnDjb/RxNp/0jpj1N/5hIufj9janHL0yzfw8ev+bRssdvBse7Or7+rL0/e1+cF+t43rDpKe3QzRvO7vth5iVz4qdPsFmeNxy/2dG8YayP21FpcT7xwzn1tWftrnq5rfnE8sGbMa/90+RyKJhPBN6s4vg/vkaMj//HL8D/b2a9ouvQ7FVjjJf7OaFy83yKxh1TP6fX19br+Jo9Wz7fO3TglNzrnEda/dzPlkmlvoLP/RTtx2WZcuF+zJmgKRrvZdsp2u/Zz2X0h4G29vs9u+58990Lbj03d7+vqr2QFu/3L00qDRTs9yNgvNA8vvHCW2K8MNvzZ2/Y5xjSDz7N1njkQzn1M/18Q9+UG/XtmnDEjUd6Dm1eAMCRI47/6++fpeP//xlXSK8jisatp2bKMV7uuDXn+iRv3PqBdHlNZv3+9DcqZnrdfP7JD90478CDJ+SOW+5qdRz6HyeVBgvHoZ2Nm3PHEau683nx3HFEfZzV2TgxN//6OLGzcXpu/Po4vbNxdO7+qY+jO5sHyI1fnwc40se5BfN1mcZisdX5ujftODr99dnZGkdfmFM/03F0/5Qb9e2aYBwNAPDGiuP/eBkXx/+PZ9br9H323HFBl67bs38PpB7/6UM1rpztcd9sj1tne1w/2/MSR/q4eLbnhWZ3nuwtPy5OGzUuBgDgcBbH//EvEeaP/zsbnzQbv/VMGp8YnzeNb3x+mIzPj/T5L+N/74sXM/4HAHhzi+P/+GuP8e///ee0nP279cbpOfGN043Tp+s/LY/Tuz/PFnwO4I2dB2j4mhfzAAAAvBF6JkZKU3/P/qPpMvt79nm/l39xzvqtqqSXx5dt3zo6eslVW9at3T56yeYr141uu+TqrRu2bx/dXFuv03Fj7rglHTf2hEq6P5qvlx23LUj/HsKCnL+HkF0/hj1+4sbUv4eQbXZuwd8ROHj8Wss37/iVplm/Wf/IO9558T+Ss35UP/6Xf/z0S9Zvu2TD5g3bN6zduGHn6OT1xketfTP4vtS4W2b0famZH1OUZv69v93JozQlj550f+R9P3uSyWNhmsnCvO8/yMn7Z//1i586eezP94Ywckz57R3tv2Tl2H+6aPQD2/f9ast4/qVp86+vmeZV9H2l2fXj9lQ2Xrlt+2nrr7xqc/YbJdsT5zNK9fIszWekT/9yi/MTa3LqZ/o5hfKUG4enlucnAACYJL7/H69n4/uHX0gvoGJ96+P0zt4/zh2nj7Q2Ts9+L1nROD27ftzeVsfp1Q7H6dn2i8bpzdZvNk7PG3fnxf9Qzvoz1Xo/6exzHrn95NLW+kn2+wyK+kl2/eb9pJTbT5IO+0m2/aJ+0mz9Zv0k77jnxf9gzvp5Wu8PnX0uJ7c/3NFaf/jbTLmoP2TXn+l5o9Rhf8i2X9Qfmq3frD/kHd+8+BfkrN+qyf1jvGNM9IvRS66+cusnG9ab7e+/6Dy/2f3+j3a1nv/sfu5r9vOf3c+VzX7+nX2uLDf/pzubCWs9/9n9fpd2HbL52vTDZkWfPyuax12dUz/Tedw5U24cnszjwhsnjv/j2z1x/H9ruuz220BH/vek+R6zpvG79D1mRdcxXs/TZbMXzcOA13MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1vRWFk8s99207cAFx/3Lzz47+tr1//qjTTf8zbXf+d3w5f/00/v6vv363nUnrv/1Px91+UOfOHfPnV9/9NWBB/7yQmHgwYmflVPTYjWE5KUkhOqP93/5c3ufPHa8LgkhlJPBXSEsTBY9ujDJRBj5UwhhXT3PyXfe/9oZ68eXN9zaO6l+QSZIdrtCfznm05hnCNcUbhFHoGraz3YeuPq08Jt/XH3jL5Z8/3s9u1/cdXCVpNrQn0KYf2nj43tCCHPT/+Nib1scH5wuV4UQ+hoed05BXie1mP/ynPLx6XJOuuwviBPvX5oplzLrZctRT2bZV9Bep/LyaHe9IvMy5ezJqKbSdvy8PGP9wnT5w3R56gzjl+P/JJSSUKmnvzE52EdCw3FLQjJxLKv1cql+bEO6/ZlykimXMuVyT2a7JtpNO1o5SSbXx/Uy9fF0XEnrT5zIsZy73Rfm1L8tXVbTJ+rrsRyyN2r6p9yob9eEmNf+3EwOjVLDOahZff3ApwejP63rTxZNecxYE/G+vatvW1Ze89i+wZw8kvuSNH7SVvydP18472PfveWqxXnxLy2l8UttxX/+vKdevviWb30tN/4dMX65rfinP9z30nmP37Q0d//sj/un0lb8tS88cfuSoy/bnZv/XbX4z4RqW/FX7nmqd+DAw4/k5j8S98/ctuI/9573/fbeZx58MTd+iPH72oq/Zs+Wz/cOHTglN/4jcf/3t9d/Xtl99rNDQ78fzov/dIw/0Fb8e3bd+e67F9x6bu7xXRX3z2Bb8c8/+aEb5x148IRqXvy7uvXKCfDWdFR6jXVzWm53nNmphvHCV4crtWu+een/gW42lDHezvxZjA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvTL68786MXvfeDqytJCEnOOmNNxPvKc1auHG6j3bUvPHH7kqMv291Yt7iNOAAAAECxOA4v1WuqYXG4Opkbjm+6fpwjOD6Wksn12TmEGCc7R9BunFKX4pS7FKfSpTg9XYozp0txersUp1oQpxpaizN3mjiV8V7RYj590+bTepz+LsWZ16U4A+3HeXJ1Q5z5BXHi/F9RPgu6tF2D08ZpvR8u7FKcRV2Kc1SX4hzdpTjHdCnOX7URZ06TOMd2KZ/snPJM++FAuuZxeXEmbpQL41SScv2OZvPpx6btnNBhO/0F7QwUvR632M7cFts5KfO40gzbqbbYzl932E7SYjt/22E7pYJ2Yr+9JptfbCeWpm+nEuPs6CxO/Xm0s0txru1SnOu6FOfTXYrzmS7Fub7DOACtiuP/g+O9wdBb+fvQl55xsrMAcby7ZOLn1Ne7vBNSjPf2TP2conjZgXom3pKZ5pedQMjEW5qp75kUr1Ifj0wTr9oYb1nmzsLtzU4oZPI7NVPfWxQvO7EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALPol9ed+dGL3vvB1SEJ4/+aGmsi3lees3LlcBvt7l1927Lymsf2Ndb1VtoIBAAAABSK4/Ceek019FZWhN5kzqT1quk8QDUtlwdry6H5YdX4MhkuTZT7koXTPq6SPm759k1blm/bsfMdGzatvWL0itHN71px5oqzR846+6zl6zdsHB2p/QyhtyBeCGFi+mHbjp2fXLtx4+jWbbXKbP6L08ctTstJ+rihd4aR8eUNaf6LCtorTWlv9m4UHz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+P7t2FyLnVcYB/LwzszPTbWNW+jUNzWbIR4laNIlbSbV0XxAstEnIUpDZ6lqCTbC4aUKbSKxjG7CtCYrQEgiRXBiJxdbiTT9sEftBIFKjATcGaYv2Qi+UVitpyYWkjGR3zuzM7ExmHUvTxt/v4n1nznnOeebMxcL/3QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P01VR2ZqIyOjQ8mISRdamodxLlsPk3LffT98nPbf1AYPr2yeayQ62MjAAAAoKeYwwcaI8VQyGVDNlw1/W5paJoIs7kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/zNVHZmojI6NX5yEkHSpqXUQ57L5NC330ff1t5/4zCvDw39rHiv1sQ8AAADQW8zhmcZIMZTCsjCQXNVSF58NLGpb314X91k8z7r2Zwfd6pbNs+6aedZ9rEfdhvp9VwAAAIAPv5j/c42RoVDILeia/3vl+li3pK0uW7/381sBAAAA4H8T83+hMVIKhVypkdfnm/eXttXF9b3+bx/Xr+iyvtf/89fX7/5PDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfHlPVkYnK6Nh4Ngkh6VJT6yDOZfNpWu6j75rnB/9xy5EHlzaPFXJ9bAQAAAD0FHP4bPQuhkJuMAyEi6dz//BNB5/64lPPjIQQZmJ+Ph92bdqx4+41M9dYt/rYkYHvH33z23PqVs9cz9sBAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA98xUdWSiMjo2flESQtKlptZBnMvm07TcR9/XPveFvzx28tk3msdKfewDAAAA9BZz+Gz2L4ZSyId8uGL6XXPWPyvTtr7bMwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgwnHPN+/9+qbJyc13e+GFF140Xpzvv0wAAMB7bUlIQu2/dOXG8/2pAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAD4Kp6shEZXRsvJiEkHSpqXUQ57L5NC330Td97nhhwennX2weK/WxDwAAANBbzOGz2b8YSmEgDITLp991eiYwnf+H3scPCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHygTFVHJiqjY+MLkhCSLjW1DuJcNp+m5T76Prr7wGcPL/zezc1jhVwfGwEAAAA9xRyeb4wUQyH38VAIV9ffT7YuSLL1e+fnArPrtrcsG5z3umrLuuy81+1pO1mufpqZdcW439DMvbGuPHdduWldKTTal1vWhX0tqxb0+JwBAAAAzqOY/wuNkaFQyBWacu5PW+qH5FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoIup6shEZXRsPElCSLrU1DqIc9l8mpb76Hvvbz96yVd+tndn81ipj30AAACA3mIOn83+xVAKi8NHwuLp3B+GWutj3T8rZw4/8q+/rgxh1RUnhnPt2/4ovvj1aze+0H4JIdNanQlhYb1f0qXfb37/SHZ57cxjIay6PHv1nH7h3P1at0xrT1c2r99x9MT2Hl8OAAAAXCBi/h9ojAyFQu6urvk/Ju8e+b9hOoAv/MbuX1xWv9YTeduKzFC9X6ZLv88vf+LPK9b+/c2z+f9c/T51YOvhy1oazoy0SdLa6NadG05cdygTTz3TP9vWP34vX/rWG//esuvhMzP9i6FYH1+Uy3XoP/fa5qK0NpnZP77u3f3V1v65Lud/8HcvnvzVor3vnO3/9pLBRv9rznH+c/cfvPWhfdcfOLKhtX8Iodyp/1vv3Byu/OOdD7Sff7Bt4+ZvvvnaJklrx5aeOrT2YOmG1v5JW//4/f/85KP7fvLwd5+J/eNvRVYum2//TFv/l/dcuvul+zcuau2f6XL+F257ZXhb+Tt/aD//HS275rp+irnnf/zaJ29/dVN6X/sUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAhWWqOjJRGR0bzyQhJF1qah3EuWw+Tct99H39luNv3bb3xz+ceVeYvpb6OgEAAADQS8zhs9m/GEohH/JhcDr3P13ZvH7H0RPbw9DMbFK/5ya33bPjE1u27bzrjvP0yQEAAID5ivk/1xgZCoXc8jBQz/+jW3duOHHdoUzM/5mY/7fcObl5VWjUvbzn0t0v3b9xUeM5QQjTPwsonq379GzdTTceHzr1p6+t6Fi3Zrbu2NJTh9YeLN0Q60Jz3erQeD7x+LVP3v7qpvS+xudrrvvkV7dN1h9PxH0Hb31o3/UHjmxonKN+H6zvG+smM/vH1727vxrrsvV7sX5uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCuqerIRGV0bDxkQ0i61NQ6iHPZfJqW++i7bvkvH7jk9LOLm8cKuT42AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+ww4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX26yc0jrKPA/jz7G7ebLNJm7QvWBXTtCpKPVgURPSioiKtSMFTpUi1tQdREESUejCVVixV8SJYvRRRQY1SULCxWFolFf8VLx5UUKgehFIMaEPxYCS7z2w3k4xrJ1VQPx9Ynv09O/Od38w8O5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP0hP+92RnQ9O3XbeTZ88fs/Jx2557/7tlzz6+g8jm2/4eF/fK6cmtqzc+vWNyzYfuHft+J4XD/8y8M5vx7pGP9IaVqeyHkI8EUOovz/53BMTn54zMxdDCNU4OBrCUFx6eCjmEtb8GkLYkore2uwP3z555daZcfvu3lnzS3Ih+fMKjWrWT8vg7H75d6mndbZt6uHLwrfXb9jx+Yq33uwZOz56epNY71hPISze1Ln/zDdkUXrNyFbb8mznNK4PIfR17Hd1l74u/JP9X15Qn5/G/6Wx0SUn+3xVrq7ktsvXmZ7c2NfleAtV1EfZ7brpz9X5h9FCFfWZzQ+l8d00rj7D/Gr2iqESQ63d/n3x9BoJHfcthti8l/V2Xen4NWidf66OubqSq6s9ufNqHjcttGqMs+ez7XLz2eO4luZXdj6r53F7wfy5aaynL+qprA75Ny2NOW/a59WU9TX5B738HSodz6D55ts3Pt2MRpprxKVz9pmeozadfTax4amLqxs/ODJY0EfcF1N+PIP86Xb+ts+G+u98Y9dDy4vyN1VSfqVU/nfrjv50x66XXijMfzbLr5bKv+Jg34l1H+5cVXh9JrPrUyuVf9exj55e8f+7x+a71838vVl+vVT+deNHewemDh4q7H9Ndn0Wlcr/5tqbv3/ty/3HC/NDlt9XKn/j+APP9A5PXVqYf6j1VWg0V2iJ9fPz2FVfDQ//OFKU/0V2/QfmyY9d818d3XPNy0t2ry1cn+uz6zNYqv9bLzqwo39q/wVFz86492z9cgL8Ny1Lf2M9meqy/2cuVMf/C8+P1Fq/QP3pNXA2D5Qzc5zFf2E+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOztwQAIAAAAg6P/rdgQKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATwUAAP//LD0uGQ==")
r4 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x161281, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
sendfile(r5, r5, &(0x7f0000000140)=0x1, 0x6)
write$binfmt_aout(r5, &(0x7f0000000400)=ANY=[@ANYRES32=r4, @ANYRESHEX=r5], 0xff2e)
syz_open_pts(r4, 0x0) (async)
r6 = syz_open_pts(r4, 0x0)
dup3(r6, r4, 0x0)
io_setup(0xbc, 0x0) (async)
io_setup(0xbc, 0x0)
io_submit(0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f00000011c0)={0xc}) (async)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f00000011c0)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r7, 0x3b82, 0x0)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x40, 0x0, 0x0) (async)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x40, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$hfs(&(0x7f0000000280), &(0x7f00000000c0)='./bus\x00', 0x100c0d4, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r6, @ANYRES64=r8], 0x1, 0x270, &(0x7f0000000540)="$eJzs3UFrE0EYxvFnNrFGW+raVgTxINWCJ2nrRbwI0m/gxZOoTYRiqKAV1IvVs/gBvPsV/BCexLPgzZPee6vMuxOzSbPZNCZOEv8/SNhk5915Jzvp7JtQIgD/rdtb3z9e/+FvTqqoIummlEiqSVVJ53S+9nx3b2ev2aj3O1DFIvzNKYt0R9ps7zZ6hfo4iwhS/6iqhfxzGI/at9gZYBLYuz/zK/98Ip0M707bX4uS3ejtx04gMnegA73QYuw8AABxhfU/Cev8Qrh+TxJpLSz7nev/lC+gB7ETiCy3/luVdej8+T1ju9r1npVwfn/SqhKH6WtO2cyqdCRQVlVaLsmpRzvNxrXtJ816ore6FeSardh9PZu6Lfls3xw99GqP2rSP4cc+b2M44cewWZD/8mh7LOc+uy/unkv1QfU/13/VQ+dPk52ptOtMZfmvFx/RRplmrQpGedY6uRB6CPqOsqKuNPLmwjE7PiBIy/K0qKWuqGx0GyVRyz2jNkuiVrqj2rO5OHLc3Ht3163qpz5pK3f9n/hXe02DvDN9G2sZZkbf8VStZWrribtkT+1f7NkyGXpIOL53eqgbWnz28tXjB81m4ykbQ2y8Di/mpOQz6EZrEkxKPjO74V/kKL1X/3pmRvmrhH+sfdKPGch3M7PCX3e5rP7L1SvrViL5u7TPdfph2cFzR9woqA2W7P50cQXXwdlHD/NyRV9FDFpzXb4qXRmkx0wa8pwRbktfdZ/P/wEAAAAAAAAAAAAAAAAAAKbN6P7loKaiXbHHCAAAAAAAAAAAAAAAAAAAAADAtJu43/+9o+wRv/8LjN3vAAAA//9nXXUi") (async)
syz_mount_image$hfs(&(0x7f0000000280), &(0x7f00000000c0)='./bus\x00', 0x100c0d4, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r6, @ANYRES64=r8], 0x1, 0x270, &(0x7f0000000540)="$eJzs3UFrE0EYxvFnNrFGW+raVgTxINWCJ2nrRbwI0m/gxZOoTYRiqKAV1IvVs/gBvPsV/BCexLPgzZPee6vMuxOzSbPZNCZOEv8/SNhk5915Jzvp7JtQIgD/rdtb3z9e/+FvTqqoIummlEiqSVVJ53S+9nx3b2ev2aj3O1DFIvzNKYt0R9ps7zZ6hfo4iwhS/6iqhfxzGI/at9gZYBLYuz/zK/98Ip0M707bX4uS3ejtx04gMnegA73QYuw8AABxhfU/Cev8Qrh+TxJpLSz7nev/lC+gB7ETiCy3/luVdej8+T1ju9r1npVwfn/SqhKH6WtO2cyqdCRQVlVaLsmpRzvNxrXtJ816ore6FeSardh9PZu6Lfls3xw99GqP2rSP4cc+b2M44cewWZD/8mh7LOc+uy/unkv1QfU/13/VQ+dPk52ptOtMZfmvFx/RRplmrQpGedY6uRB6CPqOsqKuNPLmwjE7PiBIy/K0qKWuqGx0GyVRyz2jNkuiVrqj2rO5OHLc3Ht3163qpz5pK3f9n/hXe02DvDN9G2sZZkbf8VStZWrribtkT+1f7NkyGXpIOL53eqgbWnz28tXjB81m4ykbQ2y8Di/mpOQz6EZrEkxKPjO74V/kKL1X/3pmRvmrhH+sfdKPGch3M7PCX3e5rP7L1SvrViL5u7TPdfph2cFzR9woqA2W7P50cQXXwdlHD/NyRV9FDFpzXb4qXRmkx0wa8pwRbktfdZ/P/wEAAAAAAAAAAAAAAAAAAKbN6P7loKaiXbHHCAAAAAAAAAAAAAAAAAAAAADAtJu43/+9o+wRv/8LjN3vAAAA//9nXXUi")
creat(0x0, 0x0) (async)
creat(0x0, 0x0)

3.406685209s ago: executing program 6 (id=4114):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000ef0000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x7, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x7, 0x12)
writev(r2, &(0x7f0000000100)=[{&(0x7f00000002c0)='h', 0x1}], 0x1)

2.336564194s ago: executing program 6 (id=4115):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x1f, 0x0, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb7f0200017f", 0x0, 0x104, 0x6000000000000000, 0x10c, 0x0, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x50)

2.205761125s ago: executing program 1 (id=4116):
r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000005c0)={0x1, @sdr={0x34565559, 0x3}})

1.397285363s ago: executing program 1 (id=4117):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000580)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @local}}}})
recvmmsg(0xffffffffffffffff, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}, 0x73}], 0x1, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40048d5}, 0x200041d4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10000000, 0xfffffffffffffffe, 0x100, 0x0, 0x0, 0x5]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x2, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.291417541s ago: executing program 6 (id=4118):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01327800ac5f00001c0012000c000100626f6e64000000"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x28, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r5}]}, 0x28}}, 0x8000)

184.438238ms ago: executing program 6 (id=4119):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'veth1_macvtap\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x4b, 0xc, "4b721b782a17a7b6a00d923e"}})

0s ago: executing program 1 (id=4120):
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f00000022c0)={0x80000011, 0x200000c, 0xa, 0x44, 0x7263c, 0x7d3836c6cfdc7f7})
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000440)={0x34, &(0x7f00000001c0)={0x0, 0x14, 0xb, "ff02a7bb8fd19766338fc1"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f00000008c0)={0x44, &(0x7f0000000740)={0x40, 0xc, 0x4, "05cd10bd"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(0xffffffffffffffff, &(0x7f0000000100)={0x14, &(0x7f0000000080)={0x40, 0x3, 0x60, {0x60, 0x2f, "43f957a9d1e509df27f65a4f19bc34cfbc48c62946155f4821ce82c3a944bfc687ff420a0fdcba65c76b5305652adddca9ccdc0e372731a223f39b83b73286c541382449eda21d9ffbc0e6b71f95352d1722e74161332fb705ba5e42f3ec"}}, &(0x7f0000000000)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x280a}}}, &(0x7f0000000480)={0x34, &(0x7f0000000200)={0x40, 0x10, 0xc9, "87aa00a9e3714ff193c7ff981c9f136b2f1a194d8838ff181c2eadc95dc9d1096db7b7c37175711e4f9e40656393fab43225247dd33319276f6f8410e34be636d934d3bf873df63811a2c257d9319eec9c46412b80b4606cd435a42acd47d07a2f587573baf6c4dfb8c9892445d928e900e5db1c61ed8db062b70913110252591160e508d353a107a8a18e0c501e82101a0723ce4c0fb8552c1687cdb97d631f3596bea28b90e74cf9c1846d9e233866cacd6756e7a4c992ae672afad283ae0178faffb3f183d77a1f"}, &(0x7f0000000140)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000180)={0x0, 0x8, 0x1, 0x7f}, &(0x7f0000000300)={0x20, 0x0, 0x80, {0x7e, "79d5f75e545b79051b1575685d0a7fd73811ef95abf070e5bfda155f62290eb4e50ee6a48b893082fb3401d6511a3c1ba28f9575bd5eb17e2da10f2f4d439db98a61ec8af9d8abe48227dca5dae3b7db108455c63f69befad8a4c081cff68ed34b1ee9408460ad2d1f87d115536ee2e25301c343d3aa7076c3773b8b7c13"}}, &(0x7f00000003c0)={0x20, 0x1, 0x1, 0x6}, &(0x7f0000000400)={0x20, 0x0, 0x1, 0x2}})
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)

kernel console output (not intermixed with test programs):

00000000 R09: 0000000000000000
[ 1575.208637][T17765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1575.208710][T17765] R13: 0000000000000000 R14: 00007f57387a5fa0 R15: 00007ffd783aa3d8
[ 1575.208811][T17765]  </TASK>
[ 1575.290287][ T5865] get_1284_register timeout
[ 1575.435699][ T5865] uss720 7-1:0.125: probe with driver uss720 failed with error -5
[ 1575.435975][    C1] usb 7-1: async_complete: urb error -104
[ 1575.613854][T17768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1575.623615][T17768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1576.150420][T15845] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1576.362082][T17777] FAULT_INJECTION: forcing a failure.
[ 1576.362082][T17777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1576.375743][T17777] CPU: 0 UID: 0 PID: 17777 Comm: syz.3.3827 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1576.375868][T17777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1576.375941][T17777] Call Trace:
[ 1576.375986][T17777]  <TASK>
[ 1576.376029][T17777]  dump_stack_lvl+0x216/0x2d0
[ 1576.376198][T17777]  dump_stack+0x1e/0x24
[ 1576.376346][T17777]  should_fail_ex+0x748/0x7f0
[ 1576.376506][T17777]  should_fail+0x2a/0x40
[ 1576.376643][T17777]  should_fail_usercopy+0x2e/0x40
[ 1576.376794][T17777]  _copy_from_user+0x35/0x110
[ 1576.376944][T17777]  ___sys_sendmsg+0x120/0x3c0
[ 1576.377091][T17777]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1576.377241][T17777]  ? __rcu_read_unlock+0x7b/0xe0
[ 1576.377421][T17777]  ? __fget_files+0x42b/0x500
[ 1576.377567][T17777]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1576.377702][T17777]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1576.377850][T17777]  __x64_sys_sendmsg+0x212/0x3c0
[ 1576.377994][T17777]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1576.378130][T17777]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1576.378276][T17777]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1576.378419][T17777]  x64_sys_call+0x2ed6/0x3c30
[ 1576.378589][T17777]  do_syscall_64+0xcd/0x1e0
[ 1576.378711][T17777]  ? clear_bhb_loop+0x25/0x80
[ 1576.378834][T17777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1576.379013][T17777] RIP: 0033:0x7ff45358cd29
[ 1576.379105][T17777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1576.379208][T17777] RSP: 002b:00007ff4543b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1576.379332][T17777] RAX: ffffffffffffffda RBX: 00007ff4537a5fa0 RCX: 00007ff45358cd29
[ 1576.379426][T17777] RDX: 0000000062004080 RSI: 0000000020000080 RDI: 0000000000000005
[ 1576.379506][T17777] RBP: 00007ff4543b5090 R08: 0000000000000000 R09: 0000000000000000
[ 1576.379585][T17777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1576.379661][T17777] R13: 0000000000000000 R14: 00007ff4537a5fa0 R15: 00007ffca70e59d8
[ 1576.379768][T17777]  </TASK>
[ 1576.392399][T17768] loop6: detected capacity change from 0 to 4096
[ 1576.683315][T17768] EXT4-fs: Ignoring removed nobh option
[ 1576.771695][T17768] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1576.890683][T10165] usb 7-1: USB disconnect, device number 15
[ 1577.510450][T15845] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 1577.519018][T15845] Bluetooth: hci0: Injecting HCI hardware error event
[ 1577.533255][T15845] Bluetooth: hci0: hardware error 0x00
[ 1577.709091][T17785] loop5: detected capacity change from 0 to 512
[ 1577.740769][T17788] loop3: detected capacity change from 0 to 256
[ 1577.745740][T17785] EXT4-fs: Ignoring removed orlov option
[ 1577.829144][T17785] EXT4-fs error (device loop5): ext4_orphan_get:1389: inode #15: comm syz.5.3830: casefold flag without casefold feature
[ 1577.843349][T16323] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1577.898657][T17788] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1577.902436][T17785] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.3830: couldn't read orphan inode 15 (err -117)
[ 1577.952837][T17785] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1578.094243][   T29] audit: type=1804 audit(1737675162.655:911): pid=17785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3830" name="/newroot/49/bus/file1" dev="overlay" ino=296 res=1 errno=0
[ 1578.209010][   T29] audit: type=1804 audit(1737675162.705:912): pid=17785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3830" name="/newroot/49/bus/file1" dev="overlay" ino=296 res=1 errno=0
[ 1578.231506][   T29] audit: type=1800 audit(1737675162.705:913): pid=17785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3830" name="file1" dev="overlay" ino=296 res=0 errno=0
[ 1578.579754][ T5785] Bluetooth: hci3: unexpected event for opcode 0x0000
[ 1578.675939][T17016] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1578.852249][T17791] loop6: detected capacity change from 0 to 1024
[ 1578.929214][T17791] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[ 1579.020875][T17791] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1579.032576][T17791] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[ 1579.042685][T17791] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1579.140673][T17791] journal_load_superblock: Cannot read journal superblock
[ 1579.148173][T17791] EXT4-fs (loop6): Could not load journal inode
[ 1579.613613][T15845] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1580.381170][T17805] FAULT_INJECTION: forcing a failure.
[ 1580.381170][T17805] name failslab, interval 1, probability 0, space 0, times 0
[ 1580.395233][T17805] CPU: 0 UID: 0 PID: 17805 Comm: syz.3.3839 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1580.395361][T17805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1580.395436][T17805] Call Trace:
[ 1580.395482][T17805]  <TASK>
[ 1580.395527][T17805]  dump_stack_lvl+0x216/0x2d0
[ 1580.395701][T17805]  dump_stack+0x1e/0x24
[ 1580.395845][T17805]  should_fail_ex+0x748/0x7f0
[ 1580.396013][T17805]  should_failslab+0x17f/0x210
[ 1580.396158][T17805]  kmem_cache_alloc_node_noprof+0xf4/0xe00
[ 1580.396339][T17805]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1580.396527][T17805]  ? __alloc_skb+0x1e9/0x7b0
[ 1580.396650][T17805]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1580.396796][T17805]  __alloc_skb+0x1e9/0x7b0
[ 1580.396936][T17805]  netlink_alloc_large_skb+0x1b4/0x280
[ 1580.397097][T17805]  netlink_sendmsg+0xa96/0x11e0
[ 1580.397280][T17805]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1580.397443][T17805]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1580.397606][T17805]  __sock_sendmsg+0x30f/0x380
[ 1580.397773][T17805]  sock_write_iter+0x365/0x3d0
[ 1580.397949][T17805]  ? __pfx_sock_write_iter+0x10/0x10
[ 1580.398107][T17805]  do_iter_readv_writev+0x93a/0xbc0
[ 1580.398247][T17805]  ? __pfx_sock_write_iter+0x10/0x10
[ 1580.398406][T17805]  vfs_writev+0x56a/0x14f0
[ 1580.398568][T17805]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1580.398751][T17805]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1580.398887][T17805]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1580.399041][T17805]  do_writev+0x247/0x5c0
[ 1580.399193][T17805]  __x64_sys_writev+0x98/0xe0
[ 1580.399317][T17805]  x64_sys_call+0x24e5/0x3c30
[ 1580.399489][T17805]  do_syscall_64+0xcd/0x1e0
[ 1580.399611][T17805]  ? clear_bhb_loop+0x25/0x80
[ 1580.399735][T17805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1580.399920][T17805] RIP: 0033:0x7ff45358cd29
[ 1580.400016][T17805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1580.400127][T17805] RSP: 002b:00007ff4543b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1580.400244][T17805] RAX: ffffffffffffffda RBX: 00007ff4537a5fa0 RCX: 00007ff45358cd29
[ 1580.400338][T17805] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003
[ 1580.400415][T17805] RBP: 00007ff4543b5090 R08: 0000000000000000 R09: 0000000000000000
[ 1580.400494][T17805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1580.400566][T17805] R13: 0000000000000000 R14: 00007ff4537a5fa0 R15: 00007ffca70e59d8
[ 1580.400684][T17805]  </TASK>
[ 1581.510544][ T5865] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1581.620262][T10178] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1581.680853][ T5865] usb 6-1: Using ep0 maxpacket: 32
[ 1581.705971][ T5865] usb 6-1: config 0 has an invalid interface number: 151 but max is 0
[ 1581.714942][ T5865] usb 6-1: config 0 has no interface number 0
[ 1581.721460][ T5865] usb 6-1: config 0 interface 151 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 528
[ 1581.788719][ T5865] usb 6-1: New USB device found, idVendor=0403, idProduct=e548, bcdDevice=ad.d6
[ 1581.798544][ T5865] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1581.806958][ T5865] usb 6-1: Product: syz
[ 1581.811589][ T5865] usb 6-1: Manufacturer: syz
[ 1581.816392][ T5865] usb 6-1: SerialNumber: syz
[ 1581.823835][T17621] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[ 1581.841348][T10178] usb 4-1: Using ep0 maxpacket: 16
[ 1581.858685][ T5865] usb 6-1: config 0 descriptor??
[ 1581.868571][T17809] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1581.882514][T10178] usb 4-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1581.891493][T10178] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1581.900380][T10178] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1581.908979][T10178] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1581.918182][T10178] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1581.927567][T10178] usb 4-1: config 0 has no interface number 0
[ 1581.934134][T10178] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1581.945683][T10178] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1581.959094][T10178] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1581.970492][T10178] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1581.984232][T10178] usb 4-1: config 0 interface 125 has no altsetting 0
[ 1581.991432][T10178] usb 4-1: config 0 interface 125 has no altsetting 2
[ 1582.013381][ T5865] ftdi_sio 6-1:0.151: FTDI USB Serial Device converter detected
[ 1582.024736][ T5865] ftdi_sio ttyUSB0: unknown device type: 0xadd6
[ 1582.091710][T17621] usb 7-1: device descriptor read/64, error -71
[ 1582.105204][T10178] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1582.114957][T10178] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1582.123844][T10178] usb 4-1: Product: syz
[ 1582.128214][T10178] usb 4-1: Manufacturer: syz
[ 1582.133113][T10178] usb 4-1: SerialNumber: syz
[ 1582.173267][T10178] usb 4-1: config 0 descriptor??
[ 1582.198431][T10178] usb 4-1: selecting invalid altsetting 2
[ 1582.278854][T17809] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1582.288852][T17809] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1582.361873][T17621] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[ 1582.407018][T17812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1582.417169][T17812] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1582.446991][T17809] loop5: detected capacity change from 0 to 512
[ 1582.510924][T17809] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1582.547310][T17621] usb 7-1: device descriptor read/64, error -71
[ 1582.610510][T10165] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[ 1582.631721][ T5785] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1582.640552][ T5785] Bluetooth: hci3: Injecting HCI hardware error event
[ 1582.648357][ T5785] Bluetooth: hci3: hardware error 0x00
[ 1582.658930][T17809] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1582.683045][T17809] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1582.685276][T17621] usb usb7-port1: attempt power cycle
[ 1582.792560][   T29] audit: type=1800 audit(1737675167.345:914): pid=17809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3841" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1582.829264][   T29] audit: type=1800 audit(1737675167.385:915): pid=17822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3841" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1582.858873][T17809] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1582.884113][T17809] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1582.893169][T10165] usb 2-1: Using ep0 maxpacket: 32
[ 1582.956278][T10165] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[ 1582.964823][T10165] usb 2-1: config 0 has no interface number 0
[ 1582.998192][T17824] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3845'.
[ 1583.014214][T17824] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3845'.
[ 1583.060508][T10165] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1583.070055][T10165] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1583.087126][T10165] usb 2-1: Product: syz
[ 1583.094547][T10165] usb 2-1: Manufacturer: syz
[ 1583.099357][T10165] usb 2-1: SerialNumber: syz
[ 1583.144425][T10165] usb 2-1: config 0 descriptor??
[ 1583.161851][T10165] smsc95xx v2.0.0
[ 1583.168945][T17621] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[ 1583.194901][T15845] Bluetooth: hci2: command 0x0406 tx timeout
[ 1583.198971][ T5865] usb 6-1: USB disconnect, device number 3
[ 1583.214079][ T5865] ftdi_sio 6-1:0.151: device disconnected
[ 1583.295297][T17621] usb 7-1: device descriptor read/8, error -71
[ 1583.313979][T10178] get_1284_register timeout
[ 1583.318928][    C1] usb 4-1: async_complete: urb error -104
[ 1583.325300][T10178] uss720 4-1:0.125: probe with driver uss720 failed with error -5
[ 1583.528538][T17825] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1583.538648][T17825] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1583.551799][T17621] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 1583.600762][T10165] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1583.611923][T10165] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1583.654742][T17621] usb 7-1: device descriptor read/8, error -71
[ 1583.772868][T17621] usb usb7-port1: unable to enumerate USB device
[ 1583.874446][T17016] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1583.878494][   T10] usb 4-1: USB disconnect, device number 9
[ 1584.480866][T17829] loop5: detected capacity change from 0 to 1024
[ 1584.540113][T17829] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[ 1584.584812][T17829] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1584.596502][T17829] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[ 1584.606606][T17829] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1584.690745][T17829] journal_load_superblock: Cannot read journal superblock
[ 1584.698296][T17829] EXT4-fs (loop5): Could not load journal inode
[ 1584.710595][ T5785] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1585.278264][T10165] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000038: -61
[ 1585.298778][T10165] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -61
[ 1586.064162][T17847] loop1: detected capacity change from 0 to 256
[ 1586.075690][T17839] loop7: detected capacity change from 0 to 256
[ 1586.477802][T17841] loop6: detected capacity change from 0 to 40427
[ 1586.498431][T17841] F2FS-fs (loop6): invalid crc value
[ 1586.571867][T17841] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1586.854042][T17841] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1586.899203][   T29] audit: type=1800 audit(1737675171.455:916): pid=17841 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3853" name="file1" dev="loop6" ino=10 res=0 errno=0
[ 1587.032695][T16323] syz-executor: attempt to access beyond end of device
[ 1587.032695][T16323] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[ 1587.047487][T16323] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[ 1587.054852][T16323] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[ 1587.678270][T17621] usb 2-1: USB disconnect, device number 18
[ 1588.206003][T10165] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1588.460056][T10165] usb 4-1: Using ep0 maxpacket: 16
[ 1588.477104][T10165] usb 4-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1588.486048][T10165] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1588.494674][T10165] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1588.512208][T10165] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1588.525357][T10165] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1588.534714][T10165] usb 4-1: config 0 has no interface number 0
[ 1588.541168][T10165] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1588.552603][T10165] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1588.562896][T10165] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1588.573122][T10165] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1588.589725][T10165] usb 4-1: config 0 interface 125 has no altsetting 0
[ 1588.598302][T10165] usb 4-1: config 0 interface 125 has no altsetting 2
[ 1588.874014][T17872] FAULT_INJECTION: forcing a failure.
[ 1588.874014][T17872] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1588.887730][T17872] CPU: 1 UID: 0 PID: 17872 Comm: syz.1.3863 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1588.887857][T17872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1588.887942][T17872] Call Trace:
[ 1588.887989][T17872]  <TASK>
[ 1588.888036][T17872]  dump_stack_lvl+0x216/0x2d0
[ 1588.888212][T17872]  dump_stack+0x1e/0x24
[ 1588.888359][T17872]  should_fail_ex+0x748/0x7f0
[ 1588.888524][T17872]  should_fail+0x2a/0x40
[ 1588.888659][T17872]  should_fail_usercopy+0x2e/0x40
[ 1588.888813][T17872]  _copy_from_user+0x35/0x110
[ 1588.888974][T17872]  ___sys_sendmsg+0x120/0x3c0
[ 1588.889119][T17872]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1588.889272][T17872]  ? __rcu_read_unlock+0x7b/0xe0
[ 1588.889446][T17872]  ? __fget_files+0x42b/0x500
[ 1588.889594][T17872]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1588.889729][T17872]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1588.889874][T17872]  __x64_sys_sendmsg+0x212/0x3c0
[ 1588.890024][T17872]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1588.890159][T17872]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1588.890299][T17872]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1588.890442][T17872]  x64_sys_call+0x2ed6/0x3c30
[ 1588.890612][T17872]  do_syscall_64+0xcd/0x1e0
[ 1588.890737][T17872]  ? clear_bhb_loop+0x25/0x80
[ 1588.890859][T17872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1588.891039][T17872] RIP: 0033:0x7f573858cd29
[ 1588.891131][T17872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1588.891242][T17872] RSP: 002b:00007f5739465038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1588.891358][T17872] RAX: ffffffffffffffda RBX: 00007f57387a5fa0 RCX: 00007f573858cd29
[ 1588.891444][T17872] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1588.891521][T17872] RBP: 00007f5739465090 R08: 0000000000000000 R09: 0000000000000000
[ 1588.891596][T17872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1588.891668][T17872] R13: 0000000000000000 R14: 00007f57387a5fa0 R15: 00007ffd783aa3d8
[ 1588.891770][T17872]  </TASK>
[ 1588.923679][T10165] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1588.928080][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1588.932864][T10165] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1589.151302][T10165] usb 4-1: Product: syz
[ 1589.155682][T10165] usb 4-1: Manufacturer: syz
[ 1589.160685][T10165] usb 4-1: SerialNumber: syz
[ 1589.207018][T17870] loop5: detected capacity change from 0 to 1024
[ 1589.300362][T17870] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[ 1589.347686][T17870] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1589.359592][T17870] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[ 1589.369756][T17870] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1589.413415][T17870] journal_load_superblock: Cannot read journal superblock
[ 1589.421223][T17870] EXT4-fs (loop5): Could not load journal inode
[ 1589.502966][T10165] usb 4-1: config 0 descriptor??
[ 1589.558312][T10165] usb 4-1: selecting invalid altsetting 2
[ 1589.710877][   T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1589.760777][T17861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1589.770916][T17861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1589.906381][   T10] usb 2-1: config 0 has an invalid interface number: 100 but max is 0
[ 1589.920535][   T10] usb 2-1: config 0 has no interface number 0
[ 1589.926849][   T10] usb 2-1: config 0 interface 100 altsetting 0 endpoint 0x4 has invalid maxpacket 512, setting to 64
[ 1589.948618][   T10] usb 2-1: config 0 interface 100 altsetting 0 has an endpoint descriptor with address 0x12, changing to 0x2
[ 1589.963527][   T10] usb 2-1: config 0 interface 100 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1590.262617][T17878] FAULT_INJECTION: forcing a failure.
[ 1590.262617][T17878] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1590.276518][T17878] CPU: 0 UID: 0 PID: 17878 Comm: syz.5.3866 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1590.276645][T17878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1590.276720][T17878] Call Trace:
[ 1590.276766][T17878]  <TASK>
[ 1590.276810][T17878]  dump_stack_lvl+0x216/0x2d0
[ 1590.276982][T17878]  dump_stack+0x1e/0x24
[ 1590.277133][T17878]  should_fail_ex+0x748/0x7f0
[ 1590.277293][T17878]  should_fail+0x2a/0x40
[ 1590.277427][T17878]  should_fail_usercopy+0x2e/0x40
[ 1590.277583][T17878]  _copy_from_user+0x35/0x110
[ 1590.277733][T17878]  ___sys_recvmsg+0x102/0x840
[ 1590.277890][T17878]  ? __rcu_read_unlock+0x7b/0xe0
[ 1590.278064][T17878]  ? __fget_files+0x42b/0x500
[ 1590.278215][T17878]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1590.278357][T17878]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1590.278508][T17878]  __x64_sys_recvmsg+0x20f/0x3b0
[ 1590.278659][T17878]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1590.278795][T17878]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1590.278935][T17878]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1590.279079][T17878]  x64_sys_call+0xe16/0x3c30
[ 1590.279255][T17878]  do_syscall_64+0xcd/0x1e0
[ 1590.279378][T17878]  ? clear_bhb_loop+0x25/0x80
[ 1590.279501][T17878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1590.279678][T17878] RIP: 0033:0x7f3b84f8cd29
[ 1590.279786][T17878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1590.279894][T17878] RSP: 002b:00007f3b85df0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1590.280014][T17878] RAX: ffffffffffffffda RBX: 00007f3b851a5fa0 RCX: 00007f3b84f8cd29
[ 1590.280112][T17878] RDX: 0000000000010100 RSI: 0000000020000040 RDI: 0000000000000004
[ 1590.280193][T17878] RBP: 00007f3b85df0090 R08: 0000000000000000 R09: 0000000000000000
[ 1590.280270][T17878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1590.280347][T17878] R13: 0000000000000000 R14: 00007f3b851a5fa0 R15: 00007ffc5054ff88
[ 1590.280450][T17878]  </TASK>
[ 1590.739385][T17861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1590.750024][T17861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1590.839088][T17876] loop7: detected capacity change from 0 to 40427
[ 1590.864737][T17876] F2FS-fs (loop7): invalid crc value
[ 1590.876479][T10165] get_1284_register timeout
[ 1590.883238][T10165] uss720 4-1:0.125: probe with driver uss720 failed with error -5
[ 1590.891489][    C0] usb 4-1: async_complete: urb error -104
[ 1590.920947][   T10] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=3c.ad
[ 1590.931041][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1590.939260][   T10] usb 2-1: Product: syz
[ 1590.943763][   T10] usb 2-1: Manufacturer: syz
[ 1590.948554][   T10] usb 2-1: SerialNumber: syz
[ 1591.012809][T17876] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1591.016171][   T10] usb 2-1: config 0 descriptor??
[ 1591.074095][T17874] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1591.124496][   T10] port100 2-1:0.100: NFC: Could not find bulk-in or bulk-out endpoint
[ 1591.292792][T17876] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1591.326787][T17874] fuse: Bad value for 'fd'
[ 1591.361991][   T29] audit: type=1800 audit(1737675175.905:917): pid=17876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3865" name="file1" dev="loop7" ino=10 res=0 errno=0
[ 1591.495054][T15191] syz-executor: attempt to access beyond end of device
[ 1591.495054][T15191] loop7: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[ 1591.509539][T15191] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[ 1591.521561][T15191] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[ 1592.143678][T10165] usb 2-1: USB disconnect, device number 19
[ 1592.687076][   T10] usb 4-1: USB disconnect, device number 10
[ 1593.332769][T16378] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1593.550830][T16378] usb 4-1: Using ep0 maxpacket: 16
[ 1593.595258][T16378] usb 4-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1593.604219][T16378] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1593.612847][T16378] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1593.630469][T16378] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1593.641818][T16378] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1593.651068][T16378] usb 4-1: config 0 has no interface number 0
[ 1593.657371][T16378] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1593.668901][T16378] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1593.679222][T16378] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1593.689395][T16378] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1593.703052][T16378] usb 4-1: config 0 interface 125 has no altsetting 0
[ 1593.710166][T16378] usb 4-1: config 0 interface 125 has no altsetting 2
[ 1593.765410][T17900] FAULT_INJECTION: forcing a failure.
[ 1593.765410][T17900] name failslab, interval 1, probability 0, space 0, times 0
[ 1593.779041][T17900] CPU: 0 UID: 0 PID: 17900 Comm: syz.1.3871 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1593.779163][T17900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1593.779237][T17900] Call Trace:
[ 1593.779285][T17900]  <TASK>
[ 1593.779329][T17900]  dump_stack_lvl+0x216/0x2d0
[ 1593.779515][T17900]  dump_stack+0x1e/0x24
[ 1593.779658][T17900]  should_fail_ex+0x748/0x7f0
[ 1593.779816][T17900]  should_failslab+0x17f/0x210
[ 1593.779960][T17900]  __kmalloc_noprof+0x176/0x1230
[ 1593.780127][T17900]  ? kfree+0x20/0xdb0
[ 1593.780268][T17900]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1593.780409][T17900]  ? tomoyo_realpath_from_path+0x104/0xaa0
[ 1593.780602][T17900]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1593.780743][T17900]  tomoyo_realpath_from_path+0x104/0xaa0
[ 1593.780934][T17900]  ? __srcu_read_lock+0x76/0xd0
[ 1593.781071][T17900]  tomoyo_path_number_perm+0x1d9/0x8f0
[ 1593.781226][T17900]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1593.781420][T17900]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1593.781561][T17900]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1593.781733][T17900]  tomoyo_file_ioctl+0x3f/0x50
[ 1593.781859][T17900]  security_file_ioctl+0x145/0x590
[ 1593.782015][T17900]  __se_sys_ioctl+0xd0/0x440
[ 1593.782190][T17900]  __x64_sys_ioctl+0x96/0xe0
[ 1593.782355][T17900]  x64_sys_call+0x19f0/0x3c30
[ 1593.782533][T17900]  do_syscall_64+0xcd/0x1e0
[ 1593.782657][T17900]  ? clear_bhb_loop+0x25/0x80
[ 1593.782777][T17900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1593.782957][T17900] RIP: 0033:0x7f573858cd29
[ 1593.783054][T17900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1593.783165][T17900] RSP: 002b:00007f5739444038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1593.783285][T17900] RAX: ffffffffffffffda RBX: 00007f57387a6080 RCX: 00007f573858cd29
[ 1593.783377][T17900] RDX: 0000000020000240 RSI: 000000000000541b RDI: 0000000000000004
[ 1593.783462][T17900] RBP: 00007f5739444090 R08: 0000000000000000 R09: 0000000000000000
[ 1593.783539][T17900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1593.783614][T17900] R13: 0000000000000001 R14: 00007f57387a6080 R15: 00007ffd783aa3d8
[ 1593.783717][T17900]  </TASK>
[ 1594.015757][T17900] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1594.116016][T16378] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1594.125571][T16378] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1594.142847][T16378] usb 4-1: Product: syz
[ 1594.147225][T16378] usb 4-1: Manufacturer: syz
[ 1594.154666][T16378] usb 4-1: SerialNumber: syz
[ 1594.167523][T16378] usb 4-1: config 0 descriptor??
[ 1594.194310][T16378] usb 4-1: selecting invalid altsetting 2
[ 1594.536412][T17897] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1594.554989][T17897] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1595.247385][T17909] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3874'.
[ 1595.277636][T16378] get_1284_register timeout
[ 1595.282954][    C0] usb 4-1: async_complete: urb error -104
[ 1595.288928][T16378] uss720 4-1:0.125: probe with driver uss720 failed with error -5
[ 1595.642333][T17911] FAULT_INJECTION: forcing a failure.
[ 1595.642333][T17911] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1595.656138][T17911] CPU: 1 UID: 0 PID: 17911 Comm: syz.1.3875 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1595.656266][T17911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1595.656342][T17911] Call Trace:
[ 1595.656390][T17911]  <TASK>
[ 1595.656435][T17911]  dump_stack_lvl+0x216/0x2d0
[ 1595.656617][T17911]  dump_stack+0x1e/0x24
[ 1595.656761][T17911]  should_fail_ex+0x748/0x7f0
[ 1595.656923][T17911]  should_fail+0x2a/0x40
[ 1595.657055][T17911]  should_fail_usercopy+0x2e/0x40
[ 1595.657211][T17911]  _copy_from_user+0x35/0x110
[ 1595.657365][T17911]  ___sys_sendmsg+0x120/0x3c0
[ 1595.657513][T17911]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1595.657674][T17911]  ? __rcu_read_unlock+0x7b/0xe0
[ 1595.657851][T17911]  ? __fget_files+0x42b/0x500
[ 1595.657996][T17911]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1595.658131][T17911]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1595.658280][T17911]  __x64_sys_sendmsg+0x212/0x3c0
[ 1595.658423][T17911]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1595.658565][T17911]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1595.658706][T17911]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1595.658852][T17911]  x64_sys_call+0x2ed6/0x3c30
[ 1595.659023][T17911]  do_syscall_64+0xcd/0x1e0
[ 1595.659149][T17911]  ? clear_bhb_loop+0x25/0x80
[ 1595.659287][T17911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1595.659469][T17911] RIP: 0033:0x7f573858cd29
[ 1595.659570][T17911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1595.659681][T17911] RSP: 002b:00007f5739465038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1595.659801][T17911] RAX: ffffffffffffffda RBX: 00007f57387a5fa0 RCX: 00007f573858cd29
[ 1595.659891][T17911] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[ 1595.659968][T17911] RBP: 00007f5739465090 R08: 0000000000000000 R09: 0000000000000000
[ 1595.660045][T17911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1595.660118][T17911] R13: 0000000000000000 R14: 00007f57387a5fa0 R15: 00007ffd783aa3d8
[ 1595.660215][T17911]  </TASK>
[ 1595.910432][T17912] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1595.920309][T17912] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1596.163781][T16378] usb 4-1: USB disconnect, device number 11
[ 1596.280634][T17914] loop6: detected capacity change from 0 to 1024
[ 1596.370946][T17914] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[ 1596.431337][T17914] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1596.443055][T17914] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[ 1596.453154][T17914] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1596.562280][T17914] journal_load_superblock: Cannot read journal superblock
[ 1596.569679][T17914] EXT4-fs (loop6): Could not load journal inode
[ 1597.490015][T17920] loop1: detected capacity change from 0 to 40427
[ 1597.503943][T17920] F2FS-fs (loop1): invalid crc value
[ 1597.537912][T17920] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1597.899646][T17920] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1597.940223][   T29] audit: type=1800 audit(1737675182.485:918): pid=17920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3878" name="file1" dev="loop1" ino=10 res=0 errno=0
[ 1598.065508][T16693] syz-executor: attempt to access beyond end of device
[ 1598.065508][T16693] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[ 1598.081715][T16693] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[ 1598.088816][T16693] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[ 1598.400796][T17938] FAULT_INJECTION: forcing a failure.
[ 1598.400796][T17938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1598.414406][T17938] CPU: 0 UID: 0 PID: 17938 Comm: syz.5.3883 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1598.414533][T17938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1598.414605][T17938] Call Trace:
[ 1598.414651][T17938]  <TASK>
[ 1598.414695][T17938]  dump_stack_lvl+0x216/0x2d0
[ 1598.414871][T17938]  dump_stack+0x1e/0x24
[ 1598.415014][T17938]  should_fail_ex+0x748/0x7f0
[ 1598.415173][T17938]  should_fail+0x2a/0x40
[ 1598.415307][T17938]  should_fail_usercopy+0x2e/0x40
[ 1598.415467][T17938]  _copy_from_user+0x35/0x110
[ 1598.415615][T17938]  do_tcp_setsockopt+0x3b0/0x2d30
[ 1598.415779][T17938]  ? aa_sk_perm+0x881/0xd90
[ 1598.415925][T17938]  tcp_setsockopt+0xc6/0x190
[ 1598.416069][T17938]  ? __pfx_tcp_setsockopt+0x10/0x10
[ 1598.416211][T17938]  sock_common_setsockopt+0xf9/0x140
[ 1598.416399][T17938]  do_sock_setsockopt+0x4bb/0x7d0
[ 1598.416539][T17938]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1598.416707][T17938]  __x64_sys_setsockopt+0x33d/0x4f0
[ 1598.416859][T17938]  x64_sys_call+0x30b9/0x3c30
[ 1598.417014][T17938]  do_syscall_64+0xcd/0x1e0
[ 1598.417132][T17938]  ? clear_bhb_loop+0x25/0x80
[ 1598.417252][T17938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1598.417436][T17938] RIP: 0033:0x7f3b84f8cd29
[ 1598.417529][T17938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1598.417640][T17938] RSP: 002b:00007f3b85df0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1598.417760][T17938] RAX: ffffffffffffffda RBX: 00007f3b851a5fa0 RCX: 00007f3b84f8cd29
[ 1598.417853][T17938] RDX: 0000000000000013 RSI: 0000000000000006 RDI: 0000000000000003
[ 1598.417944][T17938] RBP: 00007f3b85df0090 R08: 0000000000000004 R09: 0000000000000000
[ 1598.418022][T17938] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[ 1598.418097][T17938] R13: 0000000000000000 R14: 00007f3b851a5fa0 R15: 00007ffc5054ff88
[ 1598.418199][T17938]  </TASK>
[ 1599.476247][T17945] loop3: detected capacity change from 0 to 256
[ 1599.573349][T16378] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[ 1599.605887][T17947] vlan3: entered promiscuous mode
[ 1599.611381][T17947] vlan3: entered allmulticast mode
[ 1599.645419][T17945] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1599.805527][T16378] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1599.820150][T16378] usb 6-1: not running at top speed; connect to a high speed hub
[ 1599.843508][T16378] usb 6-1: config 129 has an invalid interface number: 135 but max is 0
[ 1599.852335][T16378] usb 6-1: config 129 has an invalid interface number: 5 but max is 0
[ 1599.860940][T16378] usb 6-1: config 129 descriptor has 1 excess byte, ignoring
[ 1599.877659][T16378] usb 6-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[ 1599.890197][T16378] usb 6-1: config 129 has no interface number 0
[ 1599.896665][T16378] usb 6-1: config 129 has no interface number 1
[ 1599.903439][T16378] usb 6-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[ 1599.917095][T16378] usb 6-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[ 1599.928416][T16378] usb 6-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[ 1599.942003][T16378] usb 6-1: config 129 interface 135 has no altsetting 0
[ 1599.949173][T16378] usb 6-1: config 129 interface 5 has no altsetting 0
[ 1600.121775][T16378] usb 6-1: string descriptor 0 read error: -22
[ 1600.128588][T16378] usb 6-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.62
[ 1600.138410][T16378] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1600.300171][T16378] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1600.307384][T16378] usb 6-1: MIDIStreaming interface descriptor not found
[ 1600.700726][T10165] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[ 1600.915154][T10165] usb 7-1: Using ep0 maxpacket: 16
[ 1600.962787][T17943] loop5: detected capacity change from 0 to 2048
[ 1600.970547][T10165] usb 7-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1600.979141][T10165] usb 7-1: config 0 has an invalid interface number: 125 but max is 1
[ 1600.987866][T10165] usb 7-1: config 0 has an invalid interface number: 125 but max is 1
[ 1601.005399][T10165] usb 7-1: config 0 has an invalid interface number: 125 but max is 1
[ 1601.017120][T10165] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1601.026402][T10165] usb 7-1: config 0 has no interface number 0
[ 1601.032885][T10165] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1601.044819][T10165] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1601.055019][T10165] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1601.065289][T10165] usb 7-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1601.078940][T10165] usb 7-1: config 0 interface 125 has no altsetting 0
[ 1601.086092][T10165] usb 7-1: config 0 interface 125 has no altsetting 2
[ 1601.236390][T17943] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1601.324606][T10165] usb 7-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1601.334326][T10165] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1601.343058][T10165] usb 7-1: Product: syz
[ 1601.347425][T10165] usb 7-1: Manufacturer: syz
[ 1601.352681][T10165] usb 7-1: SerialNumber: syz
[ 1601.431493][T17957] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3884'.
[ 1601.502681][T10165] usb 7-1: config 0 descriptor??
[ 1601.599701][T10165] usb 7-1: selecting invalid altsetting 2
[ 1601.802492][T17951] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1601.812329][T17951] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1602.288945][T17942] UDF-fs: warning (device loop5): udf_truncate_tail_extent: Too long extent after EOF in inode 1367: i_size: 3200 lbcount: 4096 extent 56+4096
[ 1602.647727][T10165] get_1284_register timeout
[ 1602.653035][    C0] usb 7-1: async_complete: urb error -104
[ 1602.658987][T10165] uss720 7-1:0.125: probe with driver uss720 failed with error -5
[ 1602.770341][T17967] loop7: detected capacity change from 0 to 1024
[ 1602.878446][T17967] hfsplus: bad catalog entry type
[ 1602.951687][T17967] netlink: 224 bytes leftover after parsing attributes in process `syz.7.3895'.
[ 1602.983801][T17972] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1602.993583][T17972] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1603.190449][T17621] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1603.429718][T17621] usb 2-1: Using ep0 maxpacket: 16
[ 1603.460414][T17621] usb 2-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1603.469548][T17621] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[ 1603.472142][T17943] delete_channel: no stack
[ 1603.478524][T17621] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[ 1603.491120][T17621] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[ 1603.499501][T17621] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1603.508666][T17621] usb 2-1: config 0 has no interface number 0
[ 1603.515080][T17621] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1603.526502][T17621] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1603.536738][T17621] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1603.547688][T17621] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1603.563965][T17621] usb 2-1: config 0 interface 125 has no altsetting 0
[ 1603.571885][T17621] usb 2-1: config 0 interface 125 has no altsetting 2
[ 1603.620359][ T5865] usb 6-1: USB disconnect, device number 4
[ 1603.744757][T17016] UDF-fs: warning (device loop5): udf_evict_inode: Inode 1367 (mode 100000) has inode size 3200 different from extent length 4096. Filesystem need not be standards compliant.
[ 1603.753354][T17621] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1603.776143][T17621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1603.784480][T17621] usb 2-1: Product: syz
[ 1603.788847][T17621] usb 2-1: Manufacturer: syz
[ 1603.793761][T17621] usb 2-1: SerialNumber: syz
[ 1603.835554][T10165] usb 7-1: USB disconnect, device number 20
[ 1603.837500][T17621] usb 2-1: config 0 descriptor??
[ 1603.969252][T17621] usb 2-1: selecting invalid altsetting 2
[ 1604.213008][   T11] hfsplus: b-tree write err: -5, ino 4
[ 1604.278223][T17971] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1604.288761][T17971] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1604.880361][T10165] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1605.040357][T17621] get_1284_register timeout
[ 1605.045467][    C1] usb 2-1: async_complete: urb error -104
[ 1605.051669][T17621] uss720 2-1:0.125: probe with driver uss720 failed with error -5
[ 1605.140870][T10165] usb 6-1: Using ep0 maxpacket: 16
[ 1605.165297][T10165] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[ 1605.174023][T10165] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1605.184911][T10165] usb 6-1: config 0 has no interface number 0
[ 1605.349031][T10165] usb 6-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 1605.359627][T10165] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1605.368242][T10165] usb 6-1: Product: syz
[ 1605.372747][T10165] usb 6-1: Manufacturer: syz
[ 1605.377556][T10165] usb 6-1: SerialNumber: syz
[ 1605.443171][T17990] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1605.454017][T17990] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1605.532678][T10165] usb 6-1: config 0 descriptor??
[ 1605.543126][T17992] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 1605.579434][T10165] usb 6-1: Found UVC 0.00 device syz (046d:08f3)
[ 1605.586208][T10165] usb 6-1: No valid video chain found.
[ 1605.842403][T17980] loop5: detected capacity change from 0 to 128
[ 1605.875675][T17980] qnx4: no qnx4 filesystem (no root dir).
[ 1605.982926][T17980] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1605.994574][T17980] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1606.077980][T17621] usb 6-1: USB disconnect, device number 5
[ 1606.130238][T17996] FAULT_INJECTION: forcing a failure.
[ 1606.130238][T17996] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1606.144585][T17996] CPU: 1 UID: 0 PID: 17996 Comm: syz.6.3905 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1606.144712][T17996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1606.144784][T17996] Call Trace:
[ 1606.144829][T17996]  <TASK>
[ 1606.144874][T17996]  dump_stack_lvl+0x216/0x2d0
[ 1606.145050][T17996]  dump_stack+0x1e/0x24
[ 1606.145193][T17996]  should_fail_ex+0x748/0x7f0
[ 1606.145353][T17996]  should_fail+0x2a/0x40
[ 1606.145495][T17996]  should_fail_usercopy+0x2e/0x40
[ 1606.145648][T17996]  _copy_from_user+0x35/0x110
[ 1606.145799][T17996]  ___sys_sendmsg+0x120/0x3c0
[ 1606.145950][T17996]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1606.146103][T17996]  ? __rcu_read_unlock+0x7b/0xe0
[ 1606.146281][T17996]  ? __fget_files+0x42b/0x500
[ 1606.146432][T17996]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1606.146570][T17996]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1606.146721][T17996]  __x64_sys_sendmsg+0x212/0x3c0
[ 1606.146867][T17996]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1606.147004][T17996]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1606.147143][T17996]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1606.147289][T17996]  x64_sys_call+0x2ed6/0x3c30
[ 1606.147463][T17996]  do_syscall_64+0xcd/0x1e0
[ 1606.147585][T17996]  ? clear_bhb_loop+0x25/0x80
[ 1606.147707][T17996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1606.147884][T17996] RIP: 0033:0x7f683898cd29
[ 1606.147980][T17996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1606.148092][T17996] RSP: 002b:00007f68397c0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1606.148214][T17996] RAX: ffffffffffffffda RBX: 00007f6838ba5fa0 RCX: 00007f683898cd29
[ 1606.148307][T17996] RDX: 0000000000008010 RSI: 0000000020000680 RDI: 0000000000000004
[ 1606.148387][T17996] RBP: 00007f68397c0090 R08: 0000000000000000 R09: 0000000000000000
[ 1606.148472][T17996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1606.148546][T17996] R13: 0000000000000000 R14: 00007f6838ba5fa0 R15: 00007ffd459b8228
[ 1606.148649][T17996]  </TASK>
[ 1607.591605][T17621] usb 2-1: USB disconnect, device number 20
[ 1608.260653][T10165] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1608.341174][T18019] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3915'.
[ 1608.350974][T18019] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3915'.
[ 1608.513335][T10165] usb 2-1: Using ep0 maxpacket: 16
[ 1608.535422][T10165] usb 2-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1608.544330][T10165] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[ 1608.553896][T10165] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[ 1608.562480][T10165] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[ 1608.580204][T10165] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1608.589318][T10165] usb 2-1: config 0 has no interface number 0
[ 1608.598973][T10165] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1608.610535][T10165] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1608.620745][T10165] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1608.631495][T10165] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1608.644918][T10165] usb 2-1: config 0 interface 125 has no altsetting 0
[ 1608.652038][T10165] usb 2-1: config 0 interface 125 has no altsetting 2
[ 1608.719327][T18020] loop3: detected capacity change from 0 to 2048
[ 1608.750331][   T10] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[ 1608.763586][T18020] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1608.770965][T18020] EXT4-fs: Ignoring removed i_version option
[ 1608.946889][T10165] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1608.958019][T10165] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1608.966629][T10165] usb 2-1: Product: syz
[ 1608.971183][T10165] usb 2-1: Manufacturer: syz
[ 1608.975995][T10165] usb 2-1: SerialNumber: syz
[ 1609.042916][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1609.054401][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1609.064874][   T10] usb 7-1: New USB device found, idVendor=056a, idProduct=0314, bcdDevice= 0.00
[ 1609.074481][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1609.145457][T10165] usb 2-1: config 0 descriptor??
[ 1609.199711][T10165] usb 2-1: selecting invalid altsetting 2
[ 1609.233726][   T10] usb 7-1: config 0 descriptor??
[ 1609.267606][T18024] loop5: detected capacity change from 0 to 64
[ 1609.329189][T18022] loop7: detected capacity change from 0 to 32768
[ 1609.336092][T18024] minix: Unknown parameter ''
[ 1609.467062][T18022] XFS (loop7): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1609.492990][T18013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1609.511921][T18013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1609.726524][T18020] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1609.741845][T18021] loop6: detected capacity change from 0 to 64
[ 1609.836338][T18022] XFS (loop7): Ending clean mount
[ 1609.854158][T18022] XFS (loop7): Quotacheck needed: Please wait.
[ 1609.949169][T18043] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3916'.
[ 1609.973099][   T10] wacom 0003:056A:0314.0009: unbalanced collection at end of report description
[ 1609.980422][T18022] XFS (loop7): Quotacheck: Done.
[ 1610.123450][   T10] wacom 0003:056A:0314.0009: parse failed
[ 1610.130814][   T10] wacom 0003:056A:0314.0009: probe with driver wacom failed with error -22
[ 1610.246389][T10165] get_1284_register timeout
[ 1610.251674][    C0] usb 2-1: async_complete: urb error -104
[ 1610.257881][T10165] uss720 2-1:0.125: probe with driver uss720 failed with error -5
[ 1610.304890][   T10] usb 7-1: USB disconnect, device number 21
[ 1610.651336][T14827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1610.741043][T15191] XFS (loop7): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1610.829156][T18046] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3919'.
[ 1610.840464][T18046] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3919'.
[ 1611.650734][T17621] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1611.767039][T10165] usb 2-1: USB disconnect, device number 21
[ 1611.839391][T17621] usb 4-1: Using ep0 maxpacket: 16
[ 1611.862278][   T10] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1611.910410][T17621] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[ 1611.919004][T17621] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1611.930073][T17621] usb 4-1: config 0 has no interface number 0
[ 1611.985681][T17621] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 1611.995205][T17621] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1612.003966][T17621] usb 4-1: Product: syz
[ 1612.008335][T17621] usb 4-1: Manufacturer: syz
[ 1612.013421][T17621] usb 4-1: SerialNumber: syz
[ 1612.063809][   T10] usb 6-1: Using ep0 maxpacket: 16
[ 1612.132388][   T10] usb 6-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1612.133709][T17621] usb 4-1: config 0 descriptor??
[ 1612.141186][   T10] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1612.165507][   T10] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1612.177152][   T10] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1612.185748][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1612.195166][   T10] usb 6-1: config 0 has no interface number 0
[ 1612.197039][T17621] usb 4-1: Found UVC 0.00 device syz (046d:08f3)
[ 1612.201847][   T10] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1612.201998][   T10] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1612.202136][   T10] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1612.202260][   T10] usb 6-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1612.202403][   T10] usb 6-1: config 0 interface 125 has no altsetting 0
[ 1612.202507][   T10] usb 6-1: config 0 interface 125 has no altsetting 2
[ 1612.208846][T17621] usb 4-1: No valid video chain found.
[ 1612.302558][T18050] loop6: detected capacity change from 0 to 4096
[ 1612.479200][T18048] loop3: detected capacity change from 0 to 128
[ 1612.526603][   T10] usb 6-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1612.530296][T18048] qnx4: no qnx4 filesystem (no root dir).
[ 1612.536391][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1612.550292][   T10] usb 6-1: Product: syz
[ 1612.559477][   T10] usb 6-1: Manufacturer: syz
[ 1612.564667][   T10] usb 6-1: SerialNumber: syz
[ 1612.611956][   T10] usb 6-1: config 0 descriptor??
[ 1612.652962][   T10] usb 6-1: selecting invalid altsetting 2
[ 1612.738659][T18048] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1612.749246][T18048] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1612.793322][T18056] FAULT_INJECTION: forcing a failure.
[ 1612.793322][T18056] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1612.807315][T18056] CPU: 1 UID: 0 PID: 18056 Comm: syz.1.3925 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1612.807442][T18056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1612.807516][T18056] Call Trace:
[ 1612.807563][T18056]  <TASK>
[ 1612.807607][T18056]  dump_stack_lvl+0x216/0x2d0
[ 1612.807792][T18056]  dump_stack+0x1e/0x24
[ 1612.807937][T18056]  should_fail_ex+0x748/0x7f0
[ 1612.808098][T18056]  should_fail+0x2a/0x40
[ 1612.808233][T18056]  should_fail_usercopy+0x2e/0x40
[ 1612.808383][T18056]  _copy_from_user+0x35/0x110
[ 1612.808535][T18056]  ___sys_sendmsg+0x120/0x3c0
[ 1612.808682][T18056]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1612.808844][T18056]  ? __rcu_read_unlock+0x7b/0xe0
[ 1612.809021][T18056]  ? __fget_files+0x42b/0x500
[ 1612.809166][T18056]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1612.809304][T18056]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1612.809456][T18056]  __x64_sys_sendmsg+0x212/0x3c0
[ 1612.809601][T18056]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1612.809740][T18056]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1612.809884][T18056]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1612.810026][T18056]  x64_sys_call+0x2ed6/0x3c30
[ 1612.810198][T18056]  do_syscall_64+0xcd/0x1e0
[ 1612.810321][T18056]  ? clear_bhb_loop+0x25/0x80
[ 1612.810446][T18056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1612.810622][T18056] RIP: 0033:0x7f573858cd29
[ 1612.810718][T18056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1612.810841][T18056] RSP: 002b:00007f5739465038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1612.810961][T18056] RAX: ffffffffffffffda RBX: 00007f57387a5fa0 RCX: 00007f573858cd29
[ 1612.811054][T18056] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[ 1612.811130][T18056] RBP: 00007f5739465090 R08: 0000000000000000 R09: 0000000000000000
[ 1612.811208][T18056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1612.811283][T18056] R13: 0000000000000000 R14: 00007f57387a5fa0 R15: 00007ffd783aa3d8
[ 1612.811384][T18056]  </TASK>
[ 1613.053306][T17621] usb 4-1: USB disconnect, device number 12
[ 1613.067008][T18052] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1613.077258][T18052] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1613.224291][T18059] loop6: detected capacity change from 0 to 64
[ 1613.680589][   T10] get_1284_register timeout
[ 1613.685632][    C0] usb 6-1: async_complete: urb error -104
[ 1613.691847][   T10] uss720 6-1:0.125: probe with driver uss720 failed with error -5
[ 1614.322235][T18067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1614.332691][T18067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1615.348222][T18070] IPVS: Scheduler module ip_vs_sip not found
[ 1615.532337][T18072] loop1: detected capacity change from 0 to 40427
[ 1615.550051][T18072] F2FS-fs (loop1): invalid crc value
[ 1615.613259][T18072] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1615.758526][T18082] loop6: detected capacity change from 0 to 128
[ 1615.886562][T18072] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1616.114838][   T29] audit: type=1800 audit(1737675200.675:919): pid=18072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3929" name="file1" dev="loop1" ino=10 res=0 errno=0
[ 1616.236211][T18072] syz.1.3929: attempt to access beyond end of device
[ 1616.236211][T18072] loop1: rw=2049, sector=77824, nr_sectors = 2048 limit=40427
[ 1616.273416][T18072] syz.1.3929: attempt to access beyond end of device
[ 1616.273416][T18072] loop1: rw=2049, sector=79872, nr_sectors = 520 limit=40427
[ 1616.621697][T18086] netlink: 280 bytes leftover after parsing attributes in process `syz.7.3933'.
[ 1616.740981][T16693] syz-executor: attempt to access beyond end of device
[ 1616.740981][T16693] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1616.756295][T16693] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[ 1616.860700][T16378] usb 6-1: USB disconnect, device number 6
[ 1617.066904][T17621] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1617.273196][T18092] loop5: detected capacity change from 0 to 256
[ 1617.370279][T17621] usb 4-1: Using ep0 maxpacket: 16
[ 1617.435594][T17621] usb 4-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1617.444516][T17621] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1617.453373][T17621] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1617.462103][T17621] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1617.470888][T17621] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1617.483169][T17621] usb 4-1: config 0 has no interface number 0
[ 1617.490462][T17621] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1617.502075][T17621] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1617.512348][T17621] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1617.523175][T17621] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1617.536777][T17621] usb 4-1: config 0 interface 125 has no altsetting 0
[ 1617.543974][T17621] usb 4-1: config 0 interface 125 has no altsetting 2
[ 1617.795774][T17621] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1617.805472][T17621] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1617.813917][T17621] usb 4-1: Product: syz
[ 1617.818275][T17621] usb 4-1: Manufacturer: syz
[ 1617.823672][T17621] usb 4-1: SerialNumber: syz
[ 1617.954493][T17621] usb 4-1: config 0 descriptor??
[ 1618.087401][T17621] usb 4-1: selecting invalid altsetting 2
[ 1618.320540][T18090] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1618.331374][T18090] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1619.112449][T17821] Bluetooth: hci4: command 0x0406 tx timeout
[ 1619.121746][T17621] get_1284_register timeout
[ 1619.122035][    C1] usb 4-1: async_complete: urb error -104
[ 1619.122125][T17621] uss720 4-1:0.125: probe with driver uss720 failed with error -5
[ 1619.526393][   T10] usb 4-1: USB disconnect, device number 13
[ 1619.891843][T18103] loop6: detected capacity change from 0 to 4096
[ 1620.182074][T18108] loop6: detected capacity change from 0 to 64
[ 1620.666481][T18113] loop3: detected capacity change from 0 to 512
[ 1620.697778][T18113] EXT4-fs: Ignoring removed i_version option
[ 1620.737985][T18113] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1620.836486][T18113] EXT4-fs (loop3): 1 truncate cleaned up
[ 1620.844317][T18113] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1620.945157][   T29] audit: type=1800 audit(1737675205.505:920): pid=18113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3943" name="file7" dev="loop3" ino=22 res=0 errno=0
[ 1621.135850][T18113] 9pnet_fd: p9_fd_create_tcp (18113): problem connecting socket to 127.0.0.1
[ 1621.308563][T18124] FAULT_INJECTION: forcing a failure.
[ 1621.308563][T18124] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1621.322334][T18124] CPU: 1 UID: 0 PID: 18124 Comm: syz.5.3947 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1621.322460][T18124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1621.322531][T18124] Call Trace:
[ 1621.322578][T18124]  <TASK>
[ 1621.322622][T18124]  dump_stack_lvl+0x216/0x2d0
[ 1621.322796][T18124]  dump_stack+0x1e/0x24
[ 1621.322939][T18124]  should_fail_ex+0x748/0x7f0
[ 1621.323100][T18124]  should_fail+0x2a/0x40
[ 1621.323242][T18124]  should_fail_usercopy+0x2e/0x40
[ 1621.323396][T18124]  _copy_from_user+0x35/0x110
[ 1621.323549][T18124]  __sys_bpf+0x2dc/0xd90
[ 1621.323723][T18124]  __x64_sys_bpf+0xa0/0xe0
[ 1621.323861][T18124]  x64_sys_call+0x329c/0x3c30
[ 1621.324029][T18124]  do_syscall_64+0xcd/0x1e0
[ 1621.324153][T18124]  ? clear_bhb_loop+0x25/0x80
[ 1621.324283][T18124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1621.324459][T18124] RIP: 0033:0x7f3b84f8cd29
[ 1621.324555][T18124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1621.324665][T18124] RSP: 002b:00007f3b85df0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1621.324784][T18124] RAX: ffffffffffffffda RBX: 00007f3b851a5fa0 RCX: 00007f3b84f8cd29
[ 1621.324875][T18124] RDX: 0000000000000094 RSI: 0000000020000400 RDI: 0000000000000005
[ 1621.324954][T18124] RBP: 00007f3b85df0090 R08: 0000000000000000 R09: 0000000000000000
[ 1621.325034][T18124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1621.325107][T18124] R13: 0000000000000000 R14: 00007f3b851a5fa0 R15: 00007ffc5054ff88
[ 1621.325216][T18124]  </TASK>
[ 1621.631325][T17621] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 1621.757695][T14827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1621.810360][T17621] usb 2-1: Using ep0 maxpacket: 16
[ 1621.835988][T17621] usb 2-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1621.845013][T17621] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[ 1621.853595][T17621] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[ 1621.862227][T17621] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[ 1621.870783][T17621] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1621.880040][T17621] usb 2-1: config 0 has no interface number 0
[ 1621.889557][T17621] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1621.901667][T17621] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1621.911818][T17621] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1621.922054][T17621] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1621.935642][T17621] usb 2-1: config 0 interface 125 has no altsetting 0
[ 1621.942788][T17621] usb 2-1: config 0 interface 125 has no altsetting 2
[ 1622.124685][T17621] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1622.134354][T17621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1622.142847][T17621] usb 2-1: Product: syz
[ 1622.147224][T17621] usb 2-1: Manufacturer: syz
[ 1622.152193][T17621] usb 2-1: SerialNumber: syz
[ 1622.165020][T17621] usb 2-1: config 0 descriptor??
[ 1622.259533][T17621] usb 2-1: selecting invalid altsetting 2
[ 1622.575788][T18121] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1622.586304][T18121] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1623.280328][T17621] get_1284_register timeout
[ 1623.285363][    C1] usb 2-1: async_complete: urb error -104
[ 1623.291542][T17621] uss720 2-1:0.125: probe with driver uss720 failed with error -5
[ 1623.569540][T18145] loop7: detected capacity change from 0 to 16
[ 1623.620791][T18145] erofs (device loop7): mounted with root inode @ nid 36.
[ 1623.672775][ T5865] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1623.740843][T18146] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1623.826769][T18146] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1623.862182][ T5865] usb 4-1: Using ep0 maxpacket: 16
[ 1623.894163][ T5865] usb 4-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1623.903097][ T5865] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1623.912042][ T5865] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1623.919247][T18148] loop6: detected capacity change from 0 to 256
[ 1623.920440][ T5865] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[ 1623.920559][ T5865] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1623.948536][ T5865] usb 4-1: config 0 has no interface number 0
[ 1623.954980][ T5865] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1623.966364][ T5865] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1623.976677][ T5865] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1623.986859][ T5865] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1624.000332][ T5865] usb 4-1: config 0 interface 125 has no altsetting 0
[ 1624.007325][ T5865] usb 4-1: config 0 interface 125 has no altsetting 2
[ 1624.053917][ T5865] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1624.063442][ T5865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1624.072298][ T5865] usb 4-1: Product: syz
[ 1624.076679][ T5865] usb 4-1: Manufacturer: syz
[ 1624.081600][ T5865] usb 4-1: SerialNumber: syz
[ 1624.093827][ T5865] usb 4-1: config 0 descriptor??
[ 1624.120544][ T5865] usb 4-1: selecting invalid altsetting 2
[ 1624.373707][T18143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1624.383549][T18143] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1625.065943][    C1] usb 4-1: async_complete: urb error -71
[ 1625.105538][ T5865] get_1284_register: usb error -71
[ 1625.112192][ T5865] uss720 4-1:0.125: probe with driver uss720 failed with error -71
[ 1625.191491][ T5865] usb 4-1: USB disconnect, device number 14
[ 1626.253528][T18166] FAULT_INJECTION: forcing a failure.
[ 1626.253528][T18166] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1626.267119][T18166] CPU: 1 UID: 0 PID: 18166 Comm: syz.3.3960 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1626.267243][T18166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1626.267315][T18166] Call Trace:
[ 1626.267360][T18166]  <TASK>
[ 1626.267405][T18166]  dump_stack_lvl+0x216/0x2d0
[ 1626.267571][T18166]  dump_stack+0x1e/0x24
[ 1626.267721][T18166]  should_fail_ex+0x748/0x7f0
[ 1626.267880][T18166]  should_fail+0x2a/0x40
[ 1626.268010][T18166]  should_fail_usercopy+0x2e/0x40
[ 1626.268162][T18166]  _copy_from_user+0x35/0x110
[ 1626.268311][T18166]  __sys_bpf+0x2dc/0xd90
[ 1626.268486][T18166]  __x64_sys_bpf+0xa0/0xe0
[ 1626.268627][T18166]  x64_sys_call+0x329c/0x3c30
[ 1626.268796][T18166]  do_syscall_64+0xcd/0x1e0
[ 1626.268921][T18166]  ? clear_bhb_loop+0x25/0x80
[ 1626.269042][T18166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1626.269218][T18166] RIP: 0033:0x7ff45358cd29
[ 1626.269311][T18166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1626.269419][T18166] RSP: 002b:00007ff4543b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1626.269537][T18166] RAX: ffffffffffffffda RBX: 00007ff4537a5fa0 RCX: 00007ff45358cd29
[ 1626.269634][T18166] RDX: 0000000000000094 RSI: 0000000020000400 RDI: 0000000000000005
[ 1626.269710][T18166] RBP: 00007ff4543b5090 R08: 0000000000000000 R09: 0000000000000000
[ 1626.269790][T18166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1626.269868][T18166] R13: 0000000000000000 R14: 00007ff4537a5fa0 R15: 00007ffca70e59d8
[ 1626.269969][T18166]  </TASK>
[ 1626.444603][   T10] usb 2-1: USB disconnect, device number 22
[ 1626.819375][T18168] netlink: 'syz.7.3961': attribute type 11 has an invalid length.
[ 1626.827877][T18168] netlink: 44 bytes leftover after parsing attributes in process `syz.7.3961'.
[ 1627.701218][T18178] loop3: detected capacity change from 0 to 2048
[ 1627.771723][T18178] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1628.078526][T18185] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh
[ 1629.250362][T17621] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1629.470110][T17621] usb 6-1: Using ep0 maxpacket: 16
[ 1629.531275][T17621] usb 6-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1629.540125][T17621] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1629.548533][T17621] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1629.557144][T17621] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1629.569124][T17621] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1629.579098][T17621] usb 6-1: config 0 has no interface number 0
[ 1629.585565][T17621] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1629.597432][T17621] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1629.607645][T17621] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1629.617838][T17621] usb 6-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1629.631916][T17621] usb 6-1: config 0 interface 125 has no altsetting 0
[ 1629.638919][T17621] usb 6-1: config 0 interface 125 has no altsetting 2
[ 1629.913266][T17621] usb 6-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1629.922877][T17621] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1629.931682][T17621] usb 6-1: Product: syz
[ 1629.936048][T17621] usb 6-1: Manufacturer: syz
[ 1629.941105][T17621] usb 6-1: SerialNumber: syz
[ 1629.950549][   T10] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1630.013009][T17621] usb 6-1: config 0 descriptor??
[ 1630.037111][T17621] usb 6-1: selecting invalid altsetting 2
[ 1630.166354][   T10] usb 2-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51
[ 1630.176035][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1630.273199][T18197] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1630.276262][   T10] usb 2-1: config 0 descriptor??
[ 1630.285786][T18197] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1630.333080][T18208] loop3: detected capacity change from 0 to 4096
[ 1630.422286][   T10] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4
[ 1630.660456][T16378] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[ 1630.762050][    C1] usb 6-1: async_complete: urb error -71
[ 1630.768301][    C1] usb 6-1: async_complete: urb error -71
[ 1630.808184][T17621] get_1284_register: usb error -71
[ 1630.814972][T17621] uss720 6-1:0.125: probe with driver uss720 failed with error -71
[ 1630.862223][   T10] gspca_sn9c20x: Write register 1001 failed -71
[ 1630.868768][   T10] gspca_sn9c20x: Device initialization failed
[ 1630.876802][   T10] gspca_sn9c20x 2-1:0.0: probe with driver gspca_sn9c20x failed with error -71
[ 1630.880768][T17621] usb 6-1: USB disconnect, device number 7
[ 1630.952108][T16378] usb 7-1: Using ep0 maxpacket: 16
[ 1630.968743][T16378] usb 7-1: config 0 has an invalid interface number: 148 but max is 0
[ 1630.977506][T16378] usb 7-1: config 0 has no interface number 0
[ 1630.984426][T16378] usb 7-1: config 0 interface 148 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 32
[ 1630.994810][T16378] usb 7-1: New USB device found, idVendor=0499, idProduct=8206, bcdDevice=f4.55
[ 1631.013061][T16378] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1631.063733][   T10] usb 2-1: USB disconnect, device number 23
[ 1631.067796][T18215] loop3: detected capacity change from 0 to 64
[ 1631.194243][T16378] usb 7-1: config 0 descriptor??
[ 1631.214776][T18210] raw-gadget.3 gadget.6: fail, usb_ep_enable returned -22
[ 1631.468114][T18210] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1631.478182][T18210] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1631.562183][T17621] usb 7-1: USB disconnect, device number 22
[ 1631.851913][ T7219] udevd[7219]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.148/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1632.347677][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1632.354844][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1632.387030][T18220] loop5: detected capacity change from 0 to 2048
[ 1632.468252][T18226] loop7: detected capacity change from 0 to 256
[ 1632.570364][T18220] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1632.662039][T18226] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x61a18cac, utbl_chksum : 0xe619d30d)
[ 1632.724722][T18231] FAULT_INJECTION: forcing a failure.
[ 1632.724722][T18231] name failslab, interval 1, probability 0, space 0, times 0
[ 1632.748676][T18231] CPU: 0 UID: 0 PID: 18231 Comm: syz.6.3983 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1632.748801][T18231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1632.748872][T18231] Call Trace:
[ 1632.748917][T18231]  <TASK>
[ 1632.748962][T18231]  dump_stack_lvl+0x216/0x2d0
[ 1632.749133][T18231]  dump_stack+0x1e/0x24
[ 1632.749285][T18231]  should_fail_ex+0x748/0x7f0
[ 1632.749448][T18231]  should_failslab+0x17f/0x210
[ 1632.749594][T18231]  __kmalloc_cache_noprof+0xc5/0xdf0
[ 1632.749770][T18231]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1632.749953][T18231]  ? allocate_file_region_entries+0x1db/0xb30
[ 1632.750088][T18231]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1632.750225][T18231]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1632.750360][T18231]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1632.750508][T18231]  allocate_file_region_entries+0x1db/0xb30
[ 1632.750649][T18231]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1632.750794][T18231]  region_chg+0x676/0x7d0
[ 1632.750968][T18231]  hugetlb_fault+0x49ca/0x6530
[ 1632.751177][T18231]  handle_mm_fault+0x246d/0xdcc0
[ 1632.751361][T18231]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1632.751496][T18231]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1632.751683][T18231]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1632.751873][T18231]  ? up_read+0x74/0x1e0
[ 1632.752004][T18231]  __get_user_pages+0x33ae/0x8210
[ 1632.752195][T18231]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1632.752380][T18231]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1632.752522][T18231]  __mm_populate+0x65d/0xa90
[ 1632.752711][T18231]  do_mlock+0xa8d/0xd20
[ 1632.752843][T18231]  ? fput+0x359/0x400
[ 1632.752988][T18231]  ? ksys_write+0x408/0x4b0
[ 1632.753176][T18231]  __x64_sys_mlock+0x72/0xc0
[ 1632.753304][T18231]  x64_sys_call+0x2dda/0x3c30
[ 1632.753476][T18231]  do_syscall_64+0xcd/0x1e0
[ 1632.753599][T18231]  ? clear_bhb_loop+0x25/0x80
[ 1632.753722][T18231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1632.753900][T18231] RIP: 0033:0x7f683898cd29
[ 1632.753993][T18231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1632.754102][T18231] RSP: 002b:00007f68397c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[ 1632.754231][T18231] RAX: ffffffffffffffda RBX: 00007f6838ba5fa0 RCX: 00007f683898cd29
[ 1632.754324][T18231] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 00000000207d8000
[ 1632.754406][T18231] RBP: 00007f68397c0090 R08: 0000000000000000 R09: 0000000000000000
[ 1632.754484][T18231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1632.754560][T18231] R13: 0000000000000000 R14: 00007f6838ba5fa0 R15: 00007ffd459b8228
[ 1632.754664][T18231]  </TASK>
[ 1633.016636][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1633.709085][   T29] audit: type=1326 audit(1737675218.265:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18241 comm="syz.6.3986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1633.884718][   T29] audit: type=1326 audit(1737675218.295:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18241 comm="syz.6.3986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1633.907766][   T29] audit: type=1326 audit(1737675218.295:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18241 comm="syz.6.3986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1633.931592][   T29] audit: type=1326 audit(1737675218.295:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18241 comm="syz.6.3986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1633.954995][   T29] audit: type=1326 audit(1737675218.295:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18241 comm="syz.6.3986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1633.986200][   T29] audit: type=1326 audit(1737675218.345:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18241 comm="syz.6.3986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1634.011962][   T29] audit: type=1326 audit(1737675218.345:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18241 comm="syz.6.3986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1634.035661][   T29] audit: type=1326 audit(1737675218.345:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18241 comm="syz.6.3986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1634.059104][   T29] audit: type=1326 audit(1737675218.345:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18241 comm="syz.6.3986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1634.090228][   T29] audit: type=1326 audit(1737675218.345:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18241 comm="syz.6.3986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1634.770604][T16378] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1635.020832][T16378] usb 6-1: Using ep0 maxpacket: 16
[ 1635.061562][T16378] usb 6-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1635.070527][T16378] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1635.109632][T16378] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1635.127919][T16378] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1635.139428][T16378] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1635.148716][T16378] usb 6-1: config 0 has no interface number 0
[ 1635.155176][T16378] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1635.166623][T16378] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1635.177592][T16378] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1635.187886][T16378] usb 6-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1635.210598][T16378] usb 6-1: config 0 interface 125 has no altsetting 0
[ 1635.217601][T16378] usb 6-1: config 0 interface 125 has no altsetting 2
[ 1635.330504][T18263] loop3: detected capacity change from 0 to 512
[ 1635.375895][T16378] usb 6-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1635.385707][T16378] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1635.394125][T16378] usb 6-1: Product: syz
[ 1635.398521][T16378] usb 6-1: Manufacturer: syz
[ 1635.412116][T16378] usb 6-1: SerialNumber: syz
[ 1635.496183][T16378] usb 6-1: config 0 descriptor??
[ 1635.537897][T18263] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.3994: attempt to clear invalid blocks 2 len 1
[ 1635.570568][T18263] EXT4-fs (loop3): Remounting filesystem read-only
[ 1635.585691][T16378] usb 6-1: selecting invalid altsetting 2
[ 1635.602350][T18263] EXT4-fs (loop3): 1 truncate cleaned up
[ 1635.613104][T18263] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1635.834444][T18253] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1635.845100][T18253] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1636.249271][T14827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1636.348529][    C0] usb 6-1: async_complete: urb error -71
[ 1636.354787][    C0] usb 6-1: async_complete: urb error -71
[ 1636.402471][T16378] get_1284_register: usb error -71
[ 1636.408121][T16378] uss720 6-1:0.125: probe with driver uss720 failed with error -71
[ 1636.506160][T16378] usb 6-1: USB disconnect, device number 8
[ 1636.600121][T18277] loop6: detected capacity change from 0 to 128
[ 1637.570715][T17621] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1637.795182][T17621] usb 2-1: Using ep0 maxpacket: 32
[ 1637.840856][T17621] usb 2-1: config 0 has an invalid interface number: 151 but max is 0
[ 1637.849395][T17621] usb 2-1: config 0 has no interface number 0
[ 1637.856056][T17621] usb 2-1: config 0 interface 151 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 528
[ 1637.948033][T17621] usb 2-1: New USB device found, idVendor=0403, idProduct=e548, bcdDevice=ad.d6
[ 1637.957865][T17621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1637.969045][T17621] usb 2-1: Product: syz
[ 1637.974813][T17621] usb 2-1: Manufacturer: syz
[ 1637.979630][T17621] usb 2-1: SerialNumber: syz
[ 1638.173768][T17621] usb 2-1: config 0 descriptor??
[ 1638.187293][T18286] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1638.256532][T17621] ftdi_sio 2-1:0.151: FTDI USB Serial Device converter detected
[ 1638.273464][T17621] ftdi_sio ttyUSB0: unknown device type: 0xadd6
[ 1638.539683][T18286] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1638.550696][T18286] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1638.726693][T18286] loop1: detected capacity change from 0 to 512
[ 1638.757677][T18300] netlink: 'syz.5.4007': attribute type 10 has an invalid length.
[ 1638.776654][T18300] bridge0: port 3(dummy0) entered disabled state
[ 1638.789226][T18300] dummy0: left allmulticast mode
[ 1638.794815][T18300] dummy0: left promiscuous mode
[ 1638.800967][T18300] bridge0: port 3(dummy0) entered disabled state
[ 1638.846035][T18286] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1638.962436][T18286] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1638.975619][T18286] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1639.040982][T18300] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1639.056089][T18302] loop7: detected capacity change from 0 to 4096
[ 1639.140452][   T29] kauditd_printk_skb: 6 callbacks suppressed
[ 1639.140524][   T29] audit: type=1800 audit(1737675223.695:937): pid=18286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4002" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1639.165175][T18286] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1639.168201][   T29] audit: type=1800 audit(1737675223.705:938): pid=18286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4002" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1639.177390][T18286] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1639.442558][T17621] usb 2-1: USB disconnect, device number 24
[ 1639.474057][T17621] ftdi_sio 2-1:0.151: device disconnected
[ 1640.191271][T16378] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1640.272551][T16693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1640.410326][T16378] usb 6-1: Using ep0 maxpacket: 32
[ 1640.450506][T16378] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[ 1640.458956][T16378] usb 6-1: config 0 has no interface number 0
[ 1640.607423][T18315] loop6: detected capacity change from 0 to 4096
[ 1640.622154][T18315] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[ 1640.661224][T16378] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1640.670712][T16378] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1640.678971][T16378] usb 6-1: Product: syz
[ 1640.683652][T16378] usb 6-1: Manufacturer: syz
[ 1640.688466][T16378] usb 6-1: SerialNumber: syz
[ 1640.707970][T16378] usb 6-1: config 0 descriptor??
[ 1640.721302][T16378] smsc95xx v2.0.0
[ 1640.860068][T18315] ntfs3(loop6): Inode r=19 is not in use!
[ 1640.866567][T18315] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[ 1640.881127][T18315] ntfs3(loop6): Failed to initialize $Extend/$Reparse.
[ 1640.929315][T18315] ntfs3(loop6): ino=1d, "file1" attr_set_size
[ 1641.921191][T16378] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1641.933494][T16378] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1643.645027][T18335] netlink: 'syz.6.4019': attribute type 5 has an invalid length.
[ 1643.653361][T18335] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4019'.
[ 1643.718231][T16378] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000038: -61
[ 1643.730512][T16378] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -61
[ 1644.493609][T18322] loop5: detected capacity change from 0 to 256
[ 1644.914168][T18339] loop3: detected capacity change from 0 to 4096
[ 1644.946384][T17621] usb 6-1: USB disconnect, device number 9
[ 1645.024203][T18339] ntfs3: Unknown parameter 'nosys_immutable'
[ 1645.316522][T18348] loop1: detected capacity change from 0 to 512
[ 1645.379787][T18356] FAULT_INJECTION: forcing a failure.
[ 1645.379787][T18356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1645.393733][T18356] CPU: 1 UID: 0 PID: 18356 Comm: syz.6.4026 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1645.393864][T18356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1645.393938][T18356] Call Trace:
[ 1645.393987][T18356]  <TASK>
[ 1645.394031][T18356]  dump_stack_lvl+0x216/0x2d0
[ 1645.394203][T18356]  dump_stack+0x1e/0x24
[ 1645.394347][T18356]  should_fail_ex+0x748/0x7f0
[ 1645.394510][T18356]  should_fail+0x2a/0x40
[ 1645.394642][T18356]  should_fail_usercopy+0x2e/0x40
[ 1645.394816][T18356]  _copy_to_user+0x34/0x120
[ 1645.394973][T18356]  simple_read_from_buffer+0x199/0x340
[ 1645.395160][T18356]  proc_fail_nth_read+0x1e5/0x2c0
[ 1645.395318][T18356]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1645.395462][T18356]  vfs_read+0x29d/0xf50
[ 1645.395620][T18356]  ? stack_depot_save_flags+0x2c/0x750
[ 1645.395763][T18356]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1645.395911][T18356]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1645.396112][T18356]  ksys_read+0x240/0x4b0
[ 1645.396271][T18356]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1645.396417][T18356]  __x64_sys_read+0x93/0xe0
[ 1645.396583][T18356]  x64_sys_call+0x314c/0x3c30
[ 1645.396753][T18356]  do_syscall_64+0xcd/0x1e0
[ 1645.396882][T18356]  ? clear_bhb_loop+0x25/0x80
[ 1645.397004][T18356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1645.397182][T18356] RIP: 0033:0x7f683898b73c
[ 1645.397276][T18356] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1645.397385][T18356] RSP: 002b:00007f68397c0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1645.397503][T18356] RAX: ffffffffffffffda RBX: 00007f6838ba5fa0 RCX: 00007f683898b73c
[ 1645.397599][T18356] RDX: 000000000000000f RSI: 00007f68397c00a0 RDI: 0000000000000005
[ 1645.397676][T18356] RBP: 00007f68397c0090 R08: 0000000000000000 R09: 0000000000000000
[ 1645.397757][T18356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1645.397838][T18356] R13: 0000000000000000 R14: 00007f6838ba5fa0 R15: 00007ffd459b8228
[ 1645.397941][T18356]  </TASK>
[ 1645.962924][T18348] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1645.976636][T18348] ext4 filesystem being mounted at /96/file0/bus/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1646.729377][T16693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1647.210099][T18373] loop3: detected capacity change from 0 to 4096
[ 1647.584423][T17621] usb 2-1: new full-speed USB device number 25 using dummy_hcd
[ 1647.755721][T18380] loop3: detected capacity change from 0 to 64
[ 1647.872723][T17621] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[ 1647.883083][T17621] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1647.988034][T17621] usb 2-1: config 0 descriptor??
[ 1648.056814][T17621] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1648.282653][T17621] gp8psk: usb in 128 operation failed.
[ 1648.494461][T17621] gp8psk: usb in 146 operation failed.
[ 1648.500587][T17621] gp8psk: failed to get FW version
[ 1648.518170][T17621] gp8psk: FPGA Version = 5
[ 1648.925103][T17621] gp8psk: usb out operation failed.
[ 1648.930832][T17621] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[ 1648.941964][T17621] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[ 1648.980070][T18387] loop5: detected capacity change from 0 to 1024
[ 1649.072082][T18387] program syz.5.4037 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1649.083124][T17621] usb 2-1: USB disconnect, device number 25
[ 1649.408602][T13749] hfsplus: b-tree write err: -5, ino 4
[ 1649.753901][T18389] loop3: detected capacity change from 0 to 2048
[ 1649.827833][T18389] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1649.997601][T18393] loop5: detected capacity change from 0 to 1024
[ 1650.461315][   T29] audit: type=1800 audit(1737675235.015:939): pid=18400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4039" name="bus" dev="loop5" ino=26 res=0 errno=0
[ 1650.567235][T18400] mac80211_hwsim hwsim46 wlan1: entered promiscuous mode
[ 1650.575164][T18400] mac80211_hwsim hwsim46 wlan1: entered allmulticast mode
[ 1650.690470][T18403] loop1: detected capacity change from 0 to 512
[ 1650.824129][T18403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1650.837481][T18403] ext4 filesystem being mounted at /99/file0/bus/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1650.921238][T13693] hfsplus: b-tree write err: -5, ino 4
[ 1651.717569][T16693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1652.710963][T18425] loop5: detected capacity change from 0 to 1024
[ 1652.988166][T18425] program syz.5.4049 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1653.333474][T18422] loop1: detected capacity change from 0 to 4096
[ 1653.540459][ T3806] hfsplus: b-tree write err: -5, ino 4
[ 1653.811877][T18434] loop1: detected capacity change from 0 to 64
[ 1654.052858][T18435] loop3: detected capacity change from 0 to 2048
[ 1654.226195][T18435] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1655.505921][T18447] loop1: detected capacity change from 0 to 512
[ 1655.718420][T18447] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1655.731956][T18447] ext4 filesystem being mounted at /101/file0/bus/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1656.155663][T18460] FAULT_INJECTION: forcing a failure.
[ 1656.155663][T18460] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1656.169644][T18460] CPU: 1 UID: 0 PID: 18460 Comm: syz.7.4060 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1656.169769][T18460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1656.169869][T18460] Call Trace:
[ 1656.169917][T18460]  <TASK>
[ 1656.169961][T18460]  dump_stack_lvl+0x216/0x2d0
[ 1656.170132][T18460]  dump_stack+0x1e/0x24
[ 1656.170276][T18460]  should_fail_ex+0x748/0x7f0
[ 1656.170438][T18460]  should_fail+0x2a/0x40
[ 1656.170574][T18460]  should_fail_usercopy+0x2e/0x40
[ 1656.170726][T18460]  _copy_from_user+0x35/0x110
[ 1656.170885][T18460]  ___sys_sendmsg+0x120/0x3c0
[ 1656.171033][T18460]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1656.171185][T18460]  ? __rcu_read_unlock+0x7b/0xe0
[ 1656.171362][T18460]  ? __fget_files+0x42b/0x500
[ 1656.171507][T18460]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1656.171642][T18460]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1656.171793][T18460]  __x64_sys_sendmsg+0x212/0x3c0
[ 1656.171943][T18460]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1656.172080][T18460]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1656.172223][T18460]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1656.172366][T18460]  x64_sys_call+0x2ed6/0x3c30
[ 1656.172538][T18460]  do_syscall_64+0xcd/0x1e0
[ 1656.172661][T18460]  ? clear_bhb_loop+0x25/0x80
[ 1656.172783][T18460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1656.172966][T18460] RIP: 0033:0x7fd81438cd29
[ 1656.173059][T18460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1656.173167][T18460] RSP: 002b:00007fd815154038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1656.173284][T18460] RAX: ffffffffffffffda RBX: 00007fd8145a6080 RCX: 00007fd81438cd29
[ 1656.173374][T18460] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000004
[ 1656.173452][T18460] RBP: 00007fd815154090 R08: 0000000000000000 R09: 0000000000000000
[ 1656.173529][T18460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1656.173602][T18460] R13: 0000000000000000 R14: 00007fd8145a6080 R15: 00007ffd4b078b18
[ 1656.173705][T18460]  </TASK>
[ 1656.891213][T18463] loop5: detected capacity change from 0 to 512
[ 1656.922142][T18463] EXT4-fs: Ignoring removed i_version option
[ 1656.928461][T18463] EXT4-fs: Ignoring removed nobh option
[ 1657.000592][T18463] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1657.096380][T18463] EXT4-fs (loop5): 1 truncate cleaned up
[ 1657.098563][T16693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1657.103939][T18463] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1657.515350][T18463] loop5: detected capacity change from 512 to 511
[ 1657.849495][T18475] loop7: detected capacity change from 0 to 2048
[ 1658.061502][T17621] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1658.120945][T18475] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1658.270246][T17621] usb 6-1: Using ep0 maxpacket: 16
[ 1658.342420][T17621] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1658.353867][T17621] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1658.364039][T17621] usb 6-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[ 1658.373758][T17621] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1658.760238][T17621] usb 6-1: config 0 descriptor??
[ 1659.343765][T17621] hid-led 0003:1294:1320.000A: hidraw0: USB HID v0.00 Device [HID 1294:1320] on usb-dummy_hcd.5-1/input0
[ 1659.368961][T17621] hid-led 0003:1294:1320.000A: Riso Kagaku Webmail Notifier initialized
[ 1659.408776][T18482] loop3: detected capacity change from 0 to 4096
[ 1659.521299][T17621] usb 6-1: USB disconnect, device number 10
[ 1659.586214][T13700] leds riso_kagaku0:blue: Setting an LED's brightness failed (-38)
[ 1659.638078][T13749] leds riso_kagaku0:green: Setting an LED's brightness failed (-38)
[ 1659.704117][T13691] leds riso_kagaku0:red: Setting an LED's brightness failed (-38)
[ 1659.846209][T18491] loop3: detected capacity change from 0 to 64
[ 1659.971734][T16378] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[ 1660.204227][T16378] usb 2-1: Using ep0 maxpacket: 32
[ 1660.221274][T16378] usb 2-1: config 0 has an invalid interface number: 151 but max is 0
[ 1660.230240][T16378] usb 2-1: config 0 has no interface number 0
[ 1660.236542][T16378] usb 2-1: config 0 interface 151 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 528
[ 1660.309759][T16378] usb 2-1: New USB device found, idVendor=0403, idProduct=e548, bcdDevice=ad.d6
[ 1660.320100][T16378] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1660.324446][T17016] EXT4-fs error (device loop5): ext4_readdir:261: inode #2: block 13: comm syz-executor: path /99/bus: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1660.328237][T16378] usb 2-1: Product: syz
[ 1660.328334][T16378] usb 2-1: Manufacturer: syz
[ 1660.328430][T16378] usb 2-1: SerialNumber: syz
[ 1660.423179][T16378] usb 2-1: config 0 descriptor??
[ 1660.430621][T18490] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1660.465810][T16378] ftdi_sio 2-1:0.151: FTDI USB Serial Device converter detected
[ 1660.478982][T16378] ftdi_sio ttyUSB0: unknown device type: 0xadd6
[ 1660.588199][T17016] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1660.676296][T18490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1660.686278][T18490] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1660.766786][T18490] loop1: detected capacity change from 0 to 512
[ 1660.802180][T18490] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1660.925192][T18490] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1660.938605][T18490] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1661.072441][   T29] audit: type=1800 audit(1737675245.635:940): pid=18498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4071" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1661.134566][T18490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1661.144330][T18490] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1661.176661][   T29] audit: type=1800 audit(1737675245.675:941): pid=18490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4071" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1661.305139][T17621] usb 2-1: USB disconnect, device number 26
[ 1661.318932][T17621] ftdi_sio 2-1:0.151: device disconnected
[ 1661.402640][T18500] loop6: detected capacity change from 0 to 512
[ 1661.541819][T18500] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1661.555024][T18500] ext4 filesystem being mounted at /130/file0/bus/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1662.045813][T16693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1662.200131][T16323] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1663.209731][T18513] loop7: detected capacity change from 0 to 2048
[ 1663.344275][T18513] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1664.520637][   T29] audit: type=1326 audit(1737675249.025:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18525 comm="syz.6.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1664.543599][   T29] audit: type=1326 audit(1737675249.065:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18525 comm="syz.6.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1664.566599][   T29] audit: type=1326 audit(1737675249.065:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18525 comm="syz.6.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f683898cd29 code=0x7ffc0000
[ 1664.592269][   T29] audit: type=1326 audit(1737675249.075:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18525 comm="syz.6.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f683898cd63 code=0x7ffc0000
[ 1664.609372][T17821] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1664.616802][   T29] audit: type=1326 audit(1737675249.105:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18525 comm="syz.6.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f683898b7df code=0x7ffc0000
[ 1664.625322][T17821] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1664.654892][T17821] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1664.667985][T17821] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1664.680751][T17821] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1664.701811][T17821] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1664.784399][T18526] loop6: detected capacity change from 0 to 764
[ 1664.874783][   T29] audit: type=1326 audit(1737675249.305:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18525 comm="syz.6.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f683898cdb7 code=0x7ffc0000
[ 1664.906954][   T29] audit: type=1326 audit(1737675249.345:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18525 comm="syz.6.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f683898b690 code=0x7ffc0000
[ 1664.933096][   T29] audit: type=1326 audit(1737675249.345:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18525 comm="syz.6.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f683898c92b code=0x7ffc0000
[ 1666.582138][T18542] netlink: 64 bytes leftover after parsing attributes in process `syz.6.4090'.
[ 1666.610468][T17621] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1666.660882][ T5865] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[ 1666.791346][T17821] Bluetooth: hci4: command tx timeout
[ 1666.802910][T17621] usb 4-1: Using ep0 maxpacket: 32
[ 1666.863642][T17621] usb 4-1: config 0 has an invalid interface number: 151 but max is 0
[ 1666.872547][T17621] usb 4-1: config 0 has no interface number 0
[ 1666.879027][T17621] usb 4-1: config 0 interface 151 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 528
[ 1666.905813][ T5865] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[ 1666.915386][ T5865] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1667.016264][ T5865] usb 2-1: config 0 descriptor??
[ 1667.058004][ T5865] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1667.113174][T17621] usb 4-1: New USB device found, idVendor=0403, idProduct=e548, bcdDevice=ad.d6
[ 1667.122884][T17621] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1667.131504][T17621] usb 4-1: Product: syz
[ 1667.136034][T17621] usb 4-1: Manufacturer: syz
[ 1667.141241][T17621] usb 4-1: SerialNumber: syz
[ 1667.217866][T17621] usb 4-1: config 0 descriptor??
[ 1667.226601][T18538] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1667.327918][T17621] ftdi_sio 4-1:0.151: FTDI USB Serial Device converter detected
[ 1667.341207][T17621] ftdi_sio ttyUSB0: unknown device type: 0xadd6
[ 1667.422098][T18522] chnl_net:caif_netlink_parms(): no params data found
[ 1667.461555][ T5865] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[ 1667.472542][ T5865] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[ 1667.513380][T18538] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1667.579818][T18538] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1667.724608][T18538] loop3: detected capacity change from 0 to 512
[ 1667.830990][T18538] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1667.973524][T18538] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1667.986832][T18538] ext4 filesystem being mounted at /275/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1668.004222][T18552] loop7: detected capacity change from 0 to 2048
[ 1668.239151][T18552] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1668.277586][   T29] kauditd_printk_skb: 33 callbacks suppressed
[ 1668.277656][   T29] audit: type=1800 audit(1737675252.825:983): pid=18538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4088" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1668.356952][T18538] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1668.367313][T18538] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1668.491197][   T29] audit: type=1800 audit(1737675252.895:984): pid=18561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4088" name="file2" dev="loop3" ino=16 res=0 errno=0
[ 1668.502054][ T5865] usb 4-1: USB disconnect, device number 15
[ 1668.523198][ T5865] ftdi_sio 4-1:0.151: device disconnected
[ 1668.659767][T18522] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1668.667801][T18522] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1668.675748][T18522] bridge_slave_0: entered allmulticast mode
[ 1668.689280][T18522] bridge_slave_0: entered promiscuous mode
[ 1668.717793][T18522] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1668.725747][T18522] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1668.734005][T18522] bridge_slave_1: entered allmulticast mode
[ 1668.743265][T18522] bridge_slave_1: entered promiscuous mode
[ 1668.876881][T17821] Bluetooth: hci4: command tx timeout
[ 1668.934504][T18522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1668.979747][T18522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1669.342094][T18522] team0: Port device team_slave_0 added
[ 1669.366443][T18522] team0: Port device team_slave_1 added
[ 1669.372637][T14827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1669.734364][T18522] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1669.742728][T18522] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1669.769455][T18522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1669.793721][T17953] usb 2-1: USB disconnect, device number 27
[ 1669.856331][T18522] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1669.864098][T18522] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1669.890643][T18522] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1670.621767][T18522] hsr_slave_0: entered promiscuous mode
[ 1670.636924][T18522] hsr_slave_1: entered promiscuous mode
[ 1670.645632][T18522] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1670.653457][T18522] Cannot create hsr debugfs directory
[ 1670.675496][T18579] FAULT_INJECTION: forcing a failure.
[ 1670.675496][T18579] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1670.689504][T18579] CPU: 1 UID: 0 PID: 18579 Comm: syz.7.4101 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1670.689631][T18579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1670.689705][T18579] Call Trace:
[ 1670.689753][T18579]  <TASK>
[ 1670.689796][T18579]  dump_stack_lvl+0x216/0x2d0
[ 1670.689972][T18579]  dump_stack+0x1e/0x24
[ 1670.690116][T18579]  should_fail_ex+0x748/0x7f0
[ 1670.690278][T18579]  should_fail+0x2a/0x40
[ 1670.690412][T18579]  should_fail_usercopy+0x2e/0x40
[ 1670.690574][T18579]  _copy_from_user+0x35/0x110
[ 1670.690729][T18579]  __sys_bpf+0x2dc/0xd90
[ 1670.690901][T18579]  __x64_sys_bpf+0xa0/0xe0
[ 1670.691039][T18579]  x64_sys_call+0x329c/0x3c30
[ 1670.691209][T18579]  do_syscall_64+0xcd/0x1e0
[ 1670.691335][T18579]  ? clear_bhb_loop+0x25/0x80
[ 1670.691456][T18579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.691643][T18579] RIP: 0033:0x7fd81438cd29
[ 1670.691737][T18579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1670.691847][T18579] RSP: 002b:00007fd815175038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1670.691968][T18579] RAX: ffffffffffffffda RBX: 00007fd8145a5fa0 RCX: 00007fd81438cd29
[ 1670.692061][T18579] RDX: 0000000000000020 RSI: 0000000020000000 RDI: 0000000000000012
[ 1670.692140][T18579] RBP: 00007fd815175090 R08: 0000000000000000 R09: 0000000000000000
[ 1670.692220][T18579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1670.692296][T18579] R13: 0000000000000000 R14: 00007fd8145a5fa0 R15: 00007ffd4b078b18
[ 1670.692397][T18579]  </TASK>
[ 1670.951599][T17821] Bluetooth: hci4: command tx timeout
[ 1671.537967][T18586] loop3: detected capacity change from 0 to 2048
[ 1671.726926][T18586] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1672.817665][T18601] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4110'.
[ 1672.827226][T18601] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4110'.
[ 1673.033995][T17821] Bluetooth: hci4: command tx timeout
[ 1673.118930][T18522] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1673.166727][T18522] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1673.283058][T18522] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1673.342360][T18522] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1674.193529][T18608] loop3: detected capacity change from 0 to 32768
[ 1674.705655][T18608] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[ 1674.733776][T18608] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[ 1674.745881][T18608] bcachefs (loop3): Version upgrade required:
[ 1674.745881][T18608] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[ 1674.745881][T18608] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size
[ 1674.745881][T18608]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[ 1674.975879][T18608] bcachefs (loop3): error validating btree node at btree alloc level 0/0
[ 1674.975976][T18608]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0  
[ 1674.976081][T18608]   node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0, fixing
[ 1675.018235][T18608] bcachefs (loop3): btree_node_read_work: rewriting btree node at due to error
[ 1675.018235][T18608]   btree=alloc level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[ 1675.182206][T18608] bcachefs (loop3): error validating btree node on loop3 at btree freespace level 0/0
[ 1675.182307][T18608]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key 0:3703155162349568:0 durability: 1 ptr: 0:29:0 gen 0  
[ 1675.182410][T18608]   node offset 0/32: incorrect min_key: got POS_MIN should be 0:3703155162349568:0
[ 1675.226396][T18608] bcachefs (loop3): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0)
[ 1675.248741][T18608] bcachefs (loop3): flagging btree freespace lost data
[ 1675.314138][T18608] error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[ 1675.401467][T18608] bcachefs (loop3): check_topology... done
[ 1675.477881][T18608] bcachefs (loop3): accounting_read... done
[ 1675.493442][T18608] bcachefs (loop3): alloc_read... done
[ 1675.500264][T18608] bcachefs (loop3): stripes_read... done
[ 1675.506279][T18608] bcachefs (loop3): snapshots_read... done
[ 1675.514584][T18608] bcachefs (loop3): check_allocations...
[ 1675.562788][T18522] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1675.589614][T18608] bucket 0:26 data type btree ptr gen 0 missing in alloc btree
[ 1675.589704][T18608] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 1675.662988][T18632] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4118'.
[ 1675.720840][T18632] bond1: entered allmulticast mode
[ 1675.743212][T18608] bucket 0:38 data type btree ptr gen 0 missing in alloc btree
[ 1675.743300][T18608] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 1675.792271][T18608] bucket 0:41 data type btree ptr gen 0 missing in alloc btree
[ 1675.792362][T18608] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 281474976710656: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 1675.828315][T18608] bucket 0:35 data type btree ptr gen 0 missing in alloc btree
[ 1675.828411][T18608] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 1675.883801][T18608] bucket 0:1 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1675.892749][T18608] bucket 0:1 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1675.904695][T18608] bucket 0:2 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1675.913514][T18608] bucket 0:2 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1675.924538][T18608] bucket 0:3 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1675.933387][T18608] bucket 0:3 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1675.942341][T18522] 8021q: adding VLAN 0 to HW filter on device team0
[ 1675.961455][T18608] bucket 0:4 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1675.970426][T18608] bucket 0:4 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1675.981329][T18608] bucket 0:5 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1675.990156][T18608] bucket 0:5 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.001020][T18608] bucket 0:6 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.009661][T18608] bucket 0:6 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.020673][T18608] bucket 0:7 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.029311][T18608] bucket 0:7 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.040445][T18608] bucket 0:8 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.049092][T18608] bucket 0:8 gen 0 data type sb has wrong dirty_sectors: got 0, should be 8, fixing
[ 1676.069111][T18608] bucket 0:9 gen 0 has wrong data_type: got free, should be journal, fixing
[ 1676.081207][T18608] bucket 0:9 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.092439][T18608] bucket 0:10 gen 0 has wrong data_type: got free, should be journal, fixing
[ 1676.101901][T18608] bucket 0:10 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.109237][T13700] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1676.119703][T18608] bucket 0:11 gen 0 has wrong data_type: got free, should be journal, fixing
[ 1676.120040][T13700] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1676.136415][T18608] bucket 0:11 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.147715][T18608] bucket 0:12 gen 0 has wrong data_type: got free, should be journal, fixing
[ 1676.166609][T18608] bucket 0:12 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.180698][T18608] bucket 0:13 gen 0 has wrong data_type: got free, should be journal, fixing
[ 1676.190137][T18608] bucket 0:13 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.201476][T18608] bucket 0:14 gen 0 has wrong data_type: got free, should be journal, fixing
[ 1676.210902][T18608] bucket 0:14 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.222217][T18608] bucket 0:15 gen 0 has wrong data_type: got free, should be journal, fixing
[ 1676.231692][T18608] bucket 0:15 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.243207][T18608] bucket 0:16 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.252376][T18608] bucket 0:16 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.272587][T18608] bucket 0:17 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.284339][T18608] bucket 0:17 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.295431][T18608] bucket 0:18 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.304356][T18608] bucket 0:18 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.315393][T18608] bucket 0:19 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.324450][T18608] bucket 0:19 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.335434][T18608] bucket 0:20 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.344388][T18608] bucket 0:20 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.355313][T18608] bucket 0:21 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.373719][T18608] bucket 0:21 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.387531][T18608] bucket 0:22 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.396568][T18608] bucket 0:22 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.407512][T18608] bucket 0:23 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.416426][T18608] bucket 0:23 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.439725][T18608] bucket 0:24 gen 0 has wrong data_type: got free, should be journal, fixing
[ 1676.449228][T18608] bucket 0:24 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.461125][T18608] bucket 0:26 gen 0 has wrong data_type: got free, should be btree, fixing
[ 1676.477913][T13700] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1676.478375][T13700] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1676.497077][T18608] bucket 0:26 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.508833][T18608] bucket 0:32 gen 0 has wrong data_type: got sb, should be btree, fixing
[ 1676.518601][T18608] bucket 0:35 gen 0 has wrong data_type: got free, should be btree, fixing
[ 1676.527739][T18608] bucket 0:35 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.539086][T18608] bucket 0:38 gen 0 has wrong data_type: got free, should be btree, fixing
[ 1676.548199][T18608] bucket 0:38 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.559530][T18608] bucket 0:41 gen 0 has wrong data_type: got free, should be btree, fixing
[ 1676.578074][T18608] bucket 0:41 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.598468][T18608] bucket 0:120 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.607474][T18608] bucket 0:120 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.623833][T18608] bucket 0:121 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.632912][T18608] bucket 0:121 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.643981][T18608] bucket 0:122 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.653009][T18608] bucket 0:122 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.664075][T18608] bucket 0:123 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.682545][T18608] bucket 0:123 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.696602][T18608] bucket 0:124 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.705622][T18608] bucket 0:124 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.717488][T18608] bucket 0:125 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.726563][T18608] bucket 0:125 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.737586][T18608] bucket 0:126 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.746639][T18608] bucket 0:126 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.757711][T18608] bucket 0:127 gen 0 has wrong data_type: got free, should be sb, fixing
[ 1676.766770][T18608] bucket 0:127 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 1676.800861][T18608]  done
[ 1676.964383][T18608] bcachefs (loop3): going read-write
[ 1677.005428][T18608] bcachefs (loop3): journal_replay...
[ 1677.063520][T13693] =====================================================
[ 1677.076230][T13693] BUG: KMSAN: uninit-value in bch2_trans_start_alloc_update+0x674/0x14b0
[ 1677.088302][T13693]  bch2_trans_start_alloc_update+0x674/0x14b0
[ 1677.095388][T13693]  __trigger_extent+0x1877/0x6450
[ 1677.101746][T13693]  bch2_trigger_extent+0x90e/0x11a0
[ 1677.107096][T13693]  btree_interior_update_work+0x1662/0x4820
[ 1677.113875][T13693]  process_scheduled_works+0xae0/0x1c40
[ 1677.119635][T13693]  worker_thread+0xea7/0x14f0
[ 1677.124574][T13693]  kthread+0x6b9/0xef0
[ 1677.128811][T13693]  ret_from_fork+0x6d/0x90
[ 1677.134113][T13693]  ret_from_fork_asm+0x1a/0x30
[ 1677.139082][T13693] 
[ 1677.142104][T13693] Uninit was stored to memory at:
[ 1677.147371][T13693]  btree_key_cache_fill+0x1445/0x4b40
[ 1677.153070][T13693]  bch2_btree_path_traverse_cached+0x9fe/0xe90
[ 1677.159420][T13693]  bch2_btree_path_traverse_one+0x3b6f/0x4760
[ 1677.165878][T13693]  bch2_btree_iter_peek_slot+0xf43/0x3290
[ 1677.171960][T13693]  bch2_trans_start_alloc_update+0x3d8/0x14b0
[ 1677.178209][T13693]  __trigger_extent+0x1877/0x6450
[ 1677.186519][T13693]  bch2_trigger_extent+0x90e/0x11a0
[ 1677.192780][T13693]  btree_interior_update_work+0x1662/0x4820
[ 1677.198874][T13693]  process_scheduled_works+0xae0/0x1c40
[ 1677.204740][T13693]  worker_thread+0xea7/0x14f0
[ 1677.209568][T13693]  kthread+0x6b9/0xef0
[ 1677.213905][T13693]  ret_from_fork+0x6d/0x90
[ 1677.218487][T13693]  ret_from_fork_asm+0x1a/0x30
[ 1677.224416][T13693] 
[ 1677.226821][T13693] Uninit was created at:
[ 1677.231380][T13693]  ___kmalloc_large_node+0x22c/0x370
[ 1677.236856][T13693]  __kmalloc_large_node_noprof+0x3f/0x1e0
[ 1677.242853][T13693]  __kmalloc_node_noprof+0xc96/0x1250
[ 1677.248421][T13693]  __kvmalloc_node_noprof+0xc0/0x2d0
[ 1677.254760][T13693]  __bch2_btree_node_mem_alloc+0x2be/0xa80
[ 1677.260869][T13693]  bch2_fs_btree_cache_init+0x4f0/0xb60
[ 1677.266609][T13693]  bch2_fs_open+0x4b24/0x59c0
[ 1677.271584][T13693]  bch2_fs_get_tree+0x986/0x2330
[ 1677.276706][T13693]  vfs_get_tree+0xb1/0x5a0
[ 1677.285343][T13693]  do_new_mount+0x71f/0x15e0
[ 1677.290966][T13693]  path_mount+0x742/0x1f10
[ 1677.295541][T13693]  __se_sys_mount+0x71f/0x800
[ 1677.300499][T13693]  __x64_sys_mount+0xe4/0x150
[ 1677.305339][T13693]  x64_sys_call+0x39bf/0x3c30
[ 1677.310384][T13693]  do_syscall_64+0xcd/0x1e0
[ 1677.315036][T13693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1677.321250][T13693] 
[ 1677.323665][T13693] CPU: 1 UID: 0 PID: 13693 Comm: kworker/u8:17 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1677.334615][T13693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1677.345013][T13693] Workqueue: btree_update btree_interior_update_work
[ 1677.352062][T13693] =====================================================
[ 1677.359134][T13693] Disabling lock debugging due to kernel taint
[ 1677.365995][T18608] =====================================================
[ 1677.366011][T13693] Kernel panic - not syncing: kmsan.panic set ...
[ 1677.379511][T13693] CPU: 1 UID: 0 PID: 13693 Comm: kworker/u8:17 Tainted: G    B              6.13.0-syzkaller-04858-g21266b8df522 #0
[ 1677.391827][T13693] Tainted: [B]=BAD_PAGE
[ 1677.396074][T13693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1677.406247][T13693] Workqueue: btree_update btree_interior_update_work
[ 1677.413114][T13693] Call Trace:
[ 1677.416479][T13693]  <TASK>
[ 1677.419480][T13693]  dump_stack_lvl+0x216/0x2d0
[ 1677.424305][T13693]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1677.430252][T13693]  dump_stack+0x1e/0x24
[ 1677.434543][T13693]  panic+0x4e2/0xcf0
[ 1677.438574][T13693]  ? kmsan_get_metadata+0xa1/0x1c0
[ 1677.443824][T13693]  kmsan_report+0x2c7/0x2d0
[ 1677.448478][T13693]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1677.453818][T13693]  ? __msan_warning+0x95/0x120
[ 1677.458698][T13693]  ? bch2_trans_start_alloc_update+0x674/0x14b0
[ 1677.465092][T13693]  ? __trigger_extent+0x1877/0x6450
[ 1677.470415][T13693]  ? bch2_trigger_extent+0x90e/0x11a0
[ 1677.475911][T13693]  ? btree_interior_update_work+0x1662/0x4820
[ 1677.482142][T13693]  ? process_scheduled_works+0xae0/0x1c40
[ 1677.488030][T13693]  ? worker_thread+0xea7/0x14f0
[ 1677.493001][T13693]  ? kthread+0x6b9/0xef0
[ 1677.497365][T13693]  ? ret_from_fork+0x6d/0x90
[ 1677.502260][T13693]  ? ret_from_fork_asm+0x1a/0x30
[ 1677.507353][T13693]  ? bch2_btree_iter_peek_slot+0x2ef9/0x3290
[ 1677.513502][T13693]  ? bch2_trans_start_alloc_update+0x190/0x14b0
[ 1677.519889][T13693]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1677.525219][T13693]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1677.531155][T13693]  ? bch2_trans_start_alloc_update+0x190/0x14b0
[ 1677.537556][T13693]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1677.542881][T13693]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1677.548827][T13693]  __msan_warning+0x95/0x120
[ 1677.553534][T13693]  bch2_trans_start_alloc_update+0x674/0x14b0
[ 1677.559748][T13693]  ? bch2_trans_start_alloc_update+0x190/0x14b0
[ 1677.566124][T13693]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1677.571457][T13693]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1677.577397][T13693]  ? bch2_trans_start_alloc_update+0x141/0x14b0
[ 1677.583779][T13693]  __trigger_extent+0x1877/0x6450
[ 1677.588938][T13693]  ? kmsan_internal_poison_memory+0x49/0x90
[ 1677.594993][T13693]  ? __bch2_trans_kmalloc+0x26c/0xdc0
[ 1677.600480][T13693]  ? __bch2_trans_jset_entry_alloc+0x4a7/0x520
[ 1677.606768][T13693]  ? process_scheduled_works+0xae0/0x1c40
[ 1677.612652][T13693]  ? bch2_write_super+0x1d87/0x5400
[ 1677.617964][T13693]  ? btree_interior_update_work+0x719/0x4820
[ 1677.624306][T13693]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1677.630854][T13693]  bch2_trigger_extent+0x90e/0x11a0
[ 1677.636195][T13693]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1677.642174][T13693]  ? __pfx_bch2_trigger_extent+0x10/0x10
[ 1677.647946][T13693]  btree_interior_update_work+0x1662/0x4820
[ 1677.654054][T13693]  ? __pfx_btree_interior_update_work+0x10/0x10
[ 1677.660460][T13693]  process_scheduled_works+0xae0/0x1c40
[ 1677.666206][T13693]  worker_thread+0xea7/0x14f0
[ 1677.671018][T13693]  kthread+0x6b9/0xef0
[ 1677.675214][T13693]  ? __pfx_worker_thread+0x10/0x10
[ 1677.680454][T13693]  ? __pfx_kthread+0x10/0x10
[ 1677.685169][T13693]  ret_from_fork+0x6d/0x90
[ 1677.689720][T13693]  ? __pfx_kthread+0x10/0x10
[ 1677.694437][T13693]  ret_from_fork_asm+0x1a/0x30
[ 1677.699448][T13693]  </TASK>
[ 1679.085751][T13693] Shutting down cpus with NMI
[ 1679.090798][T13693] Kernel Offset: disabled
[ 1679.095185][T13693] Rebooting in 86400 seconds..